cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2016.1.27.21 By Nicolas Coolman (2016/01/27)
~ Run by Minato Namikaze (Administrator) (2016/01/28 21:59:46)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Minato Namikaze\Desktop\ZHPDiag.txt
~ Report: C:\Users\Minato Namikaze\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 8.1 Pro, 64-bit (Build 9600)

---\\ Internet Browsers (2) - 0s
MFIE: Mozilla Firefox 43.0.4 (x86 ar)
MSIE: Internet Explorer v11.0.9600.16438

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK

---\\ System protection software (3) - 1s
ESET Smart Security v9.0.318.24
Malwarebytes Anti-Malware version 2.2.0.1024
Windows Defender (Deactivate)

---\\ Surveillance software (2) - 1s
Adobe Flash Player 20 NPAPI
Adobe Reader XI

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 8354.64 MB (73% free)
System Restore: Activé (Enable)
System drive C: has 70 GB () free of 99 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: SAW
~ User Name: Minato Namikaze
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 70 GB free of 99 GB (System)
~ Drive E: has 89 GB free of 169 GB
~ Drive F: has 77 GB free of 206 GB

---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (24) - 0s
[MD5.63DC38C3E4564B2405D562855643ABA2] - 22/10/2013 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2328872] =>.Microsoft Windows®
[MD5.6E0BDFBEEED65B017F2E4C2C910B0520] - 22/08/2013 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [52736] =>.Microsoft Corporation
[MD5.48CFA7BE561A7BE144C29BB912055016] - 22/08/2013 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [144384] =>.Microsoft Corporation
[MD5.92E05214CC073A85CEDFF9BD4966F96B] - 19/10/2013 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2332160] =>.Microsoft Corporation
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - 22/08/2013 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [564736] =>.Microsoft Corporation
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - 21/12/2013 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [447488] =>.Microsoft Corporation
[MD5.5A2020DDCCBB0ED08BAC2355A075F303] - 08/10/2013 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [656384] =>.Microsoft Corporation
[MD5.2B9EED6835D269F35B310DC03D0F5768] - 08/10/2013 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [492544] =>.Microsoft Corporation
[MD5.239268BAB58EAE9A3FF4E08334C00451] - 22/08/2013 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [567296] =>.Microsoft Corporation
[MD5.74B14192CF79A72F7536B27CB8814FBD] - 22/08/2013 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [26464] =>.Microsoft Windows®
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - 22/08/2013 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [88576] =>.Microsoft Corporation
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - 22/08/2013 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [164352] =>.Microsoft Corporation
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - 22/08/2013 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [134656] =>.Microsoft Corporation
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - 22/08/2013 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [78336] =>.Microsoft Corporation
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - 22/08/2013 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [107520] =>.Microsoft Corporation
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - 27/11/2013 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [142848] =>.Microsoft Corporation
[MD5.79B6F3DF7CDFD12159871FF71464F0CE] - 23/11/2013 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [403456] =>.Microsoft Corporation
[MD5.0217532E19A748F0E5D569307363D5FD] - 22/08/2013 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [282624] =>.Microsoft Corporation
[MD5.725EF69B2DBEB7B33280019A556201BC] - 10/03/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [2008408] =>.Microsoft Windows®
[MD5.764B1121867B2D9B31C491668AC72B2B] - 22/08/2013 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [94208] =>.Microsoft Corporation
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - 22/08/2013 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [120832] =>.Microsoft Corporation
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - 30/09/2013 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [195584] =>.Microsoft Corporation
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - 22/08/2013 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [107520] =>.Microsoft Corporation
[MD5.C85C075DE5B6D0FE116043054DE8EE02] - 31/01/2014 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [311640] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (6) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe =>.AMD
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: StartMenu8 Service (StartMenuService) . (.IObit - StartMenu8 Services.) - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe =>.IObit Information Technology®

---\\ Services not Microsoft (SR=Run, SS=Stop) (9) - 8s

SR - Auto [23/09/2012] [ 65192] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [19/01/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [22/08/2015] [ 246784] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe =>.AMD
SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
SR - Auto [09/10/2015] [ 2505472] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
SS - Demand [09/01/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [06/06/2014] [ 72992] StartMenu8 Service (StartMenuService) . (.IObit.) - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe =>.IObit Information Technology®

