~ ZHPDiag v2015.11.8.163 By Nicolas Coolman (2015/11/08) ~ Run by toshiba (Administrator) (2015/11/08 15:32:43) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\toshiba\Desktop\ZHPDiag.txt ~ Report: C:\Users\toshiba\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ System startup: Normal (Normal boot) Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (2) - 0s GCIE: Google Chrome v46.0.2490.80 MSIE: Internet Explorer v11.0.9600.18059 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software (3) - 65s Avast Free Antivirus v10.4.2233 Malwarebytes Anti-Malware version 2.2.0.1024 Windows Defender W7 (Deactivate) ---\\ System optimization software (1) - 67s CCleaner v3.20 ---\\ Surveillance software (2) - 67s Adobe Flash Player 19 NPAPI Adobe Acrobat Reader DC - Français ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 1956.708 MB (5% free) System Restore: Activé (Enable) System drive C: has 10 GB (16%) free of 59 GB =>Alerte espace disque inférieur à 20 Go ---\\ Connection to the system mode (3) - 0s ~ Computer Name: TOSHIBA-PC ~ User Name: toshiba ~ Logged in as Administrator ---\\ Enumeration of the disk units (4) - 0s ~ Drive C: has 10 GB free of 59 GB (System) ~ Drive D: has 0 GB free of 0 GB ~ Drive E: has 177 GB free of 178 GB ~ Drive F: has GB free of 0 GB ---\\ State of the Windows Security Center (11) - 1s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (25) - 10s [MD5.332FEAB1435662FC6C672E25BEB37BE3] - 25/02/2011 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2871808] © [MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] © [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] © [MD5.BD06D875FB79E92DAF724C91DE743AFA] - 16/09/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2487808] © [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] © [MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] © [MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] © [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] © [MD5.FA886682CFC5D36718D3E436AACF10B9] - 30/05/2014 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497152] © [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] © [MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] © [MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] © [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] © [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] © [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] © [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] © [MD5.ACB6782973BD93760D597FC7BB37E692] - 29/09/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159232] © [MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] © [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 24/01/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1684928] © [MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] © [MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] © [MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] © [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] © [MD5.70988118145F5F10EF24720B97F35F65] - 11/11/2014 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] © [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] © ---\\ Non Microsoft non disabled Windows Services (7) - 7s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe © O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe © O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe © ---\\ Task Planned Automatically (26) - 13s [MD5.B89A82FB10E98F2FDF51FA82C7366DD3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736] © [MD5.8C194A201698B4B4F77D974549819D1F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] © [MD5.D9E35285D8CCE58241038E5B23507DAB] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1382112] © [MD5.0BE64FAB577BFA54443C680343AEC85F] [APT] [avastBCLRestartS-1-5-21-147999173-481393161-876854721-1000] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] © [MD5.6E8A4256CEC328029C0D923EADA47F04] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3075936] © [MD5.00000000000000000000000000000000] [APT] [DriverToolkit Autorun] (...) -- C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe (.not file.) [0] =>PUP.Optional.DriverToolkit [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] © [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] © [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000Core] (.Google Inc..) -- C:\Users\toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [116648] © [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000UA] (.Google Inc..) -- C:\Users\toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [116648] © O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] © O39 - APT: DriverToolkit Autorun - (...) -- C:\Windows\Tasks\DriverToolkit Autorun.job [362] =>PUP.Optional.DriverToolkit O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] © O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000Core.job [1034] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000UA.job [1086] © O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] © O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] © O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] © O39 - APT: avastBCLRestartS-1-5-21-147999173-481393161-876854721-1000 - (.Google Inc..) -- C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-147999173-481393161-876854721-1000 [3280] © O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2776] © O39 - APT: DriverToolkit Autorun - (...) -- C:\Windows\System32\Tasks\DriverToolkit Autorun [2726] =>PUP.Optional.DriverToolkit O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3814] © O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4066] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000Core [3668] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-147999173-481393161-876854721-1000UA [4064] © ---\\ Process running (28) - 26s [MD5.11120878E5276B367E1A10FF8C9B595B] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1240] © [MD5.5DB2C6B908C50767E2EDAA294A7566B5] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1728] © [MD5.23DE5B62B0445A6F874BE633C95B483E] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1932] © [MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.1292] © [MD5.2BACD71123F42CEA603F4E205E1AE337] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096] [PID.2064] © [MD5.DD7423ABBE2913E70D50E9318AD57EE4] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.2348] © [MD5.2FE8F6A30802B69A3F501607F346DEEA] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [392984] [PID.2488] © [MD5.9C4E0E4E185D46DFC4F5F35939B013FF] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.17\GoogleCrashHandler.exe [245576] [PID.2764] © [MD5.16AEFBBF76ACE9A8548BD8819878024C] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.17\GoogleCrashHandler64.exe [307016] [PID.2916] © [MD5.2A46FFE841EC43001D5A293A54DB34DE] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [223104] [PID.2944] © [MD5.CA1941B93BA45B7EA4D7D9F451B25C84] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [417560] [PID.2968] © [MD5.F120335CFD86E98967AD5F77905E981D] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016] [PID.3436] © [MD5.D1AFB241B396E9E3735D44A65DA97AD5] - (.Synaptics, Inc. - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [120104] [PID.3724] © [MD5.89CACBC5A5D9F14AD11F09D1DE49294E] - (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088] [PID.3756] © [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Google Installer.) -- C:\Users\toshiba\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.4028] © [MD5.6F142F0DE632B11D25E859550A228E9A] - (.Google Inc. - AutoBackup.) -- C:\Users\toshiba\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312] [PID.4036] © [MD5.1A1A7B2542A67C7A7D166920C8C3D075] - (.Samsung - .) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1015104] [PID.4088] © [MD5.AA1600118E222FCBE3F3BFEC1ABEC309] - (...) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe [113024] [PID.928] [MD5.2EA68E33DFF41A10F1BAB15FC3A28076] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616] [PID.3460] © [MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.3472] © [MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.3848] © [MD5.2F2BC80803F0638F6738E37F769E4BD0] - (.Hewlett-Packard - hpgs2wnd.) -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe [69632] [PID.4076] © [MD5.AABF93F351E17EA4D42EE028A905AF45] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824] [PID.3968] © [MD5.6FCCCAA9144312CD4AA1B38834DD9857] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [6133520] [PID.1740] © [MD5.E9C15F5EBCA836E50ACE2DA57BFA53B7] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528] [PID.2908] © [MD5.CC3775100ABA633984F73DFAE1F55CAE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.1272] © [MD5.C573A6CB885554F9B162AC4709A78407] - (.Nicolas Coolman - ZHPFix.) -- C:\Program Files (x86)\ZHPFix\ZHPFix.exe [3061760] [PID.2440] © [MD5.6CA34677ADF31B910F2F46BD7A36FC46] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K2ICOMQ5\ZHPDiag3.exe [1966592] [PID.1924] © ---\\ Google Chrome, Start,Search,Extensions (11) - 7s G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.com G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] [] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] [] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] [] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] [] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] [] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] [] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] [] Avast Online Security G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] [] Skype Click to Call G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] [] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] [] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 10s P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll © ---\\ Internet Explorer Extensions, Start, Search (17) - 2s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://fr.yahoo.com?fr=hp-avast&type=avastbcl R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {e78569be-555b-4b4a-b7e5-647c31ca7ddc} Orphean R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 1s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) © F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) © ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (4) ---\\ Browser Helper Object (BHO) (3) - 1s O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll © O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll © O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll © ---\\ Internet Explorer Toolbars (2) - 0s O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.) O3 - Toolbar: FR-mywebsites.pro Toolbar - [HKLM]{e78569be-555b-4b4a-b7e5-647c31ca7ddc} . (...) -- (.not file.) ---\\ Auto loading programs from Registry and folders (26) - 6s O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe © O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe © O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe © O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe © O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe © O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe © O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe © O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\toshiba\AppData\Local\Google\Update\GoogleUpdate.exe © O4 - HKCU\..