Tweet
~ ZHPDiag v2017.5.4.76 By Nicolas Coolman (2017/05/04)
~ Run by ILANA (Administrator) (2017/05/05 20:52:49)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\ILANA\Desktop\ZHPDiag.txt
~ Report: C:\Users\ILANA\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation
—\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v58.0.3029.96
~ MSIE: Internet Explorer v8.0.7601.17514
—\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO
—\ System protection software (1) - 1s
Avast Free Antivirus v17.3.2291 (Protection)
—\ Surveillance software (1) - 1s
~ Adobe Acrobat Reader DC (Surveillance)
—\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3986.74 MB (23% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 212 GB (83%) free of 255 GB : OK =>.Disk Space
—\ Connection to the system mode (3) - 0s
~ Computer Name: ILANA-PC
~ User Name: ILANA
~ Logged in as Administrator
—\ Enumeration of the disk units (2) - 0s
~ Drive C: has 212 GB free of 255 GB (System)
~ Drive D: has 211 GB free of 220 GB
—\ State of the Windows Security Center (10) - 1s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
—\ Search Generic System Files (24) - 1s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 21/11/2010 - (.Microsoft Corporation - Windows Explorer.) – C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - 21/11/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 21/11/2010 - (.Microsoft Corporation - Windows Logon Application.) – C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) – C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 21/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 21/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 21/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - 21/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation
[MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 21/11/2010 - (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Windows®
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) – C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 21/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) – C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®
—\ Non Microsoft non disabled Windows Services (8) - 4s
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Service Installer TrueKey (InstallerService) . (…) - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (.not file.)
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation®
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: Intel Security True Key (TrueKey) . (.McAfee, Inc. - Intel Security True Key.) - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe =>.McAfee, Inc.®
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) . (.McAfee, Inc. - Intel Security True Key.) - C:\Program Files\TrueKey\McTkSchedulerService.exe =>.McAfee, Inc.®
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation®
—\ Services not Microsoft (SR=Run, SS=Stop) (11) - 21s
SS - Demand [05/04/2017] [ 7398336] aswbIDSAgent (aswbIDSAgent) . (.AVAST Software s.r.o..) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe =>.AVAST Software s.r.o.®
SR - Auto [05/04/2017] [ 261712] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
SS - Auto [17/10/2016] [ 153752] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [17/10/2016] [ 153752] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [23/11/2016] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SR - Auto [09/12/2009] [ 268824] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation®
SS - Auto [09/12/2009] [ 268824] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [09/12/2009] [ 268824] Intel Security True Key (TrueKey) . (.McAfee, Inc..) - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe =>.McAfee, Inc.®
SR - Auto [09/12/2009] [ 268824] Intel Security True Key Scheduler (TrueKeyScheduler) . (.McAfee, Inc..) - C:\Program Files\TrueKey\McTkSchedulerService.exe =>.McAfee, Inc.®
SS - Demand [09/12/2009] [ 268824] TrueKeyServiceHelper (TrueKeyServiceHelper) . (.McAfee, Inc..) - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe =>.McAfee, Inc.®
SR - Auto [09/12/2009] [ 268824] Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation®
—\ Task Planned Automatically (15) - 9s
[MD5.617E1ED0D0D7CF1EF087C1BA2AA1A89B] [APT] [Avast Emergency Update] (.AVAST Software.) – C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2346488] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.FFE2D028D996BC6279A2E4894F9FCBFD] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) – C:\Program Files\CCleaner\CCleaner.exe [7456984] (.Activate.) =>.Piriform Ltd®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [HPCustPartic.exe_{0778FE57-B2D5-49AC-9D7A-21F1A3348AD5}] (…) – C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPCustPartic.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.D61830127D572F0FDA7FE78B0F2BBFE5] [APT] [RunUninstallTool_SkipUac] (.CrystalIDEA Software.) – C:\Program Files\Uninstall Tool\UninstallTool.exe [5386168] (.Activate.) =>.CrystalBit Solutions®
[MD5.F485EE3C484D9874E9DD75E6B4FEE332] [APT] [SafeZone scheduled Autoupdate 1476737804] (.Avast Software.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe [927264] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.283E10FD63971145CC1E750FFA46180E] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) – C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [826808] (.Activate.) =>.AVAST Software s.r.o.®
O39 - APT: Avast Emergency Update - (.AVAST Software.) – C:\Windows\System32\Tasks\Avast Emergency Update [4172] =>.AVAST Software s.r.o.®
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) – C:\Windows\System32\Tasks\CCleanerSkipUAC [2792] =>.Piriform Ltd®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) – C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore [3204] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) – C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A [3332] =>.Google Inc®
O39 - APT: HPCustPartic.exe_{0778FE57-B2D5-49AC-9D7A-21F1A3348AD5} - (…) – C:\Windows\System32\Tasks\HPCustPartic.exe_{0778FE 57-B2D5-49AC-9D7A-21F1A3348AD5} [2944] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: RunUninstallTool_SkipUac - (.CrystalIDEA Software.) – C:\Windows\System32\Tasks\RunUninstallTool_SkipUac [2976] =>.CrystalBit Solutions®
O39 - APT: SafeZone scheduled Autoupdate 1476737804 - (.Avast Software.) – C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1476737804 [3894] =>.AVAST Software s.r.o.®
—\ Auto loading programs from Registry and folders (3) - 0s
O4 - HKLM..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) – C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
O4 - HKUS\S-1-5-19..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
—\ Process running (21) - 1s
[MD5.7AD8E22454B5EF6BD2838D19062F028C] - (.AVAST Software - Avast Service.) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712] [PID.1152] =>.AVAST Software s.r.o.®
[MD5.1D82A01A368255FE78C65CF66B5B8281] - (.Intel Corporation - Local Manageability Service.) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1524] =>.Intel Corporation®
[MD5.A6CF3AC92230ACBF3996D1DFC005DA6B] - (.McAfee, Inc. - Intel Security True Key.) – C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736] [PID.1852] =>.McAfee, Inc.®
[MD5.11973479E0993531F9E6DA07B23BAACE] - (.McAfee, Inc. - Intel Security True Key.) – C:\Program Files\TrueKey\McTkSchedulerService.exe [16160] [PID.2192] =>.McAfee, Inc.®
[MD5.06EE5B41E2F85D3144B1CAED4D11D3DC] - (.AVAST Software - Avast Antivirus.) – C:\Program Files\AVAST Software\Avast\AvastUI.exe [9162920] [PID.2756] =>.AVAST Software s.r.o.®
[MD5.C6142B8CB72558D91CEA8E38F1B7D905] - (.Intel Corporation - User Notification Service.) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.3728] =>.Intel Corporation®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] - (.Google Inc. - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] [PID.3776] =>.Google Inc®
[MD5.33E6E5822E22A5E1DEA523C06155FD07] - (.Google Inc. - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.ex e [288848] [PID.3900] =>.Google Inc®
[MD5.27BEAF3F308ED2276F3863C2F2597556] - (.Google Inc. - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64. exe [366672] [PID.4032] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.3940] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.4000] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.3020] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.3320] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.3424] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.1492] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.2076] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.1284] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.4892] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.1812] =>.Google Inc®
[MD5.CF2D3DED416AA650A83736B2097AC033] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\ILANA\Downloads\ZHPDiag3.exe [2722304] [PID.4832] =>.Nicolas Coolman
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.796] =>.Google Inc®
—\ Google Chrome, Start,Search,Extensions (19) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://trovi.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://updatech.ru
G0 - GCSP: Preferences [User Data\Default][HomePage] http://campaign.bezeqint.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mail.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://uib.ff.avast.com =>.Avast Software s.r.o
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googletagmanager.com
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://trovi.com/
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [eofcbnmajmjmplflapaojjnihcjkigck] Avast SafePrice =>.Avast Software s.r.o
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [kohcnlaamfpgkdghjlfnhggmgimfolnc] UpdateCh
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
—\ Internet Explorer Extensions, Start, Search (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com =>.Google Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
—\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft
—\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerfo rmance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (4)
—\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: True Key Helper [64Bits] - {0F4B8786-5502-4803-8EBC-F652A1153BB6} . (.Intel Security - True Key Internet Explorer Extension.) – C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll =>.McAfee, Inc.®
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) – C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>.AVAST Software s.r.o.®
—\ Internet Explorer Toolbars (1) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (…) – C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (.not file.)
—\ Global shortcuts Startup (106) - 8s
O4 - GS\Desktop [Administrator]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Desktop [Administrator]: MagicISO.lnk . (.MagicISO, Inc. - MagicISO Maker.) C:\Program Files (x86)\MagicISO\MagicISO.exe =>.MagicISO, Inc.