---\\ Task Planned Automatically (13) - 3s
[MD5.295A5BFCE8D225D014DB4E6E69336279] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated®
[MD5.B24066E4F085F70EFEF3DDF7FF3C55E5] [APT] [GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001Core] (.Google Inc..) -- C:\Users\Minato Namikaze\AppData\Local\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc®
[MD5.B24066E4F085F70EFEF3DDF7FF3C55E5] [APT] [GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001UA] (.Google Inc..) -- C:\Users\Minato Namikaze\AppData\Local\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc®
[MD5.4FD1DF675FB17D1857FE5BB15125B86A] [APT] [KMSAutoNet] (.MSFree Inc..) -- C:\ProgramData\KMSAutoS\KMSAuto Net.exe [6964472] =>HackTool.WinActivator
[MD5.45BCD6113DE37F0C839731352B84CB24] [APT] [StartMenuAutoupdate] (.IObit.) -- C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [827680] =>.IObit Information Technology®
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated
O39 - APT: GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001Core.job [848] =>.Google Inc.
O39 - APT: GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001UA.job [900] =>.Google Inc.
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3718] =>.Adobe Systems Incorporated
O39 - APT: GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001Core [3486] =>.Google Inc.
O39 - APT: GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1580123916-4174762243-601258286-1001UA [3866] =>.Google Inc.
O39 - APT: KMSAutoNet - (.MSFree Inc..) -- C:\Windows\System32\Tasks\KMSAutoNet [3730] =>HackTool.WinActivator
O39 - APT: StartMenuAutoupdate - (.IObit.) -- C:\Windows\System32\Tasks\StartMenuAutoupdate [3180] =>.IObit

---\\ Process running (20) - 0s
[MD5.6E4A1DBDF11BC7D1574A866614C19D57] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2505472] [PID.916] =>.ESET, spol. s r.o.®
[MD5.DBC58BA0AC8AC754B67FC601B833FFD8] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [246784] [PID.968] =>.AMD
[MD5.A10D6A814414B10DB92DAFD4FCA5A026] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [674816] [PID.712] =>.AMD
[MD5.B1EA9681502EE57F87DB71D726288A5B] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1412] =>.Adobe Systems, Incorporated®
[MD5.59A14DA0E0EA808689FFD72ADE9F0191] - (.IObit - StartMenu8 Services.) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992] [PID.1740] =>.IObit Information Technology®
[MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.1860] =>.WIBU-SYSTEMS AG®
[MD5.96F8EBDA7375B62C99616D8A54D03133] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5521608] [PID.2404] =>.ESET, spol. s r.o.®
[MD5.B8E7750C4629C0B4B2EC5E9444F29CF4] - (.IObit - .) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe [1718560] [PID.2548] =>.IObit Information Technology®
[MD5.6AFF9F1A458FE2B2FF1B05F901B838BB] - (.IObit - .) -- C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe [2712352] [PID.2916] =>.IObit Information Technology®
[MD5.B8566EEB619639DF54CD70EEEBFDF3A9] - (.IObit - .) -- C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe [29984] [PID.3048] =>.IObit Information Technology®
[MD5.424179229450B6C0E8E7817347ADCD1E] - (.ACD Systems International Inc. - Device Detector.) -- C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe [603472] [PID.3008] =>.ACD Systems International Inc®
[MD5.79CF767F455D8037D870F42EB512E460] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [50373248] [PID.2364] =>.Skype Software Sarl®
[MD5.E61CA2821C853D02FA71CB4EDEC89C71] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe [307400] [PID.3808] =>.Advanced Micro Devices, Inc.®
[MD5.E0D6538B62C79FCBF0B27F95FAF3208B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [246504] [PID.3868] =>.Sun Microsystems, Inc.®
[MD5.FD5FCA422BD5D9DF440F2F823E772BEA] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe [307912] [PID.3960] =>.Advanced Micro Devices, Inc.®
[MD5.0023AA3EB618D1ED33B794947A408107] - (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Users\Minato Namikaze\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe [9953256] [PID.1928] =>.TeamSpeak Systems GmbH®
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.1072] =>.Tonec Inc.®
[MD5.59499B4B9127191704FAAF58E220F85D] - (.Internet Download Manager, Tonec Inc. - Broker for reading of IDM settings.) -- C:\Program Files (x86)\Internet Download Manager\idmBroker.exe [69144] [PID.2320] =>.Tonec Inc.®
[MD5.F2BCC39EC53F763D87D791BCA6758945] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248] [PID.4312] =>.Tonec Inc.
[MD5.AD0F16DEF98337C3F11E69DCFDD9928E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Minato Namikaze\Desktop\ZHPDiag3.exe [2097152] [PID.3460] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (7) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com.ly
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (5) - 0s
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
M1 - SPR:Search Page Redirection - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
P2 - EXT FILE: (...) -- C:\Users\Minato Namikaze\AppData\Roaming\Mozilla\Firefox\Profiles\ygl712wk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll =>.Adobe Systems Incorporated

