Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Logfile of random's system information tool 1.09 (written by random/random)
- Run by Bilal at 2012-02-05 00:20:22
- Microsoft Windows 7 Édition Familiale Premium Service Pack 1
- System drive C: has 19 GB (5%) free of 351 GB
- Total RAM: 4095 MB (51% free)
- Logfile of Trend Micro HijackThis v2.0.4
- Scan saved at 00:20:23, on 05/02/2012
- Platform: Windows 7 SP1 (WinNT 6.00.3505)
- MSIE: Internet Explorer v9.00 (9.00.8112.16421)
- Boot mode: Normal
- Running processes:
- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
- C:\Program Files (x86)\iTunes\iTunesHelper.exe
- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Windows\SysWOW64\rundll32.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- C:\Users\Bilal\Downloads\RSIT (1).exe
- C:\Program Files (x86)\trend micro\Bilal.exe
- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
- R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
- R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
- R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.autocompletepro.com/?si=10203&bi=400
- R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
- R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1:9421
- R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
- R3 - URLSearchHook: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\prxtbAva2.dll
- O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
- O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (file missing)
- O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
- O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
- O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
- O2 - BHO: Avanquest FR - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\prxtbAva2.dll
- O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
- O2 - BHO: MegaIeHelperBHO - {77F4E711-789B-447F-9614-96759B2F83C6} - C:\Users\fatima\AppData\Local\Megamedia\Megakey\MegaIeHelper.dll
- O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
- O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll (file missing)
- O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
- O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
- O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (file missing)
- O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll (file missing)
- O3 - Toolbar: Avanquest FR Toolbar - {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - C:\Program Files (x86)\Avanquest_FR\prxtbAva2.dll
- O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
- O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
- O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
- O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
- O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
- O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
- O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
- O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
- O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
- O4 - HKCU\..\Run: [VPN4ALL] C:\Program Files (x86)\VPN4ALL\VPN4ALL.exe
- O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
- O4 - Global Startup: Assistant SMART WIZARD NETGEAR pour WG111v3.lnk = C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
- O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
- O4 - Global Startup: Philips Device Manager.lnk = C:\Philips\SA32xx Device Manager\SA32xx_DeviceManager.exe
- O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
- O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
- O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
- O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
- O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
- O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
- O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
- O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
- O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
- O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
- O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
- O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
- O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
- O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
- O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
- O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
- O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
- O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
- O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
- O10 - Unknown file in Winsock LSP: c:\programdata\megamedia\megakey\msadm.dll
- O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
- O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