O4 - GS\Desktop [Administrator]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO Computing\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: אילנה - Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Desktop [Guest]: MagicISO.lnk . (.MagicISO, Inc. - MagicISO Maker.) C:\Program Files (x86)\MagicISO\MagicISO.exe =>.MagicISO, Inc.
O4 - GS\Desktop [Guest]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO Computing\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: אילנה - Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Programs [Guest]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [ILANA]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Desktop [ILANA]: MagicISO.lnk . (.MagicISO, Inc. - MagicISO Maker.) C:\Program Files (x86)\MagicISO\MagicISO.exe =>.MagicISO, Inc.
O4 - GS\Desktop [ILANA]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO Computing\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [ILANA]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [ILANA]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [ILANA]: אילנה - Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [ILANA]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Quicklaunch [ILANA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [ILANA]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [ILANA]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [ILANA]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [ILANA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [ILANA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [ILANA]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [ILANA]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Programs [ILANA]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [ILANA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software s.r.o.®
O4 - GS\CommonDesktop [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: FastStone Image Viewer.lnk . (.FastStone Soft - FastStone Image Viewer.) C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe =>.FastStone Soft
O4 - GS\CommonDesktop [Public]: Free DOC Reader.lnk . (…) C:\Program Files (x86)\Media Freeware\Free DOC Reader\Free DOC Reader.exe
O4 - GS\CommonDesktop [Public]: Free DOC Viewer.lnk . (…) C:\Program Files (x86)\Media Freeware\Free DOC Viewer\Free DOC Viewer.exe
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: HP DeskJet 2130 series.lnk . (.Hewlett-Packard Development Company, LP - .) C:\Program Files (x86)\HP\HP DeskJet 2130 series\Bin\HP DeskJet 2130 series.exe -Start UDCDevicePage =>.Hewlett-Packard Development Company, LP
O4 - GS\CommonDesktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe =>.Visan Industries®
O4 - GS\CommonDesktop [Public]: IrfanView.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe =>.Irfan Skiljan®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (…) C:\Windows\Installer{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies
O4 - GS\CommonDesktop [Public]: True Key.lnk . (.Intel Security - .) C:\Program Files (x86)\Intel Security\True Key\application\truekey.exe --open-source=dtopicon =>.Intel Security
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Programs [Public]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCent er LaunchedBy_StartMenuShortcut =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (…) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Acrobat Reader 5.0.lnk . (.Adobe Systems Incorporated - Acrobat Reader 5.0.) C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe =>.Adobe Systems Incorporated
O4 - GS\ProgramsCommon [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) C:\Windows\Installer{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico =>.Flexera Software LLC
O4 - GS\ProgramsCommon [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: SumatraPDF.lnk . (.Krzysztof Kowalczyk - SumatraPDF.) C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe =>.Krzysztof Kowalczyk®
O4 - GS\ProgramsCommon [Public]: True Key.lnk . (.Intel Security - .) C:\Program Files (x86)\Intel Security\True Key\application\truekey.exe --open-source=startmenu =>.Intel Security
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
—\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 =>.Private IP
O17 - HKLM\System\CCS\Services\Tcpip..{7C90EA98-F3C0-49C8-A181-F0CEB87A97E0}: DhcpNameServer = 10.0.0.138 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP
—\ Extra protocols (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
—\ Software installed (41) - 6s
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] – Adobe Acrobat 5.0 =>.Adobe Systems, Inc.
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-0804-1033-1959-001824214663} =>.Adobe Systems Incorporated
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] – Avast Antivirus =>.AVAST Software s.r.o.®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] – CCleaner =>.Piriform Ltd®
O42 - Logiciel: Corel PaintShop Photo Express 2010 - (.Intel Corporation.) [HKLM][64Bits] – {7124BAB5-BD03-436E-8438-87FC29EA1332} =>.Intel Corporation
O42 - Logiciel: Corel VideoStudio 2010 Express - (.Intel Corporation.) [HKLM][64Bits] – {6D634C97-2468-4A6F-ABE5-A34B62C80FAD} =>.Intel Corporation
O42 - Logiciel: D-Fend Reloaded 1.4.4 (deinstall) - (.Alexander Herzog.) [HKLM][64Bits] – D-Fend Reloaded
O42 - Logiciel: FastStone Image Viewer 6.0 - (.FastStone Soft.) [HKLM][64Bits] – FastStone Image Viewer =>.FastStone Soft
O42 - Logiciel: Free DOC Reader - (.Media Freeware.) [HKLM][64Bits] – {810B21F5-6D1A-4E52-B5B1-ECBF75A30FF0} =>.Media Freeware
O42 - Logiciel: Free DOC Viewer - (.Media Freeware.) [HKLM][64Bits] – {DF6E1BF1-E7D2-46E8-ACFA-94079CEDDB11} =>.Media Freeware
O42 - Logiciel: Free File Viewer 2014 - (.Bitberry Software.) [HKLM][64Bits] – FreeFileViewer_is1 =>.Bitberry Software
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] – Google Chrome =>.Google Inc®
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] – {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: HP DeskJet 2130 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM][64Bits] – {54A80AED-ADB5-4D32-83F2-A9A5DF4ED2C1} =>.Hewlett-Packard Co.
O42 - Logiciel: HP DeskJet 2130 series Help - (.Hewlett Packard.) [HKLM][64Bits] – {1CDFD3C9-BDF8-4DDC-BDA2-EBC53F938B5F} =>.Hewlett Packard
O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM][64Bits] – HP Photo Creations =>.Visan Industries®
O42 - Logiciel: Intel Security True Key - (.Intel Security.) [HKLM][64Bits] – TrueKey =>.McAfee, Inc.®
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] – {F8A9085D-4C7A-41a9-8A77-C8998A96C421} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Desktop Utilities - (.Intel Corporation.) [HKLM][64Bits] – {662E930A-FBF8-4451-A5A6-4C094160B4BC} =>.Intel Corporation
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] – {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] – {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Network Connections 14.8.43.0 - (.Intel.) [HKLM][64Bits] – {11107A2A-AD44-4BC8-ABB5-E88E63BCA785} =>.Intel
O42 - Logiciel: Intel(R) Network Connections 14.8.43.0 - (.Intel.) [HKLM][64Bits] – PROSetDX =>.Intel
O42 - Logiciel: Intel® RealSense™ SDK 2014 Runtime (x64): Core - (.Intel Corporation.) [HKLM][64Bits] – {37D41A97-6B02-4C30-8753-85107BE1D674} =>.Intel Corporation
O42 - Logiciel: IrfanView 4.44 (32-bit) - (.Irfan Skiljan.) [HKLM][64Bits] – IrfanView =>.Irfan Skiljan®
O42 - Logiciel: Magic ISO Maker v5.5 (build 0281) - (.Magic ISO Inc.) [HKLM][64Bits] – Magic ISO Maker v5.5 (build 0281) =>.Magic ISO Inc
O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM][64Bits] – {716E0306-8318-4364-8B8F-0CC4E9376BAC} =>.Microsoft Corporation
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.
O42 - Logiciel: RogueKiller version 12.10.7.0 - (.Adlice Software.) [HKLM][64Bits] – 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice®
O42 - Logiciel: SafeZone Stable 3.55.2393.596 - (.Avast Software.) [HKLM][64Bits] – SafeZone 3.55.2393.596 =>.AVAST Software s.r.o.®
O42 - Logiciel: Skype™ 7.33 - (.Skype Technologies S.A..) [HKLM][64Bits] – {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A.
O42 - Logiciel: SumatraPDF - (.Krzysztof Kowalczyk.) [HKLM][64Bits] – SumatraPDF =>.Krzysztof Kowalczyk®
O42 - Logiciel: Uninstall Tool - (.CrystalIDEA Software, Inc..) [HKLM][64Bits] – Uninstall Tool_is1 =>.CrystalBit Solutions®
O42 - Logiciel: Unknown File Handler - (.File.org.) [HKLM][64Bits] – UFH_is1 =>Adware.InstallCore
O42 - Logiciel: VDMSound - (.Vlad Romascanu.) [HKLM][64Bits] – VDMSound
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player =>.VideoLAN
O42 - Logiciel: WinISO - (.WinISO Computing Inc..) [HKLM][64Bits] – WinISO =>.WinISO Computing Inc.
