Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

The User Profile Service failed the logon


  • Please log in to reply
16 replies to this topic

#1 maineboy64

maineboy64

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 11 July 2016 - 07:21 PM

OK, this is a long story, and I should break it down into parts.  The first problem came out of the blue.  I got the following msg and was unable to get into my account: The User Profile Service failed the logon.  I know that the account was corrupted but does anyone know why?  And importantly, can I get back into that account if it is kaput?

 

I should mention that I have got into the computer using the administrator account, but since I did that numerous other problems have occurred.  To name a few current problems, I'm unable to download files(Windows blocks then because they are a threat),  I can't open my downloaded photos(I get error msg: 0x8000000a); it appears that I'm in safe mode because the font has changed but I'm able to use the internet; I opened my administrator account one day and everything appeared to be returned to its original factory condition, but the files were there in one folder that I was unable to access; I'm unable to upload files to websites;and finally when I click on Add or Remove user accounts in Control Panel, the link doesn't work.  What is going on here?  Am I infected?



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 13 July 2016 - 03:02 PM

Run these tools...

 

Scan & Clean With Ads Fix

 

  • Disable Windows Defender & Antivirus Prior To Running This Tool!!
  • Save Ads Fix to your desktop.
  • Right Click & Run As Administrator.
  • You will then be prompted to install Certificates.
  • Install then click OK.
  • Right Click & Run As Administrator Again.
  • Click Options then select Unlock the deletion.
  • Then click on clean.

Reset Host File

 

 

  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.

 

 

Pre_Scan

 

Please download Pre_Scan.

Save it to your desktop.

Disable your antivirus, and windows defender.

Close All open work Pre_Scan will close all processes to run.

Right Click Run as Admin.

Allow completion, when it completes the program will reboot your machine and open a log.

Please post that log here in your next reply.

 

 

 

9-Lab Scan.

 

  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon  run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean 
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.


#3 maineboy64

maineboy64
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 20 July 2016 - 04:17 AM

So sorry for the late reply but it took me forever to run the 3 scans.  I also need to apologise because I was unable to save the first two logs but did manage to get the results from the 9-Lab Scan:

 

9-lab Removal Tool 1.0.0.39 BETA
9-lab.com
 
Database version: 128.39590
 
Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)
Internet Explorer 9.11.9600.18376
Administrator :: PAULS-PC
 
19/07/2016 01:11:23
9lab-log-2016-07-19 (01-11-23).txt
 
Scan type: Full
Objects scanned: 52590
Time Elapsed: 1 day 8 h
 
Registry Keys detected: 2
Adware.RPL.Toolbar.vb [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1]
Adware.RPL.Toolbar.vb [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi]
 
 
Registry Values detected: 1
Risk.Path [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command (Default)]
 
 
Files detected: 8
[03004737F09E18903C2A6531523495BD] Adware.FMPL.Gen.sm [C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxInstallLog.txt]
[D1AB32A050D8886C052CDEB40D2CBE6E] Adware.FMPL.Gen.sm [C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\DIFxInstallLog.txt]
[9CEF63FDE7A3A91A747CEB26D00FCED3] Malware.Win32.Gen.sm [C:\Pre_Scan\smss.exe]
[6E34020B3878D753741EC59B2CC4B379] PUP.Win32.Gen.vb!n [C:\Users\Paul\Downloads\DriverSupport.exe]
[3855EB0FB2013A2826B8AC14382F719D] PUP.Win32.Gen.vb!n [C:\Users\Paul\Downloads\DriverUpdate-setup (1).exe]
[485C2FD6FA88483CF13C0B3658366C7F] PUP.Win32.Gen.vb!n [C:\Users\Paul\Downloads\DriverUpdate-setup (2).exe]
[7A9216CF26A2B84E85FC72E8830AE769] PUP.Win32.Gen.vb!n [C:\Users\Paul\Downloads\DriverUpdate-setup.exe]
[0A170D9B50B29C5209248D95417C16DA] Malware.Win32.Gen.486E.sm!ff [C:\Windows\SysWOW64\config\systemprofile\Downloads\rsthosts_2.0.exe]


#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 20 July 2016 - 09:01 PM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

http://ccm.net/download/download-24750-zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply



#5 maineboy64

maineboy64
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 21 July 2016 - 04:42 PM

I'm gonna post the results in stages:

 

Below are the results of the Adware Cleaner Scan:

 

# AdwCleaner v4.106 - Report created 04/01/2015 at 11:37:40
# Updated 21/12/2014 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Paul - PAULS-PC
# Running from : C:\Users\Paul\Desktop\adwcleaner_4.106.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
 
-\\ Google Chrome v39.0.2171.95
 
 
*************************
 
AdwCleaner[R0].txt - [10291 octets] - [30/12/2014 09:06:03]
AdwCleaner[R1].txt - [904 octets] - [03/01/2015 08:54:44]
AdwCleaner[R2].txt - [987 octets] - [04/01/2015 11:32:15]
AdwCleaner[S0].txt - [9297 octets] - [30/12/2014 09:39:56]
AdwCleaner[S1].txt - [966 octets] - [03/01/2015 09:04:14]
AdwCleaner[S2].txt - [1017 octets] - [04/01/2015 11:37:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1077 octets] ##########
# AdwCleaner v5.201 - Logfile created 21/07/2016 at 22:25:32
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-21.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Administrator - PAULS-PC
# Running from : C:\Windows\SysWOW64\config\systemprofile\Downloads\adwcleaner_5.201 (1).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
 
***** [ Files ] *****
 
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
 
*************************
 
\AdwCleaner\AdwCleaner[C1].txt - [6836 bytes] - [21/07/2016 22:11:42]
\AdwCleaner\AdwCleaner[R0].txt - [10291 bytes] - [30/12/2014 03:06:03]
\AdwCleaner\AdwCleaner[R1].txt - [904 bytes] - [03/01/2015 02:54:44]
\AdwCleaner\AdwCleaner[R2].txt - [987 bytes] - [04/01/2015 05:32:15]
\AdwCleaner\AdwCleaner[S0].txt - [9297 bytes] - [30/12/2014 03:39:56]
\AdwCleaner\AdwCleaner[S1].txt - [7210 bytes] - [03/01/2015 03:04:14]
\AdwCleaner\AdwCleaner[S2].txt - [2269 bytes] - [04/01/2015 05:37:40]
 

########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [2340 bytes] ##########aner Scan:

 
Below is the JRT log:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64 
Ran by SYSTEM (Administrator) on 21/07/2016 at 23:17:30.24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 0 
 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21/07/2016 at 23:20:59.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Below are the Scan Status and Repair Status logs from the Adware Removal Tool Scan:
 
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool 5.1
Time: 2016_07_21_22_57_46
OS: Windows 7 Home Premium - x64 Bit
Account Name: Administrator
Adware Definition: 07162016
Elapsed time: 05:16
Scan Status:- Automatic Done
 
\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\
 
Folder Found : Adware.Youndoo : C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\8W6JU745\d1z0mfyqx7ypd2.cloudfront.net
 
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool 5.1
Time: 2016_07_21_22_57_46
OS: Windows 7 Home Premium - x64 Bit
Account Name: Administrator
Adware Definition: 07162016
Elapsed time: 05:16
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
 
[-] Deleted ->> Folder ->> C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\8W6JU745\d1z0mfyqx7ypd2.cloudfront.net
 
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 
 
Adware Removal Tool 5.1
Time: 2016_07_21_22_57_46
OS: Windows 7 Home Premium - x64 Bit
Account Name: Administrator
Adware Definition: 07162016
Elapsed time: 05:16
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\
 
[-] Deleted ->> Folder ->> C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\8W6JU745\d1z0mfyqx7ypd2.cloudfront.net
 
Below is the ZHP Scan:
 
~ Report of ZHPDiag v2015.3.29.33 - Nicolas Coolman  (29/03/2015)
~ Launched by Administrator (21/07/2016 23:36:27)
~ Web forum address : http://forum.nicolascoolman.fr
~ Translated by 
~ Version State : New version available
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Deactivate by program
 
 
---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.18376 (Defaut)
GCIE: Google Chrome v51.0.2704.103
 
---\\ Windows product information
~ Langage: Anglais
Windows Server License Manager Script : OK
~ Windows Operating System - Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Vista ™ Ultimate, 64-bit Service Pack 1 (Build 6000)
 
---\\ System protection software
AVG 2016 v16.0.4627
Trusteer Endpoint Protection v3.5.1609.76
 
