Format du document : text/plain
~ ZHPDiag v2015.8.4.110 By Nicolas Coolman (2015/08/4)
~ Run by theooow (Administrator) (2015/08/05 20:23:52)
~ Site:
~ Facebook:
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\theooow\Desktop\ZHPDiag.txt
~ Report: C:\Users\theooow\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
~ Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
---\\ Internet Browsers (2) - 0s
GCIE: Google Chrome v44.0.2403.125
MSIE: Internet Explorer v11.0.9600.17914
---\\ Windows Product Information (4) - 25s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK
---\\ System protection software (2) - 0s
Microsoft Security Client v4.8.0204.0
Microsoft Security Essentials v4.8.204.0
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4136.028 MB (63% free)
~ System Restore: Activé (Enable)
~ System drive C: has 142 GB free of 249 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: THEOOOW-PC
~ User Name: theooow
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 142 GB free of 249 GB (System)
~ Drive D: has 521 GB free of 703 GB
---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (23) - 2s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E066FDC3A2074D926903B8C31EF3B347] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2427392]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.1877EB1495CFBDAB27D6A32F6DDF3818] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [159232]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [295808]
---\\ Process running (6) - 2s
[MD5.94724B5F72298C4D407BE77CAA67AE38] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [239616] [PID.988]
[MD5.4DDD0D7646676FE3C56AB390686B9DE2] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [588800] [PID.1332]
[MD5.51D5697EAA2E47273FAEB2ABF19C1435] - (.AVerMedia TECHNOLOGIES, Inc. - RECentral hot key remote service.) -- C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe [1924608] [PID.1836]
[MD5.25DA3B804C41633C0AE28F514F097692] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299520] [PID.3380]
[MD5.834FEE01042FC042F6C0AEBC9CCD7187] - (.Joyent, Inc - Evented I/O for V8 JavaScript.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe [5521792] [PID.4532]
[MD5.ACB1BE3F0AE4C8F96701577DA6462CC4] - (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [10725320] [PID.4860]
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (11) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage]
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (1) - 0s
P2 - EXT: (.Avira - Segurança do navegador Avira.) -- C:\Users\theooow\AppData\Roaming\Mozilla\Firefox\Profiles\gpUaAnZy.default\extensions\
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (15) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)
---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Auto loading programs from Registry and folders (O4) (14) - 1s
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- D:\Program Files\Steam\Steam.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3253075806-1298980991-687662395-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- D:\Program Files\Steam\Steam.exe
---\\ Hijackers (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer =
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (4) - 0s
O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVerRECentral (AVerRECentral) . (.AVerMedia TECHNOLOGIES, Inc. - RECentral hot key remote service.) - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRECentral.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
---\\ Task Planned Automatically (O39) (7) - 3s
[MD5.7814A8ED32D5186BA651008AFFB55080] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200]
[MD5.7814A8ED32D5186BA651008AFFB55080] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [896]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [900]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3644]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3896]
---\\ Software installed (O42) (27) - 2s
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client
O42 - Logiciel: (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {3F3C0D7A-FA11-41D5-A3DB-A1F2944577BD}
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {57027C7D-C9C7-D24E-1B95-C06120B64DFB}
O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {841421F7-E17F-9DCF-8BFC-0351B0ED44EB}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {CE58DAE6-27A0-C7F4-93B6-2C89B93DD4B3}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {EE0B4480-194D-C725-EDF8-6CE3FC4DDC89}
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud
O42 - Logiciel: AVerMedia C875 Live Gamer Portable - (.AVerMedia TECHNOLOGIES, Inc..) [HKLM][64Bits] -- AVerMedia C875 Live Gamer Portable
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: AVerMedia RECentral - (.AVerMedia Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{30D6B6ED-E039-4D62-8E07-E058D17A9372}
O42 - Logiciel: Trove - (.Trion Worlds.) [HKLM][64Bits] -- Steam App 304050
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Adobe Media Encoder CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0FAC7130-BEC5-47A5-8813-1D339B8326ED}
O42 - Logiciel: Adobe After Effects CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {147EC100-14BE-45EF-AB42-35BAEE7D02F0}
O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {25A3B953-1423-3F15-640E-B620DD0F419A}
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
O42 - Logiciel: Adobe Premiere Pro CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {38C72D42-0672-43B1-9E05-E7631684F9A1}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {627FFC10-CE0A-497F-BA2B-208CAC638010}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Adobe Photoshop CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {793C2BF7-A4FE-4608-91C9-9282C5801C21}
O42 - Logiciel: Belkin N300 Micro USB Wireless Adapter - (...) [HKLM][64Bits] -- {B20F9D1C-A0A5-4cd8-8306-DA03872311B1}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B455E95A-B804-439F-B533-336B1635AE97}
---\\ HKCU & HKLM Software Keys (43) - 2s
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Belkin International, Inc.
