~ Report of ZHPDiag v2015.5.2.45 - Nicolas Coolman (02-May-15) ~ Launched by Toshiba (04-May-15 1:39:31 PM) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Web forum address : http://forum.nicolascoolman.fr ~ Translated by ~ Version State : Updated version. ~ White List : Deactivate by user ~ Elevation of privilege : OK ~ User Account Control : ---\\ Internet browsers MSIE: Internet Explorer v8.0.7600.16385 GCIE: Google Chrome v34.0.1847.116 (Defaut) OBIE: Safari v5.34.51.22 ---\\ Windows product information ~ Langage: Anglais Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : W8DQG Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 7 Home Premium, 64-bit (Build 7600) ---\\ System protection software AVG 2014 v14.0.4336 Malwarebytes Anti-Malware version 2.1.6.1022 McAfee Security Scan Plus v3.8.150.1 Windows Defender W7 (Activate) ---\\ System optimization software ---\\ Sharing software PeerToPeer µTorrent v3.1.3 =>P2P.µTorrent ---\\ Surveillance software Adobe Flash Player 17 NPAPI Adobe Reader 9.3.4 ---\\ Information on the system ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3893.9 MB (44% free) System Restore: Activé (Enable) System drive C: has 213 GB (46%) free of 453 GB ---\\ Connection to the system mode ~ Computer Name: TOSHIBA-PC ~ User Name: Toshiba ~ All Users Names: Toshiba, HomeGroupUser$, Guest, Administrator, ~ Unselected Option: None Logged in as Administrator ---\\ Environment variables ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Toshiba\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Toshiba\AppData\Roaming\ ~ %Desktop% : C:\Users\Toshiba\Desktop\ ~ %Favorites% : C:\Users\Toshiba\Favorites\ ~ %LocalAppData% : C:\Users\Toshiba\AppData\Local\ ~ %StartMenu% : C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumeration of the disk units C: Hard drive, Flash drive, Thumb drive (Free 213 Go of 453 Go) D: CD-ROM drive (Not Inserted) F: CD-ROM drive (Not Inserted) ---\\ State of the Windows Security Center [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 49 Scanned in 00mn AMs ---\\ Search Generic System Files [MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26-Feb-11 - 9:23:14 AM.) -- C:\Windows\Explorer.exe [2870272] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14-Jul-09 - 4:39:52 AM.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.CB8E57622E5966A87D4D9859D4F12D8D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20-Aug-11 - 8:45:20 AM.) -- C:\Windows\System32\wininet.dll [1197568] [MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28-Oct-09 - 9:24:40 AM.) -- C:\Windows\System32\Winlogon.exe [389632] [MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14-Jul-09 - 4:41:54 AM.) -- C:\Windows\System32\sppcomapi.dll [231936] [MD5.6EF20DDF3172E97D69F596FB90602F29] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25-Apr-11 - 5:44:02 AM.) -- C:\Windows\system32\Drivers\AFD.sys [499712] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14-Jul-09 - 4:52:21 AM.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14-Jul-09 - 2:19:47 AM.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14-Jul-09 - 2:19:54 AM.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27-Apr-11 - 5:57:40 AM.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14-Jul-09 - 3:06:13 AM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14-Jul-09 - 2:19:57 AM.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14-Jul-09 - 3:10:03 AM.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04-May-11 - 5:51:08 AM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696] [MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14-Jul-09 - 2:21:29 AM.) -- C:\Windows\system32\Drivers\netBT.sys [259072] [MD5.378E0E0DFEA67D98AE6EA53ADBBD76BC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11-Mar-11 - 9:23:06 AM.) -- C:\Windows\system32\Drivers\ntfs.sys [1657216] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14-Jul-09 - 3:00:41 AM.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14-Jul-09 - 3:10:12 AM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14-Jul-09 - 3:09:09 AM.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14-Jul-09 - 2:21:15 AM.) -- C:\Windows\system32\Drivers\tdx.sys [99840] [MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14-Jul-09 - 4:45:55 AM.) -- C:\Windows\system32\Drivers\volsnap.sys [294992] ~ Generic Processes: Scanned in 01mn AMs ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 2/765 ~ Mes musiques (My Musics) : 44/269 ~ Mes Videos (My Videos) : 2/463 ~ Mes Favoris (My Favorites) : 1/169 ~ Mes Documents (My Documents) : 5/4533 ~ Mon Bureau (My Desktop) : 7/5431 ~ Menu demarrer (Programs) : 1/64 ~ Hidden Files: Scanned in 18mn AMs ---\\ Process running [MD5.2F86BE1818C2D7AC90478E3323EE7FCB] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe [126392] [PID.1960] [MD5.7E212E742BF06BF678AE35E9C1B74B8F] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6212920] [PID.2172] [MD5.6DCFADDA4F2A6D3396D13F0554D672E8] - (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584] [PID.3496] [MD5.BE99918C2211431C6424EFFD087FD9C7] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [107848] [PID.2256] [MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.3120] [MD5.96B182BCB95057D4C7B8E25811BF6D2A] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192] [PID.3920] [MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.4012] [MD5.83166BFFA8C4BBAC4413F47C865CC8EE] - (.Microsoft Corporation - Outil de notification de cadeaux MSN.) -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Outil de notification de cadeaux MSN\msnotif.exe [183096] [PID.1256] [MD5.CAA71374014DA23AF7E10F15EA975BDF] - (.Ulead Systems, Inc. - AutoDetector.) -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe [90112] [PID.4692] [MD5.6AFD3970A41F48306874DB23991A4955] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152] [PID.4496] [MD5.69CA41D417872BE2E653AE988F8AB213] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files (x86)\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe [1671168] [PID.5028] [MD5.89CBD69B5108E5BE779808C42A95DC9B] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296520] [PID.4220] [MD5.2EBBBFC120593C683796092F2DDA0EFC] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.4300] [MD5.C06C9EC74A0971A31A40723432201C86] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8206336] [PID.3400] [MD5.28DDEEEC44E988657B732CF404D504CB] - (.Microsoft Corporation - Windows Live Family Safety Service.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1492840] [PID.1484] [MD5.5CB01FD5AA4885BC4811433B54393AF2] - (...) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344] [PID.1624] [MD5.DBC1136A62BD4DECC3632DF650284C2E] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1676] [MD5.516E29AD03BDF610CC36A95AE692FE42] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1712] [MD5.2B983F067AEE3F9EB4DF5E97F45D21D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120] [PID.1816] [MD5.F5C8935F85EE5C1520FDB348299CB673] - (.Symantec Corporation - Norton PC Checkup Launcher Service.) -- C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe [115056] [PID.1848] [MD5.AE94B24C702EFF95A8AC89C2D989B0AE] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568] [PID.2004] [MD5.79D99CA9DBD21DBE9CA0C4ACB4BAD419] - (.RealNetworks, Inc. - RealPlayer Cloud Service.) -- c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848] [PID.2180] [MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [PID.2256] [MD5.2FB41F4528D8D049A8C56B3E1A0F5BDE] - (...) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552] [PID.2312] [MD5.C3BB6CF8F9EE199005A2AAE2815AD756] - (.Nokia - ServiceLayer Module.) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [724376] [PID.6044] [MD5.7466809E6DA561D60C2F1CE8EDE3C73F] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.5036] [MD5.CE565CA700A87863DC792163E2942628] - (.Nokia - Serial Media Server.) -- C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe [126872] [PID.6076] ~ Processes Running: Scanned in 03mn AMs ---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None G0 - GCSP: Preference [User Data\Default][StartupURLs] http://w/", "http://www.searchnu.com/406?appid=679", "http://mysearch.avg.com?cid={4DD358B0-7E13-41DF-9779-A201AF728A36}&mid=a8f883d1e1ae47d2a2f552be1518f93d-530b462aa44ec37e692164372cabb53e4c64ea4d&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-21 18:12:03&v=17.3.1.91&pid=safeguard&sg=&sap=hp", "http://w/|http://www.searchnu.com/406?appid={4DD358B0-7E13-41DF-9779-A201AF728A36}&mid=a8f883d1e1ae47d2a2f552be1518f93d-530b462aa44ec37e692164372cabb53e4c64ea4d&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-21 18:12:03&v=18.0.5.292&pid=safeguard&sg=&sap=hp =>Adware.Bandoo G2 - GCE: Preference [User Data\Default] [afpbjjgbdimpioenaedcjgkaigggcdpp] Quick QR v.3.0 (Désactivé) G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.7 (Désactivé) G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] Adblock Plus v.1.8.12, (Activé) G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v.0.0.0.30 (Désactivé) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [gcbommkclmclpchllfjekcdonpmejbdp] HTTPS Everywhere v.2015.4.23 (Désactivé) G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] BetaFish Adblocker v.2.29, (Désactivé) G2 - GCE: Preference [User Data\Default] [gkojfkhlekighikafcpjkiklfbnlmeio] Hola Internet en mieux v.1.7.608, (Désactivé) G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealPlayer Downloader v.17.0.11 (Désactivé) G2 - GCE: Preference [User Data\Default] [kpemkngoajegcbamebdmnkjoalpofpbj] Soccer Manager Worlds v.1.1.7 (Désactivé) G2 - GCE: Preference [User Data\Default] [kpifmiaadiihnkolggaepacodfmgceki] Windows Live Messenger Extension v.1.3, (Désactivé) G2 - GCE: Preference [User Data\Default] [lfmhcpmkbdkbgbmkjoiopeeegenkdikp] FVD Video Downloader v.6.6.4, (Désactivé) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ncejpbbbeeeeepkjcbcdmjfdkdoookdj] Dailymotion Publish it! v.0.1.2, (Désactivé) G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.1.0.0 (Activé) G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [pfhikcfgfncdkibkdglohjoceajhokkm] Facebook Stylist v.1.9.0 (Désactivé) G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.8.1 (Désactivé) ---\\ Google Chrome Extension Folder G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\afpbjjgbdimpioenaedcjgkaigggcdpp [Quick QR] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [Adblock Plus] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Recherche Google] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [HTTPS Everywhere] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [BetaFish Adblocker] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [RealPlayer Downloader] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpemkngoajegcbamebdmnkjoalpofpbj [Soccer Manager Worlds] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki [Windows Live Messenger Extension] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [FVD Video Downloader] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncejpbbbeeeeepkjcbcdmjfdkdoookdj [Dailymotion Publish it!] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhikcfgfncdkibkdglohjoceajhokkm [Facebook Stylist] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [__MSG_name__] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [__MSG_about_ext_name__] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpifmiaadiihnkolggaepacodfmgceki [__MSG_extName__] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__] G2 - EXT: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__] ~ Google Lines Browser: 69 Scanned in 04mn AMs ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js M0 - MFSP: prefs.js [Toshiba - 0] http://mysearch.avg.com M0 - MFSP: prefs.js [Toshiba - 0] http://www.searchlatin.com P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\Toshiba\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 3.19.1.13088.) -- C:\Users\Toshiba\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 3.19.1.13088.) -- C:\Users\Toshiba\AppData\Roaming\Mozilla\plugins\npo1d.dll P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.No owner - Google Talk Plugin Video Accelerator version:0.1.44.28.) -- C:\Users\Toshiba\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Toshiba\AppData\Local\Google\Update\1.3.26.7\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Toshiba\AppData\Local\Google\Update\1.3.26.7\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 2.6.1f3.) -- C:\Users\Toshiba\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll P2 - FPN: [HKCU] [facebook.com/fbDesktopPlugin] - (.Facebook, Inc. - Facebook Desktop Plugin.) -- C:\Users\Toshiba\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll ~ Firefox Browser: 12 Scanned in 00mn AMs ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll R3 - URLSearchHook: (no name) [64Bits] - {37483b40-c254-4a72-bda4-22ee90182c1e} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 ~ IE Browser: 24 Scanned in 00mn AMs ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn AMs ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn AMs ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (0) ~ Hosts File: Scanned in 00mn AMs ---\\ Internet Explorer toolbars (O3) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Orphan key O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Orphan key ~ Toolbar: Scanned in 00mn AMs ---\\ Other User Links (O4) O4 - GS\QuickLaunch [Toshiba]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Global Startup: 1 Scanned in 13mn AMs ---\\ Auto loading programs from Registry and folders (O4) O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.exe (.not file.) O4 - HKLM\..\Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe (.not file.) O4 - HKLM\..\Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe (.not file.) O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe (.not file.) O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.) O4 - HKLM\..\Run: [Teco] C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe (.not file.) O4 - HKLM\..\Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.) O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe =>.Toshiba Corporation O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - No Comment.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe O4 - HKLM\..\Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe (.not file.) O4 - HKLM\..\Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (.not file.) O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe O4 - HKLM\..\Run: [SmartAudio] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe O4 - HKCU\..\Run: [CDFO] rundll32 O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O4 - HKCU\..\Run: [Chatango] . (.Pear Media, LLC - Chatango MessageCatcher.) -- C:\Program Files (x86)\Chatango\Chatango.exe O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe O4 - HKCU\..\Run: [AIM for Windows] . (.AOL Inc. - AIM for Windows.) -- C:\Users\Toshiba\AppData\Local\AOL\AIM\aim.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [ChrisPC Proxy] . (.Chris P.C. srl - ChrisPC Anonymous Proxy.) -- C:\Program Files (x86)\ChrisPC Free Anonymous Proxy2\ChrisPC Proxy.exe O4 - HKLM\..\Wow6432Node\Run: [ToshibaAppPlace] . (.Toshiba - Toshiba App Place.) -- C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe =>.Toshiba Corporation O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - No Comment.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Toshiba - Toshiba Online Backup Service.) -- C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [tvncontrol] C:\Program Files (x86)\ShowMyPCService\tvnserver.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [Ulead AutoDetector v2] . (.Ulead Systems, Inc. - AutoDetector.) -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe O4 - HKLM\..\Wow6432Node\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Wow6432Node\Run: [D-Link D-Link Wireless 108G DWA-520] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files (x86)\D-Link\D-Link Wireless 108G DWA-520\AirPlusCFG.exe O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files (x86)\real\realplayer\Update\realsched.exe =>.RealNetworks, Inc O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [CDFO] rundll32 O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [Chatango] . (.Pear Media, LLC - Chatango MessageCatcher.) -- C:\Program Files (x86)\Chatango\Chatango.exe O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [AIM for Windows] . (.AOL Inc. - AIM for Windows.) -- C:\Users\Toshiba\AppData\Local\AOL\AIM\aim.exe O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-3408865485-1183006455-988457891-1000\..\Run: [ChrisPC Proxy] . (.Chris P.C. srl - ChrisPC Anonymous Proxy.) -- C:\Program Files (x86)\ChrisPC Free Anonymous Proxy2\ChrisPC Proxy.exe ~ Application: Scanned in 03mn AMs ---\\ IE Options icon not visible in Control Panel (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn AMs ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\windows\system32\napinsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\windows\system32\pnrpnsp.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation ~ Winsock: 9 Scanned in 00mn AMs ---\\ Lop.com/Domain Hijackers (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{1720999D-74BF-4BFD-9284-99A8E5624576}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{8F885F0C-A8B5-4422-9451-DD332A3A16A8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{1720999D-74BF-4BFD-9284-99A8E5624576}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{8F885F0C-A8B5-4422-9451-DD332A3A16A8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{1720999D-74BF-4BFD-9284-99A8E5624576}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{8F885F0C-A8B5-4422-9451-DD332A3A16A8}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn AMs ---\\ Extra protocols (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn AMs ---\\ AppInit_DLLs Registry value Autorun (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn AMs ---\\ ShellServiceObjectDelayLoad (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn AMs ---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) . (.Protection Technology - Application Driver Auto Removal Service (01.) - C:\Windows\System32\appdrvrem01.exe O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: C:\windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\windows\system32\CxAudMsg64.exe O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Toshiba Laptop Checkup Application Launcher (Norton PC Checkup Application Launcher) . (.Symantec Corporation - Norton PC Checkup Launcher Service.) - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe O23 - Service: Common Client Job Manager Service (PCCUJobMgr) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc. - RealPlayer Cloud Service.) - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe =>.Toshiba Corporation O23 - Service: TightVNC Server (tvnserver) . (...) - C:\Program Files (x86)\ShowMyPCService\tvnserver.exe (.not file.) O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: (vToolbarUpdater18.3.0) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch ~ Services: 18 Scanned in 23mn AMs ---\\ Windows Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn AMs ---\\ BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn AMs ---\\ Task Planned Automatically (039) [MD5.00000000000000000000000000000000] [APT] [0215tb_RML] (...) -- C:\Program Files (x86)\AVG SafeGuard toolbar\AVG-Secure-Search-Update_0215tb.exe (.not file.) [0] =>Toolbar.AVGSearch [MD5.080255CDCB878813B481B8C348D47D8E] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [267440] [MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core] (.Facebook Inc..) -- C:\Users\Toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [MD5.9EB925EDC8CF1C3D06E50E9348B54A0A] [APT] [FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA] (.Facebook Inc..) -- C:\Users\Toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176] [MD5.BE99918C2211431C6424EFFD087FD9C7] [APT] [GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core] (.Google Inc..) -- C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [107848] [MD5.BE99918C2211431C6424EFFD087FD9C7] [APT] [GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA] (.Google Inc..) -- C:\Users\Toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [107848] [MD5.D41D8CD98F00B204E9800998ECF8427E] [APT] [MyDefrag v4.3.1 Daily] (...) -- C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD" [5663] [MD5.D41D8CD98F00B204E9800998ECF8427E] [APT] [MyDefrag v4.3.1 Monthly] (...) -- C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD" [5626] [MD5.2D08AC1443FFA7FBED9A5EA5FD49AEB3] [APT] [Open Chrome] (.Google Inc..) -- C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe [1242728] [MD5.89B816740FF3A5DB0AAC76CC67EB37E6] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-3408865485-1183006455-988457891-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [368728] [MD5.34A1EA3666F9FF0D097A75A476DD5E04] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-3408865485-1183006455-988457891-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [147016] [MD5.34A1EA3666F9FF0D097A75A476DD5E04] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3408865485-1183006455-988457891-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [147016] [MD5.A2530419BF7607A13698A6D07F89550B] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-3408865485-1183006455-988457891-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [141312] [MD5.A2530419BF7607A13698A6D07F89550B] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-3408865485-1183006455-988457891-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [141312] [MD5.A2530419BF7607A13698A6D07F89550B] [APT] [RealUpgradeLogonTaskS-1-5-21-3408865485-1183006455-988457891-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [141312] [MD5.A2530419BF7607A13698A6D07F89550B] [APT] [RealUpgradeScheduledTaskS-1-5-21-3408865485-1183006455-988457891-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [141312] [MD5.EE006D038C0E6D90F609B3ABA62D7F3F] [APT] [{691B363C-1472-4025-AD25-4A00DAB67437}] (.Apple Inc..) -- c:\program files (x86)\safari\safari.exe [2388848] [MD5.00000000000000000000000000000000] [APT] [{6A1FD1C5-34B2-4FDA-8BED-C33361A43FE7}] (...) -- C:\Users\Toshiba\Downloads\aresregular216_installer (1).exe (.not file.) [0] [MD5.2D08AC1443FFA7FBED9A5EA5FD49AEB3] [APT] [{A1214B8D-9D5A-46E2-AD3D-273196C5E1BC}] (.Google Inc..) -- c:\users\Toshiba\appdata\local\google\chrome\application\chrome.exe [1242728] [MD5.00000000000000000000000000000000] [APT] [{A3DBA4EE-8DE0-415C-8A7A-49B75BBCA032}] (...) -- C:\Users\Toshiba\Desktop\Photo883.exe (.not file.) [0] [MD5.ABC9883331FEA3B3A86C8B48BFD2CF66] [APT] [{A6A55777-3229-4EA9-A1F2-DCD18F839715}] (...) -- C:\Users\Toshiba\Downloads\aresregular216_installer.exe [2512861] [MD5.00000000000000000000000000000000] [APT] [{BCECCFAF-FF0F-4D0D-BCAF-EFE8FD97D0B9}] (...) -- C:\Users\Toshiba\Desktop\Photo883.exe (.not file.) [0] [MD5.2EBBBFC120593C683796092F2DDA0EFC] [APT] [{E32AAF8E-210B-4105-BCEF-FCD602673E00}] (.Google Inc..) -- c:\program files (x86)\google\chrome\application\chrome.exe [841032] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] [MD5.B7085E95B5EA1D2FB8CFEC7AA3791433] [APT] [disketchDowngrade] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\Disketch\disketch.exe [726020] [MD5.B7085E95B5EA1D2FB8CFEC7AA3791433] [APT] [disketchShakeIcon] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\Disketch\Disketch.exe [726020] [MD5.22151B49A02D3417AED858FE2E24AA7E] [APT] [doxillionShakeIcon] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\Doxillion\Doxillion.exe [999940] [MD5.48F342E15F5F644C43C079E093627EA8] [APT] [expressburnDowngrade] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe [1526276] [MD5.48F342E15F5F644C43C079E093627EA8] [APT] [expressburnShakeIcon] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\ExpressBurn\ExpressBurn.exe [1526276] [MD5.34C7FFFAB88A2EE744143D841D9384B5] [APT] [photopadShakeIcon] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\PhotoPad\PhotoPad.exe [1128964] [MD5.EDAD9F0D17ADBA1EF442CAFEB60E1F12] [APT] [photostageDowngrade] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\PhotoStage\PhotoStage.exe [3474948] [MD5.EDAD9F0D17ADBA1EF442CAFEB60E1F12] [APT] [photostageShakeIcon] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\PhotoStage\PhotoStage.exe [3474948] [MD5.6AAFD188C666282EA76326BA497373E5] [APT] [pixillionShakeIcon] (.NCH Software.) -- C:\Program Files (x86)\NCH Software\Pixillion\Pixillion.exe [916484] O39 - APT: 0215tb_RML - (...) -- C:\Windows\Tasks\0215tb_RML.job [368] O39 - APT: 0215tb_RML - (...) -- C:\Windows\System32\Tasks\0215tb_RML [368] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core.job [914] O39 - APT: FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core [914] O39 - APT: FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA.job [936] O39 - APT: FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA [936] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1078] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1078] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1082] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1082] O39 - APT: GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core.job [864] O39 - APT: GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000Core [864] O39 - APT: GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA.job [916] O39 - APT: GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3408865485-1183006455-988457891-1000UA [916] O39 - APT: Open Chrome - (.Google Inc..) -- C:\Windows\Tasks\Open Chrome.job [386] O39 - APT: Open Chrome - (.Google Inc..) -- C:\Windows\System32\Tasks\Open Chrome [386] ~ Scheduled Task: 45 Scanned in 41mn AMs ---\\ ActiveSetup Installed Components (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 10 Scanned in 00mn AMs ---\\ Drivers launched at startup (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (appdrv01) . (.Protection Technology - Application Driver (01).) - C:\Windows\System32\Drivers\appdrv01.sys O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys O41 - Driver: (HssDRV6) . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) - C:\Windows\System32\DRIVERS\hssdrv6.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Drivers: 72 Scanned in 01mn AMs ---\\ Software installed (O42) O42 - Logiciel: 18 Wheels of Steel - American Long Haul - (.WildTangent.) [HKLM][64Bits] -- WTA-612d3971-92af-4c04-9c4b-0f4a9b8f98b5 =>.WildTangent O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM][64Bits] -- 7-Zip O42 - Logiciel: AIM for Windows - (.AOL Inc..) [HKCU][64Bits] -- AIM O42 - Logiciel: ANIWZCS2 Service - (...) [HKLM][64Bits] -- {4C590030-7469-453E-8589-D15DA9D03F52} O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- AVG O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- {4D0C0C5B-9D7F-4391-BDBA-602B75EF7C43} O42 - Logiciel: AVG 2014 - (.AVG Technologies.) [HKLM][64Bits] -- {E1A9DC0F-CF86-4570-A270-591A83C5B22C} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {ACEB2BAF-96DF-48FD-ADD5-43842D4C443D} O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- {3521BDBD-D453-5D9F-AA55-44B75D214629} O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.downloadassistant.AdobeDownloadAssistant O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E1845F1C-068C-F8F4-D31D-D3540D47C453} O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Adobe Photoshop CS5.1 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {9158FF30-78D7-40EF-B83E-451AC5334640} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Reader 9.3.4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-A93000000001} O42 - Logiciel: Airstrike 2 - Gulf Thunder - (.WildTangent.) [HKLM][64Bits] -- WTA-80ba27d4-9d26-4418-97d5-a6e39e989c1c =>.WildTangent O42 - Logiciel: Amazon Kindle - (.Amazon.) [HKCU][64Bits] -- Amazon Kindle O42 - Logiciel: Amazon Links - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {3135D885-9D9A-4B4D-8D45-9DB05DA115CA} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {A83279FD-CA4B-4206-9535-90974DE76654} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Aquitania - (.WildTangent.) [HKLM][64Bits] -- WTA-87515cea-259f-4e52-b2dd-a908b4128beb =>.WildTangent O42 - Logiciel: Ares 2.1.6 - (.Ares Development Group.) [HKLM][64Bits] -- Ares O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: Audacity 1.2.6 - (...) [HKLM][64Bits] -- Audacity_is1 O42 - Logiciel: Beach Party Craze - (.WildTangent.) [HKLM][64Bits] -- WTA-37287bdd-83f4-4b1b-964e-1d5547ffaf9d =>.WildTangent O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088682 =>.WildTangent O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {449CE12D-E2C7-4B97-B19E-55D163EA9435} =>Toolbar.Bing O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Cake Mania - Lights, Camera, Action!(TM) - (.WildTangent.) [HKLM][64Bits] -- WT089366 =>.WildTangent O42 - Logiciel: Candy Land Dora - (.WildTangent.) [HKLM][64Bits] -- WTA-e1383bfd-54ed-4fd9-9924-a79c7fc9edb1 =>.WildTangent O42 - Logiciel: Chatango Message Catcher - (...) [HKLM][64Bits] -- Chatango O42 - Logiciel: ChrisPC Free Anonymous Proxy 5.85 - (.Chris P.C. srl.) [HKLM][64Bits] -- {6006089C-84B5-4F18-8113-D96792AED0DE}_is1 O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT088696 =>.WildTangent O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA O42 - Logiciel: D-Link Wireless 108G DWA-520 - (.D-Link.) [HKLM][64Bits] -- {203F2CCE-3A3D-415F-B8DC-03AAD058D6CF} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd O42 - Logiciel: Database Editor - (.Acid.) [HKLM][64Bits] -- {EC37044B-6276-4612-8AB9-FA74855E46AE} O42 - Logiciel: Disketch CD Label Software - (.NCH Software.) [HKLM][64Bits] -- Disketch O42 - Logiciel: Dora Saves the Snow Princess - (.WildTangent.) [HKLM][64Bits] -- WTA-5a5aff50-474c-453f-a824-1a608be18d2c =>.WildTangent O42 - Logiciel: Doxillion Document Converter - (.NCH Software.) [HKLM][64Bits] -- Doxillion O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox O42 - Logiciel: Express Burn Disc Burning Software - (.NCH Software.) [HKLM][64Bits] -- ExpressBurn O42 - Logiciel: Express Dictate - (.NCH Software.) [HKLM][64Bits] -- Express O42 - Logiciel: F1 Racing - (.MyPlayCity, Inc..) [HKLM][64Bits] -- F1 Racing_is1 O42 - Logiciel: FATE - The Traitor Soul - (.WildTangent.) [HKLM][64Bits] -- WT089368 =>.WildTangent O42 - Logiciel: FORMULA1 ORGANIZER DELUXE (S) - (.PRIMASOFT PC, INC..) [HKLM][64Bits] -- {229EF2B5-4D8E-4B4B-8A43-D54F722E045F} O42 - Logiciel: Facebook Messenger 2.1.4814.0 - (.Facebook.) [HKLM][64Bits] -- {7204BDEE-1A48-4D95-A964-44A9250B439E} O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} O42 - Logiciel: FoxTab Video Converter - (...) [HKCU][64Bits] -- FoxTab Video Converter O42 - Logiciel: Free YouTube to MP3 Converter version 3.10.11.923 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free YouTube to MP3 Converter_is1 O42 - Logiciel: GIMP 2.8.0 - (.The GIMP Team.) [HKLM][64Bits] -- GIMP-2_is1 O42 - Logiciel: GameSpy Arcade - (...) [HKLM][64Bits] -- GameSpy Arcade O42 - Logiciel: Golf Adventure Galaxy - (.WildTangent.) [HKLM][64Bits] -- WTA-98baa64d-a1ac-481b-ac66-506b3a1d375b =>.WildTangent O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {33286280-8617-11E1-8FF6-B8AC6F97B88E} =>.Google Inc O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {91B9368F-6C6F-3DB5-9CBA-6CAD56035B26} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Governor of Poker 2 Premium Edition - (.WildTangent.) [HKLM][64Bits] -- WT089386 =>.WildTangent O42 - Logiciel: Hide IP Platinum 3.5 - (.Volcano Force.) [HKLM][64Bits] -- Hide IP Platinum_is1 O42 - Logiciel: Hotspot Shield 3.42 - (.AnchorFree Inc..) [HKLM][64Bits] -- HotspotShield O42 - Logiciel: Icy Spell - (.WildTangent.) [HKLM][64Bits] -- WTA-ff606d5f-da4e-402e-ae46-d668cc36b881 =>.WildTangent O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Java(TM) 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF} O42 - Logiciel: Jewel Quest - Heritage - (.WildTangent.) [HKLM][64Bits] -- WT088750 =>.WildTangent O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: KaraFun Player - (.Recisio.) [HKLM][64Bits] -- KaraFun Player_is1 O42 - Logiciel: Label@Once 1.0 - (.Corel.) [HKLM][64Bits] -- {0D795777-9D60-4692-8386-F2B3F2B5E5BF} O42 - Logiciel: MSVC90_x64 - (.Nokia.) [HKLM][64Bits] -- {AB071C8B-873C-459F-ACA9-9EBE03C3E89B} O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM][64Bits] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {50816F92-1652-4A7C-B9BC-48F682742C4B} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: MotoGP2 Demo - (.THQ.) [HKLM][64Bits] -- MotoGP2 Demo_is1 O42 - Logiciel: MyDefrag v4.3.1 - (.J.C. Kessels.) [HKLM][64Bits] -- MyDefrag v4.3.1_is1 O42 - Logiciel: Mystery P.I. - Lost in Los Angeles - (.WildTangent.) [HKLM][64Bits] -- WTA-7df9f995-088d-4857-b185-1efc1081bf15 =>.WildTangent O42 - Logiciel: Mystery P.I. - The London Caper - (.WildTangent.) [HKLM][64Bits] -- WT089379 =>.WildTangent O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM][64Bits] -- {A57025CC-5F2E-4D01-B387-06DB10500D43} O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM][64Bits] -- Nokia PC Suite O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM][64Bits] -- {866C4563-ED53-43F3-A29D-8BEE2BD1BA3C} O42 - Logiciel: Official Video Converter - (.Aedge Performance BCN SL.) [HKLM][64Bits] -- {4DD1AF59-5121-421F-B92D-EEBF3F20345A} =>PUP.OfficialVideoConverter O42 - Logiciel: OpenVPN 2.3.6-I601 - (...) [HKLM][64Bits] -- OpenVPN O42 - Logiciel: Outil de notification de cadeaux MSN - (.Microsoft Corporation.) [HKCU][64Bits] -- {CAD9C0EB-457D-49BB-A6AD-389304C38B2A} O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM][64Bits] -- {644F4910-E812-49AD-93EC-86828CB81A0D} O42 - Logiciel: Package de pilotes Windows - Nokia Modem (02/25/2011 4.7) - (.Nokia.) [HKLM][64Bits] -- E0AC723A3DE3A04256288CADBBB011B112AED454 O42 - Logiciel: Package de pilotes Windows - Nokia Modem (02/25/2011 7.01.0.9) - (.Nokia.) [HKLM][64Bits] -- 72A50F48CC5601190B9C4E74D81161693133E7F7 O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2 - (.Nokia.) [HKLM][64Bits] -- 62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F O42 - Logiciel: PhotoFun - (.premiumsoft.) [HKLM][64Bits] -- {A7BF7AC3-A9BE-4F6F-8D3E-AAC86F2E3C09} O42 - Logiciel: PhotoPad Image Editor - (.NCH Software.) [HKLM][64Bits] -- PhotoPad O42 - Logiciel: PhotoStage Slideshow Producer - (.NCH Software.) [HKLM][64Bits] -- PhotoStage O42 - Logiciel: Pixillion Image Converter - (.NCH Software.) [HKLM][64Bits] -- Pixillion O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WT089395 =>.WildTangent O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} O42 - Logiciel: PlayReady PC Runtime x86 - (.Microsoft Corporation.) [HKLM][64Bits] -- {CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} O42 - Logiciel: PlayerPlus - (...) [HKLM][64Bits] -- PlayerPlus O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT088759 =>.WildTangent O42 - Logiciel: Pro Cycling Manager - Saison 2010 version 1.0.3.0 - (.Cyanide.) [HKLM][64Bits] -- Pro Cycling Manager 2010_is1 O42 - Logiciel: Pro Cycling Manager - Saison 2011 version 1.0.4.4 - (.Cyanide.) [HKLM][64Bits] -- Pro Cycling Manager 2011_is1 O42 - Logiciel: Pro Cycling Manager - Saison 2012 version 1.2.0.0 - (.Cyanide.) [HKLM][64Bits] -- Pro Cycling Manager 2012_is1 O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM][64Bits] -- {20C2051A-1ACA-48B4-9BA5-24625DCBD880} O42 - Logiciel: RealPlayer Cloud - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 17.0 O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} O42 - Logiciel: Realtek WLAN Driver - (.Realtek.) [HKLM][64Bits] -- {0FB630AB-7BD8-40AE-B223-60397D57C3C9} O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile Composite Device O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM][64Bits] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {5E453519-60F6-4A4D-A0BF-16663F9B3536} O42 - Logiciel: Samsung Mobile phone USB driver Drive Software - (...) [HKLM][64Bits] -- Samsung Mobile phone USB driver Drive O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A} O42 - Logiciel: Skype™ 6.20 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} O42 - Logiciel: Slingo Supreme - (.WildTangent.) [HKLM][64Bits] -- WT089381 =>.WildTangent O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify O42 - Logiciel: SuperCopier2 - (...) [HKLM][64Bits] -- SuperCopier2 O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: TAP-Windows 9.21.1 - (...) [HKLM][64Bits] -- TAP-Windows O42 - Logiciel: TOSHIBA Application Installer - (.TOSHIBA.) [HKLM][64Bits] -- {970472D0-F5F9-4158-A6E3-1AE49EFEF2D3} O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {1B87C40B-A60B-4EF3-9A68-706CF4B69978} O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380} O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {C14518AF-1A0F-4D39-8011-69BAA01CD380} O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F} O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F} O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38} O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38} O42 - Logiciel: TOSHIBA Hardware Setup - (...) [HKLM][64Bits] -- InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD} O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22} O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0} O42 - Logiciel: TOSHIBA PC Health Monitor - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4} O42 - Logiciel: TOSHIBA Quality Application - (.TOSHIBA.) [HKLM][64Bits] -- {E69992ED-A7F6-406C-9280-1C156417BC49} O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6} O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {A0E99122-25C1-4CA4-9063-499A2A814EB6} O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Supervisor Password - (...) [HKLM][64Bits] -- InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712} O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E} O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3} O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA eco Utility - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B3FF1CD9-B2F0-4D71-BB55-5F580401C48E} =>.Toshiba Corporation O42 - Logiciel: TVUPlayer 2.5.3.1 - (.TVU networks.) [HKLM][64Bits] -- TVUPlayer O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client O42 - Logiciel: Toshiba App Place - (.Toshiba.) [HKLM][64Bits] -- {ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2} O42 - Logiciel: Toshiba Book Place - (.K-NFB Reading Technology, Inc..) [HKLM][64Bits] -- {39187A4B-7538-4BE7-8BAD-9E83303793AA} O42 - Logiciel: Toshiba Laptop Checkup - (.Symantec Corporation.) [HKLM][64Bits] -- NortonPCCheckup O42 - Logiciel: Toshiba Online Backup - (.Toshiba.) [HKLM][64Bits] -- {C57BCDE1-7CB9-467D-B3BA-7E119916CDC1} O42 - Logiciel: ToshibaRegistration - (.Toshiba.) [HKLM][64Bits] -- {5AF550B4-BB67-4E7E-82F1-2C4300279050} O42 - Logiciel: Ulead PhotoImpact 12 - (.Ulead System.) [HKLM][64Bits] -- {11AFE21E-B193-430D-B57A-DFF7815BB962} O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent O42 - Logiciel: UpdateService - (.RealNetworks, Inc..) [HKLM][64Bits] -- {E3AE96D6-E196-45B4-AF62-2B41998B9E37} O42 - Logiciel: VLC media player 1.1.10 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Veetle TV - (.Veetle, Inc.) [HKLM][64Bits] -- Veetle TV O42 - Logiciel: Viber - (.Viber Media Inc.) [HKCU][64Bits] -- Viber O42 - Logiciel: Video Edit Magic 4.14 - (.Deskshare Inc..) [HKLM][64Bits] -- Video Edit Magic 4_is1 O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484} O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} O42 - Logiciel: WYSIWYG Web Builder 9 - (...) [HKLM][64Bits] -- WYSIWYG_Web_Builder_9 O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent toshiba Master Uninstall =>.WildTangent O42 - Logiciel: WildTangent Games App (Toshiba Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba =>.WildTangent O42 - Logiciel: WinRAR 4.01 (32 bits) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} =>.Microsoft Corporation O42 - Logiciel: Winning Eleven 8 INTERNATIONAL - (.duskymagus.) [HKLM][64Bits] -- Winning Eleven 8 INTERNATIONAL_is1 O42 - Logiciel: Wisdom-soft ScreenHunter 6.0 Free - (.Wisdom Software Inc..) [HKLM][64Bits] -- Wisdom-soft ScreenHunter 6.0 Free O42 - Logiciel: uSeesoft Total Video Converter - (.uSeesoft Software.) [HKLM][64Bits] -- uSeesoft Total Video Converter_is1 O42 - Logiciel: µTorrent - (...) [HKLM][64Bits] -- uTorrent =>P2P.µTorrent ~ Logic: 109 Scanned in 01mn AMs ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\A303] [HKCU\Software\AOL] [HKCU\Software\AVAST Software] [HKCU\Software\Acid] [HKCU\Software\Adobe] [HKCU\Software\Amazon] [HKCU\Software\America Online] [HKCU\Software\AnchorFree] [HKCU\Software\AppDataLow\Software\RealNetworks] [HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar [HKCU\Software\AppDataLow\Software\Unity] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Ares] [HKCU\Software\Audacity] [HKCU\Software\Avg Secure Update] [HKCU\Software\BitTorrent] =>P2P.BitTorrent [HKCU\Software\CBS Interactive] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conexant] [HKCU\Software\Cyanide] [HKCU\Software\Cygwin] [HKCU\Software\DT Soft] [HKCU\Software\DVDVideoSoft] [HKCU\Software\DeskShare] [HKCU\Software\Digital Photo Software] [HKCU\Software\Facebook] [HKCU\Software\Froggie] [HKCU\Software\GameSpy] [HKCU\Software\GinoPlayer] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hide IP Platinum] [HKCU\Software\HookNetwork] [HKCU\Software\HotHouse Creations Ltd] [HKCU\Software\HotspotShield] [HKCU\Software\Hyperionics] [HKCU\Software\IM Providers] [HKCU\Software\IncrediMail] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\Krobmyoofq] [HKCU\Software\MCAFEE] [HKCU\Software\MRL] [HKCU\Software\Macromedia] [HKCU\Software\Magnet] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\Marseillesoft] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\MyDefrag] [HKCU\Software\NCH Software] [HKCU\Software\NCH Swift Sound] [HKCU\Software\Netscape] [HKCU\Software\Nokia] [HKCU\Software\Norton] [HKCU\Software\ODBC] [HKCU\Software\Pablo Software Solutions] [HKCU\Software\PhotoFiltre Studio X] [HKCU\Software\Policies] [HKCU\Software\Pvm] [HKCU\Software\RECISIO] [HKCU\Software\RealNetworks] [HKCU\Software\Real] [HKCU\Software\RegisteredApplications] [HKCU\Software\SFX TEAM] [HKCU\Software\SOCID] [HKCU\Software\SYSTEMAX Software Development] [HKCU\Software\Samsung] [HKCU\Software\Sandlot Games] [HKCU\Software\SimonTatham] [HKCU\Software\SkypeRS] [HKCU\Software\Skype] [HKCU\Software\Synaptics] [HKCU\Software\TOSHIBA] [HKCU\Software\TVU networks] [HKCU\Software\TeamViewer] [HKCU\Software\TeleCharger] [HKCU\Software\TeleCharger_v2] [HKCU\Software\Tific] [HKCU\Software\Trolltech] [HKCU\Software\Ulead Systems] [HKCU\Software\Unity] [HKCU\Software\Usbfix] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VHLD] [HKCU\Software\ValuSoft] [HKCU\Software\Veetle] [HKCU\Software\VirtualDJ] [HKCU\Software\WildTangent] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wow6432Node] [HKCU\Software\pacificpoker] [HKCU\Software\pokerinstaller] [HKCU\Software\premiumsoft] [HKCU\Software\uSeesoft] [HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램] [HKLM\Software\ATI Technologies] [HKLM\Software\Apple Inc.] [HKLM\Software\CXT] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cnxt_Uiu_Parms] [HKLM\Software\Conexant] [HKLM\Software\Cyberlink] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SOFTWARE] [HKLM\Software\SRS Labs] [HKLM\Software\Sonic] [HKLM\Software\Synaptics] [HKLM\Software\Toshiba] [HKLM\Software\UIU] [HKLM\Software\Wow6432Node\ANI] [HKLM\Software\Wow6432Node\AVAST Software] [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AdwCleaner] [HKLM\Software\Wow6432Node\Alpha Networks] [HKLM\Software\Wow6432Node\Apple Computer, Inc.] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\Atheros Communications Inc.] [HKLM\Software\Wow6432Node\Avg] [HKLM\Software\Wow6432Node\Bunndle] [HKLM\Software\Wow6432Node\CBS Interactive] [HKLM\Software\Wow6432Node\CDDB] [HKLM\Software\Wow6432Node\ChrisPC Proxy] [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Cyanide] [HKLM\Software\Wow6432Node\D-Link] [HKLM\Software\Wow6432Node\DT Soft] [HKLM\Software\Wow6432Node\DVDVideoSoft] [HKLM\Software\Wow6432Node\Debug] [HKLM\Software\Wow6432Node\DeskShare] [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HaaliMkx] [HKLM\Software\Wow6432Node\Hide IP Platinum] [HKLM\Software\Wow6432Node\Hyperionics] [HKLM\Software\Wow6432Node\IM Providers] [HKLM\Software\Wow6432Node\InstallShield] [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\K-NFB Reading Technology, Inc.] [HKLM\Software\Wow6432Node\KONAMIWE8IU] [HKLM\Software\Wow6432Node\KasperskyLab] [HKLM\Software\Wow6432Node\Licenses] [HKLM\Software\Wow6432Node\MRL] [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\MimarSinan] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\MusicNet] [HKLM\Software\Wow6432Node\NCH Software] [HKLM\Software\Wow6432Node\NCH Swift Sound] [HKLM\Software\Wow6432Node\NPCCU] [HKLM\Software\Wow6432Node\Nokia] [HKLM\Software\Wow6432Node\Norton] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OfficialVideoConverter] =>PUP.OfficialVideoConverter [HKLM\Software\Wow6432Node\PC Connectivity Solution] [HKLM\Software\Wow6432Node\PCSuite] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\RECISIO] [HKLM\Software\Wow6432Node\RealNetworks] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Research In Motion] [HKLM\Software\Wow6432Node\Samsung Electronics Co., Ltd.] [HKLM\Software\Wow6432Node\Samsung] [HKLM\Software\Wow6432Node\SecureDigitalServices] [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\THQ] [HKLM\Software\Wow6432Node\TOSHIBA CORPORATION] [HKLM\Software\Wow6432Node\TOSHIBA] [HKLM\Software\Wow6432Node\TVU networks] [HKLM\Software\Wow6432Node\TeamViewer] [HKLM\Software\Wow6432Node\Tific] [HKLM\Software\Wow6432Node\TightVNC] [HKLM\Software\Wow6432Node\Ulead Systems] [HKLM\Software\Wow6432Node\Veetle] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\VirtualDJ] [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WildTangent] [HKLM\Software\Wow6432Node\WinNTData] [HKLM\Software\Wow6432Node\WinRAR] [HKLM\Software\Wow6432Node\Wise Solutions] [HKLM\Software\Wow6432Node\Xing Technology Corp.] [HKLM\Software\Wow6432Node\mcafeeupdater] [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node\uSeesoft] [HKLM\Software\Wow6432Node] [HKLM\Software\mcafeeupdater] ~ Key Software: 511 Scanned in 02mn AMs ---\\ Contents of the Common Files folders (O43) O43 - CFD: 14-Nov-12 - 7:23:50 PM - [] ----D C:\Program Files (x86)\7-Zip O43 - CFD: 17-Mar-13 - 6:04:51 PM - [] ----D C:\Program Files (x86)\ACID O43 - CFD: 20-Apr-12 - 8:19:23 PM - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 11-Apr-12 - 5:00:15 AM - [] ----D C:\Program Files (x86)\Adobe Download Assistant O43 - CFD: 27-Jan-13 - 7:49:39 PM - [] ----D C:\Program Files (x86)\ANI O43 - CFD: 14-Oct-11 - 6:32:35 PM - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc O43 - CFD: 27-Jun-11 - 9:25:45 PM - [] ----D C:\Program Files (x86)\Ares O43 - CFD: 19-Jan-12 - 5:54:03 PM - [] ----D C:\Program Files (x86)\Audacity O43 - CFD: 19-Mar-14 - 10:03:44 PM - [] ----D C:\Program Files (x86)\AVG O43 - CFD: 14-Oct-11 - 6:33:06 PM - [] ----D C:\Program Files (x86)\Bonjour O43 - CFD: 01-Mar-13 - 7:01:30 PM - [] ----D C:\Program Files (x86)\Chatango O43 - CFD: 26-Jan-15 - 11:29:58 PM - [] ----D C:\Program Files (x86)\ChrisPC Free Anonymous Proxy O43 - CFD: 12-Feb-15 - 7:54:23 AM - [] ----D C:\Program Files (x86)\ChrisPC Free Anonymous Proxy1 O43 - CFD: 04-May-15 - 1:00:17 PM - [] ----D C:\Program Files (x86)\ChrisPC Free Anonymous Proxy2 O43 - CFD: 11-Apr-11 - 11:24:52 AM - [] ----D C:\Program Files (x86)\Cisco O43 - CFD: 03-May-15 - 2:11:02 PM - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 11-Apr-11 - 11:35:21 AM - [] ----D C:\Program Files (x86)\Corel O43 - CFD: 14-Jul-14 - 1:19:10 AM - [] ----D C:\Program Files (x86)\Cyanide O43 - CFD: 27-Jan-13 - 7:49:08 PM - [] ----D C:\Program Files (x86)\D-Link O43 - CFD: 16-Nov-12 - 9:35:30 AM - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 06-Oct-12 - 1:10:41 PM - [] ----D C:\Program Files (x86)\Deskshare O43 - CFD: 14-Jul-14 - 1:21:08 AM - [] ----D C:\Program Files (x86)\DivX O43 - CFD: 07-Nov-11 - 2:01:54 PM - [] ----D C:\Program Files (x86)\DVDVideoSoft O43 - CFD: 20-Mar-14 - 1:03:24 PM - [] ----D C:\Program Files (x86)\FoxTabVideoConverter O43 - CFD: 29-Sep-11 - 5:08:36 PM - [] ----D C:\Program Files (x86)\GameSpy Arcade O43 - CFD: 04-Feb-15 - 12:02:23 PM - [] ----D C:\Program Files (x86)\Google O43 - CFD: 14-Jul-14 - 1:19:18 AM - [] ----D C:\Program Files (x86)\Hide IP Platinum O43 - CFD: 08-Dec-14 - 12:36:08 PM - [] ----D C:\Program Files (x86)\Hotspot Shield O43 - CFD: 16-Apr-13 - 7:36:17 PM - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 11-Apr-11 - 11:18:41 AM - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 14-Oct-11 - 4:27:39 PM - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 15-Oct-10 - 6:53:18 AM - [] ----D C:\Program Files (x86)\Java O43 - CFD: 03-Nov-11 - 12:11:42 AM - [] ----D C:\Program Files (x86)\KaraFun Player O43 - CFD: 15-Jul-13 - 12:20:49 PM - [] ----D C:\Program Files (x86)\Kaspersky Lab O43 - CFD: 02-Nov-13 - 11:55:41 AM - [] ----D C:\Program Files (x86)\KONAMI O43 - CFD: 18-Mar-13 - 7:58:35 PM - [] ----D C:\Program Files (x86)\LachisEditor O43 - CFD: 02-Nov-11 - 4:16:53 PM - [] ----D C:\Program Files (x86)\LimeWire O43 - CFD: 03-May-15 - 3:45:16 PM - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 24-Oct-11 - 8:11:15 PM - [] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 14-Oct-11 - 5:14:49 PM - [] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 08-Dec-14 - 12:06:12 PM - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 15-Oct-10 - 7:07:15 AM - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 04-Jun-11 - 6:39:06 PM - [] ----D C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 04-Jun-11 - 6:34:42 PM - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 06-Oct-11 - 3:03:39 AM - [] ----D C:\Program Files (x86)\Microsoft Works O43 - CFD: 20-Oct-11 - 9:05:45 AM - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 29-Sep-11 - 4:14:18 PM - [] ----D C:\Program Files (x86)\MotoGP2 Demo O43 - CFD: 17-May-12 - 5:49:35 PM - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 04-Jun-11 - 6:39:17 PM - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 01-Sep-11 - 11:30:15 PM - [] ----D C:\Program Files (x86)\MyPlayCity.com O43 - CFD: 08-Apr-14 - 3:10:01 PM - [] ----D C:\Program Files (x86)\Naver O43 - CFD: 23-Nov-11 - 10:52:42 AM - [] ----D C:\Program Files (x86)\NCH Software O43 - CFD: 27-Oct-11 - 6:33:21 PM - [] ----D C:\Program