---\\ System optimization software
CCleaner v5.19
 
---\\ Sharing software PeerToPeer
 
---\\ Surveillance software
Adobe Flash Player 22 ActiveX
 
---\\ Information on the system
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3998.9 MB (47% free)
System Restore: Activé (Enable)
System drive C: has 2 GB (0%) free of 285 GB
 
---\\ Connection to the system mode
~ Computer Name: PAULS-PC
~ User Name: Administrator
~ All Users Names: Paul, HomeGroupUser$, Guest, Administrator, 
~ Unselected Option: None
Logged in as Administrator
 
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\Default\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Default\AppData\Roaming\
~ %Desktop% : C:\Users\Default\Desktop\
~ %Favorites% : C:\Users\Default\Favorites\
~ %LocalAppData% : C:\Users\Default\AppData\Local\
~ %StartMenu% : C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
 
---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 2 Go of 285 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
E: CD-ROM drive (Not Inserted)
 
 
 
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 44 Scanned in 00mn 00s
 
 
 
---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 06:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.14/07/2009 - 01:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.03DD8828D1777DD0D946753C7947D1D2] - (.Microsoft Corporation - Internet Extensions for Win32.) (.10/06/2016 - 19:44:23.) -- C:\Windows\System32\wininet.dll [2869248]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Windows Logon Application.) (.17/07/2014 - 02:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.19/11/2010 - 22:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/10/2015 - 16:41:05.) -- C:\Windows\system32\Drivers\AFD.sys [497664]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/11/2010 - 18:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.19/11/2010 - 18:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.19/11/2010 - 19:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.13/07/2009 - 23:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.10112D850C844606419C79EE24EE6016] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.12/05/2016 - 14:58:45.) -- C:\Windows\system32\Drivers\MRxSmb.sys [159744]
[MD5.E47D571FEC2C76E867935109AB2A770C] - (.Microsoft Corporation - MBT Transport driver.) (.11/05/2016 - 14:58:23.) -- C:\Windows\system32\Drivers\netBT.sys [262144]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - NT File System Driver.) (.24/01/2014 - 02:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.14/07/2009 - 00:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/11/2010 - 19:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.AA77EB517D2F07A947294F260E3ACA83] - (.Microsoft Corporation - TDI Translation Driver.) (.13/10/2015 - 16:40:33.) -- C:\Windows\system32\Drivers\tdx.sys [118272]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.19/11/2010 - 22:34:04.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 02s
 
 
 
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 0/0
~ Mes musiques (My Musics) : 0/0
~ Mes Videos (My Videos) : 0/0
~ Mes Favoris (My Favorites) : 0/4
~ Mes Documents (My Documents) : 0/0
~ Mon Bureau (My Desktop) : 0/0
~ Menu demarrer (Programs) : 0/19
~ Hidden Files:  Scanned in 00mn 00s
 
 
 
---\\ Process running
[MD5.2368085BC3C007513A7C2E40E3FA0D2E] - (.IBM Corp. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe   [3209200] [PID.3636]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac   [309824] [PID.4424]
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [941720] [PID.5228]
[MD5.06CC578BC150D9AAAE20672130A36CB9] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8190976] [PID.6340]
[MD5.576C59B6348E9A84314FF09FD1F7EFEA] - (.IBM Corp. - RapportMgmtService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe   [2383344] [PID.1048]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe   [113152] [PID.1904]
[MD5.68E7DEA59FDEF410BAF29FDB5B7A6EEF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [82128] [PID.1944]
[MD5.68BF3520FE759C91FD9182F36E585374] - (...) -- C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe   [1740696] [PID.2072]
[MD5.C8D931D734FC0097478CE2583A75C4DF] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe   [1364096] [PID.2352]
[MD5.8E1CC0517DE17DF83CF80BFCE9F0C000] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe   [1687680] [PID.2400]
[MD5.3503F257B3203F824B1567238EBE17E2] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe   [73728] [PID.2580]
[MD5.24CFF4697702785872313159EC2434A2] - (...) -- C:\ProgramData\MobileBrServ\mbbservice.exe   [233344] [PID.2648]
[MD5.498EB62A160674E793FA40FD65390625] - (.No owner - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe   [247152] [PID.2212]
[MD5.56FE3C885B0901601549E23E7A435984] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe   [250008] [PID.4444]
[MD5.7B7DE6B3DC30F3246958F42C67A6F7BB] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe   [1102472] [PID.4876]
~ Processes Running:  Scanned in 00mn 01s
 
 
 
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences
 
---\\ Google Chrome Extension Folder
~ Google Lines Browser: 0 Scanned in 00mn 00s
 
 
 
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.31.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java™ Deploy.) -- C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.31.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.31.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.50428.0.) -- c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
~ Firefox Browser: 3 Scanned in 00mn 00s
 
 
 
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 15 Scanned in 00mn 00s
 
 
 
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s
 
 
 
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s
 
 
 
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (4)
~ Hosts File:  Scanned in 00mn 00s
 
 
 
---\\ Browser Helper Objects (O2)
O2 - BHO: Java™ Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java™ Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java™ Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
~ BHO: 7 Scanned in 00mn 00s
 
 
 
---\\ Other User Links (O4)
O4 - GS\Program [Public]: Visit eBay.co.uk.lnk . (...)  -- C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe  =>Toolbar.eBay
~ Global Startup: 1 Scanned in 00mn 06s
 
 
 
---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) 
O4 - HKLM\..\Run: [PAC207_Monitor] . (.PixArt Imaging Incorporation - Registry Monitor.) -- C:\Windows\PixArt\PAC207\Monitor.exe 
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe 
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe 
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - No Comment.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe 
O4 - HKLM\..\Wow6432Node\Run: [QPService] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files (x86)\HP\QuickPlay\QPService.exe 
O4 - HKLM\..\Wow6432Node\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Wow6432Node\Run: [UpdatePRCShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [WirelessAssistant] . (.Hewlett-Packard Company - HP Wireless Assistant Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe 
O4 - HKLM\..\Wow6432Node\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe 
O4 - HKLM\..\Wow6432Node\Run: [Nikon Transfer Monitor] . (.Nikon Corporation - Nikon Transfer Monitor.) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe 
O4 - HKLM\..\Wow6432Node\Run: [AvgUi] . (.AVG Technologies CZ, s.r.o. - AVG Ui (Re)Starter.) -- C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe 
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - None.) -- C:\Program Files (x86)\AVG\Av\avuirunnerx.exe 
O4 - HKUS\.DEFAULT\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKUS\.DEFAULT\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - No Comment.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe 
O4 - HKUS\S-1-5-18\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe   =>.Piriform Ltd
O4 - HKUS\S-1-5-18\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - No Comment.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
~ Application:  Scanned in 00mn 00s
 
 
 
---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
 
 
 
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons:  Scanned in 00mn 00s
 
 
 
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 9 Scanned in 00mn 00s
 
 
 
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{3C990A9B-BB12-424C-B447-CC5ADF365E53}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{58D6718B-F35D-4945-833F-614F5003E92D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{63CA81C3-E325-4C65-977A-F5A914E99E4B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ACFF1142-A0C5-4BE3-8C29-4E0E0B1C97B3}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C20BEEC8-9074-45BD-8300-6C235ED1F65A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E2BED903-1DE0-43C6-A594-577FD541F6BA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{3C990A9B-BB12-424C-B447-CC5ADF365E53}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{58D6718B-F35D-4945-833F-614F5003E92D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{63CA81C3-E325-4C65-977A-F5A914E99E4B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ACFF1142-A0C5-4BE3-8C29-4E0E0B1C97B3}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C20BEEC8-9074-45BD-8300-6C235ED1F65A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E2BED903-1DE0-43C6-A594-577FD541F6BA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{3C990A9B-BB12-424C-B447-CC5ADF365E53}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{58D6718B-F35D-4945-833F-614F5003E92D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{63CA81C3-E325-4C65-977A-F5A914E99E4B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{ACFF1142-A0C5-4BE3-8C29-4E0E0B1C97B3}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C20BEEC8-9074-45BD-8300-6C235ED1F65A}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E2BED903-1DE0-43C6-A594-577FD541F6BA}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s
 
 
 
---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- 
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s
 
 
 
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s
 
 
 
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
 
 
 