- O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
- O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
- O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: Akamai NetSession Interface (Akamai) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
- O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
- O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
- O23 - Service: Service d'état ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
- O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
- O23 - Service: CrossLoop Service (CrossLoopService) - Unknown owner - C:\Users\Bilal\AppData\Local\CrossLoop\CrossLoopService.exe
- O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
- O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
- O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
- O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
- O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
- O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
- O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
- O23 - Service: HideMyIpSRV - Unknown owner - C:\Program Files (x86)\Hide My IP 2009\HideMyIpSrv.exe
- O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
- O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
- O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
- O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
- O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
- O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
- O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
- O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: getPlus(R) Helper 3004 (nosGetPlusHelper) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
- O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\VPN4ALL\Connect\openvpnserv.exe
- O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\SysWOW64\drivers\pclepci.sys
- O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
- O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
- O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: Realtek11nCU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
- O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Olitec\Olitec 11n USB Wireless LAN Utility\RtlService.exe
- O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
- O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
- O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: Spybot S&D 2 Live Protection Service (SDHookService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe
- O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
- O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
- O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
- O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
- O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
- O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
- O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
- O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
- O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
- O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
- O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: uvnc_service - UltraVNC - C:\Users\Bilal\AppData\Local\CrossLoop\winvnc.exe
- O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
- O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
- O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
- O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
- O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
- O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
- O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
- O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
- --
- End of file - 29675 bytes
- ======Scheduled tasks folder======
- C:\Windows\tasks\bfjxy.job
- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
- =========Mozilla firefox=========
- ProfilePath - C:\Users\Bilal\AppData\Roaming\Mozilla\Firefox\Profiles\tn7fcql4.default
- prefs.js - "browser.search.useDBForOrder" - false
- prefs.js - "extensions.enabledItems" - "{bb6bc1bb-f824-4702-90cd-35e2fb24f25c}:0.2.1.3, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.87, support@predictad.com:1.11, {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}:3.3.3.2, cacaoweb@cacaoweb.org:1.0.12, engine@conduit.com:3.3.3.2, {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {9b339f6e-ddcd-401b-8764-230adbd01761}:3.3.3.2, {59994074-c06d-4a75-9768-49e5a8c21264}:3.3.3.2, {f35e91f7-d248-48be-90fe-b95ac9549325}:3.3.3.2, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4, {4daac69c-cba7-45e2-9bc8-1044483d3352}:3.3.3.2, {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0"