Files (x86)\NCH Swift Sound O43 - CFD: 04-Apr-13 - 10:21:20 PM - [] ----D C:\Program Files (x86)\Nokia O43 - CFD: 06-Jun-11 - 7:58:22 AM - [] ----D C:\Program Files (x86)\Norton Internet Security O43 - CFD: 11-Apr-11 - 11:41:18 AM - [] ----D C:\Program Files (x86)\Norton PC Checkup O43 - CFD: 05-Jun-11 - 4:47:29 PM - [] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 07-Nov-11 - 12:48:01 PM - [] ----D C:\Program Files (x86)\OfficialVideoConverter =>PUP.OfficialVideoConverter O43 - CFD: 14-Jul-14 - 1:21:15 AM - [] ----D C:\Program Files (x86)\PacificPoker O43 - CFD: 03-Apr-13 - 3:49:12 PM - [] ----D C:\Program Files (x86)\PC Connectivity Solution O43 - CFD: 18-Dec-11 - 10:58:30 PM - [] ----D C:\Program Files (x86)\PlayerPlus O43 - CFD: 15-Oct-10 - 6:57:58 AM - [] ----D C:\Program Files (x86)\PlayReady O43 - CFD: 23-May-12 - 1:06:46 PM - [] ----D C:\Program Files (x86)\Pvm O43 - CFD: 08-Aug-14 - 10:33:02 AM - [] ----D C:\Program Files (x86)\Real O43 - CFD: 08-Aug-14 - 10:32:55 AM - [] ----D C:\Program Files (x86)\RealNetworks O43 - CFD: 11-Apr-11 - 11:23:03 AM - [] ----D C:\Program Files (x86)\Realtek O43 - CFD: 11-Apr-11 - 11:25:01 AM - [] ----D C:\Program Files (x86)\Realtek WLAN Driver O43 - CFD: 14-Jul-09 - 8:32:38 AM - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 14-Oct-11 - 6:33:41 PM - [] ----D C:\Program Files (x86)\Safari O43 - CFD: 16-Apr-13 - 6:39:02 PM - [] ----D C:\Program Files (x86)\Samsung O43 - CFD: 19-Sep-14 - 11:45:29 AM - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 18-Dec-11 - 10:58:35 PM - [] ----D C:\Program Files (x86)\Software O43 - CFD: 21-Apr-12 - 12:31:05 PM - [] ----D C:\Program Files (x86)\SuperCopier2 O43 - CFD: 02-Nov-11 - 7:23:36 PM - [] ----D C:\Program Files (x86)\TOSHIBA O43 - CFD: 02-Nov-11 - 7:23:36 PM - [] ----D C:\Program Files (x86)\TOSHIBA Corporation O43 - CFD: 26-Aug-11 - 12:56:46 AM - [] ----D C:\Program Files (x86)\TOSHIBA Games O43 - CFD: 11-Apr-11 - 11:41:09 AM - [] ----D C:\Program Files (x86)\Toshiba Online Backup O43 - CFD: 28-Sep-11 - 9:46:13 PM - [] ----D C:\Program Files (x86)\TVUPlayer O43 - CFD: 08-Apr-12 - 1:36:26 PM - [] ----D C:\Program Files (x86)\Ulead Systems O43 - CFD: 14-Jul-09 - 7:57:06 AM - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 03-Dec-11 - 11:16:45 AM - [] ----D C:\Program Files (x86)\uSeesoft O43 - CFD: 15-May-13 - 3:08:37 PM - [] ----D C:\Program Files (x86)\uTorrent =>P2P.µTorrent O43 - CFD: 31-Jul-14 - 12:54:06 PM - [] ----D C:\Program Files (x86)\uusee O43 - CFD: 11-Dec-11 - 1:40:46 AM - [] ----D C:\Program Files (x86)\Veetle O43 - CFD: 27-Jun-11 - 9:42:17 PM - [] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 02-Nov-11 - 4:30:55 PM - [] ----D C:\Program Files (x86)\VirtualDJ O43 - CFD: 20-Nov-12 - 9:33:59 AM - [] ----D C:\Program Files (x86)\WildTangent Games O43 - CFD: 04-Jun-11 - 6:19:07 PM - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 13-May-13 - 1:19:55 PM - [] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 25-Aug-11 - 11:19:39 AM - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 06-Oct-11 - 1:51:45 AM - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14-Jul-09 - 8:32:38 AM - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 04-Jun-11 - 6:19:11 PM - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 06-Oct-11 - 2:00:16 AM - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 04-Jun-11 - 6:19:12 PM - [] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 31-Dec-11 - 9:45:16 AM - [] ----D C:\Program Files (x86)\WinRAR O43 - CFD: 21-Mar-12 - 11:46:59 AM - [] ----D C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free O43 - CFD: 11-Oct-14 - 4:50:27 PM - [] ----D C:\Program Files (x86)\WYSIWYG Web Builder 9 O43 - CFD: 03-May-15 - 12:48:20 PM - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 31-Jan-12 - 8:00:28 PM - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 02-Nov-11 - 5:12:51 PM - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 14-Oct-11 - 6:32:50 PM - [] ----D C:\Program Files (x86)\Common Files\Apple O43 - CFD: 04-Jun-11 - 6:39:06 PM - [] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 06-Oct-12 - 1:10:54 PM - [] ----D C:\Program Files (x86)\Common Files\DeskShare Shared O43 - CFD: 14-Jul-14 - 1:21:12 AM - [] ----D C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 03-May-15 - 2:11:02 PM - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft O43 - CFD: 27-Jan-13 - 7:49:25 PM - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 24-Oct-11 - 8:12:33 PM - [] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 04-Apr-13 - 10:21:20 PM - [] ----D C:\Program Files (x86)\Common Files\Nokia O43 - CFD: 04-Apr-13 - 10:21:21 PM - [] ----D C:\Program Files (x86)\Common Files\PCSuite O43 - CFD: 11-Apr-11 - 11:15:09 AM - [] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 14-Jul-09 - 6:20:08 AM - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 19-Sep-14 - 11:45:29 AM - [] ----D C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14-Jul-09 - 6:20:08 AM - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 05-Jun-11 - 4:46:28 PM - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 06-Oct-11 - 3:02:06 AM - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 08-Apr-12 - 6:33:41 PM - [] ----D C:\Program Files (x86)\Common Files\Ulead Systems O43 - CFD: 15-Oct-10 - 7:04:58 AM - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 08-Aug-14 - 10:32:18 AM - [] ----D C:\Program Files (x86)\Common Files\xing shared O43 - CFD: 03-Aug-11 - 5:45:34 PM - [] ----D C:\ProgramData\22264 O43 - CFD: 10-Nov-12 - 4:40:11 PM - [] ----D C:\ProgramData\Adobe O43 - CFD: 14-Oct-11 - 6:32:34 PM - [] ----D C:\ProgramData\Apple O43 - CFD: 14-Oct-11 - 6:33:36 PM - [] ----D C:\ProgramData\Apple Computer O43 - CFD: 14-Jul-09 - 8:08:56 AM - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 19-Mar-14 - 8:17:06 PM - [] ----D C:\ProgramData\AVAST Software O43 - CFD: 04-May-15 - 5:44:15 AM - [] ----D C:\ProgramData\AVG2014 O43 - CFD: 27-Feb-15 - 8:18:49 AM - [] ----D C:\ProgramData\Avg_Update_0215tb O43 - CFD: 26-Aug-14 - 8:32:38 PM - [] ----D C:\ProgramData\Avg_Update_0814tb O43 - CFD: 07-Nov-14 - 6:40:41 PM - [] ----D C:\ProgramData\Avg_Update_1114tb O43 - CFD: 11-Dec-14 - 8:12:52 AM - [] ----D C:\ProgramData\Avg_Update_1214tb O43 - CFD: 19-Mar-14 - 9:11:12 PM - [] ----D C:\ProgramData\Avira O43 - CFD: 06-Jun-11 - 7:58:26 AM - [] ----D C:\ProgramData\Blio O43 - CFD: 20-Dec-11 - 7:24:52 AM - [] ----D C:\ProgramData\boost_interprocess O43 - CFD: 19-Mar-14 - 9:22:53 PM - [] --H-D C:\ProgramData\Common Files O43 - CFD: 07-Apr-14 - 2:38:00 PM - [] ----D C:\ProgramData\Conexant O43 - CFD: 16-Nov-12 - 9:48:57 AM - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 14-Jul-09 - 8:08:56 AM - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 14-Jul-14 - 1:21:04 AM - [] ----D C:\ProgramData\DivX O43 - CFD: 14-Jul-09 - 8:08:56 AM - [] -SH-D C:\ProgramData\Documents O43 - CFD: 14-Jul-09 - 8:08:56 AM - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 15-Oct-10 - 7:04:12 AM - [] ----D C:\ProgramData\Google O43 - CFD: 14-Jul-14 - 1:21:16 AM - [] ----D C:\ProgramData\Hotspot Shield O43 - CFD: 03-Apr-13 - 3:47:44 PM - [] ----D C:\ProgramData\Installations O43 - CFD: 15-Jul-13 - 12:20:49 PM - [] ----D C:\ProgramData\Kaspersky Lab O43 - CFD: 06-Jun-11 - 7:58:22 AM - [] ----D C:\ProgramData\Kaspersky Lab Setup Files O43 - CFD: 03-May-15 - 3:45:09 PM - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 09-Nov-11 - 11:25:03 AM - [] ----D C:\ProgramData\McAfee O43 - CFD: 27-Feb-15 - 7:13:33 PM - [] ----D C:\ProgramData\McAfee Security Scan O43 - CFD: 04-May-15 - 5:43:41 AM - [] ----D C:\ProgramData\MFAData O43 - CFD: 07-May-13 - 5:09:21 PM - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 15-Jun-12 - 7:35:06 AM - [] ----D C:\ProgramData\Microsoft Help O43 - CFD: 21-Jan-12 - 4:21:26 PM - [] ----D C:\ProgramData\NCH Software O43 - CFD: 07-Jun-11 - 7:06:56 PM - [] ----D C:\ProgramData\Norton O43 - CFD: 05-Jun-11 - 4:46:24 PM - [] ----D C:\ProgramData\NortonInstaller O43 - CFD: 03-Apr-13 - 3:50:17 PM - [] ----D C:\ProgramData\PC Suite O43 - CFD: 09-Nov-11 - 12:23:38 AM - [] ----D C:\ProgramData\pH27400DmHiP27400 O43 - CFD: 27-Feb-15 - 7:12:35 PM - [] ----D C:\ProgramData\Real O43 - CFD: 08-Aug-14 - 10:32:55 AM - [] ----D C:\ProgramData\RealNetworks O43 - CFD: 03-Nov-11 - 12:11:36 AM - [] ----D C:\ProgramData\Recisio O43 - CFD: 31-Jan-12 - 8:00:38 PM - [] ----D C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 19-Sep-14 - 11:45:42 AM - [] ----D C:\ProgramData\Skype O43 - CFD: 14-Jul-09 - 8:08:56 AM - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 01-Jun-13 - 9:25:22 AM - [] ----D C:\ProgramData\Synaptics O43 - CFD: 13-Nov-14 - 7:15:38 PM - [] ----D C:\ProgramData\SYSTEMAX Software Development O43 - CFD: 14-Jul-09 - 8:08:56 AM - [] -SH-D C:\ProgramData\Templates O43 - CFD: 11-Apr-11 - 11:41:09 AM - [] ----D C:\ProgramData\Toshiba O43 - CFD: 28-Sep-11 - 9:46:13 PM - [] ----D C:\ProgramData\TVU Networks O43 - CFD: 11-Apr-12 - 5:00:17 AM - [] ----D C:\ProgramData\Ulead Systems O43 - CFD: 08-Jun-11 - 12:38:26 PM - [] ----D C:\ProgramData\Wild Tangent O43 - CFD: 31-Mar-13 - 3:04:54 PM - [] ----D C:\ProgramData\WildTangent O43 - CFD: 27-Jun-11 - 11:40:53 PM - [] --H-D C:\ProgramData\{0ACE0403-C75D-488C-A403-7A57E9848B62} O43 - CFD: 24-Aug-11 - 7:50:10 PM - [] --H-D C:\ProgramData\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A} O43 - CFD: 18-Dec-11 - 7:34:02 PM - [] --H-D C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318} O43 - CFD: 14-Nov-12 - 7:23:50 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip O43 - CFD: 14-Jul-14 - 1:21:16 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\888poker O43 - CFD: 06-Jun-11 - 7:58:26 AM - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17-Mar-13 - 6:04:52 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACID O43 - CFD: 06-Jun-11 - 7:58:26 AM - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 06-Jun-11 - 7:59:09 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com O43 - CFD: 27-Jun-11 - 9:25:43 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares O43 - CFD: 31-Oct-11 - 6:13:40 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs O43 - CFD: 20-Mar-14 - 1:18:12 PM - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira O43 - CFD: 01-Mar-13 - 7:01:34 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chatango O43 - CFD: 10-Apr-15 - 10:59:18 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC Free Anonymous Proxy O43 - CFD: 06-Jun-11 - 7:58:22 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once O43 - CFD: 18-Sep-13 - 3:25:45 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyanide O43 - CFD: 27-Jan-13 - 7:49:10 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link O43 - CFD: 16-Nov-12 - 9:36:40 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 02-Nov-11 - 5:55:14 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dictation and Transcription Programs O43 - CFD: 07-Nov-11 - 2:02:02 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft O43 - CFD: 23-Mar-13 - 3:51:19 PM - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 29-Sep-11 - 4:13:56 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade O43 - CFD: 23-Apr-14 - 2:28:13 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 28-Oct-12 - 8:55:37 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth =>.Google Inc O43 - CFD: 31-Oct-11 - 6:09:31 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Graphics Related Programs O43 - CFD: 28-Apr-14 - 4:33:30 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide IP Platinum O43 - CFD: 25-May-14 - 3:54:20 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield O43 - CFD: 03-Nov-11 - 12:11:44 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player O43 - CFD: 02-Nov-13 - 11:57:34 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI O43 - CFD: 06-Jun-11 - 7:58:26 AM - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 03-May-15 - 3:45:18 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 02-Jun-14 - 11:33:17 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus O43 - CFD: 07-Oct-11 - 1:52:25 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 07-Dec-14 - 3:02:39 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 29-Sep-11 - 4:13:44 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotoGP2 Demo O43 - CFD: 06-Jun-11 - 7:59:09 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Toshiba O43 - CFD: 23-Mar-14 - 2:11:01 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 O43 - CFD: 03-Oct-11 - 11:25:59 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com O43 - CFD: 31-Oct-11 - 6:09:31 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite O43 - CFD: 06-Jun-11 - 7:58:22 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero O43 - CFD: 04-Apr-13 - 10:21:22 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite O43 - CFD: 07-Nov-11 - 12:48:14 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Official Video Converter =>PUP.OfficialVideoConverter O43 - CFD: 10-Dec-14 - 2:00:53 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN O43 - CFD: 23-May-12 - 1:06:46 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pvm O43 - CFD: 08-Aug-14 - 10:32:56 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks O43 - CFD: 16-Apr-13 - 6:42:30 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3 O43 - CFD: 19-Sep-14 - 11:45:32 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 08-Aug-14 - 10:31:48 AM - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 14-Jul-09 - 10:44:38 AM - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 10-Dec-14 - 2:00:17 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows O43 - CFD: 11-May-13 - 9:55:21 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client O43 - CFD: 06-Jun-11 - 7:59:09 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA O43 - CFD: 06-Jun-11 - 7:58:23 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Laptop Checkup O43 - CFD: 06-Jun-11 - 7:58:23 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba Online Backup O43 - CFD: 08-Apr-12 - 6:35:06 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead PhotoImpact 12 O43 - CFD: 08-Apr-12 - 6:33:57 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead Systems O43 - CFD: 03-Dec-11 - 11:16:54 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uSeesoft O43 - CFD: 23-Nov-11 - 10:46:35 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities O43 - CFD: 06-Oct-12 - 1:10:55 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Edit Magic 4.1 O43 - CFD: 23-Nov-11 - 10:50:27 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs O43 - CFD: 27-Jun-11 - 9:42:27 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 02-Nov-11 - 4:30:59 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual DJ O43 - CFD: 13-Apr-12 - 8:31:22 AM - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 30-Dec-11 - 3:07:45 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 21-Mar-12 - 11:46:33 AM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free O43 - CFD: 11-Oct-14 - 4:50:32 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WYSIWYG Web Builder 9 O43 - CFD: 03-May-15 - 12:48:41 PM - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 22-Oct-11 - 2:31:46 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\793CE O43 - CFD: 20-Apr-12 - 8:53:20 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Adobe O43 - CFD: 24-Sep-13 - 6:58:05 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Apple Computer O43 - CFD: 12-Aug-11 - 8:12:00 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Awem O43 - CFD: 12-Aug-11 - 8:06:40 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\BeachPartyCraze O43 - CFD: 05-Jun-11 - 3:27:44 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Book Place O43 - CFD: 15-Oct-11 - 2:59:44 PM - [0] ----D C:\Users\Toshiba\AppData\Roaming\CE044 O43 - CFD: 02-Nov-11 - 5:12:56 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant O43 - CFD: 26-Nov-12 - 9:19:35 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd O43 - CFD: 10-Jul-14 - 8:23:43 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\DivX O43 - CFD: 04-May-15 - 1:03:20 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Dropbox O43 - CFD: 31-Oct-11 - 6:10:20 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\dvdcss O43 - CFD: 07-Jan-12 - 1:52:10 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\FreeCall O43 - CFD: 17-Jul-11 - 6:30:27 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\funkitron O43 - CFD: 07-Jun-11 - 7:50:40 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Google O43 - CFD: 08-Dec-14 - 11:54:23 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Hotspot Shield O43 - CFD: 08-Apr-12 - 1:43:45 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Identities O43 - CFD: 27-Jan-13 - 7:48:38 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\InstallShield O43 - CFD: 05-Jun-11 - 4:48:38 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Macromedia O43 - CFD: 01-May-12 - 11:40:16 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Malwarebytes O43 - CFD: 14-Jul-09 - 10:44:38 AM - [0] ----D C:\Users\Toshiba\AppData\Roaming\Media Center Programs O43 - CFD: 19-Nov-13 - 4:23:02 PM - [] -S--D C:\Users\Toshiba\AppData\Roaming\Microsoft O43 - CFD: 23-May-13 - 11:21:31 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Mozilla O43 - CFD: 23-Nov-11 - 10:50:24 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\NCH Software O43 - CFD: 04-Apr-13 - 7:56:31 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Nokia O43 - CFD: 14-Jun-13 - 9:31:36 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Orbit O43 - CFD: 14-Jul-14 - 1:21:25 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\PacificPoker O43 - CFD: 27-Apr-14 - 7:44:54 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\PC Suite O43 - CFD: 14-Oct-14 - 3:06:34 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\PhotoFiltre Studio X O43 - CFD: 02-May-15 - 3:15:44 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Pro Cycling Manager 2011 O43 - CFD: 13-Jul-14 - 12:57:56 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Pro Cycling Manager 2012 O43 - CFD: 08-Aug-14 - 10:34:19 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Real O43 - CFD: 08-Aug-14 - 10:34:17 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\RealNetworks O43 - CFD: 16-Apr-13 - 6:47:02 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\SAMSUNG O43 - CFD: 04-May-15 - 1:42:28 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Skype O43 - CFD: 29-Dec-11 - 4:57:45 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Spotify O43 - CFD: 27-Mar-13 - 3:14:29 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Synaptics O43 - CFD: 13-Nov-14 - 7:15:38 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\SYSTEMAX Software Development O43 - CFD: 15-Mar-15 - 5:24:14 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\TeamViewer O43 - CFD: 20-Jun-11 - 7:26:10 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Tific O43 - CFD: 06-Jun-11 - 7:46:52 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Toshiba O43 - CFD: 12-May-13 - 10:57:55 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\TS3Client O43 - CFD: 19-Mar-14 - 10:07:59 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\TuneUp Software O43 - CFD: 08-Apr-12 - 6:35:31 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Ulead Systems O43 - CFD: 28-Sep-11 - 7:03:54 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Unity O43 - CFD: 18-Oct-14 - 3:20:46 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\uTorrent =>P2P.µTorrent O43 - CFD: 27-Jan-15 - 4:38:25 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\ViberPC O43 - CFD: 27-Feb-15 - 7:13:36 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\vlc O43 - CFD: 22-Sep-11 - 2:47:21 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\VoipBuster O43 - CFD: 31-Mar-13 - 3:04:59 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\WildTangent O43 - CFD: 23-Aug-11 - 2:26:11 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\WildTangentv1001 O43 - CFD: 02-May-11 - 6:55:36 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\WinBatch O43 - CFD: 08-Nov-11 - 9:26:54 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\WinRAR O43 - CFD: 04-May-15 - 1:44:00 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 18-Feb-15 - 6:13:14 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\ZTEEVDO O43 - CFD: 19-Mar-15 - 11:12:35 AM - [] ----D C:\Users\Toshiba\AppData\Local\Adobe O43 - CFD: 25-Mar-12 - 8:37:56 PM - [] ----D C:\Users\Toshiba\AppData\Local\Amazon O43 - CFD: 25-Feb-14 - 3:54:45 PM - [] ----D C:\Users\Toshiba\AppData\Local\AOL O43 - CFD: 14-Oct-11 - 6:32:37 PM - [] ----D C:\Users\Toshiba\AppData\Local\Apple O43 - CFD: 24-Dec-11 - 11:55:26 AM - [] ----D C:\Users\Toshiba\AppData\Local\Apple Computer O43 - CFD: 02-May-11 - 6:55:03 AM - [] -SH-D C:\Users\Toshiba\AppData\Local\Application Data O43 - CFD: 19-Jan-12 - 6:42:42 PM - [] ----D C:\Users\Toshiba\AppData\Local\Ares O43 - CFD: 23-Nov-14 - 9:07:35 AM - [] ----D C:\Users\Toshiba\AppData\Local\Avg O43 - CFD: 25-Jun-11 - 5:51:14 PM - [] ----D C:\Users\Toshiba\AppData\Local\Conexant O43 - CFD: 03-May-15 - 2:35:08 PM - [] ----D C:\Users\Toshiba\AppData\Local\CrashDumps O43 - CFD: 23-Jan-13 - 11:01:59 PM - [] ----D C:\Users\Toshiba\AppData\Local\Diagnostics O43 - CFD: 07-Nov-11 - 11:19:11 PM - [] ----D C:\Users\Toshiba\AppData\Local\Downloaded Installations O43 - CFD: 07-Apr-14 - 2:46:48 PM - [] ----D C:\Users\Toshiba\AppData\Local\ElevatedDiagnostics O43 - CFD: 07-Apr-12 - 5:28:08 AM - [] ----D C:\Users\Toshiba\AppData\Local\Facebook O43 - CFD: 13-Jun-12 - 10:36:21 AM - [] ----D C:\Users\Toshiba\AppData\Local\fontconfig O43 - CFD: 13-Jun-12 - 10:36:13 AM - [] ----D C:\Users\Toshiba\AppData\Local\gegl-0.2 O43 - CFD: 29-Sep-11 - 4:17:38 PM - [] ----D C:\Users\Toshiba\AppData\Local\GinoPlayer O43 - CFD: 04-Feb-15 - 11:53:49 AM - [] ----D C:\Users\Toshiba\AppData\Local\Google O43 - CFD: 02-May-11 - 6:55:03 AM - [] -SH-D C:\Users\Toshiba\AppData\Local\History O43 - CFD: 08-Apr-14 - 3:10:28 PM - [] ----D C:\Users\Toshiba\AppData\Local\Line O43 - CFD: 19-Mar-14 - 9:22:53 PM - [] ----D C:\Users\Toshiba\AppData\Local\MFAData O43 - CFD: 19-Nov-13 - 4:23:01 PM - [] ----D C:\Users\Toshiba\AppData\Local\Microsoft O43 - CFD: 02-Jul-11 - 9:35:05 PM - [] ----D C:\Users\Toshiba\AppData\Local\Microsoft Games O43 - CFD: 27-Jul-11 - 2:01:47 PM - [] ----D C:\Users\Toshiba\AppData\Local\Microsoft Help O43 - CFD: 27-May-12 - 2:39:13 PM - [] ----D C:\Users\Toshiba\AppData\Local\MPlayer O43 - CFD: 20-Jun-14 - 7:17:20 PM - [] ----D C:\Users\Toshiba\AppData\Local\Nexway O43 - CFD: 03-May-15 - 3:43:53 PM - [] ----D C:\Users\Toshiba\AppData\Local\Programs O43 - CFD: 28-Feb-14 - 7:42:31 PM - [] ----D C:\Users\Toshiba\AppData\Local\Skype O43 - CFD: 18-Dec-11 - 10:58:35 PM - [] ----D C:\Users\Toshiba\AppData\Local\Software O43 - CFD: 19-Dec-11 - 1:12:42 PM - [] ----D C:\Users\Toshiba\AppData\Local\Spotify O43 - CFD: 04-May-15 - 1:44:50 PM - [] ----D C:\Users\Toshiba\AppData\Local\Temp O43 - CFD: 02-May-11 - 6:55:03 AM - [] -SH-D C:\Users\Toshiba\AppData\Local\Temporary Internet Files O43 - CFD: 20-Jun-11 - 7:26:28 AM - [] ----D C:\Users\Toshiba\AppData\Local\Tific O43 - CFD: 02-May-11 - 6:57:16 AM - [] ----D C:\Users\Toshiba\AppData\Local\Toshiba O43 - CFD: 12-Aug-11 - 8:34:56 AM - [] ----D C:\Users\Toshiba\AppData\Local\Toshiba Corporation O43 - CFD: 12-May-11 - 2:44:58 PM - [] ----D C:\Users\Toshiba\AppData\Local\TOSHIBA_Corporation O43 - CFD: 28-Sep-11 - 9:46:13 PM - [] ----D C:\Users\Toshiba\AppData\Local\TVU Networks O43 - CFD: 28-Sep-11 - 6:09:59 PM - [] ----D C:\Users\Toshiba\AppData\Local\Unity O43 - CFD: 03-Dec-11 - 11:17:00 AM - [] ----D C:\Users\Toshiba\AppData\Local\uSeesoft O43 - CFD: 27-Jan-15 - 4:38:18 PM - [] ----D C:\Users\Toshiba\AppData\Local\Viber O43 - CFD: 16-Apr-13 - 6:51:00 PM - [] ----D C:\Users\Toshiba\AppData\Local\VirtualStore O43 - CFD: 24-Sep-12 - 9:18:09 PM - [] ----D C:\Users\Toshiba\AppData\Local\Windows Live O43 - CFD: 14-Jul-09 - 7:54:32 AM - [] R---D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 02-May-11 - 6:56:47 AM - [] R---D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 25-Feb-14 - 3:54:42 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AIM for Windows O43 - CFD: 25-Mar-12 - 8:37:45 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon O43 - CFD: 27-Jun-11 - 9:25:42 PM - [0] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares O43 - CFD: 01-Mar-13 - 7:01:34 PM - [0] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chatango O43 - CFD: 08-Jul-11 - 10:14:09 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dj Pro X 2011 O43 - CFD: 29-Apr-15 - 1:31:16 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox O43 - CFD: 18-Mar-13 - 11:00:46 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook O43 - CFD: 07-Nov-11 - 11:19:54 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FORMULA1 ORGANIZER DELUXE O43 - CFD: 14-Jul-14 - 1:21:25 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 29-Sep-11 - 4:13:56 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade O43 - CFD: 15-Mar-13 - 10:07:52 PM - [0] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2 O43 - CFD: 14-Jul-09 - 7:49:38 AM - [] R---D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 18-Dec-11 - 10:58:31 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayerPlus O43 - CFD: 