---\\ Internet Explorer Extensions, Start, Search (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.startimes.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®

---\\ Auto loading programs from Registry and folders (13) - 1s
O4 - HKCU\..\Run: [Nimbuzz] . (...) -- C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe
O4 - HKCU\..\Run: [Device Detector] DevDetect.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKCU\..\Run: [WTFast Tray] . (.AAA Internet Publishing, Inc. - WTFast.) -- C:\Program Files (x86)\WTFast\WTFast.exe {155DDE848F309A85F2E1E27759446899}
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Minato Namikaze\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc®
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Sun Microsystems, Inc.®
O4 - HKUS\S-1-5-21-1580123916-4174762243-601258286-1001\..\Run: [Nimbuzz] . (...) -- C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe
O4 - HKUS\S-1-5-21-1580123916-4174762243-601258286-1001\..\Run: [Device Detector] DevDetect.exe
O4 - HKUS\S-1-5-21-1580123916-4174762243-601258286-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKUS\S-1-5-21-1580123916-4174762243-601258286-1001\..\Run: [WTFast Tray] . (.AAA Internet Publishing, Inc. - WTFast.) -- C:\Program Files (x86)\WTFast\WTFast.exe {155DDE848F309A85F2E1E27759446899}
O4 - HKUS\S-1-5-21-1580123916-4174762243-601258286-1001\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Minato Namikaze\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc®

---\\ Global shortcuts Startup (45) - 3s
O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Users\Minato Namikaze\AppData\Local\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [Administrator]: Ichraf - Shortcut.lnk . (.Forum 233 - Ichraf.) F:\khadamat ichraf By HoussinZ\Ichraf.exe
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Administrator]: lol.launcher.admin - Shortcut.lnk . (...) F:\League of Legends\lol.launcher.admin.exe =>.Riot Games, Inc.®
O4 - GS\Desktop [Administrator]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Users\Minato Namikaze\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH®
O4 - GS\Desktop [Administrator]: Volcano_Launcher - Shortcut.lnk . (.Volcano-Team - Volcano Launcher.) F:\Volcano_rappelz_7_2\Volcano_Launcher.exe
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Minato Namikaze\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Minato Namikaze\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Administrator]: Snagit 11.lnk . (.TechSmith Corporation - Snagit.) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe =>.TechSmith Corporation®
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Users\Minato Namikaze\AppData\Local\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [Guest]: Ichraf - Shortcut.lnk . (.Forum 233 - Ichraf.) F:\khadamat ichraf By HoussinZ\Ichraf.exe
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Guest]: lol.launcher.admin - Shortcut.lnk . (...) F:\League of Legends\lol.launcher.admin.exe =>.Riot Games, Inc.®
O4 - GS\Desktop [Guest]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Users\Minato Namikaze\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH®
O4 - GS\Desktop [Guest]: Volcano_Launcher - Shortcut.lnk . (.Volcano-Team - Volcano Launcher.) F:\Volcano_rappelz_7_2\Volcano_Launcher.exe
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Minato Namikaze\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Minato Namikaze\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Guest]: Snagit 11.lnk . (.TechSmith Corporation - Snagit.) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe =>.TechSmith Corporation®
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\Desktop [Minato Namikaze]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Minato Namikaze]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Users\Minato Namikaze\AppData\Local\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Desktop [Minato Namikaze]: Ichraf - Shortcut.lnk . (.Forum 233 - Ichraf.) F:\khadamat ichraf By HoussinZ\Ichraf.exe
O4 - GS\Desktop [Minato Namikaze]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Minato Namikaze]: lol.launcher.admin - Shortcut.lnk . (...) F:\League of Legends\lol.launcher.admin.exe =>.Riot Games, Inc.®
O4 - GS\Desktop [Minato Namikaze]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Users\Minato Namikaze\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH®
O4 - GS\Desktop [Minato Namikaze]: Volcano_Launcher - Shortcut.lnk . (.Volcano-Team - Volcano Launcher.) F:\Volcano_rappelz_7_2\Volcano_Launcher.exe
O4 - GS\Desktop [Minato Namikaze]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Minato Namikaze\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Minato Namikaze]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Minato Namikaze\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Minato Namikaze]: Snagit 11.lnk . (.TechSmith Corporation - Snagit.) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe =>.TechSmith Corporation®
O4 - GS\sendTo [Minato Namikaze]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [Minato Namikaze]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\CommonDesktop [Public]: ESETحماية الدفع المصرفي.lnk . (.ESET - .) C:\Program Files (x86)\ESET\ESET Smart Security\ecmd.exe =>.ESET
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Nimbuzz.lnk . (...) C:\Program Files (x86)\Nimbuzz\Nimbuzz.exe
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
O4 - GS\CommonDesktop [Public]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: Snagit 11.lnk . (.TechSmith Corporation - Snagit.) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: Start Menu 8.lnk . (.IObit - .) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe =>.IObit Information Technology®
O4 - GS\CommonDesktop [Public]: WTFast.lnk . (.AAA Internet Publishing, Inc. - WTFast.) C:\Program Files (x86)\WTFast\WTFast.exe {155DDE848F309A85F2E1E27759446899}