- "{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
- "avg@igeared"=C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared
- "{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
- "{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
- "Description"=Adobe® Flash® Player 10.1 Plugin
- "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
- "Description"=Adobe Shockwave Player
- "Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
- "Description"=Module iTunes Detector
- "Path"=
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
- "Description"=
- "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
- "Description"=DivX VOD Helper Plug-in
- "Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@gametap.com/npdd,version=1.0]
- "Description"=Downloader Detector
- "Path"=C:\Program Files (x86)\Downloader\npdd.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
- "Description"=Google Earth in your browser
- "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
- "Description"=
- "Path"=disabled
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
- "Description"=Ag Player Plugin
- "Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
- "Description"=Office Live Update v1.3
- "Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
- "Description"=WLPG Install MIME type
- "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
- "Description"=This plugin detects and launches Pando Media Booster
- "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
- "Description"=Google Update
- "Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
- "Description"=Google Update
- "Path"=C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
- "Description"=Veetle TV Core
- "Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
- "Description"=Veetle TV Player
- "Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
- [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@virtools.com/3DviaPlayer]
- "Description"=3Dvia Player For Mozilla Based Broswer
- "Path"=C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll
- C:\Program Files (x86)\Mozilla Firefox\extensions\
- afurladvisor@anchorfree.com
- {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- {972ce4c6-7e08-4474-a285-3208198ce6fd}
- {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
- {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
- {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
- {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
- {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
- C:\Program Files (x86)\Mozilla Firefox\components\
- binary.manifest
- browsercomps.dll
- C:\Program Files (x86)\Mozilla Firefox\plugins\
- np-mswmp.dll
- npdeployJava1.dll
- np_gp.dll
- WMP Firefox Plugin License.rtf
- WMP Firefox Plugin RelNotes.txt
- C:\Program Files (x86)\Mozilla Firefox\searchplugins\
- amazon-france.xml
- bing.xml
- cnrtl-tlfi-fr.xml
- eBay-france.xml
- google.xml
- wikipedia-fr.xml
- yahoo-france.xml
- C:\Users\Bilal\AppData\Roaming\Mozilla\Firefox\Profiles\tn7fcql4.default\extensions\
- jid0-HE5HvmWWBQaDXgq7A7fBAL0UUCs@jetpack
- support@predictad.com
- {1c491116-c175-45e1-a570-6fb14fea8b7b}
- {4daac69c-cba7-45e2-9bc8-1044483d3352}
- {59994074-c06d-4a75-9768-49e5a8c21264}
- {635abd67-4fe9-1b23-4f01-e679fa7484c1}
- {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}
- {9b339f6e-ddcd-401b-8764-230adbd01761}
- {bb6bc1bb-f824-4702-90cd-35e2fb24f25c}
- {E2883E8F-472F-4fb0-9522-AC9BF37916A7}
- {e4a8a97b-f2ed-450b-b12d-ee082ba24781}
- {f35e91f7-d248-48be-90fe-b95ac9549325}
- C:\Users\Bilal\AppData\Roaming\Mozilla\Firefox\Profiles\tn7fcql4.default\searchplugins\
- bing.xml
- ======Registry dump======
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
- Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
- AVG Safe Search - C:\Program Files (x86)\AVG\AVG9\avgssie.dll []
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
- Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2011-10-05 2930632]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
- Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6ec85fcf-87ad-41d7-ae1f-f116f8ad4848}]
- Avanquest FR Toolbar - C:\Program Files (x86)\Avanquest_FR\prxtbAva2.dll [2011-05-09 176936]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77F4E711-789B-447F-9614-96759B2F83C6}]
- MegaIeHelperBHO Class - C:\Users\fatima\AppData\Local\Megamedia\Megakey\MegaIeHelper.dll [2011-01-13 64000]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
- Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
- AVG Security Toolbar BHO - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll []
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
- Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10 3834016]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
- IeMonitorBho Class - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll [2010-11-03 109568]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
- Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll []
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
- {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll []
- {6ec85fcf-87ad-41d7-ae1f-f116f8ad4848} - Avanquest FR Toolbar - C:\Program Files (x86)\Avanquest_FR\prxtbAva2.dll [2011-05-09 176936]
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
- "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-28 35696]
- "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
- "Microsoft Default Manager"=C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2010-05-10 439568]
- "DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
- "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
- "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-11-13 421736]
- "LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2011-08-15 1955208]
- "Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-01-13 460872]
- "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2011-10-05 3578272]
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
- "VPN4ALL"=C:\Program Files (x86)\VPN4ALL\VPN4ALL.exe [2011-09-02 1784832]
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
- Assistant SMART WIZARD NETGEAR pour WG111v3.lnk - C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
- NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe
- Philips Device Manager.lnk - C:\Philips\SA32xx Device Manager\SA32xx_DeviceManager.exe
- Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe
- C:\Users\Bilal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
- OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
- SDWinLogon.dll []
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
- WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2012-01-12 203776]
- [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
- "SecurityProviders"=credssp.dll
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
- [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
- "LogonHoursAction"=2
- "DontDisplayLogonHoursWarnings"=1
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
- "ConsentPromptBehaviorAdmin"=5
- "ConsentPromptBehaviorUser"=3
- "EnableUIADesktopToggle"=0
- "dontdisplaylastusername"=0
- "legalnoticecaption"=
- "legalnoticetext"=
- "shutdownwithoutlogon"=1
- "undockwithoutlogon"=1
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
- "NoDriveTypeAutoRun"=145
- "NoDrives"=0
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
- "NoDrives"=0
- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
- "C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe"="C:\Program Files\River Past\Audio Converter Pro\AudioConverter.exe:*:Enabled:River Past Audio Converter Pro"
- "C:\Program Files (x86)\xchat\xchat.exe"="C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client"
- "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
- "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
- "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
- "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
- [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
- "vidc.mrle"=msrle32.dll
- "vidc.msvc"=msvidc32.dll
- "msacm.imaadpcm"=imaadp32.acm
- "msacm.msg711"=msg711.acm
- "msacm.msgsm610"=msgsm32.acm
- "msacm.msadpcm"=msadp32.acm
- "midimapper"=midimap.dll
- "wavemapper"=msacm32.drv
- "vidc.uyvy"=msyuv.dll
- "vidc.yuy2"=msyuv.dll
- "vidc.yvyu"=msyuv.dll
- "vidc.iyuv"=iyuv_32.dll
- "vidc.i420"=vdrcodec.dll
- "vidc.yvu9"=tsbyuv.dll
- "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
- "vidc.cvid"=iccvid.dll
- "wave1"=wdmaud.drv
- "midi1"=wdmaud.drv
- "mixer1"=wdmaud.drv
- "aux1"=wdmaud.drv
- "wave"=wdmaud.drv
- "midi"=wdmaud.drv
- "mixer"=wdmaud.drv
- "aux"=wdmaud.drv
- "VIDC.FPS1"=frapsvid.dll
- "vidc.tscc"=tsccvid.dll
- "vidc.yv12"=DivX.dll
- "VIDC.FFDS"=ff_vfw.dll
- "msacm.siren"=sirenacm.dll
- "msacm.vorbis"=vorbis.acm
- "VIDC.MJPG"=Pvmjpg30.dll
- "wave3"=wdmaud.drv
- "mixer3"=wdmaud.drv
- "wave4"=wdmaud.drv
- "mixer4"=wdmaud.drv
- "vidc.DIVX"=DivX.dll
- "msacm.lhacm"=lhacm.acm
- "wave5"=wdmaud.drv
- "mixer5"=wdmaud.drv
- "wave6"=wdmaud.drv
- "mixer6"=wdmaud.drv
- ======File associations======
- .js - edit - C:\Windows\System32\Notepad.exe %1
- ======List of files/folders created in the last 1 month======
- 2012-02-05 00:02:01 ----D---- C:\rsit
- 2012-02-05 00:02:01 ----D---- C:\Program Files (x86)\trend micro
- 2012-02-04 23:02:38 ----D---- C:\Windows\temp
- 2012-02-04 23:02:36 ----A---- C:\ComboFix.txt