O42 - Logiciel: WinRAR 5.40 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Zip Motion Block Video codec (Remove Only) - (.DOSBox Team.) [HKLM][64Bits] – ZMBV =>.DOSBox Team
—\ HKCU & HKLM Software Keys (63) - 6s
HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\Wow6432Node\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\Wow6432Node\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\Wow6432Node\Caphyon =>.Caphyon
HKLM\SOFTWARE\Wow6432Node\Corel =>.Corel
HKLM\SOFTWARE\Wow6432Node\D-Fend Reloaded
HKLM\SOFTWARE\Wow6432Node\FastStone Image Viewer =>.FastStone Soft
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\HP =>.HP
HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\Intel Security =>.Intel Security
HKLM\SOFTWARE\Wow6432Node\IrfanView =>.Irfan Skiljan
HKLM\SOFTWARE\Wow6432Node\McAfee =>.McAfee Inc.
HKLM\SOFTWARE\Wow6432Node\Media Freeware =>.Media Freeware
HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\Piriform =>.Piriform
HKLM\SOFTWARE\Wow6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RocketLife =>.RocketLife
HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
HKLM\SOFTWARE\Wow6432Node\SumatraPDF =>.Krzysztof Kowalczyk
HKLM\SOFTWARE\Wow6432Node\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\Wow6432Node\TrueKey =>.Intel Corporation
HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node\Visan =>.Visan Software
HKLM\SOFTWARE\Wow6432Node\WinISO =>.WinISO Computing Inc
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\CrystalIdea Software =>.CrystalIdea Software
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKCU\SOFTWARE\HP =>.HP
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\Intel Security =>.Intel Security
HKCU\SOFTWARE\InterTrust
HKCU\SOFTWARE\MagicISO =>.MagicISO
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Phantagram
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\ProtectedStorage
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\skypeapp-03eca8ebb206
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\TrueKey =>.Intel Corporation
HKCU\SOFTWARE\Unknown File Handler =>Adware.InstallCore
HKCU\SOFTWARE\Visan =>.Visan Software
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\PasswordBox =>.PasswordBox Inc
—\ Contents of the Common Files folders (175) - 8s
O43 - CFD: 17/10/2016 - D – C:\Program Files\Adobe =>.Adobe
O43 - CFD: 17/10/2016 - D – C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 02/05/2017 - D – C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 26/10/2016 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 23/11/2016 - D – C:\Program Files\Google =>.Google
O43 - CFD: 21/10/2016 - D – C:\Program Files\HP =>.Hewlett-Packard
O43 - CFD: 17/10/2016 - D – C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 26/10/2016 - D – C:\Program Files\Intel Security =>.Intel Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Program Files\Realtek =>.Realtek
O43 - CFD: 14/07/2009 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - D – C:\Program Files\RogueKiller =>.Adlice
O43 - CFD: 05/05/2017 - D – C:\Program Files\TrueKey =>.Intel Corporation
O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 01/05/2017 - D – C:\Program Files\Uninstall Tool =>.CrystalBit Solutions®
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Journal =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 05/04/2017 - D – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 31/12/2016 - D – C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 26/10/2016 - D – C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 15/03/2017 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 18/01/2017 - D – C:\Program Files (x86)\D-Fend Reloaded
O43 - CFD: 22/10/2016 - D – C:\Program Files (x86)\DOSBox-0.74
O43 - CFD: 22/11/2016 - D – C:\Program Files (x86)\FastStone Image Viewer =>.FastStone Soft
O43 - CFD: 23/11/2016 - D – C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 21/10/2016 - D – C:\Program Files (x86)\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 21/10/2016 - D – C:\Program Files (x86)\HP =>.Hewlett-Packard
O43 - CFD: 21/10/2016 - D – C:\Program Files (x86)\HP Photo Creations =>.Visan Industries®
O43 - CFD: 17/10/2016 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 02/01/2017 - D – C:\Program Files (x86)\IrfanView =>.Irfan skiljan
O43 - CFD: 17/01/2017 - D – C:\Program Files (x86)\MagicISO =>.MagicISO
O43 - CFD: 05/05/2017 - [0] D – C:\Program Files (x86)\McAfee =>.McAfee
O43 - CFD: 26/10/2016 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - [0] D – C:\Program Files (x86)\MSXML 4.0 =>.Microsoft Corporation
O43 - CFD: 18/01/2017 - D – C:\Program Files (x86)\pcem
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - RD – C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 19/03/2017 - D – C:\Program Files (x86)\SumatraPDF =>.Krzysztof Kowalczyk
O43 - CFD: 17/10/2016 - [0] HD – C:\Program Files (x86)\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - D – C:\Program Files (x86)\Unknown File Handler =>Adware.InstallCore
O43 - CFD: 18/01/2017 - D – C:\Program Files (x86)\VDMSound
O43 - CFD: 29/11/2016 - D – C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 17/01/2017 - D – C:\Program Files (x86)\WinISO Computing =>.WinISO Computing Inc
O43 - CFD: 18/10/2016 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 17/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software =>.AVAST Software
O43 - CFD: 02/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 18/01/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Fend Reloaded
O43 - CFD: 22/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
O43 - CFD: 22/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer =>.FastStone Soft
O43 - CFD: 01/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DOC Reader
O43 - CFD: 01/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DOC Viewer
O43 - CFD: 19/03/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer =>..Superfluous.Bitberry
O43 - CFD: 18/01/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP =>.Hewlett-Packard
O43 - CFD: 17/10/2016 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
O43 - CFD: 02/01/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView =>.Irfan skiljan
O43 - CFD: 17/01/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO =>.MagicISO
O43 - CFD: 14/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice
O43 - CFD: 15/03/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 31/03/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [0] RHD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
O43 - CFD: 01/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool
O43 - CFD: 31/12/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 26/10/2016 - D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 07/04/2017 - D – C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 01/02/2017 - D – C:\ProgramData\Caphyon =>.Caphyon
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 23/11/2016 - D – C:\ProgramData\Google =>.Google
O43 - CFD: 21/10/2016 - D – C:\ProgramData\HP =>.Hewlett-Packard
O43 - CFD: 21/10/2016 - D – C:\ProgramData\HP Photo Creations =>.HP Photo Creations
O43 - CFD: 11/04/2017 - D – C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 20/12/2016 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 03/05/2017 - D – C:\ProgramData\RogueKiller =>.Adlice
O43 - CFD: 15/03/2017 - D – C:\ProgramData\Skype =>.Skype
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 05/05/2017 - [0] D – C:\ProgramData\SWCUTemp
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 26/10/2016 - D – C:\ProgramData\TrueKey =>.Intel Corporation
O43 - CFD: 21/10/2016 - D – C:\ProgramData\Visan =>.Visan Industries
O43 - CFD: 26/10/2016 - D – C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 13/04/2017 - D – C:\Program Files (x86)\Common Files\AV =>.Avast
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 26/10/2016 - D – C:\Program Files (x86)\Common Files\McAfee =>.McAfee
O43 - CFD: 31/03/2017 - D – C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - D – C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 26/10/2016 - D – C:\Users\ILANA\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Roaming\AVAST Software =>.AVAST Software
O43 - CFD: 01/05/2017 - D – C:\Users\ILANA\AppData\Roaming\CrystalIdea Software =>.CrystalIdea Software
O43 - CFD: 22/11/2016 - D – C:\Users\ILANA\AppData\Roaming\FastStone =>.FastStone Soft
O43 - CFD: 01/05/2017 - D – C:\Users\ILANA\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 22/04/2017 - D – C:\Users\ILANA\AppData\Roaming\Google =>.Google
O43 - CFD: 26/11/2016 - D – C:\Users\ILANA\AppData\Roaming\HpUpdate =>.Hewlett-Packard
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Roaming\InterTrust
O43 - CFD: 02/01/2017 - D – C:\Users\ILANA\AppData\Roaming\IrfanView =>.Irfan skiljan
O43 - CFD: 21/11/2010 - [0] D – C:\Users\ILANA\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 29/04/2017 - D – C:\Users\ILANA\AppData\Roaming\Media Freeware =>.Media Freeware
O43 - CFD: 28/10/2016 - SD – C:\Users\ILANA\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 01/05/2017 - D – C:\Users\ILANA\AppData\Roaming\Skype =>.Skype
O43 - CFD: 19/03/2017 - D – C:\Users\ILANA\AppData\Roaming\SumatraPDF =>.Krzysztof Kowalczyk
O43 - CFD: 02/05/2017 - D – C:\Users\ILANA\AppData\Roaming\uTorrent
O43 - CFD: 31/03/2017 - D – C:\Users\ILANA\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 17/01/2017 - D – C:\Users\ILANA\AppData\Roaming\WinISO Computing =>.WinISO Computing Inc
O43 - CFD: 31/12/2016 - D – C:\Users\ILANA\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 05/05/2017 - D – C:\Users\ILANA\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 26/10/2016 - D – C:\Users\ILANA\AppData\Local\Adobe =>.Adobe
O43 - CFD: 17/10/2016 - [0] SHD – C:\Users\ILANA\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Local\CEF =>.CEF
O43 - CFD: 17/10/2016 - [0] D – C:\Users\ILANA\AppData\Local\Deployment =>.Microsoft Corporation
O43 - CFD: 02/11/2016 - D – C:\Users\ILANA\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 22/10/2016 - D – C:\Users\ILANA\AppData\Local\DOSBox =>.DOSBox Team
O43 - CFD: 21/03/2017 - D – C:\Users\ILANA\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 10/12/2016 - D – C:\Users\ILANA\AppData\Local\Google =>.Google
O43 - CFD: 17/10/2016 - [0] SHD – C:\Users\ILANA\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - D – C:\Users\ILANA\AppData\Local\HP =>.Hewlett-Packard
O43 - CFD: 22/03/2017 - D – C:\Users\ILANA\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - D – C:\Users\ILANA\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 05/05/2017 - D – C:\Users\ILANA\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - [0] SHD – C:\Users\ILANA\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 10/12/2016 - D – C:\Users\ILANA\AppData\Local\tkdata =>.TK-Data
O43 - CFD: 26/10/2016 - D – C:\Users\ILANA\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 17/01/2017 - D – C:\Users\ILANA\AppData\Local\WinISO Computing =>.WinISO Computing Inc