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) . (.AVG Technologies CZ, s.r.o. - AVG Service Process.) - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: BecHelperService (BecHelperService) . (...) - C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mobile Broadband HL Service (Mobile Broadband HL Service) . (...) - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Rapport Management Service (RapportMgmtService) . (.IBM Corp. - RapportMgmtService.) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.No owner - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: Vodafone Mobile Connect Service (VMCService) . (.Vodafone - VMCService.) - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
~ Services: 18 Scanned in 00mn 35s
 
 
 
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
 
 
 
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean64.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s
 
 
 
---\\ Task Planned Automatically (039)
[MD5.BE1A1E8EEA50BE1E1A78EB3D7F4CE8CF] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   [1110232]
[MD5.328708CB8CDADD9C284B4E33E2B19904] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe   [270016]
[MD5.BA90221541E206773C2662083B72ED5E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files (x86)\CCleaner\CCleaner.exe   [6775512]
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [144200]
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [144200]
[MD5.3DA2B70325A5947E981387DB9A9BD843] [APT] [HPCeeScheduleForAdministrator] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe   [96568]
[MD5.3DA2B70325A5947E981387DB9A9BD843] [APT] [HPCeeScheduleForSYSTEM] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe   [96568]
[MD5.00000000000000000000000000000000] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-1473311476-28869768-3281747046-1000] (...) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-1473311476-28869768-3281747046-1000] (...) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (.not file.)   [0]
[MD5.28B01A58758B08F9B2086DBAAEAE791E] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe   [37744]
[MD5.00000000000000000000000000000000] [APT] [{030C0DA4-B24B-4A81-B6FE-E7EE4DE47ACD}] (...) -- C:\Program Files (x86)\iTunes\iTunes.exe (.not file.)   [0]
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] [APT] [{0716BF4A-2692-424D-AC22-1B9247348755}] (.Google Inc..) -- c:\program files (x86)\google\chrome\application\chrome.exe   [941720]
[MD5.00000000000000000000000000000000] [APT] [{14F9EA4B-81A6-4B40-904B-19C876D804F1}] (...) -- C:\Program Files (x86)\iTunes\iTunes.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{21014F32-E16D-4F00-9B37-F9804BE974C5}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{257BD119-4F4C-4FE3-9AE8-333C41EEAC9C}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{25E8B112-BAD2-418A-B87C-B4C4436B2539}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{2E72D406-1B01-44D6-B80C-1894ECD50791}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe   [1917440]
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] [APT] [{37A125E1-0A4B-48F9-AD09-DC086C8FB052}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [941720]
[MD5.00000000000000000000000000000000] [APT] [{3C80FB2E-244D-4EF4-9D0B-C042878BF22F}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{4AB93A81-835B-4808-BBEB-43A5A1F044D7}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{53498204-FB8D-47FA-90EF-D6E62D54A8C6}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{717167F8-5850-48FF-B8B4-453453F19E3D}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] [APT] [{7989E6D4-1E06-41DC-A9FF-217EB2FBFCB4}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [941720]
[MD5.00000000000000000000000000000000] [APT] [{8ADB6663-CBBA-4CED-BFEA-FD0696B8EB04}] (...) -- C:\Users\Administrator\AppData\Local\Amazon\Kindle\application\Kindle.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{8E187B87-D7C1-4EDF-B45A-E001B174DCE4}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{8E8F048D-87DC-4B8D-B7D4-ED6977452CE7}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] [APT] [{917FFCEA-A335-4F42-AE5F-4B922E12294B}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [941720]
[MD5.00000000000000000000000000000000] [APT] [{B7F70646-2A67-43F9-A8DF-66DF3D843335}] (...) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (.not file.)   [0]
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] [APT] [{BDC5FBB3-9E36-41B8-8E00-24FA8F7F49AF}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [941720]
[MD5.00000000000000000000000000000000] [APT] [{D8AFFD11-473F-4E20-B69A-CA096A9DE00D}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{DC304BB5-8983-48E9-BCFE-C3918A316D96}] (...) -- C:\Program Files (x86)\Yahoo!\Common\UNYT_W~1.exe (.not file.)   [0]
[MD5.E262E7DFCB6CBA006837E00E9DECEA94] [APT] [{E0DB434F-49D5-455D-A055-7BE88AF50AD5}] (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe   [941720]
[MD5.23985274780D27117C470AA259B79B30] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe   [569416]
[MD5.A1E81820C9FE16D343213B6778CE460F] [APT] [HP Active Health Scan (HPSA)] (.HP Inc..) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe   [201080]
[MD5.A1E81820C9FE16D343213B6778CE460F] [APT] [HP Active Health Launcher] (.HP Inc..) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe   [201080]
[MD5.9B93EE5EE5289E55D46F322E70AA8BAC] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe   [457272]
[MD5.23DFA7027202DEA2E93A15A064744B23] [APT] [HP Support Solutions Framework Report] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe   [107072]
[MD5.2887DBA1156BD8DEE1EE3BA9B47E39C7] [APT] [HP Support Solutions Framework Updater] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe   [620424]
[MD5.2887DBA1156BD8DEE1EE3BA9B47E39C7] [APT] [HP Support Solutions Framework Updater - Resources] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe   [620424]
[MD5.9B93EE5EE5289E55D46F322E70AA8BAC] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe   [457272]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job   [830]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [830]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [894]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [894]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [898]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [898]
O39 - APT: HPCeeScheduleForAdministrator - (.Hewlett-Packard.) -- C:\Windows\Tasks\HPCeeScheduleForAdministrator.job   [364]
O39 - APT: HPCeeScheduleForAdministrator - (.Hewlett-Packard.) -- C:\Windows\System32\Tasks\HPCeeScheduleForAdministrator   [364]
O39 - APT: HPCeeScheduleForSYSTEM - (.Hewlett-Packard.) -- C:\Windows\Tasks\HPCeeScheduleForSYSTEM.job   [350]
O39 - APT: HPCeeScheduleForSYSTEM - (.Hewlett-Packard.) -- C:\Windows\System32\Tasks\HPCeeScheduleForSYSTEM   [350]
~ Scheduled Task: 47 Scanned in 00mn 33s
 
 
 
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Enable TLS1.1 and 1.2 [64Bits] - {66C64F22-FC60-4E6C-A6B5-F0D580E680CE} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: IE Tour Reset Stub [64Bits] - {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} . (.Microsoft Corporation - ADVPACK.) -- C:\Windows\system32\advpack.dll
~ Active Setup: 13 Scanned in 00mn 01s
 
 
 
---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (Avgdiska) . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - C:\Windows\System32\DRIVERS\avgdiska.sys
O41 - Driver:  (AVGIDSDriver) . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - C:\Windows\System32\DRIVERS\avgidsdrivera.sys
O41 - Driver:  (Avgldx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx64.sys
O41 - Driver:  (Avgtdia) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdia.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RapportCerberus_1609042) . (.IBM Corp. - RapportCerberus.) - C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys
O41 - Driver:  (RapportEI64) . (.IBM Corp. - RapportEI64.) - C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
O41 - Driver:  (RapportPG64) . (.IBM Corp. - RapportPG64.) - C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Serial Device Driver.) - C:\Windows\system32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 84 Scanned in 00mn 02s
 
 
 
