~ ZHPDiag v2016.7.8.112 By Nicolas Coolman (2016/07/08) ~ Run by Yondaime (Administrator) (2016/07/10 22:14:42) ~ Web: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Yondaime\Desktop\ZHPDiag.txt ~ Report: C:\Users\Yondaime\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v51.0.2704.106 OPIE: Opera 38.0.2220.41 MSIE: Internet Explorer v8.0.7601.17514 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : KO ---\\ System protection software (1) - 1s Malwarebytes Anti-Malware version 2.2.1.1043 ---\\ System optimization software (1) - 1s CCleaner v5.10 ---\\ Surveillance software (1) - 1s Adobe Flash Player 22 PPAPI ---\\ Sharing software PeerToPeer (1) - 1s µTorrent v2.2.1 ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 6 Model 26 Stepping 5, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 3143.256 MB (26% free) System Restore: Activé (Enable) System drive C: has 0 GB () free of 140 GB =>Alerte espace disque inférieur à 20 Go ---\\ Connection to the system mode (3) - 0s ~ Computer Name: YONDAIME-PC ~ User Name: Yondaime ~ Logged in as Administrator ---\\ Enumeration of the disk units (3) - 0s ~ Drive C: has 0 GB free of 140 GB (System) ~ Drive D: has 0 GB free of 76 GB ~ Drive E: has 0 GB free of 152 GB ---\\ State of the Windows Security Center (14) - 0s [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (24) - 1s [MD5.40D777B7A95E00593EB1568C68514493] - 20/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2616320] =>.Microsoft Corporation [MD5.51138BEEA3E2C21EC44D0932C71762A8] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation [MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [96256] =>.Microsoft Corporation [MD5.44214C94911C7CFB1D52CB64D5E8368D] - 20/11/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [980992] =>.Microsoft Corporation [MD5.6D13E1406F50C66E2A95D97F22C47560] - 20/11/2010 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [286720] =>.Microsoft Corporation [MD5.E3AE23569749DE12D45BA3B489A036AE] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [193536] =>.Microsoft Corporation [MD5.59DF156711A76BCB993253EC6C9BBF41] - 20/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.1151FD4FB0216CFED887BFDE29EBD516] - 20/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation [MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows® [MD5.77EA11B065E0A8AB902D78145CA51E10] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation [MD5.F024449C97EC1E464AAFFDA18593DB88] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] =>.Microsoft Corporation [MD5.9036377B8A6C15DC2EEC53E489D159B5] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation [MD5.B272B4C3E085EA860C12F2E4FAF2FFA2] - 20/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123904] =>.Microsoft Corporation [MD5.280122DDCF04B378EDD1AD54D71C1E54] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] =>.Microsoft Corporation [MD5.33C3093D09017CFE2E219F2472BFF6EB] - 20/11/2010 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1211264] =>.Microsoft Windows® [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 13/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 13/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation [MD5.B973FCFC50DC1434E1970A146F7E3885] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133632] =>.Microsoft Corporation [MD5.3E21C083B8A01CB70BA1F09303010FCE] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation [MD5.B459575348C20E8121D6039DA063C704] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74752] =>.Microsoft Corporation [MD5.F497F67932C6FA693D7DE2780631CFE7] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [245632] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (13) - 1s O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) . (.IObit - Advanced SystemCare Service.) - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe =>.IObit Information Technology® O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe =>.Alcohol Soft® O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG® O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology® O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.6.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation® O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe =>.StarWind Software O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc.® O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\System32\vmnetdhcp.exe =>.VMware, Inc.® O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe =>.VMware, Inc.® O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\System32\vmnat.exe =>.VMware, Inc.® O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc.® ---\\ Services not Microsoft (SR=Run, SS=Stop) (17) - 13s SS - Demand [16/06/2016] [ 270016] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [03/04/2015] [ 814880] Advanced SystemCare Service 8 (AdvancedSystemCareService8) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe =>.IObit Information Technology® SR - Auto [29/05/2015] [ 60744] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® SS - Auto [12/03/2015] [ 39376] Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) . (.Alcohol Soft Development Team.) - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe =>.Alcohol Soft® SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG® SS - Auto [12/07/2015] [ 107848] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [12/07/2015] [ 107848] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® SR - Demand [11/07/2015] [ 541992] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.® SS - Auto [30/07/2015] [ 2909472] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology® SR - Auto [26/04/2015] [ 671552] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe =>.NVIDIA Corporation® SR - Auto [23/12/2009] [ 370688] StarWind AE Service (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe =>.StarWind Software SR - Auto [18/10/2013] [ 86096] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc.® SR - Auto [18/10/2013] [ 358480] VMware DHCP Service (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\System32\vmnetdhcp.exe =>.VMware, Inc.® SR - Auto [30/07/2015] [ 725696] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe =>.VMware, Inc.® SR - Auto [18/10/2013] [ 437328] VMware NAT Service (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\System32\vmnat.exe =>.VMware, Inc.® SR - Auto [18/10/2013] [14405200] VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc.® ---\\ Task Planned Automatically (34) - 6s [MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.9D4158A55039F200CC68569C40647F5A] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [1202880] (.Activate.) =>.Adobe Systems Incorporated® [MD5.2A6C3CEC3C5F499EC8C93478008F2C48] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [270016] (.Activate.) =>.Adobe Systems Incorporated® [MD5.6009C7F55A71FA7F23692B92214A4CF8] [APT] [ASC8_PerformanceMonitor] (.IObit.) -- C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [1774880] (.Activate.) =>.IObit Information Technology® [MD5.E2405E793004B179C99D05331635CAF1] [APT] [ASC8_SkipUac_Yondaime] (.IObit.) -- C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [5425440] (.Activate.) =>.IObit Information Technology® [MD5.1DC0CC580B6149CE24782B65384F34BD] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6495144] (.Activate.) =>.Piriform Ltd® [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848] (.Activate.) =>.Google Inc® [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848] (.Activate.) =>.Google Inc® [MD5.8A3A1B1D58C43A45517321BC8C650752] [APT] [klcp_update] (...) -- C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1175040] (.Activate.) [MD5.6DCF4682CEF0C64F6D5EFCCEADF0F703] [APT] [Opera scheduled Autoupdate 1461981274] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [755240] (.Activate.) =>.Opera Software ASA® [MD5.00000000000000000000000000000000] [APT] [ToolrainUpdateTaskMachineCore] (...) -- C:\Program Files\Toolrain\Update\ToolrainUpdate.