O43 - CFD: 05/05/2017 - D – C:\Users\ILANA\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 19/03/2017 - [0] D – C:\Users\ILANA\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - RD – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - RD – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 17/01/2017 - [0] D – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\MagicISO =>.MagicISO
O43 - CFD: 14/07/2009 - RD – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 31/03/2017 - RD – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 17/01/2017 - D – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\WinISO =>.WinISO Computing Inc
O43 - CFD: 31/12/2016 - D – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/10/2016 - SD – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation
—\ ShellIconOverlayIdentifiers (SIOI) (4) - 0s
O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
—\ System Drivers List (64) - 3s
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) – C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) – C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) – C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) – C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2010/11/21 06:23:47 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) – C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2010/11/21 06:23:47 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) – C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2017/04/05 02:11:36 A . (.AVAST Software s.r.o. - IDS Application Activity Monitor Driver..) – C:\Windows\System32\drivers\aswbidsdrivera.sys [307736] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:11:36 A . (.AVAST Software s.r.o. - Application Activity Monitor Helper Driver.) – C:\Windows\System32\drivers\aswbidsha.sys [189768] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:11:36 A . (.AVAST Software s.r.o. - Logging Driver.) – C:\Windows\System32\drivers\aswbloga.sys [334088] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:11:36 A . (.AVAST Software s.r.o. - Universal Driver.) – C:\Windows\System32\drivers\aswbuniva.sys [48528] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:11 A . (.AVAST Software - Avast HWID.) – C:\Windows\System32\drivers\aswHwid.sys [38296] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/04/05 02:11:46 A . (.AVAST Software - Avast Keyboard Filter Driver.) – C:\Windows\System32\drivers\aswKbd.sys [32600] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/28 19:20:25 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) – C:\Windows\System32\drivers\aswmonflt.sys [128648] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:11 A . (.AVAST Software - Avast WFP Redirect Driver.) – C:\Windows\System32\drivers\aswRdr2.sys [101152] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:11 A . (.AVAST Software - Avast Revert.) – C:\Windows\System32\drivers\aswRvrt.sys [75704] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/04/05 02:11:46 A . (.AVAST Software - Avast Virtualization Driver.) – C:\Windows\System32\drivers\aswSnx.sys [1005048] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/28 19:20:26 A . (.AVAST Software - Avast self protection module.) – C:\Windows\System32\drivers\aswsp.sys [556784] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:12 A . (.AVAST Software - Stream Filter.) – C:\Windows\System32\drivers\aswStm.sys [164064] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:12 A . (.AVAST Software - Avast VM Monitor.) – C:\Windows\System32\drivers\aswVmm.sys [339696] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2009/06/10 23:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) – C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) – C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) – C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 04:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) – C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) – C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) – C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) – C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 23:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) – C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2009/07/14 04:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) – C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/12/10 04:37:56 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) – C:\Windows\System32\drivers\e1k62x64.sys [294064] =>.Intel Corporation®
O58 - SDL:2009/07/14 04:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) – C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2009/06/10 23:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) – C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2009/06/10 23:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) – C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/09/17 07:54:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) – C:\Windows\System32\drivers\HECIx64.sys [56344] =>.Intel Corporation®
O58 - SDL:2010/11/21 06:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2009/09/29 00:06:12 A . (.Intel Corporation - NDIS 6.1 Advanced Networking Services..) – C:\Windows\System32\drivers\iANSW60e.sys [152040] =>.Intel Corporation®
O58 - SDL:2010/11/21 06:23:47 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2010/01/08 23:32:24 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) – C:\Windows\System32\drivers\igdkmd64.sys [7841568] =>.Intel Corporation
O58 - SDL:2009/07/14 04:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) – C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2009/11/27 16:15:14 A . (.Intel(R) Corporation - Intel(R) Display HD Audio driver.) – C:\Windows\System32\drivers\IntcDAud.sys [244736] =>.Intel(R) Corporation
O58 - SDL:2009/10/14 13:29:54 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) – C:\Windows\System32\drivers\iqvw64e.sys [34472] =>.Intel Corporation®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) – C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) – C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) – C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2010/11/21 06:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2010/11/21 06:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) – C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) – C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2009/10/21 17:27:58 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\Windows\System32\drivers\RTKVHD64.sys [2013856] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/06/10 23:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) – C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 04:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2016/12/14 21:20:08 A . (.Authors - .) – C:\Windows\System32\drivers\staport.sys [44952] =>.AVAST Software a.s.®
O58 - SDL:2009/07/14 04:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) – C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2017/05/02 23:37:43 A . (.Authors - .) – C:\Windows\System32\drivers\TrueSight.sys [28272] =>.Adlice®
O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) – C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
O58 - SDL:2016/10/20 18:13:34 A . (.WinISO.com - WinISO Virtual CD Drive.) – C:\Windows\System32\drivers\WinisoCDBus.sys [204032] =>.ZJMedia Digital Technology Ltd.®
—\ Last modified or created user files (3) - 10s
O61 - LFC: 2017/05/01 01:04:07 A . (..) – C:\Users\ILANA\Desktop\internetflush.bat [827]
O61 - LFC: 2017/04/29 18:47:15 A . (..) – C:\Users\ILANA\Desktop\rsthosts_2.0 (1).exe [353632]
O61 - LFC: 2017/04/29 18:46:06 A . (..) – C:\Users\ILANA\Downloads\rsthosts_2.0.exe [353632]
—\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S
—\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.®
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
—\ Search Browser Infection (4) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.
—\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) – C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\ikeext.dll [853504] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) – C:\Windows\System32\Audiosrv.dll [679424] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) – C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\system32\wuaueng.dll [2477536] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) – C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) – C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
—\ Additional Scan (O88) (2) - 2s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\UFH_is1 =>Adware.InstallCore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\UFH_is1 =>Adware.InstallCore
—\ Summary of the elements found (1) - 0s
Microsoft Powerpoint Packages, Logiciel Publicitaire (Adware). - ZAM =>Adware.InstallCore
~ Unselected Options:
~ End of the scan, 16512 items in 02mn53s (787)(0)
2.listchkdsk result:
Clicking on the link you provided leads to “error file not found” message
~ Run by ILANA (Administrator) (2017/05/05 20:52:49)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\ILANA\Desktop\ZHPDiag.txt
~ Report: C:\Users\ILANA\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation
—\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v58.0.3029.96
~ MSIE: Internet Explorer v8.0.7601.17514
—\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO
—\ System protection software (1) - 1s
Avast Free Antivirus v17.3.2291 (Protection)
—\ Surveillance software (1) - 1s
~ Adobe Acrobat Reader DC (Surveillance)
—\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3986.74 MB (23% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 212 GB (83%) free of 255 GB : OK =>.Disk Space
—\ Connection to the system mode (3) - 0s
~ Computer Name: ILANA-PC
~ User Name: ILANA
~ Logged in as Administrator
—\ Enumeration of the disk units (2) - 0s
~ Drive C: has 212 GB free of 255 GB (System)
~ Drive D: has 211 GB free of 220 GB
—\ State of the Windows Security Center (10) - 1s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
—\ Search Generic System Files (24) - 1s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 21/11/2010 - (.Microsoft Corporation - Windows Explorer.) – C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - 21/11/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 21/11/2010 - (.Microsoft Corporation - Windows Logon Application.) – C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) – C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 21/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 21/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 21/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - 21/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation
[MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 21/11/2010 - (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Windows®
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) – C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 21/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) – C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®
—\ Non Microsoft non disabled Windows Services (8) - 4s
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Service Installer TrueKey (InstallerService) . (…) - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe (.not file.)