- 2012-02-04 22:42:10 ----A---- C:\Windows\zip.exe
- 2012-02-04 22:42:10 ----A---- C:\Windows\SWSC.exe
- 2012-02-04 22:42:10 ----A---- C:\Windows\SWREG.exe
- 2012-02-04 22:42:10 ----A---- C:\Windows\sed.exe
- 2012-02-04 22:42:10 ----A---- C:\Windows\PEV.exe
- 2012-02-04 22:42:10 ----A---- C:\Windows\NIRCMD.exe
- 2012-02-04 22:42:10 ----A---- C:\Windows\MBR.exe
- 2012-02-04 22:42:10 ----A---- C:\Windows\grep.exe
- 2012-02-04 22:38:59 ----A---- C:\Windows\ntbtlog.txt
- 2012-02-04 22:03:23 ----D---- C:\Windows\ERDNT
- 2012-02-04 21:18:11 ----AD---- C:\Qoobox
- 2012-02-04 20:51:24 ----A---- C:\AdwCleaner[S2].txt
- 2012-02-04 20:49:46 ----A---- C:\AdwCleaner[S1].txt
- 2012-02-04 20:49:20 ----A---- C:\AdwCleaner[R1].txt
- 2012-02-04 12:45:55 ----A---- C:\Users\Bilal\AppData\Roaming\Nouveau document texte.txt
- 2012-02-03 22:58:55 ----D---- C:\ProgramData\Spybot - Search & Destroy
- 2012-02-03 22:58:31 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
- 2012-02-02 21:42:44 ----RASH---- C:\Windows\SysWOW64\expsrv3.dll
- 2012-02-02 19:05:47 ----A---- C:\user.js
- 2012-02-02 00:47:33 ----D---- C:\Windows\CSC
- 2012-02-02 00:47:30 ----D---- C:\Users\Bilal\AppData\Roaming\HTML Help
- 2012-02-02 00:47:30 ----AS---- C:\Windows\SysWOW64\c6to4.dll
- 2012-02-02 00:47:30 ----A---- C:\Windows\SysWOW64\winlogon.exe
- 2012-02-01 23:21:09 ----D---- C:\Program Files (x86)\Acunetix
- 2012-01-29 00:11:58 ----A---- C:\Windows\SysWOW64\drivers\npf.sys
- 2012-01-29 00:11:57 ----D---- C:\Program Files (x86)\SwitchSniffer
- 2012-01-29 00:11:57 ----A---- C:\Windows\SysWOW64\wpcap.dll
- 2012-01-29 00:11:57 ----A---- C:\Windows\SysWOW64\WanPacket.dll
- 2012-01-29 00:11:57 ----A---- C:\Windows\SysWOW64\pthreadVC.dll
- 2012-01-29 00:11:57 ----A---- C:\Windows\SysWOW64\packet.dll
- 2012-01-27 17:53:25 ----D---- C:\Users\Bilal\AppData\Roaming\.spoutcraft
- 2012-01-24 18:21:05 ----D---- C:\Program Files (x86)\VPN4ALL
- 2012-01-23 22:17:57 ----D---- C:\Users\Bilal\AppData\Roaming\mIRC
- 2012-01-23 22:17:57 ----D---- C:\Program Files (x86)\mIRC
- 2012-01-23 18:47:54 ----D---- C:\Users\Bilal\AppData\Roaming\X-Chat 2
- 2012-01-23 18:41:49 ----D---- C:\Users\Bilal\AppData\Roaming\.purple
- 2012-01-23 18:40:38 ----D---- C:\Program Files (x86)\Pidgin
- 2012-01-21 18:18:02 ----D---- C:\Program Files (x86)\xchat
- 2012-01-21 12:36:17 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
- 2012-01-21 12:36:17 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
- 2012-01-21 12:36:16 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
- 2012-01-21 12:34:50 ----A---- C:\Windows\SysWOW64\GameuxInstallHelper.dll
- 2012-01-21 12:34:50 ----A---- C:\Windows\SysWOW64\FirewallInstallHelper.dll
- 2012-01-19 21:45:44 ----D---- C:\Program Files (x86)\GameSpy
- 2012-01-19 21:44:13 ----D---- C:\Windows\SysWOW64\URTTEMP
- 2012-01-19 21:42:35 ----A---- C:\Windows\SysWOW64\PnkBstrB.exe
- 2012-01-19 21:42:33 ----A---- C:\Windows\SysWOW64\PnkBstrA.exe
- 2012-01-19 21:42:33 ----A---- C:\Windows\SysWOW64\pbsvc.exe
- 2012-01-19 21:24:14 ----D---- C:\Program Files (x86)\Electronic Arts
- 2012-01-18 20:40:35 ----RHD---- C:\Users\Bilal\AppData\Roaming\SecuROM
- 2012-01-17 20:20:23 ----D---- C:\Program Files (x86)\Rockstar Games
- 2012-01-17 16:31:14 ----D---- C:\Program Files (x86)\Downloader
- 2012-01-15 22:32:59 ----AH---- C:\Windows\SysWOW64\BytescoutVideoMixerFilter.dll
- 2012-01-15 22:32:59 ----AH---- C:\Windows\SysWOW64\BytescoutScreenCapturingFilter.dll
- 2012-01-15 22:32:56 ----AH---- C:\Windows\SysWOW64\BytescoutScreenCapturing.dll
- 2012-01-12 19:20:25 ----A---- C:\Windows\SysWOW64\schannel.dll
- 2012-01-12 19:20:24 ----A---- C:\Windows\SysWOW64\webio.dll
- 2012-01-12 19:20:24 ----A---- C:\Windows\SysWOW64\secur32.dll
- 2012-01-12 19:20:23 ----A---- C:\Windows\SysWOW64\sspicli.dll
- 2012-01-12 18:56:44 ----A---- C:\Windows\SysWOW64\urlmon.dll
- 2012-01-12 18:56:44 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
- 2012-01-12 18:56:44 ----A---- C:\Windows\SysWOW64\msls31.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\wininet.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\SetIEInstalledDate.exe
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\msrating.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\mshtmler.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\msfeedssync.exe
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\jsproxy.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\jscript9.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\jscript.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\ieui.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\iesysprep.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\iertutil.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\iepeers.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\ieframe.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\ieakeng.dll
