~ ZHPDiag v2016.5.13.96 By Nicolas Coolman (2016/05/09) ~ Run by user (Administrator) (2016/05/14 14:37:50) ~ Web: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\user\Desktop\ZHPDiag.txt ~ Report: C:\Users\user\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 7 Starter, 32-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (2) - 0s MFIE: Mozilla Firefox 46.0.1 (x86 es-ES) MSIE: Internet Explorer v9.0.8112.16421 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : KO Windows Activation Technologies : KO ---\\ System protection software (1) - 1s Symantec Endpoint Protection Small Business Edition v12.0.122.192 ---\\ Surveillance software (2) - 1s Adobe Flash Player 21 NPAPI Adobe Reader XI ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 6 Model 28 Stepping 10, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 2085.984 MB (69% free) System Restore: Activé (Enable) System drive C: has 115 GB () free of 152 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: USER-PC ~ User Name: user ~ Logged in as Administrator ---\\ Enumeration of the disk units (1) - 0s ~ Drive C: has 115 GB free of 152 GB (System) ---\\ State of the Windows Security Center (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (23) - 2s [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - 25/02/2011 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2616320] =>.Microsoft Corporation [MD5.51138BEEA3E2C21EC44D0932C71762A8] - 13/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation [MD5.B5C5DCAD3899512020D135600129D665] - 13/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [96256] =>.Microsoft Corporation [MD5.C8ADAA6948993D839D14524847EA5B75] - 22/09/2013 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1129472] =>.Microsoft Corporation [MD5.6D13E1406F50C66E2A95D97F22C47560] - 20/11/2010 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [286720] =>.Microsoft Corporation [MD5.E3AE23569749DE12D45BA3B489A036AE] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [193536] =>.Microsoft Corporation [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.F81BB7E487EDCEAB630A7EE66CF23913] - 13/09/2013 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation [MD5.338C86357871C167A96AB976519BF59E] - 13/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows® [MD5.77EA11B065E0A8AB902D78145CA51E10] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation [MD5.F024449C97EC1E464AAFFDA18593DB88] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] =>.Microsoft Corporation [MD5.9036377B8A6C15DC2EEC53E489D159B5] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - 26/04/2011 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123904] =>.Microsoft Corporation [MD5.280122DDCF04B378EDD1AD54D71C1E54] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] =>.Microsoft Corporation [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - 12/04/2013 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1211752] =>.Microsoft Windows® [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 13/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 13/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation [MD5.3E21C083B8A01CB70BA1F09303010FCE] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation [MD5.B459575348C20E8121D6039DA063C704] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74752] =>.Microsoft Corporation [MD5.F497F67932C6FA693D7DE2780631CFE7] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [245632] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (9) - 3s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® O23 - Service: Servicio Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® O23 - Service: Symantec Event Manager (ccEvtMgr) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe =>.Symantec Corporation® O23 - Service: Symantec Settings Manager (ccSetMgr) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe =>.Symantec Corporation® O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: Symantec Management Client (SmcService) . (.Symantec Corporation - Symantec CMC Smc.) - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe =>.Symantec Corporation® O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) . (.Symantec Corporation - Symantec AntiVirus.) - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe =>.Symantec Corporation® O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe =>.TeamViewer® ---\\ Services not Microsoft (SR=Run, SS=Stop) (16) - 44s SR - Auto [22/04/2016] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [12/05/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [19/01/2015] [ 60744] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® SR - Auto [30/08/2011] [ 390504] Servicio Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SR - Auto [12/02/2009] [ 108392] Symantec Event Manager (ccEvtMgr) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe =>.Symantec Corporation® SR - Auto [12/02/2009] [ 108392] Symantec Settings Manager (ccSetMgr) . (.Symantec Corporation.) - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe =>.Symantec Corporation® SR - Demand [07/04/2015] [ 540968] Servicio del iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.