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation®
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: Intel Security True Key (TrueKey) . (.McAfee, Inc. - Intel Security True Key.) - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe =>.McAfee, Inc.®
O23 - Service: Intel Security True Key Scheduler (TrueKeyScheduler) . (.McAfee, Inc. - Intel Security True Key.) - C:\Program Files\TrueKey\McTkSchedulerService.exe =>.McAfee, Inc.®
O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation®
—\ Services not Microsoft (SR=Run, SS=Stop) (11) - 21s
SS - Demand [05/04/2017] [ 7398336] aswbIDSAgent (aswbIDSAgent) . (.AVAST Software s.r.o..) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe =>.AVAST Software s.r.o.®
SR - Auto [05/04/2017] [ 261712] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
SS - Auto [17/10/2016] [ 153752] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [17/10/2016] [ 153752] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [23/11/2016] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SR - Auto [09/12/2009] [ 268824] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation®
SS - Auto [09/12/2009] [ 268824] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [09/12/2009] [ 268824] Intel Security True Key (TrueKey) . (.McAfee, Inc..) - C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe =>.McAfee, Inc.®
SR - Auto [09/12/2009] [ 268824] Intel Security True Key Scheduler (TrueKeyScheduler) . (.McAfee, Inc..) - C:\Program Files\TrueKey\McTkSchedulerService.exe =>.McAfee, Inc.®
SS - Demand [09/12/2009] [ 268824] TrueKeyServiceHelper (TrueKeyServiceHelper) . (.McAfee, Inc..) - C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe =>.McAfee, Inc.®
SR - Auto [09/12/2009] [ 268824] Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation®
—\ Task Planned Automatically (15) - 9s
[MD5.617E1ED0D0D7CF1EF087C1BA2AA1A89B] [APT] [Avast Emergency Update] (.AVAST Software.) – C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2346488] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.FFE2D028D996BC6279A2E4894F9FCBFD] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) – C:\Program Files\CCleaner\CCleaner.exe [7456984] (.Activate.) =>.Piriform Ltd®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] (.Activate.) =>.Google Inc®
[MD5.00000000000000000000000000000000] [APT] [HPCustPartic.exe_{0778FE57-B2D5-49AC-9D7A-21F1A3348AD5}] (…) – C:\Program Files\HP\HP DeskJet 2130 series\Bin\HPCustPartic.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.D61830127D572F0FDA7FE78B0F2BBFE5] [APT] [RunUninstallTool_SkipUac] (.CrystalIDEA Software.) – C:\Program Files\Uninstall Tool\UninstallTool.exe [5386168] (.Activate.) =>.CrystalBit Solutions®
[MD5.F485EE3C484D9874E9DD75E6B4FEE332] [APT] [SafeZone scheduled Autoupdate 1476737804] (.Avast Software.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe [927264] (.Activate.) =>.AVAST Software s.r.o.®
[MD5.283E10FD63971145CC1E750FFA46180E] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) – C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [826808] (.Activate.) =>.AVAST Software s.r.o.®
O39 - APT: Avast Emergency Update - (.AVAST Software.) – C:\Windows\System32\Tasks\Avast Emergency Update [4172] =>.AVAST Software s.r.o.®
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) – C:\Windows\System32\Tasks\CCleanerSkipUAC [2792] =>.Piriform Ltd®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) – C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore [3204] =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) – C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A [3332] =>.Google Inc®
O39 - APT: HPCustPartic.exe_{0778FE57-B2D5-49AC-9D7A-21F1A3348AD5} - (…) – C:\Windows\System32\Tasks\HPCustPartic.exe_{0778FE 57-B2D5-49AC-9D7A-21F1A3348AD5} [2944] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: RunUninstallTool_SkipUac - (.CrystalIDEA Software.) – C:\Windows\System32\Tasks\RunUninstallTool_SkipUac [2976] =>.CrystalBit Solutions®
O39 - APT: SafeZone scheduled Autoupdate 1476737804 - (.Avast Software.) – C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1476737804 [3894] =>.AVAST Software s.r.o.®
—\ Auto loading programs from Registry and folders (3) - 0s
O4 - HKLM..\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) – C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
O4 - HKUS\S-1-5-19..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
—\ Process running (21) - 1s
[MD5.7AD8E22454B5EF6BD2838D19062F028C] - (.AVAST Software - Avast Service.) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712] [PID.1152] =>.AVAST Software s.r.o.®
[MD5.1D82A01A368255FE78C65CF66B5B8281] - (.Intel Corporation - Local Manageability Service.) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1524] =>.Intel Corporation®
[MD5.A6CF3AC92230ACBF3996D1DFC005DA6B] - (.McAfee, Inc. - Intel Security True Key.) – C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996736] [PID.1852] =>.McAfee, Inc.®
[MD5.11973479E0993531F9E6DA07B23BAACE] - (.McAfee, Inc. - Intel Security True Key.) – C:\Program Files\TrueKey\McTkSchedulerService.exe [16160] [PID.2192] =>.McAfee, Inc.®
[MD5.06EE5B41E2F85D3144B1CAED4D11D3DC] - (.AVAST Software - Avast Antivirus.) – C:\Program Files\AVAST Software\Avast\AvastUI.exe [9162920] [PID.2756] =>.AVAST Software s.r.o.®
[MD5.C6142B8CB72558D91CEA8E38F1B7D905] - (.Intel Corporation - User Notification Service.) – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.3728] =>.Intel Corporation®
[MD5.A8FD9222E4D72596BB37DA8BE95C0BA4] - (.Google Inc. - Google Installer.) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] [PID.3776] =>.Google Inc®
[MD5.33E6E5822E22A5E1DEA523C06155FD07] - (.Google Inc. - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.ex e [288848] [PID.3900] =>.Google Inc®
[MD5.27BEAF3F308ED2276F3863C2F2597556] - (.Google Inc. - Google Crash Handler.) – C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64. exe [366672] [PID.4032] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.3940] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.4000] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.3020] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.3320] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.3424] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.1492] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.2076] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.1284] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.4892] =>.Google Inc®
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.1812] =>.Google Inc®
[MD5.CF2D3DED416AA650A83736B2097AC033] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\ILANA\Downloads\ZHPDiag3.exe [2722304] [PID.4832] =>.Nicolas Coolman
[MD5.E88679B4CDB81293980E69C0B4E45D0E] - (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640] [PID.796] =>.Google Inc®
—\ Google Chrome, Start,Search,Extensions (19) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://trovi.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://updatech.ru
G0 - GCSP: Preferences [User Data\Default][HomePage] http://campaign.bezeqint.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mail.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.google-analytics.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://uib.ff.avast.com =>.Avast Software s.r.o
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googletagmanager.com
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://trovi.com/
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [eofcbnmajmjmplflapaojjnihcjkigck] Avast SafePrice =>.Avast Software s.r.o
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [kohcnlaamfpgkdghjlfnhggmgimfolnc] UpdateCh
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
—\ Internet Explorer Extensions, Start, Search (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com =>.Google Inc.
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
—\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies =>.Microsoft
—\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerfo rmance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (4)
—\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: True Key Helper [64Bits] - {0F4B8786-5502-4803-8EBC-F652A1153BB6} . (.Intel Security - True Key Internet Explorer Extension.) – C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll =>.McAfee, Inc.®
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) – C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>.AVAST Software s.r.o.®
—\ Internet Explorer Toolbars (1) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (…) – C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (.not file.)
—\ Global shortcuts Startup (106) - 8s
O4 - GS\Desktop [Administrator]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Desktop [Administrator]: MagicISO.lnk . (.MagicISO, Inc. - MagicISO Maker.) C:\Program Files (x86)\MagicISO\MagicISO.exe =>.MagicISO, Inc.
O4 - GS\Desktop [Administrator]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO Computing\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: אילנה - Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Desktop [Guest]: MagicISO.lnk . (.MagicISO, Inc. - MagicISO Maker.) C:\Program Files (x86)\MagicISO\MagicISO.exe =>.MagicISO, Inc.
O4 - GS\Desktop [Guest]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO Computing\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: אילנה - Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Programs [Guest]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [ILANA]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Desktop [ILANA]: MagicISO.lnk . (.MagicISO, Inc. - MagicISO Maker.) C:\Program Files (x86)\MagicISO\MagicISO.exe =>.MagicISO, Inc.