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [ToolrainUpdateTaskMachineUA] (...) -- C:\Program Files\Toolrain\Update\ToolrainUpdate.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [WebReg Deskjet D1400 series] (...) -- C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{4C960A6D-F956-410D-9F80-60D1B9CAC2B5}] (...) -- G:\Windows Media Payer 9\WMP9onWindows7orVista\IXP000.TMP\setup_wm.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{5C6027B0-39B8-4289-B95A-5172EFFC0142}] (...) -- C:\VirtuaGirl\Vghd.exe (.not file.) [0] (.Activate.) =>PUP.Optional.VirtualGirl [MD5.FF2B2EEDCCC173CA4F8385092C8F588C] [APT] [{68B5D923-025B-4950-A2D7-D7D02940E2B2}] (...) -- C:\Users\Yondaime\Documents\Downloads\Programs\ps3 media server all versions\pms-setup-win32-1.03.exe [13065243] (.Activate.) [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984] (.Activate.) =>.Apple Inc.® [MD5.CD11D500328F07AE1666D046F94179E0] [APT] [AVAST Software] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [702056] (.Activate.) =>.AVAST Software a.s.® O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892] =>.Adobe Systems Incorporated® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [882] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [886] =>.Google Inc® O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3898] =>.Adobe Systems Incorporated® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] =>.Adobe Systems Incorporated® O39 - APT: ASC8_PerformanceMonitor - (.IObit.) -- C:\Windows\System32\Tasks\ASC8_PerformanceMonitor [3184] =>.IObit Information Technology® O39 - APT: ASC8_SkipUac_Yondaime - (.IObit.) -- C:\Windows\System32\Tasks\ASC8_SkipUac_Yondaime [2872] =>.IObit Information Technology® O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2802] =>.Piriform Ltd® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3630] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3882] =>.Google Inc® O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\klcp_update [3800] O39 - APT: Opera scheduled Autoupdate 1461981274 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1461981274 [3840] =>.Opera Software ASA® O39 - APT: ToolrainUpdateTaskMachineCore - (...) -- C:\Windows\System32\Tasks\ToolrainUpdateTaskMachineCore [3552] (.Orphan.) =>.Superfluous.Orphan O39 - APT: ToolrainUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\ToolrainUpdateTaskMachineUA [3460] (.Orphan.) =>.Superfluous.Orphan O39 - APT: WebReg Deskjet D1400 series - (...) -- C:\Windows\System32\Tasks\WebReg Deskjet D1400 series [3032] (.Orphan.) =>.Superfluous.Orphan ---\\ Process running (39) - 1s [MD5.ACD4AF1B9D6E6C0C5BE470E5CF313FE6] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe [814880] [PID.688] =>.IObit Information Technology® [MD5.C26041099A739D303752C100317A6383] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.6.) -- C:\Windows\System32\nvvsvc.exe [671552] [PID.772] =>.NVIDIA Corporation® [MD5.5EC71CC2DB68C7BD206C0D2B7029AF9E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [938184] [PID.1388] =>.NVIDIA Corporation® [MD5.C26041099A739D303752C100317A6383] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.6.) -- C:\Windows\System32\nvvsvc.exe [671552] [PID.1396] =>.NVIDIA Corporation® [MD5.2F2BD5EFFA8E91295F4DB493D85534B5] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.1716] =>.Apple Inc.® [MD5.6009C7F55A71FA7F23692B92214A4CF8] - (.IObit - Performance Monitor.) -- C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [1774880] [PID.396] =>.IObit Information Technology® [MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688] [PID.1004] =>.StarWind Software [MD5.363B76E94C65E235C2D6F676B49829E5] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\System32\vmnat.exe [437328] [PID.1464] =>.VMware, Inc.® [MD5.549CD7035F5CF5CEE4DE11539C9715F4] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [86096] [PID.2192] =>.VMware, Inc.® [MD5.FB14E86D3322211E7CD60DEC7836CE95] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [157992] [PID.2368] =>.Apple Inc.® [MD5.72333AF32604FD476996A17CA57DF597] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [111696] [PID.2376] =>.VMware, Inc.® [MD5.FCEC6F664FA7E5FE323165FBC9314470] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040] [PID.2388] =>.Oracle America, Inc.® [MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe [17408] [PID.2396] [MD5.ADE3D7AD36CA238C6D58E5E93392D2F8] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3903056] [PID.2472] =>.Tonec Inc. [MD5.1E12823EB57AAB6403E5246B4187A5F0] - (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe [399736] [PID.2504] =>.BitTorrent Inc® [MD5.9C9D86BEDE5D4A357FD7924F2CB02791] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\System32\vmnetdhcp.exe [358480] [PID.2580] =>.VMware, Inc.® [MD5.F38264E31A865CD839AFB24CA3DB7C25] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [725696] [PID.2600] =>.VMware, Inc.® [MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.2632] =>.WIBU-SYSTEMS AG® [MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Yondaime\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.2696] =>.Microsoft Corporation® [MD5.422963B9386FD4052AA766A6575ED8DE] - (.IObit - Advanced SystemCare 8.) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe [2429728] [PID.2708] =>.IObit Information Technology® [MD5.1DC0CC580B6149CE24782B65384F34BD] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6495144] [PID.3072] =>.Piriform Ltd® [MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.3200] =>.Tonec Inc.® [MD5.F42CA2A1F8987CCE13BBE7582D90F35C] - (...) -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe [14405200] [PID.3400] =>.VMware, Inc.® [MD5.AA38B59FC01597C9C41F48F610672356] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [541992] [PID.3796] =>.Apple Inc.® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.4092] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.4020] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.848] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.2088] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.604] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.2948] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.4132] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.4200] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.4240] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.3736] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.4884] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.1156] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.1904] =>.Google Inc® [MD5.028228C7068DE998D9251C82E61D13A4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [943944] [PID.4780] =>.Google Inc® [MD5.5BCF9AFB052961C46CFA4E362969C165] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Yondaime\AppData\Roaming\ZHP\ZHPDiag3.exe [2226688] [PID.5564] =>.Nicolas Coolman ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 0s P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc. ---\\ Internet Explorer Extensions, Start, Search (10) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (1) ---\\ Browser Helper Object (BHO) (3) - 1s O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.