® SS - Demand [29/01/2009] [ 3093880] LiveUpdate (LiveUpdate) . (.Symantec Corporation.) - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE =>.Symantec Corporation® SS - Demand [05/05/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SS - Auto [23/03/2016] [ 327808] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Auto [22/04/2009] [ 1803592] Symantec Management Client (SmcService) . (.Symantec Corporation.) - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe =>.Symantec Corporation® SS - Demand [22/04/2009] [ 324936] Symantec Network Access Control (SNAC) . (.Symantec Corporation.) - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE =>.Symantec Corporation® SS - Demand [02/12/2007] [ 74384] stllssvr (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe =>.MicroVision Development Inc.® SR - Auto [22/04/2009] [ 1768376] Symantec Endpoint Protection (Symantec AntiVirus) . (.Symantec Corporation.) - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe =>.Symantec Corporation® SR - Auto [01/10/2013] [ 5087584] TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe =>.TeamViewer® ---\\ Task Planned Automatically (9) - 8s [MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.DE7BC28EAE6A62BC35754D1DCA4ECF38] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672] (.Activate.) =>.Adobe Systems, Incorporated® [MD5.6A050671F2C76FB48131F12786802807] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269504] (.Activate.) =>.Adobe Systems Incorporated® [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984] (.Activate.) =>.Apple Inc.® [MD5.224EFC8B50E88D79DCEB19D658D5C41B] [APT] [AVAST Software\] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [652816] (.Activate.) =>.AVAST Software a.s.® [MD5.00000000000000000000000000000000] [APT] [Lenovo\] (...) -- C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated® O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3874] =>.Adobe Systems, Incorporated® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] =>.Adobe Systems Incorporated® ---\\ Process running (16) - 3s [MD5.78C10C39FD37AD30DA47A3B44AFA3CD6] - (.Symantec Corporation - Symantec CMC Smc.) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1803592] [PID.1100] =>.Symantec Corporation® [MD5.8B2DB91DFCD1D0418CA0EC890C059219] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392] [PID.1300] =>.Symantec Corporation® [MD5.DE4FC53DD769E387A448F78DBF8DF0B8] - (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115560] [PID.1948] =>.Symantec Corporation® [MD5.20769F05B2A6EBF78CF3D82ED0063236] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [157480] [PID.1956] =>.Apple Inc.® [MD5.1040F1B137BC8E513AB4EF8698C50AEE] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [595504] [PID.1976] =>.Oracle America, Inc.® [MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.1988] =>.Microsoft Corporation® [MD5.DE9F102F38A2B9AC6E9DAEED30B276E6] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [51656320] [PID.2028] =>.Skype Software Sarl® [MD5.36114214BF8D7C464D1E92E4EB6B2DD3] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1352] =>.Adobe Systems, Incorporated® [MD5.D2B87FC03BE28CD0B33C2B5C1119FD8E] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.1360] =>.Apple Inc.® [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1312] =>.Apple Inc.® [MD5.6D76BDBDDF28A42A2B360CE4E7241602] - (.Symantec Corporation - Symantec AntiVirus.) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1768376] [PID.2196] =>.Symantec Corporation® [MD5.F67C21CC4195F6AFC447418FE163E156] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [5087584] [PID.2296] =>.TeamViewer® [MD5.FB7679FD086C60597F8C6929FF66FAC2] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [540968] [PID.2848] =>.Apple Inc.® [MD5.4D35CF080593220BDAEDD99CD3543DFB] - (.Symantec Corporation - Symantec CMC SmcGui.) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe [1447240] [PID.3424] =>.Symantec Corporation® [MD5.5E20C1168F2C6727903A53B256FCF123] - (.Oracle Corporation - Java Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [927280] [PID.4836] =>.Oracle America, Inc.