cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2016.3.10.68 By Nicolas Coolman (2016/03/10)
~ Run by CRASH (Administrator) (2016/03/11 10:32:35)
~ Web: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\CRASH\Desktop\ZHPDiag.txt
~ Report: C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v48.0.2564.116
OPIE: Opera 35.0.2066.37
MSIE: Internet Explorer v8.0.7601.17514

---\\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software (1) - 1s
Avast Free Antivirus v11.1.2253

---\\ Surveillance software (2) - 2s
Adobe Flash Player 20 PPAPI
Adobe Reader X

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3092.336 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 99 GB () free of 291 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: CRASH-PC
~ User Name: CRASH
~ Logged in as Administrator

---\\ Enumeration of the disk units (1) - 0s
~ Drive C: has 99 GB free of 291 GB (System)

---\\ State of the Windows Security Center (12) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (24) - 1s
[MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - 21/01/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [3231232] =>.Microsoft Corporation
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 13/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 13/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.7FDF925B70507715598E1319601FCA6A] - 10/12/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 16/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 02/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497664] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 13/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
[MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.07F8F6B0CAEC7ADD30EBD94940A315D7] - 11/02/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159232] =>.Microsoft Corporation
[MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation
[MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - 11/01/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1684416] =>.Microsoft Windows®
[MD5.0086431C29C35BE1DBC43F52CC273887] - 13/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.AA77EB517D2F07A947294F260E3ACA83] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [118272] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (7) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.®
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation®
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\System32\TODDSrv.exe =>.TOSHIBA CORPORATION®
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe =>.TOSHIBA CORPORATION®
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation®

---\\ Services not Microsoft (SR=Run, SS=Stop) (12) - 36s

SR - Auto [27/07/2012] [ 63960] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [20/01/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [03/03/2016] [ 237096] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.®
SS - Auto [27/08/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [27/08/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [01/02/2011] [ 326168] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation®
SR - Demand [29/11/2010] [ 54136] TMachInfo (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.TOSHIBA CORPORATION®
SR - Auto [20/10/2010] [ 138656] TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation.) - C:\windows\system32\TODDSrv.exe =>.Toshiba Corporation
SR - Auto [09/12/2010] [ 489384] TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe =>.TOSHIBA CORPORATION®
SR - Demand [08/12/2010] [ 137632] TOSHIBA HDD SSD Alert Service (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe =>.TOSHIBA CORPORATION®
SR - Auto [01/02/2011] [ 2656280] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation®

---\\ Task Planned Automatically (2) - 4s
[MD5.BB19B7714F94DA4A34B40B484BE54739] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1503200] =>.AVAST Software a.s.®
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [3924] =>.AVAST Software a.s.®