23-May-12 - 1:06:46 PM - [0] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pvm O43 - CFD: 29-Apr-15 - 1:31:28 PM - [] R---D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 21-Apr-12 - 12:31:05 PM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SuperCopier2 O43 - CFD: 02-Nov-11 - 4:30:58 PM - [0] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual DJ O43 - CFD: 30-Dec-11 - 3:07:45 AM - [] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 21-Mar-12 - 11:46:33 AM - [0] ----D C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Free ~ 1 Dossier CLSID vide (CLSID Empty Folder) ~ Program Folder: 356 Scanned in 07mn AMs ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.F775371B57784F7D98A9F46D6D429D0C] - 03-May-15 - 1:12:42 PM ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 03-May-15 - 3:16:50 PM ---A- . (...) -- C:\Windows\tweaking.com-regbackup-TOSHIBA-PC-Windows-7-Home-Premium-(64-bit).dat [207] O44 - LFC:[MD5.1E9E32AEC3E1EB1B31B8169F33168B56] - 03-May-15 - 3:45:09 PM ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O44 - LFC:[MD5.54D70409DE6932E9EFA117779611E7A9] - 03-May-15 - 3:45:09 PM ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [107736] O44 - LFC:[MD5.F49FB3C88E263AE9A246593B0BB29294] - 03-May-15 - 3:45:09 PM ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704] O44 - LFC:[MD5.97D8AC8CF6098B6626ED7FC2F1ACA68A] - 04-May-15 - 12:48:47 PM ---A- . (...) -- C:\Windows\PFRO.log [26204] O44 - LFC:[MD5.640DAD2C12AB9C0D0D3070666B6CCF80] - 04-May-15 - 12:49:34 PM ---A- . (...) -- C:\Windows\setupact.log [224] O44 - LFC:[MD5.E9CD058C79EA15B4AA93E259FA713B07] - 04-May-15 - 1:08:48 PM ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [136408] O44 - LFC:[MD5.DBB375F064EC314860D88D500061CC79] - 04-May-15 - 1:34:40 PM -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.1875464955BBBB32D4C8F8FA3B885681] - 04-May-15 - 1:34:50 PM ---A- . (...) -- C:\Windows\WindowsUpdate.log [1394786] O44 - LFC:[MD5.BC416EB81B670EC615E83351A21D14FA] - 04-May-15 - 1:38:18 PM ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [779306] O44 - LFC:[MD5.AF8D672019912A1A1A2A77C176722ABB] - 04-May-15 - 1:38:18 PM ---A- . (...) -- C:\Windows\System32\perfc009.dat [121956] O44 - LFC:[MD5.AE9BBB4186DB2B4C569BCBD101FBBA6E] - 04-May-15 - 1:38:18 PM ---A- . (...) -- C:\Windows\System32\perfh009.dat [660874] O44 - LFC:[MD5.DF10CC1FF31DD195DA265061582FB63B] - 04-May-15 - 1:44:47 PM --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [15568] O44 - LFC:[MD5.DF10CC1FF31DD195DA265061582FB63B] - 04-May-15 - 1:44:47 PM --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [15568] ~ Files: 15 Scanned in 24mn AMs ---\\ Latest files created in Windows Prefetcher (O45) O45 - LFCP:[MD5.3427DD450C5DD5735A727DEA558DAC88] - 03-May-15 - 11:24:16 AM ---A- - C:\Windows\Prefetch\BANDOO.EXE-E4EAC22F.pf =>Adware.Bandoo O45 - LFCP:[MD5.AE8A69DF76D6BE4E049BB0DC580E6661] - 02-May-15 - 3:43:52 PM ---A- - C:\Windows\Prefetch\DATAMNGRUI.EXE-64A16FF5.pf =>PUP.Datamngr ~ Prefetcher: 2 Scanned in 01mn AMs ---\\ Export authorized application key (O47) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\uusee\UUSeePlayer.exe" [Enabled] .(...) -- C:\Program Files (x86)\uusee\UUSeePlayer.exe (.not file.) ~ Keys Export: 1 Scanned in 00mn AMs ---\\ Local Security Authority-LSA Deny (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 9 Scanned in 00mn AMs ---\\ Safe Boot Control (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn AMs ---\\ MountPoints2 Shell Key (MPSK) (O51) O51 - MPSK:{f1087aed-eee6-11e3-99d9-db429f99a9da}\AutoRun\command. (...) -- E:\Setup.exe (.not file.) ~ Keys: Scanned in 00mn AMs ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 2 Scanned in 03mn AMs ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn AMs ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ MWPS: 17 Scanned in 00mn AMs ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3 ~ MWPE Keys: 7 Scanned in 00mn AMs ---\\ System Drivers List (SDL) (O58) O58 - SDL:14-Jul-09 - 4:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:14-Jul-09 - 4:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536] O58 - SDL:14-Jul-09 - 4:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864] O58 - SDL:14-Jul-09 - 4:52:21 AM ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440] O58 - SDL:11-Mar-11 - 9:22:41 AM ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904] O58 - SDL:14-Jul-09 - 4:52:20 AM ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128] O58 - SDL:11-Mar-11 - 9:22:40 AM ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008] O58 - SDL:23-Mar-13 - 6:04:23 PM ---A- . (.Protection Technology - Application Driver (01).) -- C:\Windows\System32\Drivers\appdrv01.sys [3852976] O58 - SDL:14-Jul-09 - 4:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632] O58 - SDL:14-Jul-09 - 4:52:21 AM ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856] O58 - SDL:28-Nov-13 - 12:54:20 AM ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [28600] =>.Avira Operations GmbH O58 - SDL:19-Dec-13 - 7:33:11 PM ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys [84720] =>.Avira Operations GmbH O58 - SDL:10-Jun-09 - 11:34:23 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:10-Jun-09 - 11:41:06 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:10-Jun-09 - 11:41:06 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:14-Jul-09 - 4:19:07 AM ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720] O58 - SDL:10-Jun-09 - 11:41:10 PM ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:10-Jun-09 - 11:41:10 PM ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:10-Jun-09 - 11:41:10 PM ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:10-Jun-09 - 11:34:28 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480] O58 - SDL:09-Jan-12 - 5:28:18 PM ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\ccdcmbox64.sys [27136] O58 - SDL:09-Jan-12 - 5:28:20 PM ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\ccdcmbx64.sys [19968] O58 - SDL:30-Nov-12 - 10:03:34 AM ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys [1611936] O58 - SDL:14-Jul-09 - 4:52:31 AM ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488] O58 - SDL:16-Nov-12 - 9:35:30 AM ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200] O58 - SDL:14-Jul-09 - 4:47:48 AM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10-Jun-09 - 11:34:33 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016] O58 - SDL:02-May-11 - 6:55:59 AM RSH-- . (...) -- C:\Windows\System32\Drivers\fbd.sys [13] O58 - SDL:10-Jun-09 - 11:31:59 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:17-Sep-09 - 11:54:54 PM ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [56344] O58 - SDL:14-Jul-09 - 4:47:48 AM ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [77888] O58 - SDL:17-May-14 - 5:35:04 AM ---A- . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\Drivers\hssdrv6.sys [44744] O58 - SDL:24-Mar-10 - 11:55:56 PM ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys [540696] O58 - SDL:11-Mar-11 - 9:23:00 AM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496] O58 - SDL:29-Jul-10 - 3:10:42 PM ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [10610400] O58 - SDL:14-Jul-09 - 4:48:04 AM ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112] O58 - SDL:27-Feb-10 - 5:32:14 PM ---A- . (.Intel Corporation - Intel(R) Turbo Boost Technology Driver.) -- C:\Windows\System32\Drivers\Impcd.sys [158976] O58 - SDL:22-Jun-10 - 3:45:56 AM ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [287232] O58 - SDL:23-Feb-10 - 4:03:42 AM ---A- . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) -- C:\Windows\System32\Drivers\L1C62x64.sys [75304] O58 - SDL:14-Jul-09 - 4:48:04 AM ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:14-Jul-09 - 4:48:04 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:14-Jul-09 - 4:48:04 AM ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:14-Jul-09 - 4:48:04 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:14-Apr-15 - 9:37:42 AM ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816] O58 - SDL:14-Apr-15 - 9:37:46 AM ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [107736] O58 - SDL:04-May-15 - 1:08:48 PM ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [136408] O58 - SDL:14-Jul-09 - 4:48:04 AM ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392] O58 - SDL:14-Jul-09 - 4:48:04 AM ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736] O58 - SDL:14-Apr-15 - 9:37:56 AM ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [63704] O58 - SDL:14-Jul-09 - 4:48:26 AM ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264] O58 - SDL:09-Jan-12 - 5:28:20 PM ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\Windows\System32\Drivers\nmwcdnsucx64.sys [12800] O58 - SDL:09-Jan-12 - 5:28:20 PM ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\nmwcdnsux64.sys [171008] O58 - SDL:11-Mar-11 - 9:23:06 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352] O58 - SDL:11-Mar-11 - 9:23:06 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272] O58 - SDL:11-Jun-12 - 11:33:46 AM ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\System32\Drivers\pccsmcfdx64.sys [26112] O58 - SDL:23-Jun-09 - 3:06:38 AM ---A- . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\Drivers\PGEffect.sys [35008] O58 - SDL:15-Jun-09 - 11:58:50 PM ---A- . (.TOSHIBA - Generic IO & Memory Access.) -- C:\Windows\System32\Drivers\QIOMem.sys [12800] O58 - SDL:14-Jul-09 - 4:45:46 AM ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816] O58 - SDL:14-Jul-09 - 4:45:45 AM ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592] O58 - SDL:20-Jul-11 - 2:58:22 PM ---A- . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\Windows\System32\Drivers\RimSerial_AMD64.sys [44032] O58 - SDL:25-Jul-11 - 5:44:46 PM ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752] O58 - SDL:13-Feb-10 - 1:49:16 AM ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtl8192Ce.sys [877088] O58 - SDL:09-Feb-10 - 7:57:22 AM ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsUStor.sys [239136] O58 - SDL:10-Jun-09 - 11:37:19 PM ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:14-Jul-09 - 4:45:45 AM ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584] O58 - SDL:14-Jul-09 - 4:45:46 AM ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464] O58 - SDL:16-Nov-12 - 9:44:11 AM ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [564824] O58 - SDL:14-Jul-09 - 4:45:55 AM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:31-Jan-13 - 6:08:40 AM ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [467184] O58 - SDL:01-Aug-12 - 9:13:40 PM ---A- . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\taphss.sys [38632] O58 - SDL:17-May-14 - 3:42:38 AM ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42184] O58 - SDL:31-Jul-09 - 6:22:04 AM ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\Drivers\tdcmdpst.sys [27784] O58 - SDL:20-Jun-09 - 5:15:22 AM ---A- . (.TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver for x64.) -- C:\Windows\System32\Drivers\TVALZFL.sys [14472] O58 - SDL:15-Jul-09 - 1:31:18 AM ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS [26840] O58 - SDL:09-Jan-12 - 5:28:20 PM ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\usbser_lowerfltjx64.sys [9216] O58 - SDL:09-Jan-12 - 5:28:20 PM ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\usbser_lowerfltx64.sys [9216] O58 - SDL:14-Jul-09 - 4:45:55 AM ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488] O58 - SDL:14-Jul-09 - 4:45:55 AM ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872] O58 - SDL:11-Jun-09 - 12:01:11 AM ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\System32\Drivers\VSTAZL6.SYS [292864] O58 - SDL:11-Jun-09 - 12:01:11 AM ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\Drivers\VSTCNXT6.SYS [740864] O58 - SDL:11-Jun-09 - 12:01:11 AM ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\Drivers\VSTDPV6.SYS [1485312] O58 - SDL:24-Jul-06 - 4:05:00 PM ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632] ~ Drivers: 82 Scanned in 24mn AMs ---\\ Last modified or created user files (O61) O61 - LFC: 01-May-15 - 1:50:48 PM ---A- . (...) -- C:\Users\Toshiba\AppData\Local\Temp\Quarantine.exe [606208] O61 - LFC: 03-May-15 - 1:54:44 PM ---A- . (...) -- C:\Users\Toshiba\Downloads\adwcleaner_4.203.exe [2204160] O61 - LFC: 03-May-15 - 1:54:44 PM ---A- . (.OPSWAT, Inc..) -- C:\Users\Toshiba\Downloads\AppRemover.exe [11972672] O61 - LFC: 03-May-15 - 1:54:45 PM ---A- . (.Malwarebytes Corporation.) -- C:\Users\Toshiba\Downloads\mbam-setup-2.1.6.1022.exe [21546080] O61 - LFC: 03-May-15 - 1:54:45 PM ---A- . (.Nicolas Coolman.) -- C:\Users\Toshiba\Downloads\ZHPDiag2.exe [6880006] =>.Nicolas Coolman O61 - LFC: 03-May-15 - 1:54:45 PM ---A- . (.Thisisu.) -- C:\Users\Toshiba\Downloads\JRT.exe [2716306] O61 - LFC: 04-May-15 - 1:50:47 PM ---A- . (...) -- C:\Users\Toshiba\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmputmmrg.dll [43008] O61 - LFC: 04-May-15 - 1:54:45 PM ---A- . (.Bleeping Computer, LLC.) -- C:\Users\Toshiba\Downloads\sc-cleaner.exe [463688] O61 - LFC: 27-Apr-15 - 1:50:47 PM ---A- . (...) -- C:\Users\Toshiba\AppData\Local\Temp\jrt\prelim.bat [34603] O61 - LFC: 28-Apr-15 - 1:50:47 PM ---A- . (...) -- C:\Users\Toshiba\AppData\Local\Temp\jrt\misc.bat [126700] O61 - LFC: 30-Apr-15 - 1:50:47 PM ---A- . (...) -- C:\Users\Toshiba\AppData\Local\Temp\jrt\get.bat [17667] ~ 160 Fichiers temporaires (Temporary files) ~ 2604 Fichiers cookies (Cookies files) ~ Files: 11 Scanned in 19mn AMs ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn AMs ---\\ List all legacy services(LALS) (O64) O64 - Services: CurCS - 23-Mar-13 - C:\Windows\System32\Drivers\appdrv01.sys (appdrv01) .