---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{85169BD7-CCEB-4130-9059-F364BF700CF4}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A20F9B88-5AFF-4F64-BF3A-C99DBB259661}: DhcpNameServer = 62.240.32.5 62.68.42.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E93C8894-0F1A-44D5-A79F-C876156DD6E9}: DhcpNameServer = 192.168.1.1 192.168.1.1

---\\ Extra protocols (20) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation

---\\ Software installed (51) - 3s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: ACDSee Pro 3 - (.ACD Systems International Inc..) [HKLM][64Bits] -- {1B280FAF-AE10-4E31-A41A-DB3917D651DC} =>.ACD Systems International Inc.
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: AMD Catalyst Control Center - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A8F9370F-3847-617C-84DC-C9597F51BFE8} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {770EA7C3-0B5A-C557-E641-A09244603B84} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: Catalyst Control Center Graphics Previews Common - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {128A4748-2438-CCE2-7A2D-EBCB6CAD4145} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: Catalyst Control Center Localization All - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {2F3EBEAE-E981-0F2F-E3DF-51652B49F81D} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Chinese Standard - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {4CBF3C32-BB4B-465D-3888-5C30F102615C} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Chinese Traditional - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {79BBB47F-F148-4A81-3761-5296D091CBC9} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Czech - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5BBFE8AA-18F2-A41E-F6F3-4F035E4FFEC1} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Danish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {231ABC1A-D27E-3642-9EC4-073A11B63D8B} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Dutch - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {14E51EE2-64B1-E950-9042-5B0542ED4DEF} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help English - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BB5D8339-5A8D-BE2F-A250-5F96DFFE18A6} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Finnish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {88ACE193-FA96-C954-4BC5-11A2094C9B44} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help French - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F915BA35-D0BE-55B4-CC1A-E199619089FC} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help German - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BBC57E85-BD83-BB98-78D7-E1A4AF7C4D1A} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Greek - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {19208C1C-9ED3-6E67-1CAF-17D6977B5B32} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Hungarian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {55B85A06-5293-9262-F492-6F38656FBA49} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Italian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0F7CBF80-96FF-D59E-6CB5-93A35D40D1A1} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Japanese - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {EE370BAD-5C4D-1BC6-E700-AB037DE9D56C} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Korean - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {FA255A2B-F1B2-B28E-7533-920B2412B2E7} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Norwegian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D961304C-0ABB-F70B-02ED-1DB9D9B48FCC} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Polish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D93AB0C2-4CA3-BF26-2C4D-F1D07164157F} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Portuguese - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {49F56830-C5F7-1FC5-DB84-C7EBA5A939E5} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Russian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {A0D82FA4-A1CB-2FA4-9B7E-1B1175A3305D} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Spanish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {254E1A18-D912-992A-9996-9A1CB95AD4C2} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Swedish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {4840B728-D26C-85D9-1A56-5FD51D703404} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Thai - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {85CEACAF-A84C-933B-AC01-8B0881B70A24} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: CCC Help Turkish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F03BA3F0-9DF3-D250-160B-29E1EF2A1D12} =>.Advanced Micro Devices, Inc.
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM][64Bits] -- {BE1D36A7-0315-4B19-878F-ECCC9E4B05ED} =>.ESET, spol. s r.o.
O42 - Logiciel: FormatFactory 3.3.5.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory =>.Format Factory
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Sun Microsystems, Inc.
O42 - Logiciel: Java(TM) 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF} =>.Sun Microsystems, Inc.
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {3248F0A8-6813-11D6-A77B-00B0D0160010} =>.Sun Microsystems, Inc.
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Microsoft Age of Empires II Trial Version - (...) [HKLM][64Bits] -- Age of Empires II Trial
O42 - Logiciel: Mozilla Firefox 43.0.4 (x86 ar) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 43.0.4 (x86 ar) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: Nimbuzz 2.9.1 - (.Nimbuzz B.V..) [HKLM][64Bits] -- Nimbuzz
O42 - Logiciel: Real Alternative 1.8.0 - (...) [HKLM][64Bits] -- RealAlt_is1
O42 - Logiciel: Skype™ 7.17 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A.
O42 - Logiciel: Snagit 11 - (.TechSmith Corporation.) [HKLM][64Bits] -- {7CA5C4DF-8327-4035-AE2B-CA76336A04FD} =>.TechSmith Corporation
O42 - Logiciel: Start Menu 8 - (.IObit.) [HKLM][64Bits] -- IObit_StartMenu8_is1 =>.IObit Information Technology®
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKCU][64Bits] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH
O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR archiver - (...) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: WTFast 3.5 - (.Initex & AAA Internet Publishing.) [HKLM][64Bits] -- {12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1 {155DDE848F309A85F2E1E27759446899}