---\\ Process running (25) - 1s
[MD5.501E11AE85EE28D305D228F5931AC76C] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096] [PID.1320] =>.AVAST Software a.s.®
[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.1652] =>.Adobe Systems, Incorporated®
[MD5.8E2C799D3476EAC32C3BA0DF7CE6AF19] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\System32\TODDSrv.exe [138656] [PID.1368] =>.TOSHIBA CORPORATION®
[MD5.CDC97FA5C42B07FB0D4600E17C32F582] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [489384] [PID.1388] =>.TOSHIBA CORPORATION®
[MD5.7E47C328FC4768CB8BEAFBCFAFA70362] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976] [PID.2112] =>.Microsoft Corporation®
[MD5.70A176BF2ED362862944C371838262F8] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [222592] [PID.2352] =>.Microsoft Corporation®
[MD5.98B16E756243BEA9410E32025B19C06F] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168] [PID.3004] =>.Intel Corporation®
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.1752] =>.Google Inc®
[MD5.7A78ED1088890114DFDE2C4AB038D6B6] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.2900] =>.Intel Corporation®
[MD5.64E498DF53A9481C0F65923B8E1AF8FF] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [167256] [PID.1084] =>.Intel Corporation®
[MD5.D2AF25E2921BACC9B87E1AB7054F22D2] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [391000] [PID.1700] =>.Intel Corporation®
[MD5.E58E1B907C67DE1FD65BE37EB3C5E79D] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [418136] [PID.3028] =>.Intel Corporation®
[MD5.1EB4061EA92513FD8ECB8F0DB5B5D5CD] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392] [PID.3928] =>.Synaptics Incorporated®
[MD5.FB1096AB46B84957AAB9070994FF5202] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [121128] [PID.772] =>.Synaptics Incorporated®
[MD5.B810B8C3EA2658054C931B5713D7C206] - (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294712] [PID.4336] =>.TOSHIBA CORPORATION®
[MD5.0084A1D95AE094B4910B63A8757E71E9] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [7137664] [PID.4348] =>.AVAST Software a.s.®
[MD5.83E91963C4452BE6899503CF9EBFD3ED] - (.TOSHIBA Corporation - TSS TMachInfo Service.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136] [PID.1756] =>.TOSHIBA CORPORATION®
[MD5.EDB4B432DB13EA3D1EB2356310D33263] - (.TOSHIBA Corporation - TosSmartSrv.exe.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [137632] [PID.4672] =>.TOSHIBA CORPORATION®
[MD5.997083852C4CE70616862FC74642C3A6] - (.TOSHIBA Corporation - TosSENotify.exe.mui.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1145248] [PID.1504] =>.TOSHIBA CORPORATION®
[MD5.63740680B14C2EEE08B11ADADFA98DA1] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648] [PID.4728] =>.Google Inc®
[MD5.63740680B14C2EEE08B11ADADFA98DA1] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648] [PID.4332] =>.Google Inc®
[MD5.63740680B14C2EEE08B11ADADFA98DA1] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648] [PID.4408] =>.Google Inc®
[MD5.63740680B14C2EEE08B11ADADFA98DA1] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648] [PID.3616] =>.Google Inc®
[MD5.63740680B14C2EEE08B11ADADFA98DA1] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648] [PID.6556] =>.Google Inc®
[MD5.698C4A75B7D8E9C403CA2426F784EFE5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\CRASH\Desktop\Downloads\ZHPDiag3.exe [2151424] [PID.7036] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (3) - 0s
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (3) - 1s
P2 - FPN: [HKCU] [anvisoft.com/AdblockPlugin] - (...) -- C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@bestbuy.com/npBestBuyPcAppDetector,version=1.0] - (.Best Buy.) -- C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll

---\\ Opera, Plugins,Start,Search (1) - 0s
B2 - EXT: [Opera Stable] C:\Users\CRASH\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp

---\\ Internet Explorer Extensions, Start, Search (21) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbp2daqp-xhw6o_xk1hzd7q8cjdkzeedmbldhzy1r3klqidpr_xzxusfdkcijphizdrv5_hddp57zqz-1vx51j9yd1zsgpjeliwsy8tjtmot-7lzpbhlxtfynoxce-e0kb36_7d_lg7sfikbei8-yksjcuwqpui3qpuzpowrk68esvfupgtvrs,&q={searchterms} =>PUP.Optional.Linkury
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbp2daqp-xhw6o_xk1hzd7q8cjdkzeedmbldhzy1r3klqidpr_xzxusfdkcijphizdrv5_hddp57zqz-1vx51j9yd1zsgpjeliwsy8tjtmot-7lzpbhlxtfynoxce-e0kb36_7d_lg7sfikbei8-yksjcuwqpui3qpuzpowrk68esvfupgtvrs,&q={searchterms} =>PUP.Optional.Linkury
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (24)

---\\ Browser Helper Object (BHO) (4) - 0s
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>.AVAST Software a.s.®
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL =>.Microsoft Corporation®

---\\ Internet Explorer Toolbars (2) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.)
O3 - Toolbar: 0xE3EFEB7F196B494398D2FFB09D4B49CA0124030000 - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.)

---\\ Auto loading programs from Registry and folders (20) - 2s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe =>.Intel Corporation®
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation®
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation®
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe =>.Synaptics Incorporated®
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe =>.Microsoft Corporation®
O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.DLL =>.Logitech®
O4 - HKLM\..\Run: [SmartAudio] . (.Conexant systems, Inc. - SmartAudio Control Panel application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe =>.Conexant Systems, Inc.®
O4 - HKLM\..\Run: [TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe =>.TOSHIBA CORPORATION®
O4 - HKLM\..\Run: [TosNC] . (.TOSHIBA Corporation - Message Center.) -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe =>.TOSHIBA CORPORATION®
O4 - HKLM\..\Run: [TosReelTimeMonitor] . (.TOSHIBA Corporation - Monitor of TOSHIBA ReelTime.) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe =>.TOSHIBA CORPORATION®
O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - .) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe =>.TOSHIBA CORPORATION®
O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe =>.TOSHIBA CORPORATION®
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe =>.TOSHIBA CORPORATION®
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation®
O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe =>.TOSHIBA CORPORATION®
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software a.s.®
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