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\ZebHelpProcess Helper
---\\ Contents of the Common Files folders (O43) (103) - 2s
O43 - CFD: 2015/08/04 16:20:12 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/08/03 18:42:27 - [0] D -- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 2015/08/03 15:29:48 - [] D -- C:\Program Files (x86)\AMD AVT
O43 - CFD: 2015/08/04 11:02:33 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2015/08/03 15:26:06 - [] D -- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 2015/08/05 14:18:46 - [] D -- C:\Program Files (x86)\AVerMedia
O43 - CFD: 2015/08/03 21:44:18 - [0] D -- C:\Program Files (x86)\Avira
O43 - CFD: 2015/08/03 15:16:17 - [] D -- C:\Program Files (x86)\Belkin
O43 - CFD: 2015/08/05 14:19:16 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/08/03 15:36:43 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/08/05 14:19:16 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/08/03 15:42:55 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/08/05 11:44:17 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/03 17:12:10 - [] D -- C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 2015/08/03 19:07:02 - [] D -- C:\Program Files (x86)\Microsoft XNA
O43 - CFD: 2015/08/03 15:21:32 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/08/03 18:42:27 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2015/08/04 11:04:56 - [] D -- C:\Program Files (x86)\QuickTime
O43 - CFD: 2015/08/03 17:00:19 - [] D -- C:\Program Files (x86)\Raptr
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2009/07/14 06:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/08/03 21:47:38 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2010/11/21 09:06:51 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/08/04 14:41:29 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2010/11/21 09:06:51 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2010/11/21 05:31:38 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2010/11/21 09:06:51 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/08/04 02:03:17 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/08/03 23:46:21 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/03 23:46:36 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/03 15:29:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
O43 - CFD: 2015/08/05 14:18:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
O43 - CFD: 2015/08/03 23:46:34 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/08/03 15:36:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/08/03 15:41:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\
O43 - CFD: 2009/07/14 06:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/04 11:04:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 2009/07/14 06:54:24 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2010/11/21 09:16:46 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/08/03 16:21:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 2015/08/04 02:03:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/08/04 10:11:22 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/08/03 15:29:48 - [] D -- C:\ProgramData\AMD
O43 - CFD: 2015/08/04 11:02:06 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/08/04 11:03:46 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/08/03 15:34:48 - [] D -- C:\ProgramData\ATI
O43 - CFD: 2015/08/03 16:58:55 - [] D -- C:\ProgramData\Avira
O43 - CFD: 2015/08/05 16:18:17 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/08/03 15:41:39 - [] D -- C:\ProgramData\
O43 - CFD: 2015/08/03 21:46:31 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/08/04 10:17:54 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/08/04 10:41:35 - [0] D -- C:\ProgramData\
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/08/04 16:11:42 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/08/04 11:02:06 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2015/08/03 15:29:45 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 2015/08/05 14:18:14 - [] D -- C:\Program Files (x86)\Common Files\AVerMedia
O43 - CFD: 2015/08/03 19:07:03 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/08/03 18:28:42 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2015/08/04 14:41:29 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/04 16:14:42 - [] D -- C:\Users\theooow\AppData\Roaming\Adobe
O43 - CFD: 2015/08/04 14:47:45 - [] D -- C:\Users\theooow\AppData\Roaming\Apple Computer
O43 - CFD: 2015/08/03 15:34:48 - [] D -- C:\Users\theooow\AppData\Roaming\ATI