® O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll =>.Oracle America, Inc.® O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll =>.Oracle America, Inc.® ---\\ Auto loading programs from Registry and folders (16) - 0s O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc.® O4 - HKLM\..\Run: [vmware-tray.exe] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe =>.VMware, Inc.® O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.® O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Yondaime\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation® O4 - HKCU\..\Run: [Advanced SystemCare 8] . (.IObit - Advanced SystemCare 8.) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe =>.IObit Information Technology® O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd® O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe =>.Alcohol Soft® O4 - HKUS\S-1-5-21-4099662633-3521346365-417894702-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKUS\S-1-5-21-4099662633-3521346365-417894702-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKUS\S-1-5-21-4099662633-3521346365-417894702-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Yondaime\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-4099662633-3521346365-417894702-1000\..\Run: [Advanced SystemCare 8] . (.IObit - Advanced SystemCare 8.) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCTray.exe =>.IObit Information Technology® O4 - HKUS\S-1-5-21-4099662633-3521346365-417894702-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd® O4 - HKUS\S-1-5-21-4099662633-3521346365-417894702-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe =>.Alcohol Soft® ---\\ Global shortcuts Startup (71) - 6s O4 - GS\Desktop [Administrator]: Ace Utilities.lnk . (.Acelogix Software - Acelogix Software's Ace Utilities For Syste.) C:\Program Files\Ace Utilities\au.exe {269524D040C9767291E132952E603D28} O4 - GS\Desktop [Administrator]: AudioConverter.lnk . (...) C:\Program Files\TotalAudioConverter\AudioConverter.exe {16BBF067D3062B3A7470517F16FB8FE9} O4 - GS\Desktop [Administrator]: Mp3 Audio Editor.lnk . (...) C:\Program Files\Mp3 Audio Editor\Mp3AudioEditor.exe O4 - GS\Desktop [Administrator]: mp3Tag Pro.lnk . (.ManiacTools - mp3Tag Pro.) C:\Program Files\mp3Tag Pro 6\mp3tagpro.exe =>.ManiacTools O4 - GS\Desktop [Administrator]: PhotoFiltre Studio.lnk . (.Antonio Da Cruz - PhotoFiltre Studio.) C:\Program Files\PhotoFiltre Studio\pf-studio.exe =>.Antonio Da Cruz O4 - GS\Desktop [Administrator]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [Administrator]: UltraISO.lnk . (.EZB Systems, Inc. - UltraISO Premium.) C:\Program Files\UltraISO\UltraISO.exe O4 - GS\Desktop [Administrator]: WinAVI All-in-One Converter.lnk . (.ZJMedia Digital Technology Ltd. - WinAVI All-in-One Converter.) C:\Program Files\WinAVI\All in One Converter\bin\All in One Converter.exe O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Yondaime\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrator]: Ace Utilities.lnk . (.Acelogix Software - Acelogix Software's Ace Utilities For Syste.) C:\Program Files\Ace Utilities\au.exe {269524D040C9767291E132952E603D28} O4 - GS\Quicklaunch [Administrator]: Bigasoft Total Video Converter 5.lnk . (.Bigasoft Corporation - Total Video Converter.) C:\Program Files\Bigasoft\Total Video Converter 5\videoconverter.exe =>.Bigasoft Corporation O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrator]: mp3Tag Pro.lnk . (.ManiacTools - mp3Tag Pro.) C:\Program Files\mp3Tag Pro 6\mp3tagpro.exe =>.ManiacTools O4 - GS\Quicklaunch [Administrator]: VMware Workstation.lnk . (.VMware, Inc. - VMware Workstation.) C:\Program Files\VMware\VMware Workstation\vmware.exe =>.VMware, Inc.® O4 - GS\Quicklaunch [Administrator]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\TaskBar [Administrator]: PARAM.SFO Editor.lnk . (.aldostools.org - PARAM.SFO Editor.) C:\Users\Yondaime\Desktop\PS3 U\ps3tools\tools\PARAM_SFO_Editor.exe O4 - GS\TaskBar [Administrator]: PS3 Tools Menu.lnk . (.Aldo Vargas - http://www.aldostools.org - PS3 Tools Menu.) C:\Users\Yondaime\Desktop\PS3 U\ps3tools\PS3Tools_Menu.exe O4 - GS\Desktop [Guest]: Ace Utilities.lnk . (.Acelogix Software - Acelogix Software's Ace Utilities For Syste.) C:\Program Files\Ace Utilities\au.exe {269524D040C9767291E132952E603D28} O4 - GS\Desktop [Guest]: AudioConverter.lnk . (...) C:\Program Files\TotalAudioConverter\AudioConverter.exe {16BBF067D3062B3A7470517F16FB8FE9} O4 - GS\Desktop [Guest]: Mp3 Audio Editor.lnk . (...) C:\Program Files\Mp3 Audio Editor\Mp3AudioEditor.exe O4 - GS\Desktop [Guest]: mp3Tag Pro.lnk . (.ManiacTools - mp3Tag Pro.) C:\Program Files\mp3Tag Pro 6\mp3tagpro.exe =>.ManiacTools O4 - GS\Desktop [Guest]: PhotoFiltre Studio.lnk . (.Antonio Da Cruz - PhotoFiltre Studio.) C:\Program Files\PhotoFiltre Studio\pf-studio.exe =>.Antonio Da Cruz O4 - GS\Desktop [Guest]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [Guest]: UltraISO.lnk . (.EZB Systems, Inc. - UltraISO Premium.) C:\Program Files\UltraISO\UltraISO.exe O4 - GS\Desktop [Guest]: WinAVI All-in-One Converter.lnk . (.ZJMedia Digital Technology Ltd. - WinAVI All-in-One Converter.) C:\Program Files\WinAVI\All in One Converter\bin\All in One Converter.exe O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Yondaime\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Guest]: Ace Utilities.lnk . (.Acelogix Software - Acelogix Software's Ace Utilities For Syste.) C:\Program Files\Ace Utilities\au.exe {269524D040C9767291E132952E603D28} O4 - GS\Quicklaunch [Guest]: Bigasoft Total Video Converter 5.lnk . (.Bigasoft Corporation - Total Video Converter.) C:\Program Files\Bigasoft\Total Video Converter 5\videoconverter.exe =>.Bigasoft Corporation O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Guest]: mp3Tag Pro.lnk . (.ManiacTools - mp3Tag Pro.) C:\Program Files\mp3Tag Pro 6\mp3tagpro.exe =>.ManiacTools O4 - GS\Quicklaunch [Guest]: VMware Workstation.lnk . (.VMware, Inc. - VMware Workstation.) C:\Program Files\VMware\VMware Workstation\vmware.exe =>.VMware, Inc.