® [MD5.C5942E02F11B1A68460D56F7A2D825DC] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\user\ZHPDiag3.exe [2205184] [PID.5164] =>.Nicolas Coolman ---\\ Google Chrome, Start,Search,Extensions (9) - 0s G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (12) - 6s M0 - MFSP: prefs.js [user - zxe4ywj3.default] http://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbJVgAVw9DRxgQdV8ITA1GQ1MOeQ4LWRRARFZCeQsOAgsTE1QFIk0FA18DB0VXfWFoKB8fHHFKM1pXF1wDWHRTMA== =>.Superfluous.AkamaiHD P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\extensions\bingsearch.full@microsoft.com.xpi P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\extensions\MUB-SAE@iacsearchandmedia.com.xpi =>PUP.Optional.IACSearchAndMedia P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\extensions\yahooprotected@gmail.com.xpi =>PUP.Optional.WinYahoo P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\extensions\{30804580-be78-4669-a1e1-36ceb9904984}.xpi P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\searchplugins\ask-search.xml P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\searchplugins\bing-.xml P2 - EXT FILE: (...) -- C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\searchplugins\bingp.xml P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_21_0_0_242.dll =>.Adobe Systems Incorporated P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc. P2 - FPN: [HKLM] [NetDvr_Plugins] - (.DVR.) -- C:\Program Files\NetDvr\Plugins\npDvr.dll ---\\ Internet Explorer Extensions, Start, Search (10) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/ =>.Superfluous.AkamaiHD R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/ =>.Superfluous.AkamaiHD R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R3 - URLSearchHook: (no name) - {4c60e5ab-5c68-4c59-abaa-885010b24b32} Orphean =>.Superfluous.Orphean R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (4) - 0s O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll =>.Adobe Systems, Incorporated® O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll =>.Oracle America, Inc.® O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll =>.Oracle America, Inc.® ---\\ Auto loading programs from Registry and folders (18) - 3s O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe =>.Symantec Corporation® O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc.® O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.® O4 - HKLM\..\RunOnce: [ZHPCleaner_File1] C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\Extensions\deskCutv2@gmail.com\modules" /F /Q (.not file.) O4 - HKLM\..\RunOnce: [ZHPCleaner_Folder1] C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd" /F /Q (.not file.) O4 - HKLM\..\RunOnce: [ZHPCleaner] . (...) -- C:\Users\user\AppData\Roaming\ZHP\ZHPCleaner.txt O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation® O4 - HKCU\..\Run: [notepad] C:\Users\user\AppData\Roaming\notepad\notepad.vbe (.not file.) O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2144182461-4012399078-821567738-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\user\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-2144182461-4012399078-821567738-1000\..\Run: [notepad] C:\Users\user\AppData\Roaming\notepad\notepad.vbe (.not file.) O4 - HKUS\S-1-5-21-2144182461-4012399078-821567738-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl® ---\\ Global shortcuts Startup (36) - 19s O4 - GS\Desktop [Administrator]: Kindle.lnk . (.Amazon.com - Kindle.) C:\Users\user\AppData\Local\Amazon\Kindle\application\Kindle.exe =>.Amazon Services LLC® O4 - GS\Desktop [Administrator]: Microsoft Office Excel 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation® O4 - GS\Desktop [Administrator]: Microsoft Office PowerPoint 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation® O4 - GS\Desktop [Administrator]: Microsoft Office Word 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\user\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Startup [Administrator]: notepad.lnk . (...) C:\Users\user\AppData\Roaming\notepad\notepad.vbe O4 - GS\Desktop [Guest]: Kindle.lnk . (.Amazon.com - Kindle.) C:\Users\user\AppData\Local\Amazon\Kindle\application\Kindle.exe =>.Amazon Services LLC® O4 - GS\Desktop [Guest]: Microsoft Office Excel 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation® O4 - GS\Desktop [Guest]: Microsoft Office PowerPoint 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation® O4 - GS\Desktop [Guest]: Microsoft Office Word 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\user\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Startup [Guest]: notepad.lnk . (...) C:\Users\user\AppData\Roaming\notepad\notepad.vbe O4 - GS\Desktop [user]: Kindle.lnk . (.Amazon.com - Kindle.) C:\Users\user\AppData\Local\Amazon\Kindle\application\Kindle.exe =>.Amazon Services LLC® O4 - GS\Desktop [user]: Microsoft Office Excel 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation® O4 - GS\Desktop [user]: Microsoft Office PowerPoint 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe =>.Microsoft Corporation® O4 - GS\Desktop [user]: Microsoft Office Word 2007.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\Desktop [user]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\user\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [user]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\sendTo [user]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [user]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Startup [user]: notepad.lnk . (...) C:\Users\user\AppData\Roaming\notepad\notepad.vbe O4 - GS\CommonDesktop [Public]: Adobe Reader XI.lnk . (.Adobe Systems Incorporated - Adobe Reader.) C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated® O4 - GS\CommonDesktop [Public]: aTube Catcher.lnk . (.DsNET - aTube Catcher to download and convert video.) C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe {009934C0F374A7790598E44428C2B46363} =>.DsNET O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) C:\Program Files\iTunes\iTunes.exe =>.Apple Inc.