---\\ HKCU & HKLM Software Keys (68) - 3s
HKLM\SOFTWARE\Wow6432Node\ACD Systems
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\Gameforge4d
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\RealAlternative
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Riot Games
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\TechSmith
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\ACD Systems
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gameforge4d
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Initex
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nimbuzz
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\TeamSpeak 3 Client
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\WARTEAM
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinRecovery
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contents of the Common Files folders (139) - 5s
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\ACD Systems =>.ACD Systems International Inc®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\AMD
O43 - CFD: 02/01/2016 - [] D -- C:\Program Files (x86)\CodeMeter =>.WIBU-SYSTEMS AG®
O43 - CFD: 02/01/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\FreeTime =>.chen jun hao®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 30/09/2013 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\IObit =>.IObit Information Technology®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Java =>.Sun Microsystems, Inc.®
O43 - CFD: 26/12/2015 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 16/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Games
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 09/01/2016 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 09/01/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Nimbuzz
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Real Alternative
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 11/12/2015 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\TechSmith =>.TechSmith Corporation®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 30/09/2013 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 30/09/2013 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 30/09/2013 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 30/09/2013 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/08/2013 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 19/01/2016 - [] D -- C:\Program Files (x86)\WTFast {008A92720A1021160F614A3028BC206949}
O43 - CFD: 22/08/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 30/09/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
O43 - CFD: 30/09/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 22/08/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 16/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nimbuzz
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real Alternative
O43 - CFD: 11/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
O43 - CFD: 22/08/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 22/08/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/09/2013 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 19/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WTFast
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\ACD Systems
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 11/12/2015 - [] D -- C:\ProgramData\ATI
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\ESET
O43 - CFD: 09/12/2015 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 28/01/2016 - [] D -- C:\ProgramData\KMSAutoS =>HackTool.WinActivator
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 29/12/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 09/12/2015 - [0] D -- C:\ProgramData\Real
O43 - CFD: 30/09/2013 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Riot Games
O43 - CFD: 11/12/2015 - [] D -- C:\ProgramData\Skype
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Sun
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Common Files\ACD Systems
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 11/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 11/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 16/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Adobe
O43 - CFD: 11/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\ATI
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\DMCache
O43 - CFD: 02/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\IDM
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\LolClient
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Macromedia
O43 - CFD: 12/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Media Player Classic
O43 - CFD: 13/12/2015 - [] SD -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Mozilla
O43 - CFD: 09/12/2015 - [0] D -- C:\Users\Minato Namikaze\AppData\Roaming\Real
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Skype
O43 - CFD: 28/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\TERA
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\TS3Client
O43 - CFD: 27/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\uTorrent
O43 - CFD: 13/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\vlc
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\WinRAR
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\ZHP
O43 - CFD: 16/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\AAA_Internet_Publishing,_
O43 - CFD: 13/12/2015 - [0] D -- C:\Users\Minato Namikaze\AppData\Local\Adobe
O43 - CFD: 09/12/2015 - [0] SHD -- C:\Users\Minato Namikaze\AppData\Local\Application Data
O43 - CFD: 10/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\assembly
O43 - CFD: 11/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\ATI
O43 - CFD: 12/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\CEF
O43 - CFD: 25/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Local\CrashDumps
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Downloaded Installations
O43 - CFD: 26/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\ESET
O43 - CFD: 22/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Forum_233
O43 - CFD: 10/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Google
O43 - CFD: 09/12/2015 - [0] SHD -- C:\Users\Minato Namikaze\AppData\Local\History
O43 - CFD: 13/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Macromedia
O43 - CFD: 22/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Microsoft
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Mozilla
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\MSfree Inc
O43 - CFD: 25/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Local\nimbuzz
O43 - CFD: 12/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Packages
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Programs
O43 - CFD: 09/12/2015 - [0] D -- C:\Users\Minato Namikaze\AppData\Local\Real
O43 - CFD: 11/12/2015 - [0] D -- C:\Users\Minato Namikaze\AppData\Local\Skype
O43 - CFD: 12/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Steam
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\TeamSpeak 3 Client
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\TechSmith
O43 - CFD: 28/01/2016 - [] D -- C:\Users\Minato Namikaze\AppData\Local\Temp
O43 - CFD: 09/12/2015 - [0] SHD -- C:\Users\Minato Namikaze\AppData\Local\Temporary Internet Files
O43 - CFD: 16/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Local\VirtualStore
O43 - CFD: 22/08/2013 - [] RD -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - [] RD -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 12/12/2015 - [] RD -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 22/08/2013 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 12/12/2015 - [] RD -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 12/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 22/08/2013 - [] RD -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 09/12/2015 - [] D -- C:\Users\Minato Namikaze\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 1s
O106 - SIOI: Sync root make available online verb [StorageProviderError] - {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF}. (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\SysWOW64\shell32.dll =>.Microsoft Windows®
O106 - SIOI: Sync root make available online verb [StorageProviderSyncing] - {0A30F902-8398-4ee8-86F7-4CFB589F04D1}. (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\SysWOW64\shell32.dll =>.Microsoft Windows®