® O4 - GS\Quicklaunch [Guest]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\TaskBar [Guest]: PARAM.SFO Editor.lnk . (.aldostools.org - PARAM.SFO Editor.) C:\Users\Yondaime\Desktop\PS3 U\ps3tools\tools\PARAM_SFO_Editor.exe O4 - GS\TaskBar [Guest]: PS3 Tools Menu.lnk . (.Aldo Vargas - http://www.aldostools.org - PS3 Tools Menu.) C:\Users\Yondaime\Desktop\PS3 U\ps3tools\PS3Tools_Menu.exe O4 - GS\Desktop [Yondaime]: Ace Utilities.lnk . (.Acelogix Software - Acelogix Software's Ace Utilities For Syste.) C:\Program Files\Ace Utilities\au.exe {269524D040C9767291E132952E603D28} O4 - GS\Desktop [Yondaime]: AudioConverter.lnk . (...) C:\Program Files\TotalAudioConverter\AudioConverter.exe {16BBF067D3062B3A7470517F16FB8FE9} O4 - GS\Desktop [Yondaime]: Mp3 Audio Editor.lnk . (...) C:\Program Files\Mp3 Audio Editor\Mp3AudioEditor.exe O4 - GS\Desktop [Yondaime]: mp3Tag Pro.lnk . (.ManiacTools - mp3Tag Pro.) C:\Program Files\mp3Tag Pro 6\mp3tagpro.exe =>.ManiacTools O4 - GS\Desktop [Yondaime]: PhotoFiltre Studio.lnk . (.Antonio Da Cruz - PhotoFiltre Studio.) C:\Program Files\PhotoFiltre Studio\pf-studio.exe =>.Antonio Da Cruz O4 - GS\Desktop [Yondaime]: Subtitle Edit.lnk . (.Nikse - Subtitle Edit.) C:\Program Files\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [Yondaime]: UltraISO.lnk . (.EZB Systems, Inc. - UltraISO Premium.) C:\Program Files\UltraISO\UltraISO.exe O4 - GS\Desktop [Yondaime]: WinAVI All-in-One Converter.lnk . (.ZJMedia Digital Technology Ltd. - WinAVI All-in-One Converter.) C:\Program Files\WinAVI\All in One Converter\bin\All in One Converter.exe O4 - GS\Desktop [Yondaime]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Yondaime\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Yondaime]: Ace Utilities.lnk . (.Acelogix Software - Acelogix Software's Ace Utilities For Syste.) C:\Program Files\Ace Utilities\au.exe {269524D040C9767291E132952E603D28} O4 - GS\Quicklaunch [Yondaime]: Bigasoft Total Video Converter 5.lnk . (.Bigasoft Corporation - Total Video Converter.) C:\Program Files\Bigasoft\Total Video Converter 5\videoconverter.exe =>.Bigasoft Corporation O4 - GS\Quicklaunch [Yondaime]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Yondaime]: mp3Tag Pro.lnk . (.ManiacTools - mp3Tag Pro.) C:\Program Files\mp3Tag Pro 6\mp3tagpro.exe =>.ManiacTools O4 - GS\Quicklaunch [Yondaime]: VMware Workstation.lnk . (.VMware, Inc. - VMware Workstation.) C:\Program Files\VMware\VMware Workstation\vmware.exe =>.VMware, Inc.® O4 - GS\Quicklaunch [Yondaime]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\TaskBar [Yondaime]: PARAM.SFO Editor.lnk . (.aldostools.org - PARAM.SFO Editor.) C:\Users\Yondaime\Desktop\PS3 U\ps3tools\tools\PARAM_SFO_Editor.exe O4 - GS\TaskBar [Yondaime]: PS3 Tools Menu.lnk . (.Aldo Vargas - http://www.aldostools.org - PS3 Tools Menu.) C:\Users\Yondaime\Desktop\PS3 U\ps3tools\PS3Tools_Menu.exe O4 - GS\CommonDesktop [Public]: Advanced SystemCare 8.lnk . (.IObit - Advanced SystemCare 8.) C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe =>.IObit Information Technology® O4 - GS\CommonDesktop [Public]: Alcohol 120%.lnk . (.Alcohol Soft Development Team - Alcohol 120%.) C:\Program Files\Alcohol Soft\Alcohol 120\Alcohol.exe {608B7C5B34BEC5ADB24C2D3C32F62AD5} O4 - GS\CommonDesktop [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files\Audacity\audacity.exe =>.The Audacity Team O4 - GS\CommonDesktop [Public]: BeachHead 2000.lnk . (...) C:\Program Files\Fargus\BeachHead\bh2000.exe O4 - GS\CommonDesktop [Public]: Bigasoft Total Video Converter 5.lnk . (.Bigasoft Corporation - Total Video Converter.) C:\Program Files\Bigasoft\Total Video Converter 5\videoconverter.exe =>.Bigasoft Corporation O4 - GS\CommonDesktop [Public]: Camtasia Studio 8.lnk . (.TechSmith Corporation - Camtasia Studio.) C:\Program Files\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe =>.TechSmith Corporation® O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd® O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\CommonDesktop [Public]: IObit Uninstaller.lnk . (.IObit - Uninstall Programs.) C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe =>.IObit Information Technology® O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) C:\Program Files\iTunes\iTunes.exe =>.Apple Inc.® O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation® O4 - GS\CommonDesktop [Public]: MKVToolNix GUI.lnk . (...) C:\Program Files\MKVToolNix\mkvtoolnix-gui.exe =>.Moritz Bunkus® O4 - GS\CommonDesktop [Public]: PS3 Media Server.lnk . (.A. Brochard - PS3 Media Server.) C:\Program Files\PS3 Media Server\PMS.exe O4 - GS\CommonDesktop [Public]: PS3 Theme Builder.lnk . (.Lili-Chan Software - PS3ThemeManager.) C:\Program Files\PS3 Theme Builder\PS3ThemeManager.exe O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\CommonDesktop [Public]: VMware Workstation.lnk . (.VMware, Inc. - VMware Workstation.) C:\Program Files\VMware\VMware Workstation\vmware.exe =>.VMware, Inc.® O4 - GS\CommonDesktop [Public]: Xross Media Simulator.lnk . (.LiliChan Software - Xross Media Simulator.) C:\Program Files\Xross Media Simulator\XrossMediaSimulator.exe =>.LiliChan Software O4 - GS\CommonDesktop [Public]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) C:\Program Files\ZHPFix\ZHPhep.exe =>.Nicolas Coolman O4 - GS\CommonDesktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Lop.com/Domain Hijackers (1) - 0s O17 - HKLM\System\CCS\Services\Tcpip\..\{4F9086ED-4D18-40F9-9E30-967D0DBC3481}: DhcpNameServer = 192.168.1.1 ---\\ Extra protocols (23) - 1s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation ---\\ Software installed (57) - 12s O42 - Logiciel: µTorrent - (...) [HKLM] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip O42 - Logiciel: Ace Utilities - (.Acelogix.) [HKLM] -- Ace Utilities_is1 O42 - Logiciel: Adobe Flash Player 22 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Advanced SystemCare 8 - (.IObit.) [HKLM] -- Advanced SystemCare 8_is1 =>.IObit Information Technology® O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM] -- {7FE25256-B7C1-480D-B736-10A67A833AEA} =>.Apple Inc. O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {538227C6-C74B-4A74-99E1-2C0B4F9DA5E1} =>.Apple Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc. O42 - Logiciel: Audacity 2.1.0 - (.Audacity Team.) [HKLM] -- Audacity_is1 =>.Audacity Team O42 - Logiciel: AudioConverter - (.Helmsman, Inc..) [HKLM] -- Total Audio Converter_is1 O42 - Logiciel: BeachHead - (...) [HKLM] -- BeachHead O42 - Logiciel: Bigasoft Total Video Converter 5.0.9.5854 - (.Bigasoft Corporation.) [HKLM] -- {A72CE741-1F32-4D79-BFFB-A714375C6750}_is1 =>.Bigasoft Corporation O42 - Logiciel: Camtasia Studio 8 - (.TechSmith Corporation.) [HKLM] -- {904AC0F0-F69E-467E-A719-B083940F608A} =>.TechSmith Corporation O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: dj_sf_software - (.Hewlett-Packard.) [HKLM] -- {87885939-F824-42bf-B790-231B1E8EF2BB} =>.Hewlett-Packard O42 - Logiciel: Driver Booster 3.4 - (.IObit.) [HKLM] -- Driver Booster_is1 =>.IObit O42 - Logiciel: FileZilla Client 3.7.0.1 - (.FileZilla Project.) [HKLM] -- FileZilla Client =>.FileZilla Project O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM] -- IObitUninstall =>.IObit Information Technology® O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {9DBBE7B8-EE7A-4FD9-9C7F-35E69A4C19D8} =>.Apple Inc. O42 - Logiciel: Java 8 Update 65 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218065F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: K-Lite Codec Pack 11.3.0 Full - (...) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: Livebox - (.SAGEM.) [HKLM] -- {FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E} =>.Macrovision Corporation® O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes O42 - Logiciel: Microsoft Age of Empires II - (...) [HKLM] -- Age of Empires 2.0 O42 - Logiciel: Microsoft XNA Framework Redistributable 2.0 - (.Microsoft Corporation.) [HKLM] -- {245F6C7A-0C22-4DE0-8202-2AAA620A1D3A} =>.Microsoft Corporation O42 - Logiciel: MKVToolNix 8.9.0 (32bit) - (.Moritz Bunkus.) [HKLM] -- MKVToolNix =>.Moritz Bunkus O42 - Logiciel: Mp3 Audio Editor - (.Mp3AudioEditor Inc..) [HKLM] -- Mp3 Audio Editor O42 - Logiciel: mp3Tag Pro 6.01 - (.Maniac Tools, Inc..) [HKLM] -- mp3Tag Pro_is1 O42 - Logiciel: NVIDIA Control Panel 341.