---\\ Global shortcuts Startup (45) - 3s
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\sendTo [Administrator]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [Administrator]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [Administrator]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\TaskBar [Administrator]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation
O4 - GS\Desktop [CRASH]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [CRASH]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\sendTo [CRASH]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [CRASH]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [CRASH]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\TaskBar [CRASH]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [CRASH]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\TaskBar [CRASH]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\sendTo [Guest]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [Guest]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [Guest]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\TaskBar [Guest]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation
O4 - GS\Desktop [My Olivia]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [My Olivia]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\sendTo [My Olivia]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [My Olivia]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [My Olivia]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\TaskBar [My Olivia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [My Olivia]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\TaskBar [My Olivia]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation
O4 - GS\Desktop [temp]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [temp]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\sendTo [temp]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [temp]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\sendTo [temp]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION®
O4 - GS\TaskBar [temp]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [temp]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\TaskBar [temp]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation
O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software a.s.®
O4 - GS\CommonDesktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\CommonDesktop [Public]: Toshiba Book Place.lnk . (.K-NFB Reading Technology - KNFB Blio.) C:\Program Files (x86)\TOSHIBA\Toshiba Book Place\KNFB.Reader.exe {2B7BD4D2159CD8}
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc

---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\..\{FAB7580B-BE0A-45D3-B18B-C86D3925FE5F}: DhcpNameServer = 209.18.47.61 209.18.47.62

---\\ Extra protocols (28) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation®
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software installed (71) - 12s
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB} =>.Adobe Systems Inc.
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader X (10.1.4) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AA1000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} =>.Atheros Communications Inc.®
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast =>.AVAST Software a.s.®
O42 - Logiciel: AVS Image Converter 2.0.2.160 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Image Converter_is1 =>.Online Media Technologies Ltd.
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Update Manager_is1 =>.Online Media Technologies Ltd.
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS4YOU Software Navigator_is1 =>.Online Media Technologies Ltd.
O42 - Logiciel: Best Buy pc app - (.Best Buy.) [HKLM][64Bits] -- {FBBC4667-2521-4E78-B1BD-8706F774549B}
O42 - Logiciel: Blender - (.Blender Foundation.) [HKLM][64Bits] -- Blender =>.Blender Foundation
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA =>.Conexant Systems, Inc.®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: EBLUE Mouse Driver - (.EBLUE.) [HKLM][64Bits] -- {650A34BA-50BC-4D85-B10F-C4EC1B4FCEF3}_is1
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} =>.Skype Limited
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {F9B579C2-D854-300A-BE62-A09EB9D722E4} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} =>.Intel Corporation®
O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Sun Microsystems, Inc.
O42 - Logiciel: Java(TM) 6 Update 20 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF} =>.Sun Microsystems, Inc.
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation
O42 - Logiciel: Label@Once 1.0 - (.Corel.) [HKLM][64Bits] -- {0D795777-9D60-4692-8386-F2B3F2B5E5BF} =>.Corel
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {624C7F0A-89B2-4C49-9CAB-9D69613EC95A} =>.Microsoft Corporation
O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft IntelliPoint 8.2 =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} =>.Microsoft
O42 - Logiciel: Opera Stable 35.0.2066.37 - (.Opera Software.) [HKLM][64Bits] -- Opera 35.0.2066.37 =>.Opera Software ASA®
O42 - Logiciel: PL-2303 USB-to-Serial - (...) [HKLM][64Bits] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} =>.Microsoft Corporation
O42 - Logiciel: PlayReady PC Runtime x86 - (.Microsoft Corporation.) [HKLM][64Bits] -- {CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} =>.Microsoft Corporation
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16} =>.Realtek Semiconductor Corp.
O42 - Logiciel: SPORE™ - (.Electronic Arts.) [HKLM][64Bits] -- {9DF0196F-B6B8-4C3A-8790-DE42AA530101} =>.Electronic Arts®
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: TOSHIBA Application Installer - (.TOSHIBA.) [HKLM][64Bits] -- {970472D0-F5F9-4158-A6E3-1AE49EFEF2D3} =>.TOSHIBA
O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {C2A276E3-154E-44DC-AAF1-FFDD7FD30E35} =>.Macrovision Corporation®
O42 - Logiciel: Toshiba Book Place - (.K-NFB Reading Technology, Inc..) [HKLM][64Bits] -- {76078303-BAA2-4FBF-BA13-D1065195E696}
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {C14518AF-1A0F-4D39-8011-69BAA01CD380} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {97965331-BC5D-4D9F-B6DF-5C0A123E4AE0} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {C7A4F26F-F9B0-41B2-8659-99181108CDE3} =>.Macrovision Corporation®
O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Quality Application - (.TOSHIBA.) [HKLM][64Bits] -- {E69992ED-A7F6-406C-9280-1C156417BC49} =>.TOSHIBA
O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} =>.TOSHIBA CORPORATION®
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {24811C12-F4A9-4D0F-8494-A7B8FE46123C} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Resolution+ Plug-in for Windows Media Player - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94} =>.Macrovision Corporation®
O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A} =>.TOSHIBA
O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {0AF17224-CF88-40B8-BB1A-D179369847B4} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {066CFFF8-12BF-4390-A673-75F95EFF188E} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E} =>.TOSHIBA CORPORATION®
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6F3C8901-EBD3-470D-87F8-AC210F6E5E02} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Wireless LAN Indicator - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {CDADE9BC-612C-42B8-B929-5C6A823E7FF9} =>.Toshiba Corporation
O42 - Logiciel: ToshibaRegistration - (.Toshiba.) [HKLM][64Bits] -- {5AF550B4-BB67-4E7E-82F1-2C4300279050} =>.TOSHIBA
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 5.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®