---\\ System Drivers List (55) - 6s
O58 - SDL:2013/08/22 14:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176] =>.Microsoft Windows®
O58 - SDL:2015/08/22 04:39:16 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\drivers\amdacpksd.sys [297672] =>.Advanced Micro Devices, Inc.®
O58 - SDL:2012/09/23 01:17:24 A . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmafd.sys [21160] =>.Advanced Micro Devices, Inc.®
O58 - SDL:2013/08/22 14:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016] =>.Microsoft Windows®
O58 - SDL:2015/07/15 12:20:38 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdWB6.sys [102912] =>.Advanced Micro Devices
O58 - SDL:2015/08/22 04:36:54 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [21640192] =>.Advanced Micro Devices, Inc.
O58 - SDL:2015/08/22 03:45:00 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [665600] =>.Advanced Micro Devices, Inc.
O58 - SDL:2013/08/13 01:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] =>.Broadcom Corporation®
O58 - SDL:2013/08/22 14:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [264040] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET ELAM driver.) -- C:\Windows\System32\drivers\eelam.sys [14976] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [186784] =>.ESET, spol. s r.o.®
O58 - SDL:2015/10/07 06:16:32 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [142976] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [206312] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [52872] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [69840] =>.ESET, spol. s r.o.®
O58 - SDL:2013/08/22 14:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024] =>.Microsoft Windows®
O58 - SDL:2010/10/19 23:34:26 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [56344] =>.Intel Corporation®
O58 - SDL:2013/08/22 14:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2013/07/30 20:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2013/07/25 21:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2013/08/10 02:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2013/08/22 14:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2015/06/12 04:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] =>.Tonec Inc.®
O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272] =>.Malwarebytes Corporation®
O58 - SDL:2016/01/19 03:09:45 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:22 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64216] =>.Malwarebytes Corporation®
O58 - SDL:2013/06/18 20:30:32 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28ux.sys [2408208] =>.Mediatek Inc.®
O58 - SDL:2013/08/22 14:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288] =>.Microsoft Windows®
O58 - SDL:2014/08/08 18:31:10 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\ptun0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2013/06/18 16:46:17 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [591360] =>.Realtek
O58 - SDL:2015/08/05 11:16:44 A . (.Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver 37762.) -- C:\Windows\System32\drivers\rtwlanu.sys [3860224] =>.Realtek Semiconductor Corp®
O58 - SDL:2013/08/22 17:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2013/08/22 14:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [108800] =>.DEVGURU CO LTD®
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2014/01/22 08:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (M.) -- C:\Windows\System32\drivers\ssudserd.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2013/08/22 14:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800] =>.Microsoft Windows®
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®