\Run: [Google+ Auto Backup] . (.Google Inc. - AutoBackup.) -- C:\Users\toshiba\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe © O4 - HKCU\..\Run: [KiesPDLR.exe] . (.Samsung - .) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe © O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe © O4 - HKLM\..\Wow6432Node\Run: [zzzHPSETUP] . (...) -- F:\SETUP.EXE O4 - HKLM\..\Wow6432Node\Run: [Share-to-Web Namespace Daemon] . (.Hewlett-Packard - hpgs2wnd.) -- C:\Program Files (x86)\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe © O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe © O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe © O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe © O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe © O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe © O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe © O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe © O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe © O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe © O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe © O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\toshiba\AppData\Local\Google\Update\GoogleUpdate.exe © O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [Google+ Auto Backup] . (.Google Inc. - AutoBackup.) -- C:\Users\toshiba\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe © O4 - HKUS\S-1-5-21-147999173-481393161-876854721-1000\..\Run: [KiesPDLR.exe] . (.Samsung - .) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe © ---\\ Global shortcuts Startup (5) - 25s O4 - GS\TaskBar [Administrator]: Bubble Dock installer.lnk . (...) C:\Users\toshiba\AppData\Roaming\Nosibay\Bubble Dock\tmp\updates\Bubble Dock AddonsUI.exe =>PUP.Optional.BubbleDock O4 - GS\TaskBar [Guest]: Bubble Dock installer.lnk . (...) C:\Users\toshiba\AppData\Roaming\Nosibay\Bubble Dock\tmp\updates\Bubble Dock AddonsUI.exe =>PUP.Optional.BubbleDock O4 - GS\TaskBar [toshiba]: Bubble Dock installer.lnk . (...) C:\Users\toshiba\AppData\Roaming\Nosibay\Bubble Dock\tmp\updates\Bubble Dock AddonsUI.exe =>PUP.Optional.BubbleDock O4 - GS\CommonDesktop [Public]: DriverToolkit.lnk . (...) C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe =>PUP.Optional.DriverToolkit O4 - GS\CommonDesktop [Public]: Readiris.lnk . (.Copyright 2001 - read70 Module.) C:\Readiris\readiris.exe => ---\\ Lop.com/Domain Hijackers (3) - 1s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 109.0.66.20 109.0.66.10 ---\\ Extra protocols (24) - 1s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll © O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype4COM.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll © O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll © O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll © O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll © O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © ---\\ Software installed (54) - 23s O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} © O42 - Logiciel: Adobe Digital Editions 2.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Digital Editions 2.0 © O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX © O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI © O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824161310} © O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} © O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast © O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner © O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} © O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} © O42 - Logiciel: FreeOCR v4.2 - (...) [HKLM][64Bits] -- freeocr_is1 O42 - Logiciel: Google Books Download - (.eBook Download.) [HKLM][64Bits] -- GoogleBooks O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome © O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE} © O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {817750FA-EC6A-485D-9901-0683AE6FFDF1} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} © O42 - Logiciel: Google+ Auto Backup - (.Google, Inc..) [HKCU][64Bits] -- Google+ Auto Backup © O42 - Logiciel: Hemera Products - (...) [HKLM][64Bits] -- Hemera Products O42 - Logiciel: HP Photo and Imaging 1.0 - Scanjet 3500c Series - (.