® O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: PowerDVD.lnk . (.CyberLink Corp. - PowerDVD.) C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe =>.CyberLink Corp. O4 - GS\CommonDesktop [Public]: Roxio Creator Home.lnk . (.Copyright (C) 2000-2007 - Roxio Creator.) C:\Program Files\Common Files\Roxio Shared\10.0\Roxio Central36\Main\Roxio_Central36.exe =>.Sonic Solutions® O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe O4 - GS\CommonDesktop [Public]: TeamViewer 8.lnk . (.TeamViewer GmbH - TeamViewer 8.) C:\Program Files\TeamViewer\Version8\TeamViewer.exe =>.TeamViewer® O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Lop.com/Domain Hijackers (4) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.55.224.68 200.55.224.67 O17 - HKLM\System\CCS\Services\Tcpip\..\{3053105D-6901-410A-94EE-9488E0368028}: DhcpNameServer = 192.168.10.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{3ABA55F9-9FA4-4B34-A09A-6E72522A7E6B}: DhcpNameServer = 200.55.224.68 200.55.224.67 O17 - HKLM\System\CCS\Services\Tcpip\..\{3053105D-6901-410A-94EE-9488E0368028}: DhcpDomain = nyc.rr.com ---\\ Extra protocols (23) - 1s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll =>.Microsoft Corporation® O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (34) - 24s O42 - Logiciel: Adobe Flash Player 21 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 21 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Reader XI (11.0.16) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824184103} =>.Adobe Systems Incorporated O42 - Logiciel: Amazon Kindle - (.Amazon.) [HKCU] -- Amazon Kindle =>.Amazon O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {C5815ACF-FD34-4553-8A22-C7411B7E662B} =>.Apple Inc. O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {E1DB0812-2D60-43DB-AE09-6C7027D93B28} =>.Apple Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc. O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} =>.Atheros Communications Inc.® O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM] -- aTube Catcher =>.DsNET Corp O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} =>.Apple Inc. O42 - Logiciel: Cisco Connect - (.Cisco Consumer Products LLC.) [HKLM] -- Cisco Connect =>.Cisco Consumer Products LLC® O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI =>.Intel Corporation® O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {CE1F04C7-79BC-4219-BE6A-BA490224D4B5} =>.Apple Inc. O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 74 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218074F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: LiveUpdate 3.3 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate =>.Symantec Corporation® O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited O42 - Logiciel: Mozilla Firefox 46.0.1 (x86 es-ES) - (.Mozilla.) [HKLM] -- Mozilla Firefox 46.0.1 (x86 es-ES) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: NetDvrPlugin 1.0 - (...) [HKLM] -- NetDvrPlugin O42 - Logiciel: PowerDVD - (...) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} =>.Roxio O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} =>.Roxio O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {08E81ABD-79F7-49C2-881F-FD6CB0975693} =>.Roxio O42 - Logiciel: Roxio Creator DE - (...) [HKLM] -- {09760D42-E223-42AD-8C3E-55B47D0DDAC3} =>.Sonic Solutions® O42 - Logiciel: Roxio Creator DE - (.Roxio.) [HKLM] -- {ED439A64-F018-4DD4-8BA5-328D85AB09AB} =>.Roxio O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} =>.Roxio O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} =>.Roxio O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {30465B6C-B53F-49A1-9EBA-A3F187AD502E} =>.Roxio O42 - Logiciel: Skype™ 7.22 - (.Skype Technologies S.A..) [HKLM] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A. O42 - Logiciel: Symantec Endpoint Protection Small Business Edition - (.Symantec Corporation.) [HKLM] -- {BB3DE5A2-54E3-4846-8C9C-6C373CE43712} =>.Symantec Corporation O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM] -- TeamViewer 8 =>.TeamViewer® ---\\ HKCU & HKLM Software Keys (67) - 24s HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\Apple Computer, Inc. HKLM\SOFTWARE\Apple Inc. HKLM\SOFTWARE\Atheros Communications Inc. HKLM\SOFTWARE\ATI Technologies HKLM\SOFTWARE\aTube Catcher HKLM\SOFTWARE\AVAST Software HKLM\SOFTWARE\CDDB HKLM\SOFTWARE\Cisco Systems HKLM\SOFTWARE\CyberLink HKLM\SOFTWARE\GEAR Software HKLM\SOFTWARE\Google HKLM\SOFTWARE\IM Providers HKLM\SOFTWARE\Intel HKLM\SOFTWARE\JavaSoft HKLM\SOFTWARE\JreMetrics HKLM\SOFTWARE\Lenovo HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\McAfee.com HKLM\SOFTWARE\MicroVision HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Opera