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation O42 - Logiciel: Opera Stable 38.0.2220.41 - (.Opera Software.) [HKLM] -- Opera 38.0.2220.41 =>.Opera Software ASA® O42 - Logiciel: PhotoFiltre Studio - (...) [HKLM] -- PhotoFiltre Studio O42 - Logiciel: PS3 Media Server - (.PS3 Media Server.) [HKLM] -- PS3 Media Server =>.PS3 Media Server O42 - Logiciel: PS3 Theme Builder 3.0 - (.LiliChan Software.) [HKLM] -- {3569D403-23C1-4432-9A33-3E82C47BE470}_is1 =>.LiliChan Software O42 - Logiciel: PS3Splitter version 1.1.5.2 - (.Karmian.org.) [HKLM] -- PS3Splitter_is1 O42 - Logiciel: Subtitle Edit 3.3.12 - (.Nikse.) [HKLM] -- SubtitleEdit_is1 =>.Nikse O42 - Logiciel: Surfing Protection - (.IObit.) [HKLM] -- IObit Surfing Protection_is1 =>.IObit Information Technology® O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249} =>.VMware, Inc. O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM] -- {D102611A-6466-4101-A51D-51069303AC65} =>.VMware, Inc. O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM] -- {197597A7-AD33-4898-9D8E-73066818B464} =>.VMware, Inc. O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4} =>.VMware, Inc. O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM] -- {FFD9383C-01D5-4897-A954-43AF599AED30} =>.VMware, Inc. O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D} =>.VMware, Inc. O42 - Logiciel: UltraISO Premium V9.33 - (...) [HKLM] -- UltraISO_is1 O42 - Logiciel: UnloadSupport - (.Hewlett-Packard.) [HKLM] -- {543E938C-BDC4-4933-A612-01293996845F} =>.Hewlett-Packard O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM] -- VMware_Workstation =>.VMware, Inc O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6} =>.VMware, Inc. O42 - Logiciel: WinAVI All-in-One Converter - (.ZJMedia Digital Technology Ltd..) [HKLM] -- WinAVI All-in-One Converter O42 - Logiciel: WinRAR 4.11 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH O42 - Logiciel: Xross Media Simulator 1.0 - (.Lili-Chan Software.) [HKLM] -- {2A9B8C94-2781-4B36-941E-CB37957DE0C0}_is1 O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman ---\\ HKCU & HKLM Software Keys (139) - 13s HKLM\SOFTWARE\7-Zip HKLM\SOFTWARE\ACE Compression Software HKLM\SOFTWARE\ActiveState HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\Alcohol Soft HKLM\SOFTWARE\Apple Computer, Inc. HKLM\SOFTWARE\Apple Inc. HKLM\SOFTWARE\ATI Technologies HKLM\SOFTWARE\attirerpageSoftware HKLM\SOFTWARE\Baidu HKLM\SOFTWARE\Bigasoft HKLM\SOFTWARE\C07ft5Y HKLM\SOFTWARE\Caphyon HKLM\SOFTWARE\CBSTEST HKLM\SOFTWARE\Cygnus Solutions HKLM\SOFTWARE\EasyBoot Systems HKLM\SOFTWARE\Fargus HKLM\SOFTWARE\FileZilla 3 HKLM\SOFTWARE\FileZilla Client HKLM\SOFTWARE\GNU HKLM\SOFTWARE\Google HKLM\SOFTWARE\HaaliMkx HKLM\SOFTWARE\Hewlett-Packard HKLM\SOFTWARE\HP HKLM\SOFTWARE\Icaros HKLM\SOFTWARE\ICE HKLM\SOFTWARE\Intel HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\IObit HKLM\SOFTWARE\iTinySoft HKLM\SOFTWARE\JavaSoft HKLM\SOFTWARE\JreMetrics HKLM\SOFTWARE\KasperskyLab HKLM\SOFTWARE\Khronos HKLM\SOFTWARE\KLCodecPack HKLM\SOFTWARE\KoshyJohn.com HKLM\SOFTWARE\LAV HKLM\SOFTWARE\Licenses HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\Malwarebytes' Anti-Malware HKLM\SOFTWARE\mkvtomp4_setup HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\Muzzleflash HKLM\SOFTWARE\nuesearchSoftware HKLM\SOFTWARE\NVIDIA Corporation HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Opera Software HKLM\SOFTWARE\PhotoFiltre Studio HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\Protexis HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\Sagem HKLM\SOFTWARE\Skype HKLM\SOFTWARE\Sony Corporation HKLM\SOFTWARE\Swearware HKLM\SOFTWARE\TechSmith HKLM\SOFTWARE\ThinPrint HKLM\SOFTWARE\Toolrain HKLM\SOFTWARE\URUSoft HKLM\SOFTWARE\VideoLAN HKLM\SOFTWARE\VMware, Inc. HKLM\SOFTWARE\Volatile HKLM\SOFTWARE\WIBU-SYSTEMS HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\WOW6432Node HKLM\SOFTWARE\Yahoo =>.Yahoo! HKCU\SOFTWARE\7-Zip HKCU\SOFTWARE\8.1 HKCU\SOFTWARE\Acelogix HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Alcohol Soft HKCU\SOFTWARE\AnchorFree HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ASProtect HKCU\SOFTWARE\Avast Software HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\Bigasoft HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Boss302 HKCU\SOFTWARE\bunkus.org HKCU\SOFTWARE\Corel HKCU\SOFTWARE\Do The Evolution! - Next Generation HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\EasyBoot Systems HKCU\SOFTWARE\GetData HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GX HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Helmsman HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Lake HKCU\SOFTWARE\Lovelysoft HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\madshi HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\ManiacTools HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\mkvmergeGUI HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Mp3 Audio Editor HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\NVIDIA Corporation HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\PS3 Media Server HKCU\SOFTWARE\PSNStuffX HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Softplicity HKCU\SOFTWARE\Spin2 HKCU\SOFTWARE\StarSynergy HKCU\SOFTWARE\Stdin2 HKCU\SOFTWARE\SWiSHzone.com HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\Toolrain HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\tvp HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\VMware, Inc. HKCU\SOFTWARE\Wget HKCU\SOFTWARE\WinAVI HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\ZXT2007 HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\ThinPrint ---\\ Contents of the Common Files folders (239) - 24s O43 - CFD: 12/07/2015 - [] D -- C:\Program Files\7-Zip O43 - CFD: 08/08/2015 - [] D -- C:\Program Files\Ace Utilities {269524D040C9767291E132952E603D28} O43 - CFD: 20/10/2015 - [] D -- C:\Program Files\Aegisub O43 - CFD: 13/03/2016 - [] D -- C:\Program Files\Alcohol Soft O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Apple Software Update =>.Apple Inc.® O43 - CFD: 07/08/2015 - [] D -- C:\Program Files\Audacity O43 - CFD: 11/10/2015 - [] D -- C:\Program Files\AviSynth 2.5 O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Bigasoft O43 - CFD: 26/10/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\CodeMeter =>.WIBU-SYSTEMS AG® O43 - CFD: 30/06/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 12/07/2015 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 07/11/2015 - [] D -- C:\Program Files\Fargus O43 - CFD: 10/08/2015 - [] D -- C:\Program Files\FileZilla FTP Client O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\GetData O43 - CFD: 12/07/2015 - [] D -- C:\Program Files\Google =>.Google Inc® O43 - CFD: 03/08/2015 - [] D -- C:\Program Files\HP =>.Hewlett Packard® O43 - CFD: 13/06/2016 - [] HD -- C:\Program Files\InstallShield Installation Information =>.Macrovision Corporation® O43 - CFD: 15/07/2015 - [] D -- C:\Program Files\Internet Download Manager O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 30/06/2016 - [] D -- C:\Program Files\IObit =>.IObit Information Technology® O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\iPod =>.Apple Inc.® O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\iTunes =>.Apple Inc.® O43 - CFD: 20/10/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.