{&Tahoma8}Hewlett-Packard.) [HKLM][64Bits] -- {B8E952E3-A823-443A-8493-39A0CCE0E3EB} O42 - Logiciel: HTML to PDF Converter Free 3.2 - (.PDFArea Software.) [HKLM][64Bits] -- HTML to PDF Converter Free_is1 O42 - Logiciel: Image to PDF Converter Free 6.5 - (.PDFArea Software.) [HKLM][64Bits] -- Image to PDF Converter Free_is1 O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} © O42 - Logiciel: Java 7 Update 80 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F03217080FF} © O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0} © O42 - Logiciel: Java 8 Update 60 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218060F0} © O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} © O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} © O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 © O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} © O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {50816F92-1652-4A7C-B9BC-48F682742C4B} © O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} © O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} © O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} © O42 - Logiciel: MyPhoneExplorer - (.F.J. Wechselberger.) [HKLM][64Bits] -- MPE © O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D} © O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3 © O42 - Logiciel: Readiris 7.5 - (...) [HKLM][64Bits] -- {9BFFB382-0B2C-11D6-AB3E-000102B0F79A} O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} © O42 - Logiciel: Remo Recover for Android - (.Remo Software.) [HKLM][64Bits] -- {3BF6B4CF-E6A1-45B3-9BC5-67213D146CB6}_is1 © O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} © O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} © O42 - Logiciel: Samsung Story Album Viewer - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {698BBAD8-B116-495D-B879-0F07A533E57F} © O42 - Logiciel: Samsung Story Album Viewer - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F} © O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} © O42 - Logiciel: SimCardExplorer 1.1.2 - (...) [HKLM][64Bits] -- SimCardExplorer O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} © O42 - Logiciel: Skype™ 7.13 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} © O42 - Logiciel: Sony PC Companion 2.10.289 - (.Sony.) [HKLM][64Bits] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3} © O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM][64Bits] -- SynTPDeinstKey © O42 - Logiciel: Viber - (.Viber Media Inc.) [HKCU][64Bits] -- Viber © O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player © O42 - Logiciel: Warper - (...) [HKLM][64Bits] -- Warper O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPFix_is1 © ---\\ HKCU & HKLM Software Keys (79) - 23s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\Atheros Communications Inc. HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\Chromium HKLM\SOFTWARE\Wow6432Node\Comodo HKLM\SOFTWARE\Wow6432Node\DivXNetworks HKLM\SOFTWARE\Wow6432Node\EnjSoft HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\Hemera Products HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard HKLM\SOFTWARE\Wow6432Node\I.R.I.S. HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial) HKLM\SOFTWARE\Wow6432Node\mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\ND HKLM\SOFTWARE\Wow6432Node\Oak Technology HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OpenOffice.org HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Remo Software HKLM\SOFTWARE\Wow6432Node\Samsung HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Software HKLM\SOFTWARE\Wow6432Node\Sony HKLM\SOFTWARE\Wow6432Node\TOSHIBA HKLM\SOFTWARE\Wow6432Node\VEGA HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Viguer.net HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Adsearches HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Avast Software HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\kde.org HKCU\SOFTWARE\Ligos HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Malwarebytes' Anti-Malware HKCU\SOFTWARE\mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MyPhoneExplorer HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Oak Technology HKCU\SOFTWARE\OpenOffice.org HKCU\SOFTWARE\PDFArea Software HKCU\SOFTWARE\pdfsvg HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\SampleView HKCU\SOFTWARE\Samsung HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Sony HKCU\SOFTWARE\Spoon HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\TeleCharger HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Viber HKCU\SOFTWARE\Windows Live Writer HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\MarkAny ---\\ Contents of the Common Files folders (170) - 34s O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 05/11/2015 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 02/11/2015 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 26/11/2013 - [] D -- C:\Program Files (x86)\Hemera Products O43 - CFD: 26/11/2013 - [] D -- C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 16/10/2015 - [] D -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 15/10/2015 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 24/10/2015 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 02/11/2015 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 21/12/2013 - [] D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware O43 - CFD: 24/04/2013 - [] D -- C:\Program Files (x86)\MarkAny O43 - CFD: 19/10/2015 - [0] D -- C:\Program Files (x86)\Microsoft O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 04/10/2012 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 25/10/2013 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 26/12/2013 - [] D -- C:\Program Files (x86)\MyPhoneExplorer O43 - CFD: 06/10/2012 - [] D -- C:\Program Files (x86)\OpenOffice.org 3 O43 - CFD: 19/01/2014 - [] D -- C:\Program Files (x86)\PDFArea O43 - CFD: 19/01/2014 - [] D -- C:\Program Files (x86)\PDFsvg O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 28/11/2013 - [] D -- C:\Program Files (x86)\Samsung O43 - CFD: 03/11/2015 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 05/01/2014 - [] D -- C:\Program Files (x86)\Sony O43 - CFD: 17/01/2014 - [0] D -- C:\Program Files (x86)\Temp O43 - CFD: 14/07/2009 - [0] D -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 04/01/2014 - [] D -- C:\Program Files (x86)\Viguer.net O43 - CFD: 26/04/2014 - [] D -- C:\Program Files (x86)\Warper O43 - CFD: 17/07/2013 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 04/10/2012 - [] D -- C:\Program Files (x86)\Windows Live O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 11/06/2015 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 25/12/2013 - [] D -- C:\Program Files (x86)\Wondershare O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\ZHPFix O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 27/09/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 15/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe O43 - CFD: 25/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applications I.R.I.S O43 - CFD: 27/09/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 30/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo O43 - CFD: 18/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR O43 - CFD: 21/11/2010 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 28/11/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive O43 - CFD: 26/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hemera Products O43 - CFD: 26/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard O43 - CFD: 10/03/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Share-to-Web O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 26/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer O43 - CFD: 06/10/2012 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 O43 - CFD: 19/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFArea O43 - CFD: 23/10/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 O43 - CFD: 20/04/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover for Android O43 - CFD: 28/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung O43 - CFD: 04/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCardExplorer O43 - CFD: 03/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 16/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony O43 - CFD: 07/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 21/11/2010 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 06/04/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 26/04/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warper O43 - CFD: 04/10/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 08/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 19/01/2014 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 03/04/2015 - [] D -- C:\ProgramData\Google O43 - CFD: 02/11/2015 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 19/10/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 18/04/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 08/04/2013 - [] D -- C:\ProgramData\Samsung O43 - CFD: 03/11/2015 - [] D -- C:\ProgramData\Skype O43 - CFD: 05/01/2014 - [] D -- C:\ProgramData\Sony O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 09/04/2014 - [] D -- C:\ProgramData\Sun O43 - CFD: 01/11/2015 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 26/11/2013 - [] D -- C:\Program Files (x86)\Common Files\Hewlett-Packard O43 - CFD: 25/11/2013 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 24/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 06/10/2012 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 26/11/2013 - [] D -- C:\Program Files (x86)\Common Files\MSSoap O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 03/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 27/09/2012 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 04/10/2012 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 25/12/2013 - [] D -- C:\Program Files (x86)\Common Files\Wondershare O43 - CFD: 19/10/2013 - [] D -- C:\Users\toshiba\AppData\Roaming\Adobe O43 - CFD: 19/01/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\AVAST Software O43 - CFD: 26/11/2013 - [0] D -- C:\Users\toshiba\AppData\Roaming\Dossier de téléchargement Share-to-Web O43 - CFD: 26/11/2013 - [0] D -- C:\Users\toshiba\AppData\Roaming\Dossier de téléchargement Share-to-Web O43 - CFD: 13/11/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Google O43 - CFD: 27/09/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Identities O43 - CFD: 27/09/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\InstallShield O43 - CFD: 04/10/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Macromedia O43 - CFD: 01/11/2013 - [] D -- C:\Users\toshiba\AppData\Roaming\Malwarebytes O43 - CFD: 21/11/2010 - [0] D -- C:\Users\toshiba\AppData\Roaming\Media Center Programs O43 - CFD: 10/06/2015 - [] SD -- C:\Users\toshiba\AppData\Roaming\Microsoft O43 - CFD: 26/03/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\Mozilla O43 - CFD: 02/01/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\MyPhoneExplorer O43 - CFD: 19/06/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\ooVoo Details O43 - CFD: 13/10/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\OpenOffice.org O43 - CFD: 08/04/2013 - [] D -- C:\Users\toshiba\AppData\Roaming\Samsung O43 - CFD: 07/11/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\Skype O43 - CFD: 02/09/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\Sun O43 - CFD: 27/09/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\U3 O43 - CFD: 01/09/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\ViberPC O43 - CFD: 08/09/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\vlc