---\\ HKCU & HKLM Software Keys (78) - 12s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Anvisoft
HKLM\SOFTWARE\Wow6432Node\Atheros Communications Inc.
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\AVS4YOU
HKLM\SOFTWARE\Wow6432Node\Bunndle
HKLM\SOFTWARE\Wow6432Node\DataHelper
HKLM\SOFTWARE\Wow6432Node\DT Soft
HKLM\SOFTWARE\Wow6432Node\EA Games
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\mtZoobam
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Prolific Technology INC
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\SymNRT
HKLM\SOFTWARE\Wow6432Node\TOSHIBA
HKLM\SOFTWARE\Wow6432Node\TOSHIBA CORPORATION
HKLM\SOFTWARE\Wow6432Node\Ulead Systems
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3dodo
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Araponga
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\Cassowary
HKCU\SOFTWARE\Class
HKCU\SOFTWARE\DT Soft
HKCU\SOFTWARE\eblueMouse
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\iccocy =>Heuristic.Suspect
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KineticJump
HKCU\SOFTWARE\LogiShrd
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\mtZoobam
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Norton
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Rtp
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TOSHIBA
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Wget
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Compete
HKCU\SOFTWARE\AppDataLow\Software\Settings Manager
HKCU\SOFTWARE\AppDataLow\Software\UM