® O43 - CFD: 28/07/2015 - [] D -- C:\Program Files\K-Lite Codec Pack O43 - CFD: 19/07/2015 - [] D -- C:\Program Files\Karmian O43 - CFD: 10/07/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 28/04/2016 - [] D -- C:\Program Files\Microsoft Games O43 - CFD: 13/07/2015 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 20/09/2015 - [] D -- C:\Program Files\mkvtomp4_setup O43 - CFD: 03/03/2016 - [] D -- C:\Program Files\MKVToolNix =>.Moritz Bunkus® O43 - CFD: 12/12/2015 - [] D -- C:\Program Files\Mp3 Audio Editor O43 - CFD: 13/07/2015 - [] D -- C:\Program Files\mp3Tag Pro 6 O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild O43 - CFD: 28/07/2015 - [] D -- C:\Program Files\NVIDIA Corporation =>.NVIDIA Corporation® O43 - CFD: 06/07/2016 - [] D -- C:\Program Files\Opera =>.Opera Software ASA® O43 - CFD: 12/07/2015 - [] D -- C:\Program Files\PhotoFiltre Studio O43 - CFD: 03/03/2016 - [] D -- C:\Program Files\PS3 Media Server O43 - CFD: 03/02/2016 - [] D -- C:\Program Files\PS3 Theme Builder O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\RAMDisk O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 05/09/2015 - [] D -- C:\Program Files\SAGEM O43 - CFD: 01/03/2016 - [] D -- C:\Program Files\Subtitle Edit O43 - CFD: 22/02/2016 - [] D -- C:\Program Files\TechSmith =>.TechSmith Corporation® O43 - CFD: 29/06/2016 - [] D -- C:\Program Files\Toolrain {22E2A66E63B8CB4EC6989BF7} O43 - CFD: 01/08/2015 - [] D -- C:\Program Files\Total Video Converter O43 - CFD: 12/07/2015 - [] D -- C:\Program Files\TotalAudioConverter {16BBF067D3062B3A7470517F16FB8FE9} O43 - CFD: 17/10/2015 - [] D -- C:\Program Files\UltraISO O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 08/07/2016 - [] D -- C:\Program Files\Unlocker O43 - CFD: 06/07/2016 - [0] D -- C:\Program Files\URUSoft O43 - CFD: 13/07/2015 - [] D -- C:\Program Files\uTorrent =>.BitTorrent Inc® O43 - CFD: 21/07/2015 - [] D -- C:\Program Files\VideoLAN O43 - CFD: 25/01/2016 - [] D -- C:\Program Files\VMware =>.VMware, Inc.® O43 - CFD: 11/10/2015 - [] D -- C:\Program Files\WinAVI O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 12/07/2015 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 20/11/2010 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 12/07/2015 - [] D -- C:\Program Files\WinRAR O43 - CFD: 03/02/2016 - [] D -- C:\Program Files\Xross Media Simulator =>.Microsoft Corporation® O43 - CFD: 10/07/2016 - [] D -- C:\Program Files\ZHPFix O43 - CFD: 12/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip O43 - CFD: 12/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 08/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ace Utilities O43 - CFD: 12/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 28/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8 O43 - CFD: 06/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Empires II - The Conquerors [REPACK] O43 - CFD: 13/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beach Head 2002 O43 - CFD: 26/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 23/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 O43 - CFD: 10/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client O43 - CFD: 12/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 18/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake O43 - CFD: 12/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 28/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 20/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 28/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 19/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Karmian O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 10/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix O43 - CFD: 12/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server O43 - CFD: 03/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Theme Builder O43 - CFD: 03/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 01/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit O43 - CFD: 21/11/2010 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 22/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith O43 - CFD: 12/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Audio Converter O43 - CFD: 17/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO O43 - CFD: 06/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\URUSoft O43 - CFD: 21/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 25/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware O43 - CFD: 12/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 03/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xross Media Simulator O43 - CFD: 10/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP O43 - CFD: 08/10/2015 - [] D -- C:\ProgramData\Adobe O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\AppData O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Apple O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 29/04/2016 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 04/05/2016 - [] D -- C:\ProgramData\Baidu O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 03/08/2015 - [] D -- C:\ProgramData\Hewlett-Packard O43 - CFD: 03/08/2015 - [] D -- C:\ProgramData\HP O43 - CFD: 14/07/2015 - [0] D -- C:\ProgramData\IDM O43 - CFD: 30/06/2016 - [] D -- C:\ProgramData\IObit O43 - CFD: 14/02/2016 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 28/07/2015 - [] D -- C:\ProgramData\LSI O43 - CFD: 30/06/2016 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 16/10/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 28/07/2015 - [] D -- C:\ProgramData\NVIDIA O43 - CFD: 28/07/2015 - [] D -- C:\ProgramData\NVIDIA Corporation O43 - CFD: 20/10/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 01/03/2016 - [] D -- C:\ProgramData\PMS O43 - CFD: 02/07/2016 - [0] D -- C:\ProgramData\ProductData O43 - CFD: 24/08/2015 - [] D -- C:\ProgramData\Protexis O43 - CFD: 22/02/2016 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith O43 - CFD: 16/04/2016 - [] D -- C:\ProgramData\Skype O43 - CFD: 24/08/2015 - [] D -- C:\ProgramData\sMedio O43 - CFD: 05/06/2016 - [0] D -- C:\ProgramData\Sony Corporation O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\Steam O43 - CFD: 27/07/2015 - [] D -- C:\ProgramData\Sun O43 - CFD: 22/02/2016 - [] D -- C:\ProgramData\TechSmith O43 - CFD: 28/07/2015 - [0] D -- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 30/06/2016 - [0] D -- C:\ProgramData\Toolrain O43 - CFD: 10/07/2016 - [] D -- C:\ProgramData\VMware O43 - CFD: 03/08/2015 - [] D -- C:\ProgramData\WEBREG O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Apple O43 - CFD: 17/04/2016 - [] D -- C:\Program Files\Common Files\AV O43 - CFD: 04/05/2016 - [] D -- C:\Program Files\Common Files\Baidu O43 - CFD: 17/10/2015 - [] D -- C:\Program Files\Common Files\EZB Systems O43 - CFD: 03/08/2015 - [] D -- C:\Program Files\Common Files\HP O43 - CFD: 28/07/2015 - [] D -- C:\Program Files\Common Files\IObit O43 - CFD: 20/10/2015 - [] D -- C:\Program Files\Common Files\Java O43 - CFD: 03/02/2016 - [] D -- C:\Program Files\Common Files\microsoft shared O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 22/02/2016 - [] D -- C:\Program Files\Common Files\TechSmith Shared O43 - CFD: 25/01/2016 - [] D -- C:\Program Files\Common Files\VMware O43 - CFD: 08/10/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Adobe O43 - CFD: 11/10/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Aegisub O43 - CFD: 30/07/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Apple Computer O43 - CFD: 18/01/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Audacity O43 - CFD: 04/05/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Baidu O43 - CFD: 