- 2012-01-12 18:56:43 ----A---- C:\Windows\SysWOW64\IEAdvpack.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\wextract.exe
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\webcheck.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\vbscript.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\url.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\pngfilt.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\occache.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\mshtmled.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\mshtml.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\mshta.exe
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\msfeeds.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\licmgr10.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\inseng.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\imgutil.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\iexpress.exe
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\iesetup.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\iernonce.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\ieapfltr.dat
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\ieakui.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\ieaksie.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\ie4uinit.exe
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\icardie.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\dxtrans.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
- 2012-01-12 18:56:42 ----A---- C:\Windows\SysWOW64\admparse.dll
- 2012-01-12 18:38:02 ----D---- C:\ProgramData\Megamedia
- 2012-01-11 20:05:04 ----D---- C:\ProgramData\boost_interprocess
- 2012-01-11 13:53:29 ----A---- C:\Windows\SysWOW64\quartz.dll
- 2012-01-11 13:53:29 ----A---- C:\Windows\SysWOW64\qdvd.dll
- 2012-01-11 13:53:26 ----A---- C:\Windows\SysWOW64\ntdll.dll
- 2012-01-11 13:53:25 ----A---- C:\Windows\SysWOW64\packager.dll
- 2012-01-08 19:55:19 ----ASH---- C:\pagefile.sys
- ======List of files/folders modified in the last 1 month======
- 2012-02-05 00:02:12 ----D---- C:\Windows\tracing
- 2012-02-05 00:02:01 ----D---- C:\Program Files (x86)
- 2012-02-04 23:31:43 ----SHD---- C:\Windows\Installer
- 2012-02-04 23:31:43 ----RD---- C:\Program Files
- 2012-02-04 23:31:35 ----D---- C:\Windows\inf
- 2012-02-04 23:31:03 ----D---- C:\Windows\System32
- 2012-02-04 23:30:32 ----SHD---- C:\System Volume Information
- 2012-02-04 23:29:07 ----D---- C:\Windows\SysWOW64
- 2012-02-04 23:29:07 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
- 2012-02-04 23:14:03 ----D---- C:\Program Files (x86)\Common Files\Akamai
- 2012-02-04 23:13:15 ----D---- C:\Windows
- 2012-02-04 23:08:18 ----D---- C:\$Recycle.Bin
- 2012-02-04 22:59:49 ----A---- C:\Windows\system.ini
- 2012-02-04 22:58:42 ----D---- C:\Users\Bilal\AppData\Roaming\Skype
- 2012-02-04 22:57:52 ----D---- C:\ProgramData
- 2012-02-04 22:57:52 ----D---- C:\Program Files (x86)\Common Files
- 2012-02-04 22:55:03 ----D---- C:\Windows\SysWOW64\drivers
- 2012-02-04 22:55:03 ----D---- C:\Windows\AppPatch
- 2012-02-04 22:18:22 ----D---- C:\Windows\debug
- 2012-02-04 10:41:48 ----D---- C:\Windows\Prefetch
- 2012-02-03 22:59:08 ----D---- C:\Windows\Tasks
- 2012-02-03 22:58:42 ----D---- C:\ProgramData\Microsoft
- 2012-02-03 22:46:30 ----D---- C:\Users\Bilal\AppData\Roaming\uTorrent
- 2012-02-03 22:46:30 ----D---- C:\Users\Bilal\AppData\Roaming\DAEMON Tools Lite
- 2012-02-03 22:46:30 ----D---- C:\Program Files (x86)\Steam
- 2012-02-03 22:46:16 ----D---- C:\Windows\Panther
- 2012-02-03 22:46:07 ----D---- C:\Windows\Minidump
- 2012-02-03 22:46:07 ----D---- C:\Windows\Logs
- 2012-02-03 17:22:28 ----D---- C:\Users\Bilal\AppData\Roaming\Mumble
- 2012-02-02 09:41:37 ----D---- C:\Windows\SysWOW64\wbem
- 2012-02-02 00:47:33 ----D---- C:\Users\Bilal\AppData\Roaming\Mozilla
- 2012-02-01 22:53:33 ----D---- C:\Program Files (x86)\Mumble
- 2012-02-01 17:46:05 ----SD---- C:\Users\Bilal\AppData\Roaming\Microsoft
- 2012-02-01 09:05:33 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
- 2012-01-31 23:08:01 ----D---- C:\Users\Bilal\AppData\Roaming\.minecraft
- 2012-01-25 21:59:29 ----D---- C:\Users\Bilal\AppData\Roaming\Adobe
- 2012-01-25 20:45:39 ----D---- C:\Program Files (x86)\Adobe
- 2012-01-21 19:52:44 ----D---- C:\Program Files (x86)\Common Files\Steam
- 2012-01-21 17:59:02 ----A---- C:\Windows\win.ini
- 2012-01-21 12:35:53 ----RSD---- C:\Windows\assembly
- 2012-01-21 12:28:05 ----A---- C:\Windows\wininit.ini