---\\ Last modified or created user files (3) - 3s
O61 - LFC: 2016/01/25 02:50:33 A . (.BitTorrent Inc..) -- C:\Users\Minato Namikaze\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe [336896]
O61 - LFC: 2016/01/28 20:51:39 A . (..) -- C:\Users\Minato Namikaze\AppData\Local\TechSmith\Snagit\Tray.bin [2078]
O61 - LFC: 2016/01/28 18:13:30 A . (..) -- C:\Users\Minato Namikaze\AppData\Local\ATI\ACE\Manifest.Bin [30042]

---\\ File Associations Shell Spawning (11) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Search Browser Infection (2) - 6s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/

---\\ Search Svchost Services (36) - 0s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [207360] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [155136] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [155136] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [324608] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1311744] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1104384] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [903168] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [109568] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [150528] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [107008] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1214976] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [220672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [134144] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [221184] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [326656] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [81408] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [336896] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1555456] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [50688] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [201728] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [164352] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [101376] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [534016] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [223744] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [71680] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [433664] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [306688] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3532288] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1017856] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [629760] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [183296] =>.Microsoft Corporation
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [90464] =>.Microsoft Windows®

---\\ Firewall Active Exception List (10) - 1s
O87 - FAEL: "TCP Query User{A98E4896-5BEE-4020-A023-A00145623CA5}C:\program files (x86)\wtfast beta\wtfast.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\wtfast beta\wtfast.exe (.not file.)
O87 - FAEL: "UDP Query User{51DF5E05-35DB-48D0-A101-7AD9C07DCF25}C:\program files (x86)\wtfast beta\wtfast.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\wtfast beta\wtfast.exe (.not file.)
O87 - FAEL: "{4C5720B9-8C11-4D89-B2B9-3FBC4FAE6754}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\Steam.exe (.not file.)
O87 - FAEL: "{C3CE544F-9B01-400E-A5FE-EB5ACA5704A6}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\Steam.exe (.not file.)
O87 - FAEL: "{87A4337D-52EE-4139-9485-872CD775370B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (.not file.)
O87 - FAEL: "{932F5FAF-CBC2-4867-A618-2DBDDD065EC7}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (.not file.)
O87 - FAEL: "{E57411D1-CE8F-4B44-81EC-0B137D3BB7E4}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\WARMODE\warmode.exe (.not file.)
O87 - FAEL: "{FC884F0F-69B3-4AFF-8A4B-8AF84FF50F71}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\WARMODE\warmode.exe (.not file.)
O87 - FAEL: "TCP Query User{0FF8DAB5-120D-4D97-AA31-70A1D8AFC509}C:\program files (x86)\nimbuzz\nimbuzz.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\nimbuzz\nimbuzz.exe
O87 - FAEL: "UDP Query User{3A1E4B16-1636-4C7F-BF4A-BD28FD9192E5}C:\program files (x86)\nimbuzz\nimbuzz.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\nimbuzz\nimbuzz.exe

---\\ Additional Scan (O88) (3) - 0s
C:\ProgramData\KMSAutoS\KMSAuto Net.exe =>HackTool.WinActivator
C:\Windows\System32\Tasks\KMSAutoNet =>HackTool.WinActivator
C:\ProgramData\KMSAutoS =>HackTool.WinActivator

---\\ Summary of the elements found (1) - 0s
http://www.nicolascoolman.fr/?p=1053 =>HackTool.WinActivator

~ End of the scan, 15277 items in 00h00mn54s (651)(0)

Publicité


Signaler le contenu de ce document

Publicité