O4 - GS\Desktop [ILANA]: WinISO.lnk . (.WinISO Computing Inc. - WinISO.) C:\Program Files (x86)\WinISO Computing\WinISO\bin\winiso.exe =>.WinISO Computing Inc.
O4 - GS\Desktop [ILANA]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [ILANA]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ILANA\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [ILANA]: אילנה - Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [ILANA]: FreeFileViewer.lnk . (…) C:\Program Files (x86)\FreeFileViewer\FreeFileViewer.exe
O4 - GS\Quicklaunch [ILANA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [ILANA]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [ILANA]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [ILANA]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\TaskBar [ILANA]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [ILANA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [ILANA]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [ILANA]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Programs [ILANA]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [ILANA]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software s.r.o.®
O4 - GS\CommonDesktop [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: FastStone Image Viewer.lnk . (.FastStone Soft - FastStone Image Viewer.) C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe =>.FastStone Soft
O4 - GS\CommonDesktop [Public]: Free DOC Reader.lnk . (…) C:\Program Files (x86)\Media Freeware\Free DOC Reader\Free DOC Reader.exe
O4 - GS\CommonDesktop [Public]: Free DOC Viewer.lnk . (…) C:\Program Files (x86)\Media Freeware\Free DOC Viewer\Free DOC Viewer.exe
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: HP DeskJet 2130 series.lnk . (.Hewlett-Packard Development Company, LP - .) C:\Program Files (x86)\HP\HP DeskJet 2130 series\Bin\HP DeskJet 2130 series.exe -Start UDCDevicePage =>.Hewlett-Packard Development Company, LP
O4 - GS\CommonDesktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe =>.Visan Industries®
O4 - GS\CommonDesktop [Public]: IrfanView.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe =>.Irfan Skiljan®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (…) C:\Windows\Installer{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies
O4 - GS\CommonDesktop [Public]: True Key.lnk . (.Intel Security - .) C:\Program Files (x86)\Intel Security\True Key\application\truekey.exe --open-source=dtopicon =>.Intel Security
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Programs [Public]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCent er LaunchedBy_StartMenuShortcut =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (…) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Acrobat Reader 5.0.lnk . (.Adobe Systems Incorporated - Acrobat Reader 5.0.) C:\Program Files\Adobe\Acrobat 5.0\Reader\AcroRd32.exe =>.Adobe Systems Incorporated
O4 - GS\ProgramsCommon [Public]: Acrobat Reader DC.lnk . (.Flexera Software LLC - InstallShield.) C:\Windows\Installer{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\SC_Reader.ico =>.Flexera Software LLC
O4 - GS\ProgramsCommon [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: SumatraPDF.lnk . (.Krzysztof Kowalczyk - SumatraPDF.) C:\Program Files (x86)\SumatraPDF\SumatraPDF.exe =>.Krzysztof Kowalczyk®
O4 - GS\ProgramsCommon [Public]: True Key.lnk . (.Intel Security - .) C:\Program Files (x86)\Intel Security\True Key\application\truekey.exe --open-source=startmenu =>.Intel Security
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
—\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 =>.Private IP
O17 - HKLM\System\CCS\Services\Tcpip..{7C90EA98-F3C0-49C8-A181-F0CEB87A97E0}: DhcpNameServer = 10.0.0.138 =>.Private IP (10.0.0.0 - 10.255.255.255) =>.Private IP
—\ Extra protocols (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
—\ Software installed (41) - 6s
O42 - Logiciel: Adobe Acrobat 5.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] – Adobe Acrobat 5.0 =>.Adobe Systems, Inc.
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-0804-1033-1959-001824214663} =>.Adobe Systems Incorporated
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] – Avast Antivirus =>.AVAST Software s.r.o.®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] – CCleaner =>.Piriform Ltd®
O42 - Logiciel: Corel PaintShop Photo Express 2010 - (.Intel Corporation.) [HKLM][64Bits] – {7124BAB5-BD03-436E-8438-87FC29EA1332} =>.Intel Corporation
O42 - Logiciel: Corel VideoStudio 2010 Express - (.Intel Corporation.) [HKLM][64Bits] – {6D634C97-2468-4A6F-ABE5-A34B62C80FAD} =>.Intel Corporation
O42 - Logiciel: D-Fend Reloaded 1.4.4 (deinstall) - (.Alexander Herzog.) [HKLM][64Bits] – D-Fend Reloaded
O42 - Logiciel: FastStone Image Viewer 6.0 - (.FastStone Soft.) [HKLM][64Bits] – FastStone Image Viewer =>.FastStone Soft
O42 - Logiciel: Free DOC Reader - (.Media Freeware.) [HKLM][64Bits] – {810B21F5-6D1A-4E52-B5B1-ECBF75A30FF0} =>.Media Freeware
O42 - Logiciel: Free DOC Viewer - (.Media Freeware.) [HKLM][64Bits] – {DF6E1BF1-E7D2-46E8-ACFA-94079CEDDB11} =>.Media Freeware
O42 - Logiciel: Free File Viewer 2014 - (.Bitberry Software.) [HKLM][64Bits] – FreeFileViewer_is1 =>.Bitberry Software
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] – Google Chrome =>.Google Inc®
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] – {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: HP DeskJet 2130 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM][64Bits] – {54A80AED-ADB5-4D32-83F2-A9A5DF4ED2C1} =>.Hewlett-Packard Co.
O42 - Logiciel: HP DeskJet 2130 series Help - (.Hewlett Packard.) [HKLM][64Bits] – {1CDFD3C9-BDF8-4DDC-BDA2-EBC53F938B5F} =>.Hewlett Packard
O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM][64Bits] – HP Photo Creations =>.Visan Industries®
O42 - Logiciel: Intel Security True Key - (.Intel Security.) [HKLM][64Bits] – TrueKey =>.McAfee, Inc.®
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] – {F8A9085D-4C7A-41a9-8A77-C8998A96C421} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Desktop Utilities - (.Intel Corporation.) [HKLM][64Bits] – {662E930A-FBF8-4451-A5A6-4C094160B4BC} =>.Intel Corporation
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] – {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] – {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Network Connections 14.8.43.0 - (.Intel.) [HKLM][64Bits] – {11107A2A-AD44-4BC8-ABB5-E88E63BCA785} =>.Intel
O42 - Logiciel: Intel(R) Network Connections 14.8.43.0 - (.Intel.) [HKLM][64Bits] – PROSetDX =>.Intel
O42 - Logiciel: Intel® RealSense™ SDK 2014 Runtime (x64): Core - (.Intel Corporation.) [HKLM][64Bits] – {37D41A97-6B02-4C30-8753-85107BE1D674} =>.Intel Corporation
O42 - Logiciel: IrfanView 4.44 (32-bit) - (.Irfan Skiljan.) [HKLM][64Bits] – IrfanView =>.Irfan Skiljan®
O42 - Logiciel: Magic ISO Maker v5.5 (build 0281) - (.Magic ISO Inc.) [HKLM][64Bits] – Magic ISO Maker v5.5 (build 0281) =>.Magic ISO Inc
O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM][64Bits] – {716E0306-8318-4364-8B8F-0CC4E9376BAC} =>.Microsoft Corporation
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.
O42 - Logiciel: RogueKiller version 12.10.7.0 - (.Adlice Software.) [HKLM][64Bits] – 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice®
O42 - Logiciel: SafeZone Stable 3.55.2393.596 - (.Avast Software.) [HKLM][64Bits] – SafeZone 3.55.2393.596 =>.AVAST Software s.r.o.®
O42 - Logiciel: Skype™ 7.33 - (.Skype Technologies S.A..) [HKLM][64Bits] – {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A.
O42 - Logiciel: SumatraPDF - (.Krzysztof Kowalczyk.) [HKLM][64Bits] – SumatraPDF =>.Krzysztof Kowalczyk®
O42 - Logiciel: Uninstall Tool - (.CrystalIDEA Software, Inc..) [HKLM][64Bits] – Uninstall Tool_is1 =>.CrystalBit Solutions®
O42 - Logiciel: Unknown File Handler - (.File.org.) [HKLM][64Bits] – UFH_is1 =>Adware.InstallCore
O42 - Logiciel: VDMSound - (.Vlad Romascanu.) [HKLM][64Bits] – VDMSound
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player =>.VideoLAN
O42 - Logiciel: WinISO - (.WinISO Computing Inc..) [HKLM][64Bits] – WinISO =>.WinISO Computing Inc.