O43 - CFD: 2015/08/03 15:08:15 - [] D -- C:\Users\theooow\AppData\Roaming\Identities
O43 - CFD: 2015/08/03 15:30:33 - [] D -- C:\Users\theooow\AppData\Roaming\library_dir
O43 - CFD: 2010/11/21 09:16:46 - [0] D -- C:\Users\theooow\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/08/03 15:18:45 - [] SD -- C:\Users\theooow\AppData\Roaming\Microsoft
O43 - CFD: 2015/08/03 16:33:54 - [] D -- C:\Users\theooow\AppData\Roaming\Mozilla
O43 - CFD: 2015/08/03 23:10:34 - [] D -- C:\Users\theooow\AppData\Roaming\Trove
O43 - CFD: 2015/08/05 20:11:37 - [] D -- C:\Users\theooow\AppData\Roaming\TS3Client
O43 - CFD: 2015/08/04 02:03:27 - [] D -- C:\Users\theooow\AppData\Roaming\WinRAR
O43 - CFD: 2015/08/05 20:24:30 - [] D -- C:\Users\theooow\AppData\Roaming\ZHP
O43 - CFD: 2015/08/05 16:22:37 - [] D -- C:\Users\theooow\AppData\Local\Adobe
O43 - CFD: 2015/08/04 11:02:42 - [] D -- C:\Users\theooow\AppData\Local\Apple
O43 - CFD: 2015/08/03 15:07:59 - [0] SHD -- C:\Users\theooow\AppData\Local\Application Data
O43 - CFD: 2015/08/03 15:35:34 - [] D -- C:\Users\theooow\AppData\Local\Apps
O43 - CFD: 2015/08/03 15:34:48 - [] D -- C:\Users\theooow\AppData\Local\ATI
O43 - CFD: 2015/08/03 18:29:10 - [] D -- C:\Users\theooow\AppData\Local\CEF
O43 - CFD: 2015/08/03 15:36:09 - [0] D -- C:\Users\theooow\AppData\Local\Deployment
O43 - CFD: 2015/08/03 15:36:55 - [] D -- C:\Users\theooow\AppData\Local\Google
O43 - CFD: 2015/08/03 15:07:59 - [0] SHD -- C:\Users\theooow\AppData\Local\History
O43 - CFD: 2015/08/04 14:47:07 - [] D -- C:\Users\theooow\AppData\Local\Microsoft
O43 - CFD: 2015/08/05 14:25:18 - [] D -- C:\Users\theooow\AppData\Local\RECentral
O43 - CFD: 2015/08/03 18:28:58 - [] D -- C:\Users\theooow\AppData\Local\Steam
O43 - CFD: 2015/08/05 20:23:49 - [] D -- C:\Users\theooow\AppData\Local\Temp
O43 - CFD: 2015/08/03 15:07:59 - [0] SHD -- C:\Users\theooow\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/08/03 15:08:11 - [0] D -- C:\Users\theooow\AppData\Local\VirtualStore
O43 - CFD: 2009/07/14 06:54:32 - [] RD -- C:\Users\theooow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/03 21:59:05 - [] RD -- C:\Users\theooow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/05 14:19:13 - [] D -- C:\Users\theooow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVerMedia
O43 - CFD: 2009/07/14 06:49:38 - [] RD -- C:\Users\theooow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/03 21:59:05 - [] RD -- C:\Users\theooow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/08/03 22:53:45 - [] D -- C:\Users\theooow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2015/08/04 02:03:17 - [] D -- C:\Users\theooow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ System Drivers List (SDL) (O58) (51) - 10s
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2014/07/09 17:47:38 A . (.Advanced Micro Devices - AMD ACP Kernel Service Driver.) -- C:\Windows\System32\drivers\amdacpksd.sys [276192]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904]
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2014/06/21 19:01:22 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdW76.sys [94720]
O58 - SDL:2014/07/09 17:45:04 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [15950848]
O58 - SDL:2014/07/09 17:19:50 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [557056]
O58 - SDL:2014/11/05 08:59:40 A . (.AVerMedia TECHNOLOGIES, Inc. - AVerMedia H264 Codec Driver.) -- C:\Windows\System32\drivers\AVer330USB.sys [1550464]
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704]
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232]
O58 - SDL:2010/11/21 05:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
O58 - SDL:2011/03/11 08:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496]
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2015/02/18 16:26:57 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\Windows\System32\drivers\iusb3hcs.sys [22800]
O58 - SDL:2015/02/18 16:26:57 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\iusb3hub.sys [390416]
O58 - SDL:2015/02/18 16:26:57 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [799504]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272]
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2011/06/01 04:17:34 RA . (.Realtek Semiconductor Corporation - Realtek RTL8192C USB NDIS Driver.) -- C:\Windows\System32\drivers\rtl8192cu.sys [848384]
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2014/09/30 17:47:28 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [129312]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]