(.Protection Technology - Application Driver (01).) - LEGACY_APPDRV01 O64 - Services: CurCS - 28-Nov-13 - C:\Windows\System32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - LEGACY_AVKMGR O64 - Services: CurCS - 17-May-14 - C:\Windows\System32\DRIVERS\hssdrv6.sys (HssDRV6) .(.AnchorFree Inc. - Hotspot Shield Routing Driver.) - LEGACY_HSSDRV6 O64 - Services: CurCS - 14-Apr-15 - C:\windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 04-May-15 - C:\windows\system32\drivers\MBAMSwissArmy.sys (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMSWISSARMY O64 - Services: CurCS - 14-Apr-15 - C:\windows\system32\drivers\mwac.sys (MBAMWebAccessControl) .(.Malwarebytes Corporation - Malwarebytes Web Access Control.) - LEGACY_MBAMWEBACCESSCONTROL O64 - Services: CurCS - 10-Jun-09 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 16-Nov-12 - C:\Windows\system32\Drivers\sptd.sys (sptd) .(.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) - LEGACY_SPTD ~ Legacy: 97 Scanned in 00mn AMs ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn AMs ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe ~ Keys: Scanned in 00mn AMs ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com ~ Keys: Scanned in 00mn AMs ---\\ Crack & Keygen Files (CKF) (O82) C:\Users\Toshiba\Videos\film\Animation\PCM.2011.Keygen&Crack\PCM.2011.Keygen&Crack.rar =>.Crack,Keygen ~ Files: Scanned in 24mn AMs ---\\ Search Svchost Services (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [776192] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [845824] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [676864] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [343552] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316416] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [706560] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2418176] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [848384] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [369664] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [565760] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [104960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1114624] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [208384] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ~ Services: 32 Scanned in 01mn AMs ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.D6B9F791216A215BDF0B4B35FC9F53F3] [SPRF][15-Jul-13] (...) -- C:\ProgramData\ntuser.dat [262144] [MD5.5B13719AAA79DED09903A3B5B066C20D] [SPRF][10-Dec-09] (.Hyperionics - HyperCam.) -- C:\Program Files (x86)\CamRes2.dll [122880] [MD5.B440E5AAEE1211064EE38BDDA911A847] [SPRF][21-Jan-10] (.Hyperionics - HyperCam.) -- C:\Program Files (x86)\HyCam2.exe [969624] [MD5.57FD870F0F19B211BACECEB9F6CB801A] [SPRF][31-Dec-09] (.Hyperionics - HyperCam 2 Support DLL.) -- C:\Program Files (x86)\MClick2.dll [44032] [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25-Jul-02] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576] [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25-Jul-02] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608] [MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25-Jul-02] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032] ~ Files: 7 Scanned in 00mn AMs ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{213F4DAA-391C-4D93-9296-C928A6DD55B8}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{1D3566D5-F3E7-40C6-B55B-7A9EC6D29ADF}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 2 Scanned in 05mn AMs ---\\ Product Upgrade Codes (PUC) (O90) O90 - PUC: "95FA1DD41215F1249BD2EEFBF30243A5" . (.Official Video Converter.) -- C:\windows\Installer\{4DD1AF59-5121-421F-B92D-EEBF3F20345A}\ARPPRODUCTICON.exe =>PUP.OfficialVideoConverter O90 - PUC: "D21EC9447C2E79B41BE9551D36AE4953" . (.Bing Bar.) -- C:\windows\Installer\{449CE12D-E2C7-4B97-B19E-55D163EA9435}\icon_installer_ico =>Toolbar.Bing ~ Update Products: 2 Scanned in 00mn AMs ---\\ MyComputer Name Space (MNS) (O92) O92 - MNS: Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} O92 - MNS: RealPlayer Cloud - {5E8FC967-829A-475C-93EA-51FCE6D9FFCE} ~ MNS: 2 Scanned in 00mn AMs ---\\ Windows Installer Scan (WIS) (O93) (NTFS) [MD5.2656F37EB3C0CE05CE61B0F47FD3B187] [WIS][07-Nov-11] (.Aedge Performance BCN SL - Official Video Converter.) -- C:\Windows\Installer\10cd09f.msi [3491328] =>PUP.OfficialVideoConverter [MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][09-Oct-12] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\604a9bb.msi [45056] =>Adware.Boxore [MD5.0251236A9855DF4042D841B38C858FA0] [WIS][27-Jun-11] (.iMesh Inc. - iMesh.) -- C:\Windows\Installer\8f67ae.msi [307200] =>PUP.iMesh [MD5.7392F668FE327921951BD45F0B733950] [WIS][01-Apr-11] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\fda4a0.msi [4556800] =>Toolbar.Bing ~ WIS: 4 Scanned in 10mn AMs ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 19-Mar-15 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 23-Mar-13 551896 | (appdrvrem01) . (.Protection Technology.) - C:\Windows\System32\appdrvrem01.exe SS - | Auto 16-Dec-14 289328 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe SS - | Demand 01-Apr-11 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe =>Toolbar.Bing SS - | Demand 12-Oct-10 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SS - | Auto 15-Oct-10 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 15-Oct-10 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 17-May-14 78512 | (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.exe SS - | Demand 04-Apr-05 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SS - | Demand 09-Apr-14 289256 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe SS - | Demand 01-Dec-14 38200 | (OpenVPNService) . (.The OpenVPN Project.) - C:\Program Files\OpenVPN\bin\openvpnserv.exe SS - | Demand 06-Oct-09 51512 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.Toshiba Corporation SS - | Auto 26-Feb-10 252928 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe =>.Toshiba Corporation SS - | Auto 22-Jul-58 0 | (tvnserver) . (...) - C:\Program Files (x86)\ShowMyPCService\tvnserver.exe SS - | Auto 22-Jul-58 0 | (vToolbarUpdater18.3.0) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe =>Toolbar.AVGSearch SR - | Auto 30-Aug-11 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 12-Dec-12 205560 | (CxAudMsg) . (.Conexant Systems Inc..) - C:\windows\system32\CxAudMsg64.exe SR - | Auto 17-May-14 430344 | (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe SR - | Auto 18-Mar-10 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 14-Apr-15 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SR - | Auto 14-Apr-15 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SR - | Auto 04-Sep-10 115056 | (Norton PC Checkup Application Launcher) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\SymcPCCULaunchSvc.exe SR - | Auto 25-Aug-09 126392 | (PCCUJobMgr) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.5.60\ccSvcHst.exe SR - | Auto 10-Jun-14 39568 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe SR - | Auto 08-Aug-14 1141848 | (RealPlayer Cloud Service) . (.RealNetworks, Inc..) - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe SR - | Auto 10-Jun-14 23552 | (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe SR - | Auto 28-Mar-11 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe =>Toolbar.Bing SR - | Demand 11-Jun-12 724376 | (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 29-Jul-09 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe SR - | Auto 28-Sep-10 489384 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe SR - | Demand 06-Feb-10 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe SR - | Demand 24-Feb-10 835952 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe SR - | Auto 18-Mar-10 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 14-Jul-09 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 22-Jul-58 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14-Jul-09 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 26mn AMs ---\\ Search Master Boot Record Infection (MBR)(O80) Run by Toshiba at 04-May-15 1:59:31 PM ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn AMs ---\\ Search Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Toshiba at 04-May-15 1:59:33 PM ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 02mn AMs ---\\ List of CD/DVD Emulators (MBR Hook) O58 - SDL:16-Nov-12 - 9:44:11 AM ---A- . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\Drivers\sptd.sys [564824] O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd ~ Emulateurs: Scanned in 02mn AMs ---\\ Scan Additionnel (O88) Database Version : 13008 - (02-May-15) Clés trouvées (Keys found) : 12 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 8 Fichiers trouvés (Files found) : 6 [HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.3.0] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{449CE12D-E2C7-4B97-B19E-55D163EA9435}] =>Toolbar.Bing^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4DD1AF59-5121-421F-B92D-EEBF3F20345A}] =>PUP.OfficialVideoConverter^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.µTorrent^ [HKLM\Software\Classes\Applications\iMeshV10.exe] =>PUP.iMesh [HKLM\Software\Wow6432Node\OfficialVideoConverter] =>PUP.OfficialVideoConverter [HKLM\Software\Classes\Installer\Features\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter [HKLM\Software\Classes\Installer\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter [HKLM\Software\Wow6432Node\Classes\Installer\Features\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter [HKLM\Software\Wow6432Node\Classes\Installer\Products\95FA1DD41215F1249BD2EEFBF30243A5] =>PUP.OfficialVideoConverter [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4DD1AF59-5121-421F-B92D-EEBF3F20345A}] =>PUP.OfficialVideoConverter C:\Program Files (x86)\OfficialVideoConverter =>PUP.OfficialVideoConverter^ C:\Program Files (x86)\uTorrent =>P2P.µTorrent^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Official Video Converter =>PUP.OfficialVideoConverter^ C:\Users\Toshiba\AppData\Roaming\uTorrent =>P2P.µTorrent^ C:\Program Files (x86)\Software =>Adware.Boxore C:\Program Files (x86)\UUSee =>Adware.VideoDownloadConverter C:\ProgramData\{B49A644A-1076-4A3D-B124-DAA7862F2318} =>Adware.Bandoo C:\Users\Toshiba\AppData\Local\Software =>Adware.Boxore [HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^ [HKCU\Software\BitTorrent] =>P2P.BitTorrent^ C:\Windows\Installer\10cd09f.msi =>PUP.OfficialVideoConverter^ C:\Windows\Installer\604a9bb.msi =>Adware.Boxore^ C:\Windows\Installer\8f67ae.msi =>PUP.iMesh^ C:\Windows\Installer\fda4a0.msi =>Toolbar.Bing^ ~ Additionnel Scan: 354355 Items scanned in 54mn AMs ---\\ Additional information about modules ~ http://nicolascoolman.fr/g0-page-de-demarrage-google-chrome/ =>.Google Chrome, Start,Search,Extensions (G0,G1,G2) ~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Start,Search,Extensions (G0,G1,G2) ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer toolbars (O3) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.MountPoints2 Shell Key (MPSK) (O51) ~ AMI: 6 Scanned in 00mn AMs ---\\ Summary of the detections found on your workstation http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo http://nicolascoolman.fr/29286660-pup-officialvideoconverter =>PUP.OfficialVideoConverter http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar http://nicolascoolman.fr/pup-datamngr =>PUP.Datamngr http://nicolascoolman.fr/adware-boxore =>Adware.Boxore http://nicolascoolman.fr/pup-imesh =>PUP.iMesh http://www.nicolascoolman.fr/blog/ =>Adware.VideoDownloadConverter ~ MSI: 7 link(s) detected in 00mn AMs End of the scan (1802 lines in 12mn AMs)(1.11)