---\\ Contents of the Common Files folders (159) - 14s
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\AVS4YOU
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Blender Foundation
O43 - CFD: 11/03/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Corel =>.Corel Corporation®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\EBLUE MOUSE
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Electronic Arts =>.Electronic Arts®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Hawkes Learning Systems
O43 - CFD: 02/03/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation®
O43 - CFD: 07/03/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Java =>.Sun Microsystems, Inc.®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Application Virtualization Client =>.Microsoft Corporation®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Opera =>.Opera Software ASA®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\PlayReady
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek Semiconductor Corp®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\TOSHIBA =>.TOSHIBA CORPORATION®
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\TOSHIBA Corporation
O43 - CFD: 13/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 07/03/2016 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation®
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 09/03/2016 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 20/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH®
O43 - CFD: 02/03/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 09/02/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft
O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EBLUE MOUSE
O43 - CFD: 02/03/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Toshiba
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 12/04/2011 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 02/03/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Best Buy pc app
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Book Place
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Google
O43 - CFD: 02/03/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Norton
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Skype
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Sun
O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Toshiba
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Toshiba Book Place
O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\VirtualizedApplications
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 07/02/2016 - [0] D -- C:\Program Files (x86)\Common Files\AV
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Betaphase
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 07/03/2016 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Toshiba Shared
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Ulead Systems
O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Adobe
O43 - CFD: 03/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\AVAST Software
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\AVS4YOU
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Blender Foundation
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Book Place
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Google
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Identities
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Macromedia
O43 - CFD: 12/04/2011 - [0] D -- C:\Users\CRASH\AppData\Roaming\Media Center Programs
O43 - CFD: 02/03/2016 - [] SD -- C:\Users\CRASH\AppData\Roaming\Microsoft
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Mozilla
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Opera Software
O43 - CFD: 02/03/2016 - [] RHD -- C:\Users\CRASH\AppData\Roaming\SecuROM
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Skype
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\SoftGrid Client
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\SPORE
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Toshiba
O43 - CFD: 10/01/2012 - [0] D -- C:\Users\CRASH\AppData\Roaming\TP
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\vlc
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\WinBatch
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\WinRAR
O43 - CFD: 11/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\ZHP
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Adobe
O43 - CFD: 02/03/2016 - [0] SHD -- C:\Users\CRASH\AppData\Local\Application Data
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Apps
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Best Buy pc app
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Birds
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Birds365
O43 - CFD: 20/12/2015 - [0] D -- C:\Users\CRASH\AppData\Local\Diagnostics
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Downloaded Installations
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\ElevatedDiagnostics
O43 - CFD: 12/10/2015 - [0] SHD -- C:\Users\CRASH\AppData\Local\EmieBrowserModeList
O43 - CFD: 12/10/2015 - [0] SHD -- C:\Users\CRASH\AppData\Local\EmieSiteList
O43 - CFD: 12/10/2015 - [0] SHD -- C:\Users\CRASH\AppData\Local\EmieUserList
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Facebook
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Google
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\GWX
O43 - CFD: 02/03/2016 - [0] SHD -- C:\Users\CRASH\AppData\Local\History
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Kjs.AppLife.Update
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Microsoft
O43 - CFD: 10/01/2012 - [0] D -- C:\Users\CRASH\AppData\Local\Microsoft Help
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Opera Software
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Programs
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Shortcut Installer
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\SoftGrid Client
O43 - CFD: 11/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Temp
O43 - CFD: 02/03/2016 - [0] SHD -- C:\Users\CRASH\AppData\Local\Temporary Internet Files
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\TOSHIBA
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\VirtualStore
O43 - CFD: 07/02/2016 - [0] D -- C:\Users\CRASH\AppData\Local\WhiteListing
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Windows Live
O43 - CFD: 13/07/2009 - [] RD -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 05/03/2016 - [] RD -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 13/07/2009 - [] RD -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 05/03/2016 - [] RD -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software a.s.®