- 2012-01-21 12:14:32 ----D---- C:\Program Files (x86)\Ubisoft
- 2012-01-19 21:44:58 ----D---- C:\Windows\registration
- 2012-01-19 21:44:13 ----D---- C:\Program Files (x86)\Internet Explorer
- 2012-01-19 21:24:14 ----D---- C:\Temp
- 2012-01-18 21:45:44 ----D---- C:\Program Files (x86)\AVS4YOU
- 2012-01-18 21:45:38 ----D---- C:\Program Files (x86)\Common Files\AVSMedia
- 2012-01-18 21:43:49 ----D---- C:\Program Files (x86)\Cain
- 2012-01-18 21:43:35 ----D---- C:\Program Files (x86)\Cheat Engine
- 2012-01-18 21:40:30 ----D---- C:\Program Files (x86)\Lavalon Dragonica
- 2012-01-18 21:38:35 ----D---- C:\Riot Games
- 2012-01-18 21:38:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
- 2012-01-18 21:29:26 ----D---- C:\Program Files (x86)\Neffy
- 2012-01-18 21:21:15 ----D---- C:\Program Files (x86)\Net Tools
- 2012-01-18 21:21:04 ----D---- C:\Program Files (x86)\NirSoft
- 2012-01-18 21:11:34 ----D---- C:\Program Files (x86)\QuickTime
- 2012-01-18 21:09:37 ----D---- C:\Users\Bilal\AppData\Roaming\Real
- 2012-01-18 21:09:37 ----D---- C:\Program Files (x86)\Common Files\Real
- 2012-01-18 21:09:34 ----D---- C:\Program Files (x86)\Real
- 2012-01-18 21:08:24 ----D---- C:\ProgramData\River Past G5
- 2012-01-18 21:04:25 ----D---- C:\ProgramData\Eltima Software
- 2012-01-18 20:52:43 ----RSD---- C:\Windows\Fonts
- 2012-01-18 20:49:12 ----D---- C:\Program Files (x86)\WinPcap
- 2012-01-18 19:11:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
- 2012-01-15 21:51:50 ----A---- C:\Windows\MegaManager.INI
- 2012-01-15 17:46:50 ----D---- C:\Users\Bilal\AppData\Roaming\FreeVideoConverter
- 2012-01-13 13:09:19 ----D---- C:\Windows\rescache
- 2012-01-13 11:53:11 ----D---- C:\Windows\winsxs
- 2012-01-12 19:06:15 ----D---- C:\Windows\SysWOW64\migration
- 2012-01-12 19:06:15 ----D---- C:\Windows\SysWOW64\fr-FR
- 2012-01-12 19:06:15 ----D---- C:\Windows\SysWOW64\en-US
- 2012-01-12 19:06:13 ----D---- C:\Windows\PolicyDefinitions
- 2012-01-11 20:05:02 ----D---- C:\Program Files (x86)\Free Video Converter
- 2012-01-11 19:39:04 ----D---- C:\Windows\ehome
- ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
- R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys []
- R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
- R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
- R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
- R1 SDHookDriver;Spybot-S&D 2 Hook Driver; \??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2011-10-05 48888]
- R1 TsVp;TsVp; C:\Windows\system32\DRIVERS\tsvp.sys []
- R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
- R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
- R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys []
- R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys []
- R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
- R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
- R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys []
- R3 HssDrv;Hotspot Shield Helper Miniport; C:\Windows\system32\DRIVERS\HssDrv.sys []
- R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
- R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys []
- R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
- R3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys []
- R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys []
- R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys []
- R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft; C:\Windows\system32\DRIVERS\tscomm.sys []
- S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
- S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
- S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
- S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
- S3 DCamUSBEMPIA;Dazzle DVC100 Video; C:\Windows\system32\DRIVERS\emDevice64.sys []
- S3 dump_wmimmc;dump_wmimmc; \??\C:\gPotato.eu\Dragonica\Release\GameGuard\dump_wmimmc.sys []
- S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
- S3 emAudio;Dazzle DVC100 Audio Device; C:\Windows\system32\drivers\emAudio64.sys []
- S3 FiltUSBEMPIA;USB Device Lower Filter; C:\Windows\system32\DRIVERS\emFilter64.sys []
- S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
- S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1; C:\Windows\system32\drivers\libusb0.sys [2005-03-09 33792]
- S3 LVcKap64;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap64.sys []
- S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver; C:\Windows\system32\DRIVERS\MijXfilt.sys []
- S3 NLNdisMP;NLNdisMP; C:\Windows\system32\DRIVERS\nlndis.sys []
- S3 NLNdisPT;NetLimiter Ndis Protocol Service; C:\Windows\system32\DRIVERS\nlndis.sys []
- S3 NPPTNT2;NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [2005-01-03 4682]