14/01/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Bigasoft Total Video Converter 5 O43 - CFD: 13/06/2016 - [0] D -- C:\Users\Yondaime\AppData\Roaming\COWON O43 - CFD: 10/07/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\DMCache O43 - CFD: 17/10/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\FileZilla O43 - CFD: 23/08/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\fontconfig O43 - CFD: 18/01/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\HandBrake O43 - CFD: 17/05/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\HandBrake Team O43 - CFD: 03/08/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\HP O43 - CFD: 12/07/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Identities O43 - CFD: 10/07/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\IDM O43 - CFD: 05/09/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\InstallShield O43 - CFD: 30/06/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\IObit O43 - CFD: 12/04/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Macromedia O43 - CFD: 21/11/2010 - [0] D -- C:\Users\Yondaime\AppData\Roaming\Media Center Programs O43 - CFD: 26/10/2015 - [0] D -- C:\Users\Yondaime\AppData\Roaming\Media Player Classic O43 - CFD: 21/03/2016 - [] SD -- C:\Users\Yondaime\AppData\Roaming\Microsoft O43 - CFD: 08/09/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\mkvtoolnix O43 - CFD: 04/05/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Mozilla O43 - CFD: 12/12/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Mp3 Audio Editor O43 - CFD: 10/07/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\MPC-HC O43 - CFD: 14/01/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\NVIDIA O43 - CFD: 20/07/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Opera Software O43 - CFD: 20/10/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\PMS O43 - CFD: 03/07/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\ProductData O43 - CFD: 16/04/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Skype O43 - CFD: 12/07/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Softplicity O43 - CFD: 01/03/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Subtitle Edit O43 - CFD: 20/10/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Sun O43 - CFD: 10/10/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\TechSmith O43 - CFD: 10/07/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\uTorrent O43 - CFD: 07/07/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\vlc O43 - CFD: 19/05/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\VMware O43 - CFD: 11/10/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\WinAVI O43 - CFD: 12/07/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\WinRAR O43 - CFD: 12/09/2015 - [0] D -- C:\Users\Yondaime\AppData\Roaming\Wise Care 365 O43 - CFD: 10/07/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\ZHP O43 - CFD: 06/07/2016 - [] D -- C:\Users\Yondaime\AppData\Local\ActiveState O43 - CFD: 08/10/2015 - [] D -- C:\Users\Yondaime\AppData\Local\Adobe O43 - CFD: 23/08/2015 - [] D -- C:\Users\Yondaime\AppData\Local\Aegisub O43 - CFD: 30/07/2015 - [] D -- C:\Users\Yondaime\AppData\Local\Apple O43 - CFD: 30/07/2015 - [] D -- C:\Users\Yondaime\AppData\Local\Apple Computer O43 - CFD: 12/07/2015 - [0] SHD -- C:\Users\Yondaime\AppData\Local\Application Data O43 - CFD: 12/07/2015 - [] D -- C:\Users\Yondaime\AppData\Local\Apps O43 - CFD: 03/03/2016 - [] D -- C:\Users\Yondaime\AppData\Local\bunkus.org O43 - CFD: 07/07/2016 - [] D -- C:\Users\Yondaime\AppData\Local\CrashDumps O43 - CFD: 09/04/2016 - [] D -- C:\Users\Yondaime\AppData\Local\Dataram_Corporation O43 - CFD: 07/05/2016 - [0] D -- C:\Users\Yondaime\AppData\Local\Deployment O43 - CFD: 08/05/2016 - [0] D -- C:\Users\Yondaime\AppData\Local\Diagnostics O43 - CFD: 15/11/2015 - [0] D -- C:\Users\Yondaime\AppData\Local\ElevatedDiagnostics O43 - CFD: 10/07/2016 - [] D -- C:\Users\Yondaime\AppData\Local\Google O43 - CFD: 12/07/2015 - [0] SHD -- C:\Users\Yondaime\AppData\Local\History O43 - CFD: 03/08/2015 - [] D -- C:\Users\Yondaime\AppData\Local\HP O43 - CFD: 13/11/2015 - [] D -- C:\Users\Yondaime\AppData\Local\Microsoft O43 - CFD: 20/10/2015 - [] D -- C:\Users\Yondaime\AppData\Local\MPlayer O43 - CFD: 20/07/2015 - [] D -- C:\Users\Yondaime\AppData\Local\Opera Software O43 - CFD: 19/07/2015 - [] D -- C:\Users\Yondaime\AppData\Local\Programs O43 - CFD: 10/04/2016 - [0] D -- C:\Users\Yondaime\AppData\Local\Skype O43 - CFD: 10/10/2015 - [] D -- C:\Users\Yondaime\AppData\Local\TechSmith O43 - CFD: 10/07/2016 - [] D -- C:\Users\Yondaime\AppData\Local\Temp O43 - CFD: 12/07/2015 - [0] SHD -- C:\Users\Yondaime\AppData\Local\Temporary Internet Files O43 - CFD: 29/06/2016 - [] D -- C:\Users\Yondaime\AppData\Local\Toolrain O43 - CFD: 28/04/2016 - [] D -- C:\Users\Yondaime\AppData\Local\VirtualStore O43 - CFD: 19/05/2016 - [] D -- C:\Users\Yondaime\AppData\Local\VMware O43 - CFD: 11/10/2015 - [] D -- C:\Users\Yondaime\AppData\Local\WinAVI O43 - CFD: 19/07/2015 - [0] D -- C:\Users\Yondaime\AppData\Local\Programs\Common O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 08/08/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Utilities O43 - CFD: 12/07/2015 - [] RD -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 14/01/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bigasoft O43 - CFD: 06/05/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 12/07/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 12/12/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mp3 Audio Editor O43 - CFD: 12/07/2015 - [] RD -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 08/07/2016 - [] D -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker O43 - CFD: 11/10/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVI All-in-One Converter O43 - CFD: 12/07/2015 - [] D -- C:\Users\Yondaime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 07/05/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Apps O43 - CFD: 29/06/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashDumps O43 - CFD: 12/07/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft ---\\ ShellIconOverlayIdentifiers (SIOI) (4) - 1s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: IDM Shell Extension [IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.® O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ System Drivers List (77) - 11s O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] =>.Microsoft Windows® O58 - SDL:2010/11/20 21:29:03 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] =>.Microsoft Windows® O58 - SDL:2010/11/20 21:29:03 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] =>.Microsoft Windows® O58 - SDL:2016/04/17 15:41:14 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [294816] =>.AVAST Software a.s.® O58 - SDL:2015/07/28 02:07:22 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [414488] =>.Broadcom Corporation® O58 - SDL:2009/07/13 22:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] =>.Brother Industries, Ltd. O58 - SDL:2009/07/13 22:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] =>.Brother Industries, Ltd. O58 - SDL:2009/07/14 00:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 22:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 22:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 22:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 22:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] =>.Broadcom Corporation O58 - SDL:2009/07/14 01:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] =>.Microsoft Windows® O58 - SDL:2009/07/13 22:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] =>.Broadcom Corporation O58 - SDL:2015/07/30 19:46:38 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [44664] =>.VMware, Inc.