---\\ System Drivers List (72) - 8s
O58 - SDL:2009/07/13 19:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2011/03/11 00:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2011/03/11 00:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2014/11/23 19:40:12 A . (.Anvisoft - Anvisoft Minifilter Driver.) -- C:\Windows\System32\drivers\asd2fsm.sys [51608] {0DEF020E601F81745CD25E3AF754F5E4} =>.Anvisoft
O58 - SDL:2014/11/23 19:40:12 A . (.Anvisoft - Anvisoft Intrusion Detection System.) -- C:\Windows\System32\drivers\asdids.sys [50584] {0DEF020E601F81745CD25E3AF754F5E4} =>.Anvisoft
O58 - SDL:2016/03/03 12:38:15 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [37656] =>.AVAST Software a.s.®
O58 - SDL:2016/03/09 09:47:57 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswmonflt.sys [107792] =>.AVAST Software a.s.®
O58 - SDL:2016/03/03 12:38:15 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [103064] =>.AVAST Software a.s.®
O58 - SDL:2016/03/03 12:38:16 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [74544] =>.AVAST Software a.s.®
O58 - SDL:2016/03/09 09:48:00 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1070904] =>.AVAST Software a.s.®
O58 - SDL:2016/03/03 12:41:10 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [463744] =>.AVAST Software a.s.®
O58 - SDL:2016/03/03 12:38:16 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [165344] =>.AVAST Software a.s.®
O58 - SDL:2016/03/03 12:41:03 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [287016] =>.AVAST Software a.s.®
O58 - SDL:2009/06/10 14:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/06/10 14:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 14:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/13 19:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 14:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 14:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 14:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 14:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2011/02/14 13:43:00 A . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Drive.) -- C:\Windows\System32\drivers\CHDRT64.sys [1581184] =>.Conexant Systems, Inc.®
O58 - SDL:2009/07/13 19:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2009/06/10 14:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2011/09/18 19:11:53 RASH . (...) -- C:\Windows\System32\drivers\fbd.sys [13]
O58 - SDL:2009/07/07 09:51:42 A . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\Windows\System32\drivers\FwLnk.sys [9216] =>.Toshiba Corporation
O58 - SDL:2009/06/10 14:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/10/19 17:34:26 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [56344] =>.Intel Corporation®
O58 - SDL:2010/11/20 21:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2010/11/06 00:45:48 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStor.sys [438808] =>.Intel Corporation®
O58 - SDL:2011/03/11 00:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2011/04/04 21:10:14 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [12262624] =>.Intel Corporation
O58 - SDL:2009/07/13 19:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2013/11/29 04:41:04 A . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabi.) -- C:\Windows\System32\drivers\L1C62x64.sys [129224] =>.Qualcomm Atheros®
O58 - SDL:2009/07/13 19:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2011/03/11 00:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2011/03/11 00:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2011/02/08 20:07:00 A . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\drivers\PGEffect.sys [38096] =>.TOSHIBA CORPORATION®
O58 - SDL:2009/07/13 19:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2010/03/31 12:10:18 A . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187B.sys [450048] =>.Realtek Semiconductor Corporation
O58 - SDL:2010/04/01 15:01:10 A . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8187Se.sys [442368] =>.Realtek Semiconductor Corporation
O58 - SDL:2011/01/05 02:08:58 A . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192ce.sys [1109096] =>.Realtek Semiconductor Corp®
O58 - SDL:2010/12/17 17:04:28 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192se.sys [1221224] =>.Realtek Semiconductor Corp®
O58 - SDL:2010/12/22 17:24:00 A . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\System32\drivers\rtl819xp.sys [626792] =>.Realtek Semiconductor Corp®
O58 - SDL:2010/10/08 12:49:08 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [243712] =>.Realtek Semiconductor Corp.
O58 - SDL:2015/01/06 03:41:20 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 33736.) -- C:\Windows\System32\drivers\rtwlane.sys [3709656] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/06/10 14:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/13 19:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2010/03/10 19:51:32 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [316464] =>.Synaptics Incorporated®
O58 - SDL:2009/07/30 21:22:04 A . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\drivers\tdcmdpst.sys [27784] =>.TOSHIBA CORPORATION®
O58 - SDL:2009/06/24 16:36:48 A . (.TOSHIBA Corporation - tos_sps64.) -- C:\Windows\System32\drivers\tos_sps64.sys [482384] =>.TOSHIBA CORPORATION®
O58 - SDL:2009/07/14 16:31:18 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [26840] =>.TOSHIBA CORPORATION®
O58 - SDL:2009/07/13 19:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/13 19:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
O58 - SDL:2016/02/09 09:42:52 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zam64.sys [202144] =>.Zemana Ltd.®
O58 - SDL:2016/02/09 09:42:52 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zamguard64.sys [202144] =>.Zemana Ltd.®

---\\ Last modified or created user files (1) - 11s
O61 - LFC: 2016/03/11 10:09:25 A . (..) -- C:\Users\CRASH\Desktop\Downloads\winchk_2.0.exe [315000]

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (16) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\CRASH\AppData\Local\BoBrowser\Application\bobrowser.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe =>.Opera Software ASA®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\CRASH\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.Optional.BoBrowser
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\CRASH\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.Optional.BoBrowser
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\CRASH\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.Optional.BoBrowser
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software

---\\ Search Browser Infection (4) - 1s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {36402A1E-5EAB-46BC-A5E3-CB09E9A933DD} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {66641DE0-883D-46EA-844E-0CB2BA4AE347} [DefaultScope] - (Google) - http://www.google.com/

---\\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [859648] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2610688] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation

---\\ Firewall Active Exception List (2) - 1s
O87 - FAEL: "{27111855-78D8-455F-9DEE-F655E6060375}" [In-None-P17-TRUE] .(...) -- C:\Users\CRASH\AppData\Local\Temp\7zS8F34.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "{C7326008-4997-41A6-995D-201FF3077C99}" [In-None-P6-TRUE] .(...) -- C:\Users\CRASH\AppData\Local\Temp\7zS8F34.tmp\SymNRT.exe (.not file.)

---\\ Additional Scan (O88) (1) - 0s
HKCU\SOFTWARE\iccocy =>Heuristic.Suspect

---\\ Summary of the elements found (3) - 0s
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Linkury
http://www.nicolascoolman.fr/?p=4664 =>Heuristic.Suspect
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BoBrowser

~ End of the scan, 32492 items in 00h02mn48s (736)(0)

Publicité


Signaler le contenu de ce document

Publicité