O42 - Logiciel: WinRAR 5.40 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] – WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: Zip Motion Block Video codec (Remove Only) - (.DOSBox Team.) [HKLM][64Bits] – ZMBV =>.DOSBox Team
—\ HKCU & HKLM Software Keys (63) - 6s
HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\Wow6432Node\ASIO =>.Steinberg Media Technologies
HKLM\SOFTWARE\Wow6432Node\AVAST Software =>.AVAST Software
HKLM\SOFTWARE\Wow6432Node\Caphyon =>.Caphyon
HKLM\SOFTWARE\Wow6432Node\Corel =>.Corel
HKLM\SOFTWARE\Wow6432Node\D-Fend Reloaded
HKLM\SOFTWARE\Wow6432Node\FastStone Image Viewer =>.FastStone Soft
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\Wow6432Node\HP =>.HP
HKLM\SOFTWARE\Wow6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\Intel Security =>.Intel Security
HKLM\SOFTWARE\Wow6432Node\IrfanView =>.Irfan Skiljan
HKLM\SOFTWARE\Wow6432Node\McAfee =>.McAfee Inc.
HKLM\SOFTWARE\Wow6432Node\Media Freeware =>.Media Freeware
HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Wow6432Node\Piriform =>.Piriform
HKLM\SOFTWARE\Wow6432Node\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RocketLife =>.RocketLife
HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
HKLM\SOFTWARE\Wow6432Node\SumatraPDF =>.Krzysztof Kowalczyk
HKLM\SOFTWARE\Wow6432Node\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\Wow6432Node\TrueKey =>.Intel Corporation
HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node\Visan =>.Visan Software
HKLM\SOFTWARE\Wow6432Node\WinISO =>.WinISO Computing Inc
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\AVAST Software =>.AVAST Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\CrystalIdea Software =>.CrystalIdea Software
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKCU\SOFTWARE\HP =>.HP
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\Intel Security =>.Intel Security
HKCU\SOFTWARE\InterTrust
HKCU\SOFTWARE\MagicISO =>.MagicISO
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Phantagram
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\ProtectedStorage
HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\skypeapp-03eca8ebb206
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\TrueKey =>.Intel Corporation
HKCU\SOFTWARE\Unknown File Handler =>Adware.InstallCore
HKCU\SOFTWARE\Visan =>.Visan Software
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\PasswordBox =>.PasswordBox Inc
—\ Contents of the Common Files folders (175) - 8s
O43 - CFD: 17/10/2016 - D – C:\Program Files\Adobe =>.Adobe
O43 - CFD: 17/10/2016 - D – C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
O43 - CFD: 02/05/2017 - D – C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 26/10/2016 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 23/11/2016 - D – C:\Program Files\Google =>.Google
O43 - CFD: 21/10/2016 - D – C:\Program Files\HP =>.Hewlett-Packard
O43 - CFD: 17/10/2016 - D – C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 26/10/2016 - D – C:\Program Files\Intel Security =>.Intel Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Program Files\Realtek =>.Realtek
O43 - CFD: 14/07/2009 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - D – C:\Program Files\RogueKiller =>.Adlice
O43 - CFD: 05/05/2017 - D – C:\Program Files\TrueKey =>.Intel Corporation
O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 01/05/2017 - D – C:\Program Files\Uninstall Tool =>.CrystalBit Solutions®
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Journal =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 05/04/2017 - D – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 31/12/2016 - D – C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 26/10/2016 - D – C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 15/03/2017 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 18/01/2017 - D – C:\Program Files (x86)\D-Fend Reloaded
O43 - CFD: 22/10/2016 - D – C:\Program Files (x86)\DOSBox-0.74
O43 - CFD: 22/11/2016 - D – C:\Program Files (x86)\FastStone Image Viewer =>.FastStone Soft
O43 - CFD: 23/11/2016 - D – C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 21/10/2016 - D – C:\Program Files (x86)\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 21/10/2016 - D – C:\Program Files (x86)\HP =>.Hewlett-Packard
O43 - CFD: 21/10/2016 - D – C:\Program Files (x86)\HP Photo Creations =>.Visan Industries®
O43 - CFD: 17/10/2016 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 02/01/2017 - D – C:\Program Files (x86)\IrfanView =>.Irfan skiljan
O43 - CFD: 17/01/2017 - D – C:\Program Files (x86)\MagicISO =>.MagicISO
O43 - CFD: 05/05/2017 - [0] D – C:\Program Files (x86)\McAfee =>.McAfee
O43 - CFD: 26/10/2016 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - [0] D – C:\Program Files (x86)\MSXML 4.0 =>.Microsoft Corporation
O43 - CFD: 18/01/2017 - D – C:\Program Files (x86)\pcem
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Realtek =>.Realtek
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - RD – C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 19/03/2017 - D – C:\Program Files (x86)\SumatraPDF =>.Krzysztof Kowalczyk
O43 - CFD: 17/10/2016 - [0] HD – C:\Program Files (x86)\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - D – C:\Program Files (x86)\Unknown File Handler =>Adware.InstallCore
O43 - CFD: 18/01/2017 - D – C:\Program Files (x86)\VDMSound
O43 - CFD: 29/11/2016 - D – C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 17/01/2017 - D – C:\Program Files (x86)\WinISO Computing =>.WinISO Computing Inc
O43 - CFD: 18/10/2016 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 17/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software =>.AVAST Software
O43 - CFD: 02/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 18/01/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Fend Reloaded
O43 - CFD: 22/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
O43 - CFD: 22/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer =>.FastStone Soft
O43 - CFD: 01/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DOC Reader
O43 - CFD: 01/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free DOC Viewer
O43 - CFD: 19/03/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer =>..Superfluous.Bitberry
O43 - CFD: 18/01/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP =>.Hewlett-Packard
O43 - CFD: 17/10/2016 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
O43 - CFD: 02/01/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView =>.Irfan skiljan
O43 - CFD: 17/01/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO =>.MagicISO
O43 - CFD: 14/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 02/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice
O43 - CFD: 15/03/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 31/03/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [0] RHD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
O43 - CFD: 01/05/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool
O43 - CFD: 31/12/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 26/10/2016 - D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 07/04/2017 - D – C:\ProgramData\AVAST Software =>.AVAST Software
O43 - CFD: 01/02/2017 - D – C:\ProgramData\Caphyon =>.Caphyon
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 23/11/2016 - D – C:\ProgramData\Google =>.Google
O43 - CFD: 21/10/2016 - D – C:\ProgramData\HP =>.Hewlett-Packard
O43 - CFD: 21/10/2016 - D – C:\ProgramData\HP Photo Creations =>.HP Photo Creations
O43 - CFD: 11/04/2017 - D – C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 20/12/2016 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 03/05/2017 - D – C:\ProgramData\RogueKiller =>.Adlice
O43 - CFD: 15/03/2017 - D – C:\ProgramData\Skype =>.Skype
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 05/05/2017 - [0] D – C:\ProgramData\SWCUTemp
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 26/10/2016 - D – C:\ProgramData\TrueKey =>.Intel Corporation
O43 - CFD: 21/10/2016 - D – C:\ProgramData\Visan =>.Visan Industries
O43 - CFD: 26/10/2016 - D – C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 13/04/2017 - D – C:\Program Files (x86)\Common Files\AV =>.Avast
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 26/10/2016 - D – C:\Program Files (x86)\Common Files\McAfee =>.McAfee
O43 - CFD: 31/03/2017 - D – C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Program Files (x86)\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 15/03/2017 - D – C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 26/10/2016 - D – C:\Users\ILANA\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Roaming\AVAST Software =>.AVAST Software
O43 - CFD: 01/05/2017 - D – C:\Users\ILANA\AppData\Roaming\CrystalIdea Software =>.CrystalIdea Software
O43 - CFD: 22/11/2016 - D – C:\Users\ILANA\AppData\Roaming\FastStone =>.FastStone Soft
O43 - CFD: 01/05/2017 - D – C:\Users\ILANA\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 22/04/2017 - D – C:\Users\ILANA\AppData\Roaming\Google =>.Google
O43 - CFD: 26/11/2016 - D – C:\Users\ILANA\AppData\Roaming\HpUpdate =>.Hewlett-Packard
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Roaming\InterTrust
O43 - CFD: 02/01/2017 - D – C:\Users\ILANA\AppData\Roaming\IrfanView =>.Irfan skiljan
O43 - CFD: 21/11/2010 - [0] D – C:\Users\ILANA\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 29/04/2017 - D – C:\Users\ILANA\AppData\Roaming\Media Freeware =>.Media Freeware
O43 - CFD: 28/10/2016 - SD – C:\Users\ILANA\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 01/05/2017 - D – C:\Users\ILANA\AppData\Roaming\Skype =>.Skype
O43 - CFD: 19/03/2017 - D – C:\Users\ILANA\AppData\Roaming\SumatraPDF =>.Krzysztof Kowalczyk
O43 - CFD: 02/05/2017 - D – C:\Users\ILANA\AppData\Roaming\uTorrent
O43 - CFD: 31/03/2017 - D – C:\Users\ILANA\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 17/01/2017 - D – C:\Users\ILANA\AppData\Roaming\WinISO Computing =>.WinISO Computing Inc
O43 - CFD: 31/12/2016 - D – C:\Users\ILANA\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 05/05/2017 - D – C:\Users\ILANA\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 26/10/2016 - D – C:\Users\ILANA\AppData\Local\Adobe =>.Adobe
O43 - CFD: 17/10/2016 - [0] SHD – C:\Users\ILANA\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - D – C:\Users\ILANA\AppData\Local\CEF =>.CEF