- S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys []
- S3 RTL8187B;Carte réseau USB 2.0 Realtek RTL8187B sans fil 802.11b/g 54 Mbits/s; C:\Windows\system32\DRIVERS\RTL8187B.sys []
- S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys []
- S3 ScanUSBEMPIA;USB Still Image Capture Device; C:\Windows\system32\DRIVERS\emScan64.sys []
- S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys []
- S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys []
- S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
- S3 TsVlb;TsVlb; C:\Windows\system32\DRIVERS\tsvlb.sys []
- S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
- S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
- S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys []
- S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
- ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
- R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2009-07-14 20992]
- R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
- R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
- R2 CrossLoopService;CrossLoop Service; C:\Users\Bilal\AppData\Local\CrossLoop\CrossLoopService.exe [2009-12-16 86016]
- R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-04-19 625184]
- R2 Greg_Service;GRegService; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [2009-08-28 1150496]
- R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]
- R2 HssWd;Hotspot Shield Monitoring Service; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2011-05-27 329544]
- R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
- R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-04-19 207904]
- R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2012-01-19 66872]
- R2 Realtek11nCU;Realtek11nCU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-04-16 36864]
- R2 Realtek11nSU;Realtek11nSU; C:\Program Files (x86)\Olitec\Olitec 11n USB Wireless LAN Utility\RtlService.exe [2009-12-21 40960]
- R2 SDHookService;Spybot S&D 2 Live Protection Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe [2011-10-05 130976]
- R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-10-05 892336]
- R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-10-05 955816]
- R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-10-05 169624]
- R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
- R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
- R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-02 2923392]
- R2 Updater Service;Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2009-07-04 240160]
- R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
- R3 HideMyIpSRV;HideMyIpSRV; C:\Program Files (x86)\Hide My IP 2009\HideMyIpSrv.exe [2009-11-28 2396464]
- R3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2011-11-13 934760]
- S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
- S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
- S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
- S2 gupdate;Service Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31 133104]
- S2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1; C:\Windows\system32\libusbd-nt.exe [2005-03-09 18944]
- S2 PCLEPCI;PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [2005-02-09 14165]
- S3 aspnet_state;Service d'état ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe []
- S3 CGVPNCliSrvc;CyberGhost VPN Client; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2011-12-06 2430128]
- S3 gupdatem;Service Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31 133104]
- S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208]
- S3 nosGetPlusHelper;getPlus(R) Helper 3004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
- S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2010-12-07 3979632]
- S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
- S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\VPN4ALL\Connect\openvpnserv.exe [2011-07-15 14848]
- S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
- S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-01-21 419624]
- S3 uvnc_service;uvnc_service; C:\Users\Bilal\AppData\Local\CrossLoop\winvnc.exe [2009-12-06 1590216]
- S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
- S4 AcuWVSSchedulerv5;Acunetix WVS Scheduler v5; C:\Program Files (x86)\Acunetix\Web Vulnerability Scanner 5\WVSScheduler.exe [2007-11-15 655872]
- S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
- S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
- S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
- -----------------EOF-----------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement