~ ZHPDiag v2016.4.3.83 By Nicolas Coolman (2016/04/03) ~ Run by CRASH (Administrator) (2016/04/05 19:39:47) ~ Web: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\CRASH\Desktop\ZHPDiag.txt ~ Report: C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ System startup: Normal (Normal boot) Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v49.0.2623.110 OPIE: Opera 36.0.2130.46 MSIE: Internet Explorer v11.0.9600.18230 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software (1) - 2s Avast Free Antivirus v11.1.2253 ---\\ Surveillance software (2) - 3s Adobe Flash Player 21 PPAPI Adobe Acrobat Reader DC ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 3092.336 MB (44% free) System Restore: Activé (Enable) System drive C: has 150 GB () free of 291 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: CRASH-PC ~ User Name: CRASH ~ Logged in as Administrator ---\\ Enumeration of the disk units (1) - 0s ~ Drive C: has 150 GB free of 291 GB (System) ---\\ State of the Windows Security Center (12) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (24) - 1s [MD5.9D77CC4A36FEEA644D002CFB9B2D42C0] - 22/01/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [3231232] =>.Microsoft Corporation [MD5.DD81D91FF3B0763C392422865C9AC12E] - 13/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 13/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation [MD5.C15649DEABA6B45562009663673E23D1] - 08/02/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2597376] =>.Microsoft Corporation [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 16/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] =>.Microsoft Corporation [MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation [MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497664] =>.Microsoft Corporation [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 13/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows® [MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation [MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation [MD5.07F8F6B0CAEC7ADD30EBD94940A315D7] - 11/02/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159232] =>.Microsoft Corporation [MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation [MD5.47B2D0B31BDC3EBE6090228E2BA3764D] - 11/01/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1684416] =>.Microsoft Windows® [MD5.0086431C29C35BE1DBC43F52CC273887] - 13/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation [MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation [MD5.AA77EB517D2F07A947294F260E3ACA83] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [118272] =>.Microsoft Corporation [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (7) - 1s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.® O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\System32\TODDSrv.exe =>.TOSHIBA CORPORATION® O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe =>.TOSHIBA CORPORATION® O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation - Software and Firmware Products® ---\\ Services not Microsoft (SR=Run, SS=Stop) (12) - 14s SR - Auto [14/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [25/03/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [03/03/2016] [ 237096] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software a.s.® SS - Auto [27/08/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [27/08/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SR - Auto [02/07/2013] [ 327664] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® SR - Demand [09/12/2015] [ 55144] TMachInfo (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe =>.TOSHIBA CORPORATION® SR - Auto [20/10/2010] [ 138656] TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation.) - C:\windows\system32\TODDSrv.exe =>.Toshiba Corporation SR - Auto [09/12/2010] [ 489384] TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe =>.TOSHIBA CORPORATION® SR - Demand [08/12/2010] [ 137632] TOSHIBA HDD SSD Alert Service (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe =>.TOSHIBA CORPORATION® SR - Auto [02/07/2013] [ 2595824] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation - Software and Firmware Products® ---\\ Task Planned Automatically (15) - 4s [MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] (.Activate.) =>.Adobe Systems, Incorporated® [MD5.AEDD2A855B49829E009C75D955795181] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504] (.Activate.) =>.Adobe Systems Incorporated® [MD5.BB19B7714F94DA4A34B40B484BE54739] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1503200] (.Activate.) =>.AVAST Software a.s.® [MD5.EC7BF707FBE2C766A567E47515D7F746] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6667992] (.Activate.) =>.Piriform Ltd® [MD5.EED9031220EE45C19ADED53509B874B7] [APT] [Opera scheduled Autoupdate 1444093727] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [695848] (.Activate.) =>.Opera Software ASA® [MD5.FC34703513AD8F32E103EAEE290CFD05] [APT] [SafeZone scheduled Autoupdate 1458684425] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [735736] (.Activate.) =>.AVAST Software s.r.o.® [MD5.00000000000000000000000000000000] [APT] [{D082E8D2-9B54-444C-AAFB-618C26519812}] (...) -- C:\Program Files\SUPERAntiSpyware\Uninstall.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{D59650CB-B6B0-4A53-8BD6-4371DDEFFFBD}] (...) -- C:\Program Files\groover070220162159\unins000.exe (.not file.) [0] (.Activate.) =>PUP.Optional.Groover O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated® O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] =>.Adobe Systems, Incorporated® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] =>.Adobe Systems Incorporated® O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] =>.AVAST Software a.s.® O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2790] =>.Piriform Ltd® O39 - APT: Opera scheduled Autoupdate 1444093727 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1444093727 [3846] =>.Opera Software ASA® O39 - APT: SafeZone scheduled Autoupdate 1458684425 - (.Avast Software.) -- C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458684425 [3048] =>.AVAST Software s.r.o.® ---\\ Process running (26) - 1s [MD5.501E11AE85EE28D305D228F5931AC76C] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096] [PID.1324] =>.AVAST Software a.s.® [MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1716] =>.Adobe Systems, Incorporated® [MD5.8E2C799D3476EAC32C3BA0DF7CE6AF19] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\System32\TODDSrv.exe [138656] [PID.1608] =>.TOSHIBA CORPORATION® [MD5.CDC97FA5C42B07FB0D4600E17C32F582] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [489384] [PID.1736] =>.TOSHIBA CORPORATION® [MD5.7E47C328FC4768CB8BEAFBCFAFA70362] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976] [PID.2140] =>.Microsoft Corporation® [MD5.70A176BF2ED362862944C371838262F8] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [222592] [PID.2568] =>.Microsoft Corporation® [MD5.D2AF25E2921BACC9B87E1AB7054F22D2] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [391000] [PID.3796] =>.Intel Corporation® [MD5.64E498DF53A9481C0F65923B8E1AF8FF] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [167256] [PID.3804] =>.Intel Corporation® [MD5.E58E1B907C67DE1FD65BE37EB3C5E79D] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [418136] [PID.3692] =>.Intel Corporation® [MD5.C224456660839CFCAD2CD8DFB293F38B] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe [8686296] [PID.3776] =>.Piriform Ltd® [MD5.82B7AE85A3C197514055DA16D658D8C1] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [7139256] [PID.4216] =>.AVAST Software a.s.® [MD5.1705B6E6E1D883965F32C7D3B8E78CE6] - (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816] [PID.4236] =>.TOSHIBA CORPORATION® [MD5.C9B67BCB8E384064A8C2263740B0C437] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480] [PID.4248] =>.Oracle America, Inc.® [MD5.73B1C6A30E311B541896D97F0703C5E0] - (.TOSHIBA Corporation - TSS TMachInfo Service.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [55144] [PID.3380] =>.TOSHIBA CORPORATION® [MD5.DD7423ABBE2913E70D50E9318AD57EE4] - (.Google Inc. - Google Installer.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [PID.192] =>.Google Inc® [MD5.5ED319E8D88873D094CDA0F60185EBB9] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [327664] [PID.1252] =>.Intel Corporation - Software and Firmware Products® [MD5.24B7564D50B8091795CDA1FB78CE85BD] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2595824] [PID.872] =>.Intel Corporation - Software and Firmware Products® [MD5.EDB4B432DB13EA3D1EB2356310D33263] - (.TOSHIBA Corporation - TosSmartSrv.exe.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [137632] [PID.2488] =>.TOSHIBA CORPORATION® [MD5.997083852C4CE70616862FC74642C3A6] - (.TOSHIBA Corporation - TosSENotify.exe.mui.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe [1145248] [PID.3604] =>.TOSHIBA CORPORATION® [MD5.FAB888AC8D8609A963FCCC6F120FF1BA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.836] =>.Google Inc® [MD5.FAB888AC8D8609A963FCCC6F120FF1BA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.4608] =>.Google Inc® [MD5.FAB888AC8D8609A963FCCC6F120FF1BA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.3820] =>.Google Inc® [MD5.FAB888AC8D8609A963FCCC6F120FF1BA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.3180] =>.Google Inc® [MD5.FAB888AC8D8609A963FCCC6F120FF1BA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.2812] =>.Google Inc® [MD5.FAB888AC8D8609A963FCCC6F120FF1BA] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.5588] =>.Google Inc® [MD5.834A4F13EE779A0663075803D1A15968] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\CRASH\Desktop\Downloads\ZHPDiag3.exe [2174464] [PID.1132] =>.Nicolas Coolman ---\\ Google Chrome, Start,Search,Extensions (3) - 0s G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 1s P2 - FPN: [HKCU] [anvisoft.com/AdblockPlugin] - (...) -- C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll =>.Adobe Systems Incorporated ---\\ Opera, Plugins,Start,Search (1) - 0s B2 - EXT: [Opera Stable] C:\Users\CRASH\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp ---\\ Internet Explorer Extensions, Start, Search (20) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (24) ---\\ Browser Helper Object (BHO) (4) - 1s O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>.AVAST Software a.s.® O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation® O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL =>.Microsoft Corporation® ---\\ Internet Explorer Toolbars (2) - 0s O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.) O3 - Toolbar: 0xE3EFEB7F196B494398D2FFB09D4B49CA0124030000 - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.) ---\\ Auto loading programs from Registry and folders (23) - 1s O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe =>.Intel Corporation® O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation® O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe =>.Microsoft Corporation® O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.DLL =>.Logitech® O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation® O4 - HKLM\..\Run: [SmartAudio] . (.Conexant systems, Inc. - SmartAudio Control Panel application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe =>.Conexant Systems, Inc.® O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe =>.Synaptics Incorporated® O4 - HKLM\..\Run: [TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe =>.TOSHIBA CORPORATION® O4 - HKLM\..\Run: [TosNC] . (.TOSHIBA Corporation - Message Center.) -- C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe =>.TOSHIBA CORPORATION® O4 - HKLM\..\Run: [TosReelTimeMonitor] . (.TOSHIBA Corporation - Monitor of TOSHIBA ReelTime.) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe =>.TOSHIBA CORPORATION® O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - .) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe =>.TOSHIBA CORPORATION® O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe =>.TOSHIBA CORPORATION® O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe =>.TOSHIBA CORPORATION® O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe =>.AVAST Software a.s.® O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation® O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] . (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe =>.TOSHIBA CORPORATION® O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.® O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-234467694-4029110148-4026202849-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® ---\\ Global shortcuts Startup (45) - 2s O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\sendTo [Administrator]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [Administrator]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [Administrator]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrator]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\TaskBar [Administrator]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation O4 - GS\Desktop [CRASH]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [CRASH]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\sendTo [CRASH]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [CRASH]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [CRASH]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\TaskBar [CRASH]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [CRASH]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\TaskBar [CRASH]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\sendTo [Guest]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [Guest]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [Guest]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Guest]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\TaskBar [Guest]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation O4 - GS\Desktop [My Olivia]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [My Olivia]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\sendTo [My Olivia]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [My Olivia]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [My Olivia]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\TaskBar [My Olivia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [My Olivia]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\TaskBar [My Olivia]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation O4 - GS\Desktop [temp]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleaner.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPCleaner.exe =>.Nicolas Coolman O4 - GS\Desktop [temp]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\CRASH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\sendTo [temp]: TOSHIBA Disc Creator(Audio).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [temp]: TOSHIBA Disc Creator(Data).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\sendTo [temp]: TOSHIBA Disc Creator(Image).lnk . (.TOSHIBA Corporation - TOSHIBA Disc Creator.) C:\Program Files (x86)\TOSHIBA\TOSHIBA Disc Creator\ToDisc.exe =>.TOSHIBA CORPORATION® O4 - GS\TaskBar [temp]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [temp]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\TaskBar [temp]: TOSHIBA Bulletin Board.lnk . (.TOSHIBA Corporation - .) C:\Program Files (x86)\TOSHIBA\BulletinBoard\TosBulletinBoard.exe =>.Toshiba Corporation O4 - GS\CommonDesktop [Public]: Avast Free Antivirus.lnk . (.AVAST Software - .) C:\Program Files (x86)\AVAST Software\Avast\avastui.exe =>.AVAST Software O4 - GS\CommonDesktop [Public]: Avast SafeZone Browser.lnk . (.Avast Software - .) C:\Program Files (x86)\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - GS\CommonDesktop [Public]: Recuva.lnk . (.Piriform Ltd - Recuva.) C:\Program Files\Recuva\recuva64.exe =>.Piriform Ltd® O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Lop.com/Domain Hijackers (2) - 1s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 O17 - HKLM\System\CCS\Services\Tcpip\..\{FAB7580B-BE0A-45D3-B18B-C86D3925FE5F}: DhcpNameServer = 209.18.47.61 209.18.47.62 ---\\ Extra protocols (26) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation® O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation® O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation® O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation® O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (75) - 10s O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {19687AD5-7E54-4C5E-A796-125C95079C1D} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 21 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 21 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 21 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} =>.Atheros Communications Inc.® O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast =>.AVAST Software a.s.® O42 - Logiciel: AVS Image Converter 2.0.2.160 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Image Converter_is1 =>.Online Media Technologies Ltd. O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Update Manager_is1 =>.Online Media Technologies Ltd. O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS4YOU Software Navigator_is1 =>.Online Media Technologies Ltd. O42 - Logiciel: Best Buy pc app - (.Best Buy.) [HKLM][64Bits] -- {FBBC4667-2521-4E78-B1BD-8706F774549B} =>.Best Buy O42 - Logiciel: Blender - (.Blender Foundation.) [HKLM][64Bits] -- Blender =>.Blender Foundation O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA =>.Conexant Systems, Inc.® O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft O42 - Logiciel: EBLUE Mouse Driver - (.EBLUE.) [HKLM][64Bits] -- {650A34BA-50BC-4D85-B10F-C4EC1B4FCEF3}_is1 =>.EBLUE O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} =>.Skype Limited O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {F9B579C2-D854-300A-BE62-A09EB9D722E4} =>.Google O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc. O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation® O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} =>.Intel Corporation® O42 - Logiciel: Java 8 Update 77 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218077F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation O42 - Logiciel: Label@Once 1.0 - (.Corel.) [HKLM][64Bits] -- {0D795777-9D60-4692-8386-F2B3F2B5E5BF} =>.Corel O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} =>.Microsoft Corporation O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {624C7F0A-89B2-4C49-9CAB-9D69613EC95A} =>.Microsoft Corporation O42 - Logiciel: Microsoft IntelliPoint 8.2 - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft IntelliPoint 8.2 =>.Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} =>.Microsoft O42 - Logiciel: Opera Stable 36.0.2130.46 - (.Opera Software.) [HKLM][64Bits] -- Opera 36.0.2130.46 =>.Opera Software ASA® O42 - Logiciel: PL-2303 USB-to-Serial - (...) [HKLM][64Bits] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} =>.Microsoft Corporation O42 - Logiciel: PlayReady PC Runtime x86 - (.Microsoft Corporation.) [HKLM][64Bits] -- {CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} =>.Microsoft Corporation O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16} =>.Realtek Semiconductor Corp. O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] -- Recuva =>.Piriform Ltd® O42 - Logiciel: SafeZone Stable 1.48.2066.44 - (.Avast Software.) [HKLM][64Bits] -- SafeZone 1.48.2066.44 =>.AVAST Software s.r.o.® O42 - Logiciel: SPORE™ - (.Electronic Arts.) [HKLM][64Bits] -- {9DF0196F-B6B8-4C3A-8790-DE42AA530101} =>.Electronic Arts® O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated O42 - Logiciel: TOSHIBA Application Installer - (.TOSHIBA.) [HKLM][64Bits] -- {970472D0-F5F9-4158-A6E3-1AE49EFEF2D3} =>.TOSHIBA O42 - Logiciel: TOSHIBA Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {C2A276E3-154E-44DC-AAF1-FFDD7FD30E35} =>.Macrovision Corporation® O42 - Logiciel: TOSHIBA Battery Check Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- {5468E297-7EF8-4CB3-A091-F8714147793F} =>.Toshiba Corporation O42 - Logiciel: Toshiba Book Place - (.K-NFB Reading Technology, Inc..) [HKLM][64Bits] -- {76078303-BAA2-4FBF-BA13-D1065195E696} =>.K-NFB Reading Technology, Inc. O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {C14518AF-1A0F-4D39-8011-69BAA01CD380} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {97965331-BC5D-4D9F-B6DF-5C0A123E4AE0} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {C7A4F26F-F9B0-41B2-8659-99181108CDE3} =>.Macrovision Corporation® O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Quality Application - (.TOSHIBA.) [HKLM][64Bits] -- {E69992ED-A7F6-406C-9280-1C156417BC49} =>.TOSHIBA O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} =>.TOSHIBA CORPORATION® O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {24811C12-F4A9-4D0F-8494-A7B8FE46123C} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Resolution+ Plug-in for Windows Media Player - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94} =>.Macrovision Corporation® O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A} =>.TOSHIBA O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {0AF17224-CF88-40B8-BB1A-D179369847B4} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {066CFFF8-12BF-4390-A673-75F95EFF188E} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E} =>.TOSHIBA CORPORATION® O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {6F3C8901-EBD3-470D-87F8-AC210F6E5E02} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02} =>.Toshiba Corporation O42 - Logiciel: TOSHIBA Wireless LAN Indicator - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {CDADE9BC-612C-42B8-B929-5C6A823E7FF9} =>.Toshiba Corporation O42 - Logiciel: ToshibaRegistration - (.Toshiba.) [HKLM][64Bits] -- {5AF550B4-BB67-4E7E-82F1-2C4300279050} =>.TOSHIBA O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: WinRAR 5.31 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® ---\\ HKCU & HKLM Software Keys (79) - 10s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\Anvisoft HKLM\SOFTWARE\Wow6432Node\Atheros Communications Inc. HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\AVS4YOU HKLM\SOFTWARE\Wow6432Node\Bunndle HKLM\SOFTWARE\Wow6432Node\DataHelper HKLM\SOFTWARE\Wow6432Node\DT Soft HKLM\SOFTWARE\Wow6432Node\EA Games HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\InstallShield HKLM\SOFTWARE\Wow6432Node\Insyde HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\mcafeeupdater HKLM\SOFTWARE\Wow6432Node\MimarSinan HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\Piriform HKLM\SOFTWARE\Wow6432Node\Prolific Technology INC HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Symantec HKLM\SOFTWARE\Wow6432Node\SymNRT HKLM\SOFTWARE\Wow6432Node\TOSHIBA HKLM\SOFTWARE\Wow6432Node\TOSHIBA CORPORATION HKLM\SOFTWARE\Wow6432Node\Ulead Systems HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\Windows HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\AVS4YOU HKCU\SOFTWARE\Cassowary HKCU\SOFTWARE\Class HKCU\SOFTWARE\DT Soft HKCU\SOFTWARE\eblueMouse HKCU\SOFTWARE\Facebook HKCU\SOFTWARE\Google HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\InstallPath HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\KineticJump HKCU\SOFTWARE\LogiShrd HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Rtp HKCU\SOFTWARE\SecuROM HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SkypeRS HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\TOSHIBA HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Wget HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\UM ---\\ Contents of the Common Files folders (189) - 19s O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\AVAST Software =>.AVAST Software s.r.o.® O43 - CFD: 12/03/2016 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 02/03/2016 - [] D -- C:\Program Files\CONEXANT =>.Conexant Systems, Inc.® O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 24/07/2013 - [0] D -- C:\Program Files\Google O43 - CFD: 02/04/2016 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation® O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Microsoft Games O43 - CFD: 02/03/2016 - [] D -- C:\Program Files\Microsoft IntelliPoint =>.Microsoft Corporation® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild O43 - CFD: 02/03/2016 - [] D -- C:\Program Files\PlayReady O43 - CFD: 03/04/2016 - [] D -- C:\Program Files\Recuva =>.Piriform Ltd® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 02/03/2016 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated® O43 - CFD: 03/04/2016 - [] D -- C:\Program Files\TOSHIBA O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 07/03/2016 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 07/03/2016 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 02/03/2016 - [] D -- C:\Program Files\Windows Live =>.Microsoft Corporation® O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 09/03/2016 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 20/11/2010 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 31/03/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\AVS4YOU O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Blender Foundation O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Corel =>.Corel Corporation® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\EBLUE MOUSE O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Electronic Arts =>.Electronic Arts® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Hawkes Learning Systems O43 - CFD: 02/03/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation® O43 - CFD: 02/04/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 31/03/2016 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Application Virtualization Client =>.Microsoft Corporation® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 02/04/2016 - [] D -- C:\Program Files (x86)\Opera =>.Opera Software ASA® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\PlayReady O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek Semiconductor Corp® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Realtek WLAN Driver O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\TOSHIBA =>.TOSHIBA CORPORATION® O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\TOSHIBA Corporation O43 - CFD: 13/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 07/03/2016 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation® O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 09/03/2016 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 20/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 13/03/2016 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH® O43 - CFD: 12/03/2016 - [] D -- C:\Program Files (x86)\ZHPFix O43 - CFD: 03/04/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 09/02/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU O43 - CFD: 12/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EBLUE MOUSE O43 - CFD: 02/03/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English) O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Toshiba O43 - CFD: 03/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 12/04/2011 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 03/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 02/03/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 13/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\AVS4YOU O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Best Buy pc app O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Book Place O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Google O43 - CFD: 11/03/2016 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 31/03/2016 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 14/03/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 31/03/2016 - [] D -- C:\ProgramData\Oracle O43 - CFD: 03/04/2016 - [] D -- C:\ProgramData\Skype O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Sun O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Toshiba O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\Toshiba Book Place O43 - CFD: 02/03/2016 - [] D -- C:\ProgramData\VirtualizedApplications O43 - CFD: 31/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 31/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 07/02/2016 - [0] D -- C:\Program Files (x86)\Common Files\AV O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 31/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 07/03/2016 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Toshiba Shared O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Ulead Systems O43 - CFD: 02/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 13/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Adobe O43 - CFD: 03/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\AVAST Software O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\AVS4YOU O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Blender Foundation O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Book Place O43 - CFD: 12/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Google O43 - CFD: 24/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Identities O43 - CFD: 03/04/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\InstallShield O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Macromedia O43 - CFD: 12/04/2011 - [0] D -- C:\Users\CRASH\AppData\Roaming\Media Center Programs O43 - CFD: 02/03/2016 - [] SD -- C:\Users\CRASH\AppData\Roaming\Microsoft O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Mozilla O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Opera Software O43 - CFD: 02/03/2016 - [] RHD -- C:\Users\CRASH\AppData\Roaming\SecuROM O43 - CFD: 03/04/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Skype O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\SoftGrid Client O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\SPORE O43 - CFD: 31/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Sun O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Toshiba O43 - CFD: 10/01/2012 - [0] D -- C:\Users\CRASH\AppData\Roaming\TP O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\vlc O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\WinBatch O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\WinRAR O43 - CFD: 05/04/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\ZHP O43 - CFD: 13/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Adobe O43 - CFD: 02/03/2016 - [0] SHD -- C:\Users\CRASH\AppData\Local\Application Data O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Apps O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Best Buy pc app O43 - CFD: 20/12/2015 - [0] D -- C:\Users\CRASH\AppData\Local\Diagnostics O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Downloaded Installations O43 - CFD: 05/04/2016 - [0] D -- C:\Users\CRASH\AppData\Local\ElevatedDiagnostics O43 - CFD: 12/10/2015 - [0] SHD -- C:\Users\CRASH\AppData\Local\EmieBrowserModeList O43 - CFD: 12/10/2015 - [0] SHD -- C:\Users\CRASH\AppData\Local\EmieSiteList O43 - CFD: 12/10/2015 - [0] SHD -- C:\Users\CRASH\AppData\Local\EmieUserList O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Facebook O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Google O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\GWX O43 - CFD: 02/03/2016 - [0] SHD -- C:\Users\CRASH\AppData\Local\History O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Kjs.AppLife.Update O43 - CFD: 03/04/2016 - [] D -- C:\Users\CRASH\AppData\Local\Microsoft O43 - CFD: 10/01/2012 - [0] D -- C:\Users\CRASH\AppData\Local\Microsoft Help O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Opera Software O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Programs O43 - CFD: 03/04/2016 - [] D -- C:\Users\CRASH\AppData\Local\Skype O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\SoftGrid Client O43 - CFD: 05/04/2016 - [] D -- C:\Users\CRASH\AppData\Local\Temp O43 - CFD: 02/03/2016 - [0] SHD -- C:\Users\CRASH\AppData\Local\Temporary Internet Files O43 - CFD: 03/04/2016 - [] D -- C:\Users\CRASH\AppData\Local\TOSHIBA O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\VirtualStore O43 - CFD: 07/02/2016 - [0] D -- C:\Users\CRASH\AppData\Local\WhiteListing O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Local\Windows Live O43 - CFD: 13/07/2009 - [] RD -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 05/03/2016 - [] RD -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 02/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU O43 - CFD: 13/07/2009 - [] RD -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 05/03/2016 - [] RD -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 13/03/2016 - [] D -- C:\Users\CRASH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software a.s.® ---\\ System Drivers List (73) - 12s O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows® O58 - SDL:2014/11/23 20:40:12 A . (.Anvisoft - Anvisoft Minifilter Driver.) -- C:\Windows\System32\drivers\asd2fsm.sys [51608] =>.Anvei Technology Co., LTD® O58 - SDL:2014/11/23 20:40:12 A . (.Anvisoft - Anvisoft Intrusion Detection System.) -- C:\Windows\System32\drivers\asdids.sys [50584] =>.Anvei Technology Co., LTD® O58 - SDL:2016/03/03 13:38:15 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [37656] =>.AVAST Software a.s.® (ALWIL Software) O58 - SDL:2016/03/22 17:06:30 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\drivers\aswKbd.sys [37144] =>.AVAST Software a.s.® O58 - SDL:2016/03/09 10:47:57 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswmonflt.sys [107792] =>.AVAST Software a.s.® O58 - SDL:2016/03/03 13:38:15 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [103064] =>.AVAST Software a.s.® O58 - SDL:2016/03/03 13:38:16 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [74544] =>.AVAST Software a.s.® (ALWIL Software) O58 - SDL:2016/03/09 10:48:00 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1070904] =>.AVAST Software a.s.® O58 - SDL:2016/03/03 13:41:10 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [463744] =>.AVAST Software a.s.® O58 - SDL:2016/03/03 13:38:16 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [165344] =>.AVAST Software a.s.® O58 - SDL:2016/03/03 13:41:03 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [287016] =>.AVAST Software a.s.® (ALWIL Software) O58 - SDL:2009/06/10 15:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation O58 - SDL:2009/06/10 15:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd. O58 - SDL:2009/06/10 15:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd. O58 - SDL:2009/07/13 20:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 15:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 15:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 15:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 15:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation O58 - SDL:2011/02/14 14:43:00 A . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Drive.) -- C:\Windows\System32\drivers\CHDRT64.sys [1581184] =>.Conexant Systems, Inc.® O58 - SDL:2009/07/13 20:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows® O58 - SDL:2009/06/10 15:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation O58 - SDL:2011/09/18 20:11:53 RASH . (...) -- C:\Windows\System32\drivers\fbd.sys [13] O58 - SDL:2009/07/07 10:51:42 A . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\Windows\System32\drivers\FwLnk.sys [9216] =>.Toshiba Corporation O58 - SDL:2009/06/10 15:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc. O58 - SDL:2012/11/09 13:57:44 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [57376] =>.Intel Corporation - Intel® Management Engine Firmware® O58 - SDL:2010/11/20 22:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows® O58 - SDL:2010/11/06 01:45:48 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStor.sys [438808] =>.Intel Corporation® O58 - SDL:2011/03/11 01:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows® O58 - SDL:2011/04/04 22:10:14 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [12262624] =>.Intel Corporation O58 - SDL:2009/07/13 20:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows® O58 - SDL:2013/11/29 05:41:04 A . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabi.) -- C:\Windows\System32\drivers\L1C62x64.sys [129224] =>.Qualcomm Atheros® O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows® O58 - SDL:2011/03/11 01:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows® O58 - SDL:2011/02/08 21:07:00 A . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\System32\drivers\PGEffect.sys [38096] =>.TOSHIBA CORPORATION® O58 - SDL:2009/07/13 20:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows® O58 - SDL:2010/03/31 13:10:18 A . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187B.sys [450048] =>.Realtek Semiconductor Corporation O58 - SDL:2010/04/01 16:01:10 A . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8187Se.sys [442368] =>.Realtek Semiconductor Corporation O58 - SDL:2011/01/05 03:08:58 A . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192ce.sys [1109096] =>.Realtek Semiconductor Corp® O58 - SDL:2010/12/17 18:04:28 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192se.sys [1221224] =>.Realtek Semiconductor Corp® O58 - SDL:2010/12/22 18:24:00 A . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\System32\drivers\rtl819xp.sys [626792] =>.Realtek Semiconductor Corp® O58 - SDL:2010/10/08 13:49:08 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [243712] =>.Realtek Semiconductor Corp. O58 - SDL:2015/01/06 04:41:20 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 33736.) -- C:\Windows\System32\drivers\rtwlane.sys [3709656] =>.Realtek Semiconductor Corp® O58 - SDL:2009/06/10 15:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/13 20:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows® O58 - SDL:2010/03/10 20:51:32 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [316464] =>.Synaptics Incorporated® O58 - SDL:2009/07/30 22:22:04 A . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\drivers\tdcmdpst.sys [27784] =>.TOSHIBA CORPORATION® O58 - SDL:2009/06/24 17:36:48 A . (.TOSHIBA Corporation - tos_sps64.) -- C:\Windows\System32\drivers\tos_sps64.sys [482384] =>.TOSHIBA CORPORATION® O58 - SDL:2009/07/14 17:31:18 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [26840] =>.TOSHIBA CORPORATION® O58 - SDL:2009/07/13 20:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows® O58 - SDL:2009/07/13 20:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows® O58 - SDL:2016/02/09 10:42:52 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zam64.sys [202144] =>.Zemana Ltd.® O58 - SDL:2016/02/09 10:42:52 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zamguard64.sys [202144] =>.Zemana Ltd.® ---\\ Last modified or created user files (2) - 8s O61 - LFC: 2016/04/05 17:11:55 A . (..) -- C:\Users\CRASH\Desktop\Downloads\winchk_2.0.exe [315000] O61 - LFC: 2016/04/03 18:40:43 A . (..) -- C:\Users\CRASH\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [299160] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (16) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe =>.Opera Software ASA® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software ---\\ Search Browser Infection (5) - 0s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {36402A1E-5EAB-46BC-A5E3-CB09E9A933DD} - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {66641DE0-883D-46EA-844E-0CB2BA4AE347} [DefaultScope] - (Google) - http://www.google.com/ ---\\ Search Svchost Services (32) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [859648] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680960] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2610688] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation ---\\ Additional Scan (O88) (1) - 0s ~ No malicious or unnecessary items found. ---\\ Summary of the elements found (1) - 0s http://www.nicolascoolman.fr/pup-optional-groover/ =>PUP.Optional.Groover ~ End of the scan, 52665 items in 00h01mn40s (782)(0)