O43 - CFD: 17/10/2016 - [0] D – C:\Users\ILANA\AppData\Local\Deployment =>.Microsoft Corporation
O43 - CFD: 02/11/2016 - D – C:\Users\ILANA\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 22/10/2016 - D – C:\Users\ILANA\AppData\Local\DOSBox =>.DOSBox Team
O43 - CFD: 21/03/2017 - D – C:\Users\ILANA\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 10/12/2016 - D – C:\Users\ILANA\AppData\Local\Google =>.Google
O43 - CFD: 17/10/2016 - [0] SHD – C:\Users\ILANA\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 21/10/2016 - D – C:\Users\ILANA\AppData\Local\HP =>.Hewlett-Packard
O43 - CFD: 22/03/2017 - D – C:\Users\ILANA\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 19/03/2017 - D – C:\Users\ILANA\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 05/05/2017 - D – C:\Users\ILANA\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - [0] SHD – C:\Users\ILANA\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 10/12/2016 - D – C:\Users\ILANA\AppData\Local\tkdata =>.TK-Data
O43 - CFD: 26/10/2016 - D – C:\Users\ILANA\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 17/01/2017 - D – C:\Users\ILANA\AppData\Local\WinISO Computing =>.WinISO Computing Inc
O43 - CFD: 05/05/2017 - D – C:\Users\ILANA\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 19/03/2017 - [0] D – C:\Users\ILANA\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - RD – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 17/10/2016 - RD – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 17/01/2017 - [0] D – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\MagicISO =>.MagicISO
O43 - CFD: 14/07/2009 - RD – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 31/03/2017 - RD – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 17/01/2017 - D – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\WinISO =>.WinISO Computing Inc
O43 - CFD: 31/12/2016 - D – C:\Users\ILANA\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/10/2016 - SD – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation
—\ ShellIconOverlayIdentifiers (SIOI) (4) - 0s
O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
—\ System Drivers List (64) - 3s
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) – C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) – C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) – C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) – C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2010/11/21 06:23:47 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) – C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2010/11/21 06:23:47 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) – C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2017/04/05 02:11:36 A . (.AVAST Software s.r.o. - IDS Application Activity Monitor Driver..) – C:\Windows\System32\drivers\aswbidsdrivera.sys [307736] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:11:36 A . (.AVAST Software s.r.o. - Application Activity Monitor Helper Driver.) – C:\Windows\System32\drivers\aswbidsha.sys [189768] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:11:36 A . (.AVAST Software s.r.o. - Logging Driver.) – C:\Windows\System32\drivers\aswbloga.sys [334088] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:11:36 A . (.AVAST Software s.r.o. - Universal Driver.) – C:\Windows\System32\drivers\aswbuniva.sys [48528] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:11 A . (.AVAST Software - Avast HWID.) – C:\Windows\System32\drivers\aswHwid.sys [38296] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/04/05 02:11:46 A . (.AVAST Software - Avast Keyboard Filter Driver.) – C:\Windows\System32\drivers\aswKbd.sys [32600] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/28 19:20:25 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) – C:\Windows\System32\drivers\aswmonflt.sys [128648] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:11 A . (.AVAST Software - Avast WFP Redirect Driver.) – C:\Windows\System32\drivers\aswRdr2.sys [101152] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:11 A . (.AVAST Software - Avast Revert.) – C:\Windows\System32\drivers\aswRvrt.sys [75704] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2017/04/05 02:11:46 A . (.AVAST Software - Avast Virtualization Driver.) – C:\Windows\System32\drivers\aswSnx.sys [1005048] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/28 19:20:26 A . (.AVAST Software - Avast self protection module.) – C:\Windows\System32\drivers\aswsp.sys [556784] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:12 A . (.AVAST Software - Stream Filter.) – C:\Windows\System32\drivers\aswStm.sys [164064] =>.AVAST Software s.r.o.®
O58 - SDL:2017/04/05 02:12:12 A . (.AVAST Software - Avast VM Monitor.) – C:\Windows\System32\drivers\aswVmm.sys [339696] =>.AVAST Software s.r.o.® (.AVAST Software)
O58 - SDL:2009/06/10 23:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) – C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) – C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) – C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 04:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) – C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) – C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) – C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) – C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 23:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) – C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2009/07/14 04:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) – C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/12/10 04:37:56 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) – C:\Windows\System32\drivers\e1k62x64.sys [294064] =>.Intel Corporation®
O58 - SDL:2009/07/14 04:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) – C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2009/06/10 23:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) – C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2009/06/10 23:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) – C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/09/17 07:54:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) – C:\Windows\System32\drivers\HECIx64.sys [56344] =>.Intel Corporation®
O58 - SDL:2010/11/21 06:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2009/09/29 00:06:12 A . (.Intel Corporation - NDIS 6.1 Advanced Networking Services..) – C:\Windows\System32\drivers\iANSW60e.sys [152040] =>.Intel Corporation®
O58 - SDL:2010/11/21 06:23:47 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2010/01/08 23:32:24 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) – C:\Windows\System32\drivers\igdkmd64.sys [7841568] =>.Intel Corporation
O58 - SDL:2009/07/14 04:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) – C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2009/11/27 16:15:14 A . (.Intel(R) Corporation - Intel(R) Display HD Audio driver.) – C:\Windows\System32\drivers\IntcDAud.sys [244736] =>.Intel(R) Corporation
O58 - SDL:2009/10/14 13:29:54 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) – C:\Windows\System32\drivers\iqvw64e.sys [34472] =>.Intel Corporation®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) – C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) – C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) – C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2010/11/21 06:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2010/11/21 06:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) – C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) – C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2009/10/21 17:27:58 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\Windows\System32\drivers\RTKVHD64.sys [2013856] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/06/10 23:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) – C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 04:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2016/12/14 21:20:08 A . (.Authors - .) – C:\Windows\System32\drivers\staport.sys [44952] =>.AVAST Software a.s.®
O58 - SDL:2009/07/14 04:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) – C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2017/05/02 23:37:43 A . (.Authors - .) – C:\Windows\System32\drivers\TrueSight.sys [28272] =>.Adlice®
O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) – C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
O58 - SDL:2016/10/20 18:13:34 A . (.WinISO.com - WinISO Virtual CD Drive.) – C:\Windows\System32\drivers\WinisoCDBus.sys [204032] =>.ZJMedia Digital Technology Ltd.®
—\ Last modified or created user files (3) - 10s
O61 - LFC: 2017/05/01 01:04:07 A . (..) – C:\Users\ILANA\Desktop\internetflush.bat [827]
O61 - LFC: 2017/04/29 18:47:15 A . (..) – C:\Users\ILANA\Desktop\rsthosts_2.0 (1).exe [353632]
O61 - LFC: 2017/04/29 18:46:06 A . (..) – C:\Users\ILANA\Downloads\rsthosts_2.0.exe [353632]
—\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S
—\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.®
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
—\ Search Browser Infection (4) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.
—\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) – C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\ikeext.dll [853504] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) – C:\Windows\System32\Audiosrv.dll [679424] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) – C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\system32\wuaueng.dll [2477536] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) – C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) – C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
—\ Additional Scan (O88) (2) - 2s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\UFH_is1 =>Adware.InstallCore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\UFH_is1 =>Adware.InstallCore
—\ Summary of the elements found (1) - 0s
Microsoft Powerpoint Packages, Logiciel Publicitaire (Adware). - ZAM =>Adware.InstallCore
~ Unselected Options:
~ End of the scan, 16512 items in 02mn53s (787)(0)
2.listchkdsk result:
Clicking on the link you provided leads to “error file not found” message
Comment