Software HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\Roxio HKLM\SOFTWARE\Skype HKLM\SOFTWARE\Sonic HKLM\SOFTWARE\Symantec HKLM\SOFTWARE\TeamViewer HKLM\SOFTWARE\Volatile HKLM\SOFTWARE\WholeSecurity HKLM\SOFTWARE\Yahoo =>.Yahoo! HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Amazon HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Cyberlink HKCU\SOFTWARE\GoldenGate HKCU\SOFTWARE\Google HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Lenovo HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\malavida HKCU\SOFTWARE\McAfee HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Pure Networks HKCU\SOFTWARE\Roxio HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Symantec HKCU\SOFTWARE\TeamViewer HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft ---\\ Contents of the Common Files folders (144) - 42s O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 20/04/2015 - [] D -- C:\Program Files\Apple Software Update =>.Apple Inc.® O43 - CFD: 20/04/2015 - [] D -- C:\Program Files\Bonjour =>.Apple Inc.® O43 - CFD: 17/11/2013 - [] D -- C:\Program Files\Cisco Systems =>.Cisco Consumer Products LLC® O43 - CFD: 14/05/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\CyberLink O43 - CFD: 23/11/2013 - [] D -- C:\Program Files\DsNET Corp O43 - CFD: 09/10/2013 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 22/02/2016 - [] D -- C:\Program Files\Google O43 - CFD: 16/11/2013 - [] HD -- C:\Program Files\InstallShield Installation Information O43 - CFD: 19/10/2013 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 20/04/2015 - [] D -- C:\Program Files\iPod =>.Apple Inc.® O43 - CFD: 20/04/2015 - [] D -- C:\Program Files\iTunes =>.Apple Inc.® O43 - CFD: 16/02/2016 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.® O43 - CFD: 05/12/2015 - [0] D -- C:\Program Files\Lenovo O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Microsoft Games O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Microsoft Visual Studio O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Microsoft Works O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 07/05/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 07/05/2016 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\MSBuild O43 - CFD: 17/11/2013 - [] D -- C:\Program Files\NetDvr O43 - CFD: 04/12/2015 - [] D -- C:\Program Files\Opera =>.Opera Software ASA® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Roxio =>.MicroVision Development Inc.® O43 - CFD: 23/04/2016 - [] RD -- C:\Program Files\Skype =>.Skype Software Sarl® O43 - CFD: 23/11/2013 - [] D -- C:\Program Files\Symantec =>.Symantec Corporation® O43 - CFD: 17/11/2013 - [] D -- C:\Program Files\TeamViewer =>.TeamViewer® O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 19/10/2013 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 09/10/2013 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 09/10/2013 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT O43 - CFD: 09/10/2013 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 09/10/2013 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 09/10/2013 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 23/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 20/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 16/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator DE O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 04/12/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 23/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection O43 - CFD: 19/10/2013 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 O43 - CFD: 14/05/2016 - [] D -- C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd O43 - CFD: 17/11/2013 - [] D -- C:\ProgramData\Adobe O43 - CFD: 20/04/2015 - [] D -- C:\ProgramData\Apple O43 - CFD: 20/04/2015 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 08/05/2016 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 20/04/2015 - [] D -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB O43 - CFD: 17/11/2013 - [] D -- C:\ProgramData\Cisco Systems O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\InstallShield O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\McAfee O43 - CFD: 23/11/2013 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 28/10/2014 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 03/12/2015 - [] D -- C:\ProgramData\NortonInstaller O43 - CFD: 07/12/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 23/04/2016 - [] D -- C:\ProgramData\Skype O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\Sonic O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\Sun O43 - CFD: 23/11/2013 - [] D -- C:\ProgramData\Symantec O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 10/10/2013 - [] D -- C:\ProgramData\Uninstall O43 - CFD: 12/05/2016 - [] D -- C:\Program Files\Common Files\Adobe O43 - CFD: 20/04/2015 - [] D -- C:\Program Files\Common Files\Apple O43 - CFD: 04/12/2015 - [] D -- C:\Program Files\Common Files\AV O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Common