---\\ Last modified or created user files (O61) (8) - 27s
O61 - LFC: 2015/08/05 14:14:39 A . (..) -- C:\Users\theooow\Downloads\GL710_application_and_driver_v1.3.0.89_20141113.exe [103964498]
O61 - LFC: 2015/08/03 15:41:00 A . (..) -- C:\Users\theooow\Downloads\MaConfigx64_8_0_0_5.exe [5440800]
O61 - LFC: 2015/08/03 16:20:27 A . (.TeamSpeak Systems GmbH.) -- C:\Users\theooow\Downloads\TeamSpeak3-Client-win64-3.0.16.exe [30014480]
O61 - LFC: 2015/08/03 20:07:47 A . (..) -- C:\Users\theooow\Downloads\torbrowser-install-4.5.3_fr.exe [36264104]
O61 - LFC: 2015/08/04 16:54:59 A . (..) -- C:\Users\theooow\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [297531]
O61 - LFC: 2015/08/05 20:11:42 A . (..) -- C:\Users\theooow\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/08/05 16:17:24 A . (..) -- C:\Users\theooow\AppData\Local\ATI\ACE\Manifest.Bin [30042]
O61 - LFC: 2015/08/03 15:36:05 N . (..) -- C:\Users\theooow\AppData\Local\Apps\2.0\WODCQ3WM.9PJ\MPWH1JJO.BTN\goog...app_86fd5b6b43e66935_0001.0003_203fbf14216d5591\clickonce_bootstrap.exe [11080]
---\\ File Associations Shell Spawning (O67) (1) - 0s
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe
---\\ Start Menu Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
---\\ Search Browser Infection (SBI) (O69) (1) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) -
---\\ Crack & Keygen Files (CKF) (O82) (3) - 74s
O82 - LFC: 2013/07/03 15:01:28 A . (.Copyright © 2013.) -- C:\Users\theooow\Downloads\Autres\Cracks\XSplit - v1.3.1306.2101 - Cracked - Mrshaker334\MakaHost.dll [6656] =>.Crack,Keygen
O82 - LFC: 2013/07/03 14:42:06 A . (.SplitMediaLabs.) -- C:\Users\theooow\Downloads\Autres\Cracks\XSplit - v1.3.1306.2101 - Cracked - Mrshaker334\Setup - XSplit - v1.3.1306.2101 - NaworTuto.exe [39096568] =>.Crack,Keygen
O82 - LFC: 2013/07/03 15:08:30 A . (.SplitMediaLabs.) -- C:\Users\theooow\Downloads\Autres\Cracks\XSplit - v1.3.1306.2101 - Cracked - Mrshaker334\XSplit.Core.exe [2664960] =>.Crack,Keygen
---\\ Search Svchost Services (SSS) (O83) (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2603008]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536]
---\\ Firewall Active Exception List (FirewallRules) (O87) (12) - 4s
O87 - FAEL: "{0580824B-7876-42E7-A865-8857ABF38B36}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Raptr\raptr.exe (.not file.)
O87 - FAEL: "{8D48466E-B8FA-4385-982E-B44C397F90A5}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Raptr\raptr.exe (.not file.)
O87 - FAEL: "{64F0C698-0664-44C2-BA97-78AEE7119B01}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Raptr\raptr_im.exe (.not file.)
O87 - FAEL: "{A6860F0F-683A-48AE-82BD-35E3DD162D4B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Raptr\raptr_im.exe (.not file.)
O87 - FAEL: "{92F8B151-6133-4DB7-A44E-014333B4D4A6}" [In-None-P6-TRUE] .(.Copyright (C) 2007-2008 - Engine.) -- D:\Program Files\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
O87 - FAEL: "{C9B1F9D3-8B23-4A94-8AAA-76F825607866}" [In-None-P17-TRUE] .(.Copyright (C) 2007-2008 - Engine.) -- D:\Program Files\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
O87 - FAEL: "{1F921047-0450-49CF-992E-271C8A7FD381}" [In-None-P6-TRUE] .(.Trion Worlds Inc. - Glyph.) -- D:\Program Files\SteamLibrary\SteamApps\common\Trove\GlyphClient.exe
O87 - FAEL: "{E87BEDDA-650C-4590-89CA-2FD1445443AF}" [In-None-P17-TRUE] .(.Trion Worlds Inc. - Glyph.) -- D:\Program Files\SteamLibrary\SteamApps\common\Trove\GlyphClient.exe
O87 - FAEL: "TCP Query User{6F349811-0157-4813-B97A-C60272229B36}D:\program files\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" [In-None-P6-TRUE] .(...) -- D:\program files\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe
O87 - FAEL: "UDP Query User{8AA532C4-3F52-4742-9BDF-92841771622E}D:\program files\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe" [In-None-P17-TRUE] .(...) -- D:\program files\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe
O87 - FAEL: "{F0B1C30D-C494-49A1-A54B-113009D9B55D}" [In-None-P6-TRUE] .(.Psyonix, Inc - Rocket League.) -- D:\Program Files\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
O87 - FAEL: "{C879EFBC-8A94-42D8-ABE5-F86FD76B1FD5}" [In-None-P17-TRUE] .(.Psyonix, Inc - Rocket League.) -- D:\Program Files\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
---\\ Additional Scan (O88) (1) - 0s
~ No malicious or unnecessary items found.
---\\ Summary of the elements found on your workstation (1) - 0s
~ No malicious or unnecessary items found.
~ End of the scan, 17865 items in 174 seconds (445)(3)()