® O58 - SDL:2009/07/13 22:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] =>.Hauppauge Computer Works, Inc. O58 - SDL:2009/07/14 01:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] =>.Microsoft Windows® O58 - SDL:2015/07/28 01:56:13 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX® O58 - SDL:2010/11/20 21:29:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160] =>.Microsoft Windows® O58 - SDL:2015/05/20 12:55:54 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [123968] =>.Tonec Inc.® O58 - SDL:2009/07/14 01:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] =>.Microsoft Windows® O58 - SDL:2015/07/28 02:08:56 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [110160] =>.LSI Corporation® O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:08:52 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [24448] =>.Malwarebytes Corporation® O58 - SDL:2016/03/10 14:08:56 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [126336] =>.Malwarebytes Corporation® O58 - SDL:2016/07/10 19:19:53 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [170200] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:09:04 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [53120] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 01:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] =>.Microsoft Windows® O58 - SDL:2015/07/28 02:06:27 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [10702024] =>.NVIDIA Corporation® O58 - SDL:2010/11/20 21:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120] =>.Microsoft Windows® O58 - SDL:2010/11/20 21:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/14 01:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] =>.Microsoft Windows® O58 - SDL:2016/03/13 23:22:29 A . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\drivers\sptd.sys [324152] =>.Disc Soft Ltd® O58 - SDL:2009/07/14 01:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] =>.Microsoft Windows® O58 - SDL:2015/06/10 23:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056] =>.Apple, Inc. O58 - SDL:2009/07/14 01:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] =>.Microsoft Windows® O58 - SDL:2013/10/08 18:20:50 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [71888] =>.VMware, Inc.® O58 - SDL:2013/10/18 12:44:58 A . (.VMware, Inc. - VMware virtual network driver (32-bit).) -- C:\Windows\System32\drivers\vmnet.sys [20048] =>.VMware, Inc.® O58 - SDL:2013/10/18 12:44:58 A . (.VMware, Inc. - VMware virtual network adapter driver (32-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [17104] =>.VMware, Inc.® O58 - SDL:2013/10/18 12:44:58 A . (.VMware, Inc. - VMware bridge driver (32-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [37456] =>.VMware, Inc.® O58 - SDL:2013/10/18 12:46:18 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [26192] =>.VMware, Inc.® O58 - SDL:2013/10/18 12:45:46 A . (.VMware, Inc. - VMware parallel port driver.) -- C:\Windows\System32\drivers\vmparport.sys [24272] =>.VMware, Inc.® O58 - SDL:2013/10/18 12:46:16 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [65488] =>.VMware, Inc.® O58 - SDL:2009/07/14 01:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] =>.Microsoft Windows® O58 - SDL:2013/10/08 18:20:56 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\drivers\vsock.sys [63824] =>.VMware, Inc.® O58 - SDL:2013/02/22 03:28:26 A . (.VMware, Inc. - VMware Virtual Storage Volume Driver.) -- C:\Windows\System32\drivers\vstor2-mntapi20-shared.sys [23632] =>.VMware, Inc.® O58 - SDL:2009/07/13 21:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:2009/07/13 21:40:44 A . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:2009/07/13 21:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:2009/07/13 21:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:2009/07/13 21:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:2009/07/13 21:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:2009/07/13 21:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:2009/07/13 21:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:2009/07/13 21:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:2009/07/13 21:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:2009/07/13 21:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:2009/07/13 21:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:2009/07/13 21:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:2009/07/13 21:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:2009/07/13 21:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672] ---\\ File Associations Shell Spawning (11) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (...) -- C:\Program Files\Toolrain\Application\chrome.exe ---\\ Start Menu Internet (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe =>.Opera Software ASA® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software ---\\ Search Browser Infection (1) - 0s O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Search Svchost Services (34) - 0s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [593408] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [674304] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [473600] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [286208] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [49664] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [242176] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [521216] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1973728] =>.Microsoft Windows Component Publisher® O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [585728] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [328192] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [499712] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [21504] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [47104] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [114688] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [49664] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [61440] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [750592] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [113664] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [102400] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [37376] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [76800] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [149504] =>.Microsoft Corporation O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\Windows\System32\mspmsnsv.dll [52224] =>.Microsoft Corporation ---\\ Firewall Active Exception List (2) - 1s O87 - FAEL: "TCP Query User{77575826-2481-432A-B5BA-2AB86F7D4C17}C:\users\yondaime\desktop\idpstealer.exe" [In-None-P6-TRUE] .(...) -- C:\users\yondaime\desktop\idpstealer.exe O87 - FAEL: "UDP Query User{119C6E89-8808-4A41-8782-5A827BD839F3}C:\users\yondaime\desktop\idpstealer.exe" [In-None-P17-TRUE] .(...) -- C:\users\yondaime\desktop\idpstealer.exe ---\\ Additional Scan (O88) (1) - 0s ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (1) - 0s http://www.nicolascoolman.fr/?p=1062 =>PUP.Optional.VirtualGirl ~ End of the scan, 15130 items in 00h01mn48s (913)(0)