O43 - CFD: 27/09/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\WinBatch O43 - CFD: 05/10/2012 - [] D -- C:\Users\toshiba\AppData\Roaming\Windows Live Writer O43 - CFD: 25/12/2013 - [] D -- C:\Users\toshiba\AppData\Roaming\Wondershare O43 - CFD: 08/11/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\ZHP O43 - CFD: 02/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\Adobe O43 - CFD: 15/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\Adobe_Systems_Incorporate O43 - CFD: 27/09/2012 - [0] SHD -- C:\Users\toshiba\AppData\Local\Application Data O43 - CFD: 19/11/2012 - [] D -- C:\Users\toshiba\AppData\Local\Apps O43 - CFD: 05/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\cache O43 - CFD: 02/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\CEF O43 - CFD: 18/06/2014 - [] D -- C:\Users\toshiba\AppData\Local\Comodo O43 - CFD: 24/03/2015 - [0] D -- C:\Users\toshiba\AppData\Local\Deployment O43 - CFD: 16/09/2013 - [0] D -- C:\Users\toshiba\AppData\Local\Diagnostics O43 - CFD: 29/11/2013 - [] D -- C:\Users\toshiba\AppData\Local\Downloaded Installations O43 - CFD: 29/10/2015 - [] D -- C:\Users\toshiba\AppData\Local\ElevatedDiagnostics O43 - CFD: 11/06/2015 - [0] SHD -- C:\Users\toshiba\AppData\Local\EmieBrowserModeList O43 - CFD: 11/06/2015 - [0] SHD -- C:\Users\toshiba\AppData\Local\EmieSiteList O43 - CFD: 11/06/2015 - [0] SHD -- C:\Users\toshiba\AppData\Local\EmieUserList O43 - CFD: 18/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\FreeOCR O43 - CFD: 30/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\Google O43 - CFD: 21/06/2015 - [] D -- C:\Users\toshiba\AppData\Local\GWX O43 - CFD: 27/09/2012 - [0] SHD -- C:\Users\toshiba\AppData\Local\History O43 - CFD: 12/04/2015 - [] D -- C:\Users\toshiba\AppData\Local\Macromedia O43 - CFD: 13/03/2015 - [] D -- C:\Users\toshiba\AppData\Local\Microsoft O43 - CFD: 26/03/2015 - [] D -- C:\Users\toshiba\AppData\Local\Mozilla O43 - CFD: 01/02/2015 - [] D -- C:\Users\toshiba\AppData\Local\Programs O43 - CFD: 28/11/2013 - [] D -- C:\Users\toshiba\AppData\Local\Samsung O43 - CFD: 20/03/2014 - [] D -- C:\Users\toshiba\AppData\Local\Skype O43 - CFD: 19/01/2014 - [] D -- C:\Users\toshiba\AppData\Local\Spoon O43 - CFD: 08/11/2015 - [] D -- C:\Users\toshiba\AppData\Local\Temp O43 - CFD: 27/09/2012 - [0] SHD -- C:\Users\toshiba\AppData\Local\Temporary Internet Files O43 - CFD: 01/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\Viber O43 - CFD: 27/09/2012 - [0] D -- C:\Users\toshiba\AppData\Local\VirtualStore O43 - CFD: 08/09/2015 - [] D -- C:\Users\toshiba\AppData\Local\Windows Live O43 - CFD: 16/12/2013 - [] D -- C:\Users\toshiba\AppData\Local\Windows Live Writer O43 - CFD: 25/12/2013 - [] D -- C:\Users\toshiba\AppData\Local\Wondershare O43 - CFD: 11/08/2013 - [] D -- C:\Users\toshiba\AppData\Local\yesmessenger O43 - CFD: 14/07/2009 - [] RD -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 15/10/2015 - [] RD -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 19/01/2014 - [] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Books Download O43 - CFD: 14/05/2015 - [] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup O43 - CFD: 26/11/2013 - [0] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hemera Products O43 - CFD: 14/07/2009 - [] RD -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 08/11/2015 - [] RD -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 26/04/2014 - [0] D -- C:\Users\toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warper ---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 1s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll © O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll © O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll © ---\\ System Drivers List (65) - 316s O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] © O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] © O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] © O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] © O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] © O58 - SDL:2013/10/31 07:46:12 A . (.AVAST Software - avast! Filtering TDI driver.) -- C:\Windows\System32\drivers\aswFW.sys [131232] © O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] © O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] © O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] © O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] © O58 - SDL:2015/11/06 19:24:43 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1059656] © O58 - SDL:2015/11/06 19:24:43 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswsp.sys [449992] © O58 - SDL:2015/09/24 19:19:31 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [153744] © O58 - SDL:2015/09/24 19:19:30 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] © O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] © O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] © O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] © O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] © O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] © O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] © O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] © O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] © O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] © O58 - SDL:2009/09/17 11:54:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [56344] © O58 - SDL:2010/11/21 04:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] © O58 - SDL:2011/03/11 07:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] © O58 - SDL:2012/01/10 21:28:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [12311904] © O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] © O58 - SDL:2011/04/20 08:24:56 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x64.sys [169584] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] © O58 - SDL:2015/10/05 09:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816] © O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272] © O58 - SDL:2015/11/07 11:15:19 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] © O58 - SDL:2015/10/05 09:50:18 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704] © O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] © O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] © O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] © O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] © O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] © O58 - SDL:2009/02/12 14:11:26 A . (.EldoS Corporation - RawDisk Driver. Allows write access to file.) -- C:\Windows\System32\drivers\rsdrvx64.sys [26024] © O58 - SDL:2010/04/26 16:23:08 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192se.sys [1103904] © O58 - SDL:2010/02/01 09:29:48 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [232992] © O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] © O58 - SDL:2009/07/14 01:00:40 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208] © O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] © O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] © O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [110720] © O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [206080] © O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] © O58 - SDL:2008/08/14 09:40:44 A . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [260144] © O58 - SDL:2007/11/09 04:00:30 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [26968] © O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] © O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] © ---\\ Last modified or created user files (3) - 113s O61 - LFC: 2015/11/08 12:31:12 A . (..) -- C:\Users\toshiba\AppData\Local\Spoon\Sandbox\HTML to PDF Converter\3.20\xsandbox.bin [16] O61 - LFC: 2015/11/08 12:31:17 A . (..) -- C:\Users\toshiba\AppData\Local\Spoon\Sandbox\HTML to PDF Converter\3.20\local\stubexe\0xF330358CD8D1BD31\Html2PDF.exe [17408] O61 - LFC: 2015/11/08 13:26:11 A . (..) -- C:\Users\toshiba\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082] ---\\ File Associations Shell Spawning (10) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\SysWOW64\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\SysWOW64\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (9) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © ---\\ Search Browser Infection (5) - 9s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {1DBE0AD4-FA60-40B5-AB48-CEA8BC0BF0FD} - ((www.google.com) Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKCU] {3649DA9A-8CBA-49CB-BFCB-00EA1C49A9BD} - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} [DefaultScope] - (Yahoo! (Avast)) - http://fr.search.yahoo.com/ ---\\ Search Svchost Services (33) - 3s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] © O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [236032] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [859648] © O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [680960] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] © O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2607104] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [30720] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [156672] © O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [67584] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1110016] © O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [90624] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] © O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] © O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] © ---\\ Services not Microsoft (SR=Run, SS=Stop) (12) - 58s SR - Auto [28/10/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © SS - Demand [16/10/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe © SR - Auto [24/09/2015] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © SS - Auto [09/09/2015] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Demand [09/09/2015] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Demand [13/10/2012] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe © SR - Auto [03/03/2010] [ 268824] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe © SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © SS - Demand [10/06/2015] [ 155520] Sony PC Companion (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe © SR - Auto [21/05/2015] [ 743688] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe © SR - Auto [03/03/2010] [ 2320920] Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe © ---\\ Additional Scan (O88) (2) - 0s C:\Windows\Tasks\DriverToolkit Autorun.job =>PUP.Optional.DriverToolkit C:\Windows\System32\Tasks\DriverToolkit Autorun =>PUP.Optional.DriverToolkit ---\\ Summary of the elements found (2) - 0s http://www.nicolascoolman.fr/blog =>PUP.Optional.DriverToolkit http://www.nicolascoolman.fr/pup-bubbledock/ =>PUP.Optional.BubbleDock ~ End of the scan, 22263 items in 789 seconds (708)(0)