Files\DESIGNER O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Common Files\InstallShield O43 - CFD: 16/02/2016 - [] D -- C:\Program Files\Common Files\Java O43 - CFD: 22/02/2016 - [] D -- C:\Program Files\Common Files\microsoft shared O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Common Files\Roxio Shared O43 - CFD: 13/07/2009 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 21/03/2016 - [] D -- C:\Program Files\Common Files\Skype O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Common Files\Sonic Shared O43 - CFD: 13/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Common Files\SureThing Shared O43 - CFD: 23/11/2013 - [] D -- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 10/10/2013 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 17/11/2013 - [] D -- C:\Users\user\AppData\Roaming\Adobe O43 - CFD: 20/04/2015 - [] D -- C:\Users\user\AppData\Roaming\Apple Computer O43 - CFD: 03/12/2015 - [] HD -- C:\Users\user\AppData\Roaming\GoldenGate O43 - CFD: 08/10/2013 - [] D -- C:\Users\user\AppData\Roaming\Identities O43 - CFD: 19/10/2013 - [] D -- C:\Users\user\AppData\Roaming\Macromedia O43 - CFD: 14/09/2015 - [] SD -- C:\Users\user\AppData\Roaming\Microsoft O43 - CFD: 28/10/2014 - [] D -- C:\Users\user\AppData\Roaming\Mozilla O43 - CFD: 04/12/2015 - [0] D -- C:\Users\user\AppData\Roaming\notepad O43 - CFD: 04/12/2015 - [0] D -- C:\Users\user\AppData\Roaming\Opera Software O43 - CFD: 17/12/2014 - [] D -- C:\Users\user\AppData\Roaming\Rovio O43 - CFD: 04/11/2015 - [] D -- C:\Users\user\AppData\Roaming\Shortcut O43 - CFD: 14/05/2016 - [] D -- C:\Users\user\AppData\Roaming\Skype O43 - CFD: 04/12/2015 - [] D -- C:\Users\user\AppData\Roaming\Spotify O43 - CFD: 07/12/2015 - [] D -- C:\Users\user\AppData\Roaming\Sun O43 - CFD: 14/05/2016 - [] D -- C:\Users\user\AppData\Roaming\ZHP O43 - CFD: 27/10/2015 - [] D -- C:\Users\user\AppData\Local\Adobe O43 - CFD: 12/08/2015 - [] D -- C:\Users\user\AppData\Local\Amazon O43 - CFD: 19/10/2013 - [] D -- C:\Users\user\AppData\Local\Apple O43 - CFD: 20/04/2015 - [] D -- C:\Users\user\AppData\Local\Apple Computer O43 - CFD: 08/10/2013 - [0] SHD -- C:\Users\user\AppData\Local\Application Data O43 - CFD: 22/06/2014 - [] D -- C:\Users\user\AppData\Local\Apps O43 - CFD: 31/08/2015 - [] D -- C:\Users\user\AppData\Local\CEF O43 - CFD: 22/06/2014 - [0] D -- C:\Users\user\AppData\Local\Deployment O43 - CFD: 16/02/2016 - [] D -- C:\Users\user\AppData\Local\Diagnostics O43 - CFD: 15/09/2015 - [] D -- C:\Users\user\AppData\Local\Google O43 - CFD: 08/10/2013 - [0] SHD -- C:\Users\user\AppData\Local\History O43 - CFD: 04/12/2015 - [0] D -- C:\Users\user\AppData\Local\Lenovo O43 - CFD: 27/10/2015 - [] D -- C:\Users\user\AppData\Local\Macromedia O43 - CFD: 22/02/2016 - [] D -- C:\Users\user\AppData\Local\Mega Limited O43 - CFD: 14/07/2015 - [] D -- C:\Users\user\AppData\Local\Microsoft O43 - CFD: 28/10/2014 - [] D -- C:\Users\user\AppData\Local\Microsoft Games O43 - CFD: 07/01/2015 - [] D -- C:\Users\user\AppData\Local\Microsoft Help O43 - CFD: 28/10/2014 - [] D -- C:\Users\user\AppData\Local\Mozilla O43 - CFD: 04/12/2015 - [0] D -- C:\Users\user\AppData\Local\Opera Software O43 - CFD: 10/10/2013 - [] D -- C:\Users\user\AppData\Local\Programs O43 - CFD: 04/12/2015 - [0] D -- C:\Users\user\AppData\Local\Skype O43 - CFD: 25/11/2014 - [] D -- C:\Users\user\AppData\Local\SkypeWebPlugin O43 - CFD: 17/12/2014 - [] D -- C:\Users\user\AppData\Local\Spoon O43 - CFD: 23/11/2013 - [] D -- C:\Users\user\AppData\Local\Symantec O43 - CFD: 14/05/2016 - [] D -- C:\Users\user\AppData\Local\Temp O43 - CFD: 08/10/2013 - [0] SHD -- C:\Users\user\AppData\Local\Temporary Internet Files O43 - CFD: 22/02/2016 - [] D -- C:\Users\user\AppData\Local\VirtualStore O43 - CFD: 10/10/2013 - [0] D -- C:\Users\user\AppData\Local\Programs\Common O43 - CFD: 14/07/2009 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 19/10/2013 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 12/08/2015 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon O43 - CFD: 14/07/2009 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 17/11/2013 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetDvr O43 - CFD: 22/02/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ ShareTools MSconfig StartupReg (6) - 2s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation ---\\ System Drivers List (80) - 19s O58 - SDL:2009/07/13 21:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888] =>.Broadcom Corporation O58 - SDL:2009/07/13 18:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] =>.Brother Industries, Ltd. O58 - SDL:2009/07/13 18:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] =>.Brother Industries, Ltd. O58 - SDL:2009/07/13 20:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 18:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 18:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 18:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 18:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] =>.Broadcom Corporation O58 - SDL:2007/10/17 02:00:00 A . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) -- C:\Windows\System32\drivers\cdr4_xp.sys [9072] =>.Sonic Solutions® O58 - SDL:2007/10/17 02:00:00 A . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\System32\drivers\cdralw2k.sys [9200] =>.Sonic Solutions® O58 - SDL:2009/07/13 21:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] =>.Microsoft Windows® O58 - SDL:2008/11/18 19:17:08 A . (.Symantec Corporation - Confidence Online v6.1 WDM driver (6,1,4,10.) -- C:\Windows\System32\drivers\COH_Mon.sys [23888] =>.Symantec Corporation® O58 - SDL:2009/07/13 21:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] =>.Broadcom Corporation O58 - SDL:2012/08/21 13:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26840] =>.GEAR Software Inc.® O58 - SDL:2009/07/13 18:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] =>.Hauppauge Computer Works, Inc. O58 - SDL:2009/07/13 21:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160] =>.Microsoft Windows® O58 - SDL:2010/10/25 04:10:06 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [4807168] =>.Intel Corporation O58 - SDL:2009/07/13 21:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] =>.Microsoft Windows® O58 - SDL:2010/05/20 15:10:32 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x86.sys [68208] =>.Atheros Communications Inc.® O58 - SDL:2009/07/13 21:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:02:53 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28u.sys [657408] =>.Ralink Technology Corp. O58 - SDL:2009/09/15 19:40:18 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETw5s32.sys [6114816] =>.Intel Corporation O58 - SDL:2009/07/13 21:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744] =>.Microsoft Windows® O58 - SDL:2007/11/14 03:00:00 A . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\System32\drivers\pxhelp20.sys [43840] =>.Sonic Solutions® O58 - SDL:2009/07/13 21:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] =>.Microsoft Windows® O58 - SDL:2009/07/13 16:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/13 21:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] =>.Microsoft Windows® O58 - SDL:2009/01/30 14:52:32 A . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\System32\drivers\srtsp.sys [280112] =>.Symantec Corporation® O58 - SDL:2009/01/30 14:52:32 A . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\System32\drivers\srtspl.sys [319792] =>.Symantec Corporation® O58 - SDL:2009/01/30 14:52:32 A . (.Symantec Corporation - Symantec AutoProtect.) -- C:\Windows\System32\drivers\srtspx.sys [43824] =>.Symantec Corporation® O58 - SDL:2009/07/13 21:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] =>.Microsoft Windows® O58 - SDL:2008/08/21 12:13:56 A . (.Symantec Corporation - DNS Filter Driver.) -- C:\Windows\System32\drivers\symdns.sys [12848] =>.Symantec Corporation® O58 - SDL:2013/11/23 18:09:08 A . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\System32\drivers\SYMEVENT.SYS [123952] =>.Symantec Corporation® O58 - SDL:2008/08/21 12:13:56 A . (.Symantec Corporation - Firewall Filter Driver.) -- C:\Windows\System32\drivers\symfw.sys [145968] =>.Symantec Corporation® O58 - SDL:2008/08/21 12:13:56 A . (.Symantec Corporation - IDS Filter Driver.) -- C:\Windows\System32\drivers\symids.sys [39984] =>.Symantec Corporation® O58 - SDL:2008/08/21 12:13:58 A . (.Symantec Corporation - NDIS Filter Driver.) -- C:\Windows\System32\drivers\symndisv.sys [37936] =>.Symantec Corporation® O58 - SDL:2008/08/21 12:13:56 A . (.Symantec Corporation - Redirector Filter Driver.) -- C:\Windows\System32\drivers\symredrv.sys [27696] =>.Symantec Corporation® O58 - SDL:2008/08/21 12:13:56 A . (.Symantec Corporation - Network Dispatch Driver.) -- C:\Windows\System32\drivers\symtdi.sys [191536] =>.Symantec Corporation® O58 - SDL:2008/10/14 13:24:18 A . (.Symantec Corporation - Symantec CMC Firewall Teefer2.) -- C:\Windows\System32\drivers\Teefer2.sys [49536] =>.Symantec Corporation® O58 - SDL:2012/12/13 14:50:38 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056] =>.Apple, Inc. O58 - SDL:2009/07/13 21:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] =>.Microsoft Windows® O58 - SDL:2009/07/13 21:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] =>.Microsoft Windows® O58 - SDL:2009/04/22 16:26:04 A . (.Symantec Corporation - Symantec CMC Firewall WPS.) -- C:\Windows\System32\drivers\WPSDRVnt.sys [42312] =>.Symantec Corporation® O58 - SDL:2012/09/30 19:03:24 A . (.Symantec Corporation - Symantec Intrusion Detection - WpsHelper.) -- C:\Windows\System32\drivers\WpsHelper.sys [174056] =>.Symantec Corporation® O58 - SDL:2009/07/13 17:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:2009/07/13 17:40:44 A . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:2009/07/13 17:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:2009/07/13 17:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:2009/07/13 17:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:2009/07/13 17:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:2009/07/13 17:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:2009/07/13 17:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:2009/07/13 17:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:2009/07/13 17:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:2009/07/13 17:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:2009/07/13 17:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:2009/07/13 17:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:2009/07/13 17:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:2009/07/13 17:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672] ---\\ File Associations Shell Spawning (10) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (8) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ---\\ Search Browser Infection (7) - 30s O69 - SBI: prefs.js [user - zxe4ywj3.default] user_pref("browser.newtab.url", "http://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHA1GIQEOVwsXDAYWJgkVVQ4TRxgadwoATAgUQlQacg[...] =>.Superfluous.AkamaiHD O69 - SBI: prefs.js [user - zxe4ywj3.default] user_pref("browser.startup.homepage", "http://searchinterneat-a.akamaihd.net/hm?eq=U0EeCFZVBB8SRggbJVgAVw9DRxgQdV8ITA1GQ1MOeQ4LWRR[...] =>.Superfluous.AkamaiHD O69 - SBI: prefs.js [user - zxe4ywj3.default] user_pref("extensions.enabledAddons", "MUB-SAE%40iacsearchandmedia.com:8.7,deskCutv2%40gmail.com:0.1.13,%7B972ce4c6-7e08-4474-a285[...] =>PUP.Optional.DeskCut O69 - SBI: prefs.js [user - zxe4ywj3.default] user_pref("keyword.URL", "http://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQFdAAFHFwdFbQoNBwlcFQJBJhQBVgpJDARGI1gBUw8SE[...] =>.Superfluous.AkamaiHD O69 - SBI: SearchScopes [HKCU] {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} - (Ask Web Search) - http://int.search.tb.ask.com/ =>Toolbar.Ask O69 - SBI: SearchScopes [HKLM] OldSearch - (@ieframe.dll,-12512) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {9a216821-0ec5-49a3-85ac-fb72ae79a1e8} - (Ask Web Search) - http://int.search.tb.ask.com/ =>Toolbar.Ask ---\\ Search Svchost Services (32) - 4s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [593408] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [674304] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [473600] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [286208] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [49664] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [242176] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [521216] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1933848] =>.Microsoft Windows Component Publisher® O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [585728] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [328192] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [499712] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [21504] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [47104] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [114688] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [49664] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [61440] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [750592] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [113664] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [102912] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [37376] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [76800] =>.Microsoft Corporation ---\\ Firewall Active Exception List (4) - 3s O87 - FAEL: "TCP Query User{B5FFEEF8-70C1-49B0-A2F7-B2401EB8350C}C:\windows\system32\filewriter.exe" [In-None-P6-TRUE] .(...) -- C:\windows\system32\filewriter.exe O87 - FAEL: "UDP Query User{A958A5A0-923D-4C5B-A8B4-A6B580352AFE}C:\windows\system32\filewriter.exe" [In-None-P17-TRUE] .(...) -- C:\windows\system32\filewriter.exe O87 - FAEL: "{8719C371-C2FE-45BC-B6F2-957AFC6159B3}" [In-None-P17-TRUE] .(...) -- C:\windows\system32\filewriter.exe O87 - FAEL: "{993097DC-A4F1-413C-B6B4-79145C177A0D}" [In-None-P6-TRUE] .(...) -- C:\windows\system32\filewriter.exe ---\\ Additional Scan (O88) (4) - 0s C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\extensions\MUB-SAE@iacsearchandmedia.com.xpi =>PUP.Optional.IACSearchAndMedia C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\zxe4ywj3.default\extensions\yahooprotected@gmail.com.xpi =>PUP.Optional.WinYahoo HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} =>Toolbar.Ask HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9a216821-0ec5-49a3-85ac-fb72ae79a1e8} =>Toolbar.Ask ---\\ Summary of the elements found (5) - 0s http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.AkamaiHD http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.IACSearchAndMedia http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.WinYahoo http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.DeskCut http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask ~ End of the scan, 13384 items in 00h07mn40s (673)(0)