---\\ Software installed (O42)
O42 - Logiciel: 3Connect - (.3 Mobile Broadband.) [HKLM][64Bits] -- {A899DA1F-D626-401C-8651-F2921E3B4CB3}
O42 - Logiciel: 9-lab Removal Tool - (...) [HKLM][64Bits] -- 9-lab Removal Tool
O42 - Logiciel: AVG - (.AVG Technologies.) [HKLM][64Bits] -- {8DD226F0-3866-4965-9101-488D2AEE3D3B}
O42 - Logiciel: AVG 2016 - (.AVG Technologies.) [HKLM][64Bits] -- {880D8FA8-C066-4D31-8B6F-0C69D90CB6B8}
O42 - Logiciel: AVG Protection - (.AVG Technologies.) [HKLM][64Bits] -- AVG
O42 - Logiciel: AVG Web TuneUp - (.AVG Technologies.) [HKLM][64Bits] -- AVG Web TuneUp  =>Toolbar.AVGSafeGuard
O42 - Logiciel: AVS Audio Converter 7 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Audio Converter_is1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0A5B39D2-7ED6-4779-BCC9-37F381139DB3}
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100}
O42 - Logiciel: Adobe Flash Player 22 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824191728}
O42 - Logiciel: Amazon Kindle - (.Amazon.) [HKLM][64Bits] -- Amazon Kindle
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {26356515-5821-40FA-9C3D-9785052A1062}
O42 - Logiciel: Apple Application Support (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2E4AF2A6-50EA-4260-9BA4-5E582D11879A}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {56EC47AA-5813-4FF6-8E75-544026FBEA83}  =>.Apple Inc
O42 - Logiciel: ArcSoft Panorama Maker 5 - (.ArcSoft.) [HKLM][64Bits] -- {F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-0409-0000-0000000FF1CE}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: FMW 1 - (.AVG Technologies.) [HKLM][64Bits] -- {69851B81-35BF-4B1B-AE90-3B1D67DD8857}
O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {13A5E785-5197-4EAD-8EE3-D660271E49BC}
O42 - Logiciel: Feedback Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {90024193-9F13-4877-89D5-A1CDF0CBBF28}
O42 - Logiciel: File Uploader - (.Nikon.) [HKLM][64Bits] -- {237CD223-1B9D-47E8-A76C-E478B83CCEA2}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM][64Bits] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}
O42 - Logiciel: HP DVD Play 3.7 - (.Hewlett-Packard.) [HKLM][64Bits] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1}
O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM][64Bits] -- {F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {61EB474B-67A6-47F4-B1B7-386851BAB3D0}  =>.Hewlett-Packard Co
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {F6A11738-3EE4-4573-AEA5-6CD5D491C167}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {D46D081B-F60E-467E-A7C4-117B70D76731}
O42 - Logiciel: HP User Guides 0148 - (.Hewlett-Packard.) [HKLM][64Bits] -- {9D3318E1-5A9F-4A95-A7A1-7E045403AE34}
O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM][64Bits] -- {4E432692-A736-4F77-AF77-F9078CF88D31}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: Huawei modem - (...) [HKLM][64Bits] -- Huawei Modems
O42 - Logiciel: Japanese Fonts Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-5760-0000-900000000003}
O42 - Logiciel: Java 8 Update 31 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418031F0}
O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Legalsounds Download Manager - (.LegalMedia.) [HKLM][64Bits] -- LegalsoundsDownloadManager
O42 - Logiciel: Legalsounds Download Manager - (.LegalMedia.) [HKLM][64Bits] -- {581DD69C-527E-BADD-70E2-1F1C218BD318}
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {FA8BFB25-BF48-4F8B-8859-B30810745190}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {50816F92-1652-4A7C-B9BC-48F682742C4B}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
O42 - Logiciel: Mobile Broadband HL Service - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Mobile Broadband HL Service
O42 - Logiciel: Nikon Message Center - (.Nikon.) [HKLM][64Bits] -- {D2FCC1AE-6311-47C5-8130-C6C66D77DD71}
O42 - Logiciel: Nikon Transfer - (.Nikon.) [HKLM][64Bits] -- {E9757890-7EC5-46C8-99AB-B00F07B6525C}
O42 - Logiciel: PC Camer@ - (.Aecotech.) [HKLM][64Bits] -- {C679F9B9-C65D-4C65-BD6C-BF90B859E281}
O42 - Logiciel: Picture Control Utility - (.Nikon.) [HKLM][64Bits] -- {87441A59-5E64-4096-A170-14EFE67200C3}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM][64Bits] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}
O42 - Logiciel: PowerRecover - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}
O42 - Logiciel: Rapport - (.Trusteer.) [HKLM][64Bits] -- {1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}
O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM][64Bits] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Skype™ 7.24 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Trusteer Endpoint Protection - (.Trusteer.) [HKLM][64Bits] -- Rapport_msi
O42 - Logiciel: ViewNX - (.Nikon.) [HKLM][64Bits] -- {F007CBCE-D714-4C0B-8CE9-9B0D78116468}
O42 - Logiciel: Visual Studio 2010 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {21B133D6-5979-47F0-BE1C-F6A6B304693F}
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484}
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
O42 - Logiciel: Vodafone Mobile Connect Lite - (.Vodafone.) [HKLM][64Bits] -- {96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}
O42 - Logiciel: Windows 10 Upgrade Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {D5C69738-B486-402E-85AC-2456D98A64E4}
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}  =>.Microsoft Corporation
O42 - Logiciel: iCloud - (.Apple Inc..) [HKLM][64Bits] -- {ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}
O42 - Logiciel: iFunbox (v3.0.3109.1352) - (.iFunbox DevTeam.) [HKLM][64Bits] -- iFunbox_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}
O42 - Logiciel: muvee Reveal - (.muvee Technologies Pte Ltd.) [HKLM][64Bits] -- {DE626616-D7C4-4F00-7E0B-EAF26FA65749}
~ Logic: 44 Scanned in 00mn 00s
 
 
 
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AVG SafeGuard toolbar]
[HKCU\Software\AVG Web TuneUp]  =>Toolbar.AVGSafeGuard
[HKCU\Software\Adobe]
[HKCU\Software\Amazon]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArcSoft]
[HKCU\Software\Aurigma]
[HKCU\Software\Avg Secure Update]
[HKCU\Software\Avg]
[HKCU\Software\CUPID plc]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Google]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel\Indeo\4.1]
[HKCU\Software\JavaSoft]
[HKCU\Software\LightScribe]
[HKCU\Software\Macromedia]
[HKCU\Software\Netscape]
[HKCU\Software\Nikon]
[HKCU\Software\ODBC]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Skype]
[HKCU\Software\Trolltech]
[HKCU\Software\Trusteer]
[HKCU\Software\Vodafone]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVG Web TuneUp]  =>Toolbar.AVGSafeGuard
[HKLM\Software\AVS4YOU]
[HKLM\Software\AdsFix]
[HKLM\Software\Agere]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\Huawei technologies]
[HKLM\Software\IDT]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Nikon]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Software]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\Sysinternals]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node\3 Mobile Broadband]
[HKLM\Software\Wow6432Node\685D6D1C-D73A-4F37-B7E5E53660311DDB]
[HKLM\Software\Wow6432Node\AVS4YOU]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdsFix]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Adware Removal Tool by TSA]
[HKLM\Software\Wow6432Node\Aecotech]
[HKLM\Software\Wow6432Node\Amazon]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\ArcSoft]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Avg]
[HKLM\Software\Wow6432Node\Birdstep Technology]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Cyberlink]
[HKLM\Software\Wow6432Node\Debug]
[HKLM\Software\Wow6432Node\EasyBits]
[HKLM\Software\Wow6432Node\Eset]
[HKLM\Software\Wow6432Node\Foresight Software]
[HKLM\Software\Wow6432Node\Global IP Solutions]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HPQLOG]
[HKLM\Software\Wow6432Node\HPQ]
[HKLM\Software\Wow6432Node\HP]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\IObit]
[HKLM\Software\Wow6432Node\Innovative Solutions]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KoyoteSRTB]
[HKLM\Software\Wow6432Node\LabelPrint_Upgrade]
[HKLM\Software\Wow6432Node\LightScribe]
[HKLM\Software\Wow6432Node\LogMeIn Rescue]
[HKLM\Software\Wow6432Node\LogMeInRescueCallingCard]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nikon]
[HKLM\Software\Wow6432Node\Norton]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\P2G_Upgrade]
[HKLM\Software\Wow6432Node\PDR_Upgrade]
[HKLM\Software\Wow6432Node\PixArt]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Product_Upgrade]
[HKLM\Software\Wow6432Node\RealNetworks]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Sysinternals]
[HKLM\Software\Wow6432Node\Trusteer]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\Vocal Transformer]
[HKLM\Software\Wow6432Node\Vodafone]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Workflows]
[HKLM\Software\Wow6432Node\Xing Technology Corp.]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\g3n-h@ckm@n]
[HKLM\Software\Wow6432Node\muvee Technologies]
[HKLM\Software\Wow6432Node]
~ Key Software: 297 Scanned in 00mn 00s
 
 
 
---\\ Contents of the Common Files folders (O43)
O43 - CFD: 19/07/2012 - 19:15:24 - [] ----D C:\Program Files (x86)\3 Mobile Broadband
O43 - CFD: 02/11/2015 - 22:26:48 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 21/07/2016 - 22:58:31 - [] ----D C:\Program Files (x86)\Adware Removal Tool by TSA
O43 - CFD: 20/08/2010 - 22:11:53 - [] ----D C:\Program Files (x86)\Aecotech
O43 - CFD: 21/06/2016 - 00:37:04 - [] ----D C:\Program Files (x86)\Amazon
O43 - CFD: 11/03/2016 - 13:46:33 - [] ----D C:\Program Files (x86)\Apple Software Update  =>.Apple Inc
O43 - CFD: 26/06/2011 - 10:26:56 - [] ----D C:\Program Files (x86)\ArcSoft
O43 - CFD: 26/11/2013 - 17:12:40 - [] ----D C:\Program Files (x86)\Atheros
O43 - CFD: 25/10/2015 - 03:36:23 - [] ----D C:\Program Files (x86)\AVG
O43 - CFD: 16/09/2013 - 18:20:29 - [] ----D C:\Program Files (x86)\AVS4YOU
O43 - CFD: 05/10/2015 - 01:08:04 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 27/09/2015 - 21:52:31 - [] ----D C:\Program Files (x86)\CCleaner
O43 - CFD: 14/09/2013 - 19:18:17 - [] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 17/07/2016 - 21:36:28 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 06/08/2010 - 03:35:45 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 25/12/2010 - 21:00:45 - [] ----D C:\Program Files (x86)\Feedback Tool
O43 - CFD: 15/10/2011 - 10:51:30 - [] ----D C:\Program Files (x86)\GirlsDateChat
O43 - CFD: 30/12/2014 - 19:11:54 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 08/08/2015 - 02:10:10 - [] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 22/08/2013 - 07:15:35 - [] ----D C:\Program Files (x86)\Hp
O43 - CFD: 06/08/2010 - 16:41:48 - [] ----D C:\Program Files (x86)\HP Games
O43 - CFD: 19/07/2012 - 19:15:39 - [] ----D C:\Program Files (x86)\Huawei Modems
O43 - CFD: 02/07/2016 - 18:53:47 - [] ----D C:\Program Files (x86)\i-Funbox DevTeam
O43 - CFD: 26/11/2013 - 01:38:40 - [] ----D C:\Program Files (x86)\Image Converter
O43 - CFD: 09/08/2015 - 21:54:27 - [] ----D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 09/08/2015 - 22:28:46 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 16/07/2016 - 05:38:34 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 12/06/2016 - 21:35:42 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 21/01/2015 - 03:11:44 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 27/08/2011 - 15:22:24 - [] ----D C:\Program Files (x86)\Legalsounds Download Manager
O43 - CFD: 19/01/2012 - 12:54:48 - [] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 29/06/2011 - 02:27:35 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 25/06/2016 - 10:34:03 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 06/08/2010 - 03:39:04 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 05/08/2010 - 23:20:32 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 05/08/2010 - 23:18:24 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 14/10/2012 - 08:53:04 - [] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 08/08/2010 - 00:40:35 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 25/04/2016 - 22:32:01 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 05/08/2010 - 23:20:40 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 05/08/2010 - 23:36:07 - [] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 06/08/2010 - 10:45:37 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 06/08/2010 - 03:36:58 - [] ----D C:\Program Files (x86)\muvee Technologies
O43 - CFD: 26/06/2011 - 10:32:55 - [] ----D C:\Program Files (x86)\Nikon
O43 - CFD: 24/08/2010 - 21:12:42 - [] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 07/02/2015 - 10:35:22 - [] ----D C:\Program Files (x86)\Opera
O43 - CFD: 08/01/2016 - 13:32:58 - [] ----D C:\Program Files (x86)\QuickTime
O43 - CFD: 24/03/2013 - 11:49:38 - [] ----D C:\Program Files (x86)\Real
O43 - CFD: 06/08/2010 - 03:27:45 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 27/05/2016 - 14:48:52 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 05/08/2015 - 01:35:25 - [0] ----D C:\Program Files (x86)\SlimDrivers
O43 - CFD: 01/01/2015 - 02:04:04 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2
O43 - CFD: 23/12/2010 - 18:52:14 - [] ----D C:\Program Files (x86)\Trusteer
O43 - CFD: 14/07/2009 - 05:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 06/08/2010 - 17:12:28 - [] ----D C:\Program Files (x86)\Vodafone
O43 - CFD: 11/07/2013 - 00:17:51 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 15/04/2012 - 18:42:59 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 24/05/2011 - 13:29:16 - [] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 11/03/2016 - 03:11:15 - [] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 24/05/2011 - 13:29:16 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 24/05/2011 - 13:29:16 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 24/05/2011 - 13:29:17 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 21/07/2016 - 23:32:10 - [] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 02/11/2015 - 22:26:51 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 15/09/2013 - 01:24:56 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 19/02/2015 - 18:31:22 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 26/06/2011 - 10:26:59 - [] ----D C:\Program Files (x86)\Common Files\ArcSoft
O43 - CFD: 16/09/2013 - 18:20:40 - [] ----D C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 14/05/2014 - 14:55:56 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 26/06/2011 - 10:29:29 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 21/01/2015 - 03:06:05 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 03/01/2015 - 03:23:43 - [] ----D C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 11/10/2013 - 04:09:09 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 26/06/2011 - 10:30:31 - [] ----D C:\Program Files (x86)\Common Files\muvee Technologies
O43 - CFD: 26/06/2011 - 10:36:31 - [] ----D C:\Program Files (x86)\Common Files\Nikon
O43 - CFD: 20/08/2010 - 22:11:54 - [] ----D C:\Program Files (x86)\Common Files\PAC207
O43 - CFD: 14/07/2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 30/03/2016 - 09:10:16 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 03/01/2015 - 03:31:12 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 10/11/2011 - 12:41:20 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 14/08/2009 - 19:24:28 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 19/07/2016 - 01:10:33 - [] ----D C:\ProgramData\9-lab
O43 - CFD: 02/11/2015 - 22:25:59 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 26/06/2011 - 10:32:21 - [] ----D C:\ProgramData\Applause and Laugher
O43 - CFD: 27/01/2014 - 20:02:59 - [] ----D C:\ProgramData\Apple
O43 - CFD: 06/08/2010 - 10:00:33 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\ProgramData\Application Data
O43 - CFD: 26/06/2011 - 11:29:42 - [] ----D C:\ProgramData\ArcSoft
O43 - CFD: 06/08/2010 - 03:28:31 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 24/10/2015 - 23:54:51 - [] ----D C:\ProgramData\AVG
O43 - CFD: 05/10/2013 - 13:17:44 - [] ----D C:\ProgramData\AVG2013
O43 - CFD: 25/10/2015 - 03:36:23 - [] ----D C:\ProgramData\AVG2015
O43 - CFD: 29/05/2014 - 12:44:26 - [] ----D C:\ProgramData\Avg_Update_0414c
O43 - CFD: 24/03/2013 - 10:10:04 - [] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 19/07/2012 - 19:17:00 - [] ----D C:\ProgramData\Birdstep Technology
O43 - CFD: 21/12/2011 - 19:30:48 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 27/07/2013 - 00:18:30 - [] ----D C:\ProgramData\Common Files
O43 - CFD: 03/03/2016 - 17:53:51 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\ProgramData\Documents
O43 - CFD: 29/12/2014 - 06:01:34 - [] ----D C:\ProgramData\Easybits Magic Desktop for HP
O43 - CFD: 26/06/2011 - 10:32:20 - [] ----D C:\ProgramData\EnterNHelp
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\ProgramData\Favorites
O43 - CFD: 06/08/2010 - 17:12:28 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 27/01/2014 - 16:42:24 - [] ----D C:\ProgramData\Foresight Software
O43 - CFD: 24/03/2013 - 12:58:14 - [] ----D C:\ProgramData\Google
O43 - CFD: 09/08/2015 - 16:24:17 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 21/07/2016 - 22:49:17 - [] ----D C:\ProgramData\IObit
O43 - CFD: 30/12/2014 - 04:32:51 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 24/03/2013 - 15:59:02 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 21/07/2016 - 22:02:32 - [] ----D C:\ProgramData\MFAData
O43 - CFD: 19/09/2015 - 09:41:45 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 16/07/2016 - 03:50:06 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 16/07/2013 - 17:50:12 - [] ----D C:\ProgramData\MobileBrServ
O43 - CFD: 26/06/2011 - 10:30:29 - [] ----D C:\ProgramData\Nikon
O43 - CFD: 03/01/2015 - 09:57:10 - [] ----D C:\ProgramData\Norton
O43 - CFD: 06/08/2010 - 09:50:17 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 21/01/2015 - 04:26:49 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 22/12/2013 - 01:42:37 - [] ----D C:\ProgramData\Razer
O43 - CFD: 24/03/2013 - 11:49:05 - [] ----D C:\ProgramData\Real
O43 - CFD: 11/07/2016 - 02:04:28 - [] ----D C:\ProgramData\Recovery
O43 - CFD: 04/01/2015 - 18:11:57 - [] ----D C:\ProgramData\RogueKiller
O43 - CFD: 16/07/2016 - 11:34:05 - [] ----D C:\ProgramData\Skype
O43 - CFD: 31/12/2014 - 05:51:24 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\ProgramData\Start Menu
O43 - CFD: 06/08/2010 - 09:52:40 - [] ----D C:\ProgramData\Sun
O43 - CFD: 06/08/2010 - 03:35:23 - [] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\ProgramData\Templates
O43 - CFD: 30/09/2010 - 19:31:42 - [] ----D C:\ProgramData\Trusteer
O43 - CFD: 26/06/2011 - 10:32:20 - [] ----D C:\ProgramData\Ultima_T15
O43 - CFD: 06/08/2010 - 17:12:37 - [] ----D C:\ProgramData\Vodafone
O43 - CFD: 06/08/2010 - 16:41:43 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 27/01/2014 - 16:37:27 - [] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 21/12/2013 - 11:20:07 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 06/08/2010 - 10:00:52 - [] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 08/08/2015 - 01:36:30 - [] ----D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
O43 - CFD: 19/07/2012 - 19:16:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3 Mobile Broadband
O43 - CFD: 19/07/2016 - 01:10:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
O43 - CFD: 22/12/2014 - 01:07:54 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/07/2009 - 05:57:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 13/09/2013 - 19:23:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014
O43 - CFD: 16/09/2013 - 18:20:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 29/12/2014 - 06:01:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 14/08/2009 - 21:16:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
O43 - CFD: 19/06/2016 - 15:32:57 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 24/08/2010 - 21:09:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard
O43 - CFD: 22/08/2013 - 07:42:29 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 08/08/2015 - 02:31:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
O43 - CFD: 02/07/2016 - 18:53:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
O43 - CFD: 29/04/2016 - 21:05:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 12/06/2016 - 21:46:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 22/09/2013 - 21:16:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 27/08/2011 - 15:22:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legalsounds Download Manager
O43 - CFD: 12/09/2010 - 21:12:45 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
O43 - CFD: 26/06/2011 - 10:22:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon
O43 - CFD: 14/07/2009 - 05:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/09/2013 - 19:21:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 25/06/2016 - 03:19:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 14/10/2012 - 08:53:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
O43 - CFD: 24/08/2010 - 21:14:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\muvee
O43 - CFD: 26/06/2011 - 10:30:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Transfer
O43 - CFD: 24/08/2010 - 21:12:42 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
O43 - CFD: 20/08/2010 - 22:11:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Camer@
O43 - CFD: 08/01/2016 - 13:33:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 16/07/2016 - 11:34:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 16/09/2013 - 22:06:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skyshare Manager 2.0.4
O43 - CFD: 15/07/2015 - 22:20:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 19/07/2016 - 01:00:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
O43 - CFD: 26/06/2011 - 10:33:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ViewNX
O43 - CFD: 15/04/2012 - 18:47:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 21/07/2016 - 23:32:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP  =>.Nicolas Coolman
O43 - CFD: 06/07/2016 - 21:02:35 - [] ----D C:\Users\Default\AppData\Roaming\Adobe
O43 - CFD: 09/07/2016 - 20:22:53 - [] ----D C:\Users\Default\AppData\Roaming\Apple Computer
O43 - CFD: 11/07/2016 - 21:36:43 - [] ----D C:\Users\Default\AppData\Roaming\Hewlett-Packard
O43 - CFD: 06/08/2010 - 19:03:15 - [] ----D C:\Users\Default\AppData\Roaming\Macromedia
O43 - CFD: 06/08/2010 - 04:16:59 - [0] ----D C:\Users\Default\AppData\Roaming\Media Center Programs
O43 - CFD: 06/07/2016 - 09:48:33 - [] -S--D C:\Users\Default\AppData\Roaming\Microsoft
O43 - CFD: 23/05/2011 - 07:24:36 - [] ----D C:\Users\Default\AppData\Roaming\Trusteer
O43 - CFD: 31/07/2013 - 16:27:38 - [] ----D C:\Users\Default\AppData\Roaming\TuneUp Software
O43 - CFD: 21/07/2016 - 23:38:01 - [] ----D C:\Users\Default\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 17/07/2016 - 20:12:40 - [] ----D C:\Users\Default\AppData\Local\Apple
O43 - CFD: 09/07/2016 - 20:22:53 - [] ----D C:\Users\Default\AppData\Local\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\Users\Default\AppData\Local\Application Data
O43 - CFD: 05/07/2016 - 00:55:10 - [] ----D C:\Users\Default\AppData\Local\Google
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\Users\Default\AppData\Local\History
O43 - CFD: 12/07/2016 - 00:10:45 - [] ----D C:\Users\Default\AppData\Local\Microsoft
O43 - CFD: 06/08/2010 - 10:34:29 - [0] ----D C:\Users\Default\AppData\Local\Microsoft Help
O43 - CFD: 14/07/2009 - 03:34:59 - [0] ----D C:\Users\Default\AppData\Local\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [] -S--D C:\Users\Default\AppData\Local\Temporary Internet Files
O43 - CFD: 27/09/2011 - 08:16:08 - [] ----D C:\Users\Default\AppData\Local\Trusteer
O43 - CFD: 14/07/2009 - 05:54:32 - [] R---D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 06/08/2010 - 03:36:29 - [] ----D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
O43 - CFD: 14/07/2009 - 05:49:38 - [] R---D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 14/08/2009 - 20:47:27 - [] ----D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recovery Manager
~ Program Folder: 197 Scanned in 00mn 00s
 
 
 
---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 10/07/2016 - 01:26:50 ---A- . (...) -- C:\Windows\setuperr.log   [0]
O44 - LFC:[MD5.560B65E57ED5297DFCF8F8B04E1135EE] - 10/07/2016 - 15:22:49 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [782510]
O44 - LFC:[MD5.F2ADF3DCD3553310572BF23CF59697D4] - 11/07/2016 - 13:01:50 ---A- . (.IBM Corp. - RapportKE.) -- C:\Windows\System32\Drivers\RapportKE64.sys   [470056]
O44 - LFC:[MD5.55630D0ADFB6DFC92F7CA0B6A50C7F70] - 11/07/2016 - 13:01:52 ---A- . (.IBM Corp. - RapportHades64.) -- C:\Windows\System32\Drivers\RapportHades64.sys   [215560]
O44 - LFC:[MD5.B813B68D0681D5F74E122760E3F6DA71] - 16/07/2016 - 00:53:43 ---A- . (.Microsoft Corporation - Multi-User Win32 Driver.) -- C:\Windows\System32\win32k.sys   [3217408]
O44 - LFC:[MD5.8203ACD37B0D0277172491E755BDC67D] - 16/07/2016 - 00:59:16 ---A- . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\Windows\System32\mshtml.dll   [25814016]
O44 - LFC:[MD5.49D24CEC0527FD148A83B8B83EB89CE2] - 16/07/2016 - 00:59:17 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll   [88064]
O44 - LFC:[MD5.D18422648BD2A38B5C060549602D7415] - 16/07/2016 - 00:59:17 ---A- . (.Microsoft Corporation - Internet Ratings and Local User Management.) -- C:\Windows\System32\msrating.dll   [199680]
O44 - LFC:[MD5.D1B60901108C3BEAB4F9D7DB8E9F6995] - 16/07/2016 - 00:59:18 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll   [54784]
O44 - LFC:[MD5.5D326F2FF35D076A0B6B536BE2E08993] - 16/07/2016 - 00:59:18 ---A- . (.Microsoft Corporation - Microsoft HTML Converter.) -- C:\Windows\System32\html.iec   [417792]
O44 - LFC:[MD5.03DD8828D1777DD0D946753C7947D1D2] - 16/07/2016 - 00:59:19 ---A- . (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll   [2869248]
O44 - LFC:[MD5.AF00B7DF583B9FDEC57E05C9A941EB47] - 16/07/2016 - 00:59:19 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript9.dll   [6047744]
O44 - LFC:[MD5.0D99D2261C5241E6E0C44185535CD8B2] - 16/07/2016 - 00:59:20 ---A- . (.Microsoft Corporation - IE 7.0 Unattended Install Utility.) -- C:\Windows\System32\ieUnatt.exe   [144384]
O44 - LFC:[MD5.2B0CC0D4DD5BECE100AFA7927F65C6D7] - 16/07/2016 - 00:59:20 ---A- . (.Microsoft Corporation - Microsoft ® HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll   [1359360]
O44 - LFC:[MD5.18D0A6555AD70A538596F8B197C2D919] - 16/07/2016 - 00:59:20 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll   [814080]
O44 - LFC:[MD5.482AD805BD958454E3868DF5E5396AC9] - 16/07/2016 - 00:59:20 ---A- . (.Microsoft Corporation - Microsoft ® JScript.) -- C:\Windows\System32\jscript.dll   [817664]
O44 - LFC:[MD5.B58534639276D570052DDE1A7E8369E0] - 16/07/2016 - 00:59:20 ---A- . (.Microsoft Corporation - Web Site Monitor.) -- C:\Windows\System32\webcheck.dll   [262144]
O44 - LFC:[MD5.B24D6FFA2920B47820B01B057062AAB3] - 16/07/2016 - 00:59:21 ---A- . (.Microsoft Corporation - Internet Browser.) -- C:\Windows\System32\ieframe.dll   [15409664]
O44 - LFC:[MD5.1AC4CBC4F84F0BAFA879A2CFE9AE6A51] - 16/07/2016 - 00:59:21 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll   [92160]
O44 - LFC:[MD5.8F9D18155B3A8688E32C9E0B6DA813A7] - 16/07/2016 - 00:59:22 ---A- . (.Microsoft Corporation - Internet Explorer UI Engine.) -- C:\Windows\System32\ieui.dll   [615936]
O44 - LFC:[MD5.38473B4FF0A96796CED027D217B9C723] - 16/07/2016 - 00:59:26 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll   [572416]
O44 - LFC:[MD5.43E8324CA8458D9B6253928620EA059C] - 16/07/2016 - 00:59:27 ---A- . (.Microsoft Corporation - Internet Control Panel.) -- C:\Windows\System32\inetcpl.cpl   [2131456]
O44 - LFC:[MD5.E96F4543465FEAA3E57ADE8E8741359A] - 16/07/2016 - 00:59:27 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll   [2895360]
O44 - LFC:[MD5.24450829A8F3241042AF776A49317D48] - 16/07/2016 - 00:59:28 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll   [66560]
O44 - LFC:[MD5.7959066F54470D88A6663EDD25A0F639] - 16/07/2016 - 00:59:28 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll   [800768]
O44 - LFC:[MD5.821BFD7B79FAE1B412983A8AF260A9A1] - 16/07/2016 - 00:59:30 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll   [806400]
O44 - LFC:[MD5.DD5E0CEB0F4472F11864B3304A6C1EEA] - 16/07/2016 - 00:59:30 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe   [968704]
O44 - LFC:[MD5.D3BF41B42C63D8BD3079BA894EF679F1] - 16/07/2016 - 00:59:31 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll   [4096]
O44 - LFC:[MD5.77F3FBBDDDEDC911391FA0088B24E81B] - 16/07/2016 - 00:59:31 ---A- . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\System32\iedkcs32.dll   [394448]
O44 - LFC:[MD5.F489F841DC1F98195436E017208CCF2B] - 16/07/2016 - 00:59:31 ---A- . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll   [1550848]
O44 - LFC:[MD5.63663D8845912E825A5C532EE962FA83] - 16/07/2016 - 00:59:31 ---A- . (.Microsoft Corporation - Object Control Viewer.) -- C:\Windows\System32\occache.dll   [152064]
O44 - LFC:[MD5.92DB4F43E9645989F329A747A0BFC63A] - 16/07/2016 - 00:59:32 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb   [2724864]
O44 - LFC:[MD5.999D2342A8F72D11F3A6F44279D3D7D6] - 16/07/2016 - 00:59:36 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll   [77824]
O44 - LFC:[MD5.0BD0245384AE15A70F35B0A3DF631E1E] - 16/07/2016 - 00:59:37 ---A- . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe   [724992]
O44 - LFC:[MD5.6BBC545529FF0E4F0A3007AD659C22C4] - 16/07/2016 - 00:59:37 ---A- . (.Microsoft Corporation - Install engine.) -- C:\Windows\System32\inseng.dll   [107520]
O44 - LFC:[MD5.9C62762D091C0AA0A39C9D359281E2C0] - 16/07/2016 - 00:59:38 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll   [48640]
O44 - LFC:[MD5.D9D23E777AC37759F0923364E61AD3D4] - 16/07/2016 - 00:59:39 ---A- . (.Microsoft Corporation - Extended RunOnce processing with UI.) -- C:\Windows\System32\iernonce.dll   [34304]
O44 - LFC:[MD5.E21A7B03C2FCC805D71E4B04153F176D] - 16/07/2016 - 00:59:39 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe   [114688]
O44 - LFC:[MD5.6148007CCB981A9B8E26B0B878F9048F] - 16/07/2016 - 01:00:59 ---A- . (.Microsoft Corporation - Internet Print Client DLL.) -- C:\Windows\System32\inetppui.dll   [22528]
O44 - LFC:[MD5.F58223A8B772E419330A7A8BB7575647] - 16/07/2016 - 01:00:59 ---A- . (.Microsoft Corporation - Internet Print Provider DLL.) -- C:\Windows\System32\inetpp.dll   [166400]
O44 - LFC:[MD5.172E44C1ECEB2293B6AB4758C6DC57C2] - 16/07/2016 - 01:00:59 ---A- . (.Microsoft Corporation - Printer driver software installation.) -- C:\Windows\System32\ntprint.exe   [61952]
O44 - LFC:[MD5.3625F8F8CB796745FE6E94BCD899F3CE] - 16/07/2016 - 01:00:59 ---A- . (.Microsoft Corporation - Spooler Setup DLL.) -- C:\Windows\System32\ntprint.dll   [344576]
O44 - LFC:[MD5.6F9807DF2A447FD6214269F43C6C7138] - 16/07/2016 - 01:00:59 ---A- . (.Microsoft Corporation - Support exe for Internet Printing.) -- C:\Windows\System32\wpnpinst.exe   [48640]
O44 - LFC:[MD5.088D3B812AF7ECBFF5047C9039771175] - 16/07/2016 - 01:01:00 ---A- . (.Microsoft Corporation - Client Side Rendering Print Provider.) -- C:\Windows\System32\win32spl.dll   [756736]
O44 - LFC:[MD5.4B119D9E0DA564BB62CA42CBA479A1EE] - 16/07/2016 - 01:01:01 ---A- . (.Microsoft Corporation - Local Spooler DLL.) -- C:\Windows\System32\localspl.dll   [970240]
O44 - LFC:[MD5.B0D02EB2EA0DBF7E5B6E04484D887335] - 16/07/2016 - 02:55:44 ---A- . (.Microsoft Corporation - Microsoft Windows Malicious Software Remova.) -- C:\Windows\System32\MRT.exe   [144749672]
O44 - LFC:[MD5.223321294EC646AA0D57FED510D6F9E6] - 16/07/2016 - 08:50:51 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [436376]
O44 - LFC:[MD5.894F31366470CCEF1378B5C39AD33D2C] - 16/07/2016 - 21:05:06 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [127638]
O44 - LFC:[MD5.F0416A8F521C17CB72AB977D3354EDA4] - 16/07/2016 - 21:05:06 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [670054]
O44 - LFC:[MD5.A1CA52113D68B4D5DA73352791887C34] - 17/07/2016 - 21:13:14 ---A- . (...) -- C:\AdsFix_17_07_2016_22_13_18.txt   [74376]
O44 - LFC:[MD5.46CC2A27CC1C99A69EB05DADCDA810E6] - 17/07/2016 - 21:23:53 ---A- . (...) -- C:\RstHosts.txt   [681]
O44 - LFC:[MD5.DDEE9EA486110652A75E37F6C2ED6EDC] - 18/07/2016 - 23:21:08 R--A- . (...) -- C:\Pre_Scan_19_07_2016_00_21_08.txt   [13245]
O44 - LFC:[MD5.A58E519333357BD3AE418C369EE8BFE3] - 21/07/2016 - 21:14:14 ---A- . (...) -- C:\Windows\PFRO.log   [4560]
O44 - LFC:[MD5.9D7415C181DE1A4F42C54CC7835EE20B] - 21/07/2016 - 21:14:24 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.A0B08A0DF407A8396720CE779E3FFF71] - 21/07/2016 - 21:14:27 ---A- . (...) -- C:\Windows\setupact.log   [840]
O44 - LFC:[MD5.DBC9D95FFAAFA672ACD5E77D32A903F9] - 21/07/2016 - 21:25:03 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1778661]
~ Files: 58 Scanned in 00mn 24s
 
 
 
---\\ Export authorized application key (O47)
O47 - AAKE:Key Export SP - "C:\Windows\SysWOW64\config\systemprofile\Downloads\adsfix_3_01.07.2016.3.exe" [Enabled] .(.SosVirus.) -- C:\Windows\SysWOW64\config\systemprofile\Downloads\adsfix_3_01.07.2016.3.exe
O47 - AAKE:Key Export SP - "C:\Windows\SysWOW64\config\systemprofile\Downloads\adsfix_3_01.07.2016.3 (1).exe" [Enabled] .(.SosVirus.) -- C:\Windows\SysWOW64\config\systemprofile\Downloads\adsfix_3_01.07.2016.3 (1).exe
O47 - AAKE:Key Export SP - "C:\Windows\SysWOW64\config\systemprofile\Downloads\adsfix_3_01.07.2016.3 (2).exe" [Enabled] .(.SosVirus.) -- C:\Windows\SysWOW64\config\systemprofile\Downloads\adsfix_3_01.07.2016.3 (2).exe
O47 - AAKE:Key Export SP - "C:\Windows\SysWOW64\config\systemprofile\Downloads\adsfix_3_01.07.2016.3 (3).exe" [Enabled] .(.SosVirus.) -- C:\Windows\SysWOW64\config\systemprofile\Downloads\adsfix_3_01.07.2016.3 (3).exe
O47 - AAKE:Key Export SP - "C:\Windows\SysWOW64\config\systemprofile\Downloads\pre-scan_6_29.06.2016.1.exe" [Enabled] .(...) -- C:\Windows\SysWOW64\config\systemprofile\Downloads\pre-scan_6_29.06.2016.1.exe (.not file.)
~ Keys Export: 5 Scanned in 00mn 00s
 
 
 
---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Windows Security Configuration Editor Client Engine.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 01s
 
 
 
---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Serial Mouse Filter Driver.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s
 
 
 
---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 01s
 
 
 
---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
 
 
 
---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "WallpaperStyle"=
~ MWPS: 17 Scanned in 00mn 00s
 
 
 
---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 3 Scanned in 00mn 00s
 
 
 
---\\ System Drivers List (SDL) (O58)
O58 - SDL:14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys   [339536]
O58 - SDL:14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys   [182864]
O58 - SDL:10/06/2009 - 21:01:06 ---A- . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\System32\Drivers\agrsm64.sys   [1146880]
O58 - SDL:14/07/2009 - 01:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys   [15440]
O58 - SDL:14/03/2013 - 14:17:46 ---A- . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\Windows\System32\Drivers\amdkmafd.sys   [21600]
O58 - SDL:11/03/2011 - 06:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys   [107904]
O58 - SDL:14/07/2009 - 01:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys   [194128]
O58 - SDL:11/03/2011 - 06:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys   [27008]
O58 - SDL:14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys   [87632]
O58 - SDL:14/07/2009 - 01:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [97856]
O58 - SDL:20/06/2012 - 08:42:44 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys   [3678720]
O58 - SDL:13/05/2016 - 06:52:10 ---A- . (.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) -- C:\Windows\System32\Drivers\avgdiska.sys   [163072]
O58 - SDL:09/06/2016 - 07:15:02 ---A- . (.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver..) -- C:\Windows\System32\Drivers\avgidsdrivera.sys   [310016]
O58 - SDL:01/06/2016 - 12:25:42 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Driver.) -- C:\Windows\System32\Drivers\avgidsha.sys   [261376]
O58 - SDL:01/06/2016 - 12:28:02 ---A- . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) -- C:\Windows\System32\Drivers\avgldx64.sys   [260352]
O58 - SDL:16/02/2016 - 08:05:56 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) -- C:\Windows\System32\Drivers\avgloga.sys   [360736]
O58 - SDL:02/06/2016 - 14:13:08 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) -- C:\Windows\System32\Drivers\avgmfx64.sys   [249088]
O58 - SDL:01/06/2016 - 12:16:40 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) -- C:\Windows\System32\Drivers\avgrkx64.sys   [52992]
O58 - SDL:01/06/2016 - 12:26:36 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\Windows\System32\Drivers\avgtdia.sys   [280320]
O58 - SDL:01/06/2016 - 12:25:36 ---A- . (.AVG Technologies CZ, s.r.o. - AVG Universal Driver.) -- C:\Windows\System32\Drivers\avguniva.sys   [76544]
O58 - SDL:10/06/2009 - 20:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys   [270848]
O58 - SDL:23/11/2010 - 07:33:34 ---A- . (.Beceem communications pvt ltd. - Beceem Communications Inc. WiMAX driver.) -- C:\Windows\System32\Drivers\BcmBusCtr_64.sys   [59904]
O58 - SDL:10/06/2009 - 20:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys   [18432]
O58 - SDL:10/06/2009 - 20:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys   [8704]
O58 - SDL:14/07/2009 - 01:19:07 ---A- . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys   [286720]
O58 - SDL:10/06/2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys   [47104]
O58 - SDL:10/06/2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys   [14976]
O58 - SDL:10/06/2009 - 20:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys   [14720]
O58 - SDL:10/06/2009 - 20:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys   [468480]
O58 - SDL:14/07/2009 - 01:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys   [17488]
O58 - SDL:23/11/2010 - 07:33:34 ---A- . (.Beceem communications pvt ltd. - Beceem Communications Inc. WiMAX driver.) -- C:\Windows\System32\Drivers\drxvi314_64.sys   [371712]
O58 - SDL:14/07/2009 - 01:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:10/06/2009 - 20:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys   [3286016]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys   [32768]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ewusbmdm.sys   [221312]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\ewusbwwan.sys   [421376]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\Drivers\ew_hwupgrade.sys   [22016]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ew_hwusbdev.sys   [117248]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\Drivers\ew_jubusenum.sys   [86016]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\Drivers\ew_jucdcacm.sys   [98816]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_jucdcecm.sys   [69632]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\Drivers\ew_juextctrl.sys   [28672]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_juwwanecm.sys   [212992]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\Drivers\ew_usbenumfilter.sys   [13952]
O58 - SDL:18/05/2009 - 12:17:08 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys   [34152]
O58 - SDL:10/06/2009 - 20:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:29/04/2009 - 15:48:32 ---A- . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\HpqKbFiltr.sys   [18432]
O58 - SDL:19/11/2010 - 22:33:36 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys   [78720]
O58 - SDL:11/03/2011 - 06:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys   [410496]
O58 - SDL:11/02/2011 - 18:16:38 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys   [10628640]
O58 - SDL:14/07/2009 - 01:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys   [44112]
O58 - SDL:26/05/2009 - 12:13:10 ---A- . (.Intel® Corporation - Intel® High Definition Audio HDMI.) -- C:\Windows\System32\Drivers\IntcHdmi.sys   [138752]
O58 - SDL:14/07/2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys   [114752]
O58 - SDL:14/07/2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [106560]
O58 - SDL:14/07/2009 - 01:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys   [65600]
O58 - SDL:14/07/2009 - 01:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys   [115776]
O58 - SDL:14/07/2009 - 01:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys   [35392]
O58 - SDL:14/07/2009 - 01:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys   [284736]
O58 - SDL:23/03/2011 - 15:15:44 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys   [1001472]
O58 - SDL:10/06/2009 - 20:35:28 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\netw5v64.sys   [5434368]
O58 - SDL:14/07/2009 - 01:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys   [51264]
O58 - SDL:11/03/2011 - 06:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [148352]
O58 - SDL:11/03/2011 - 06:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [166272]
O58 - SDL:04/06/2009 - 16:44:42 ---A- . (.PixArt Imaging Inc. - PFC027.) -- C:\Windows\System32\Drivers\PFC027.SYS   [686592]
O58 - SDL:14/07/2009 - 01:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys   [1524816]
O58 - SDL:14/07/2009 - 01:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys   [128592]
O58 - SDL:11/07/2016 - 13:01:52 ---A- . (.IBM Corp. - RapportHades64.) -- C:\Windows\System32\Drivers\RapportHades64.sys   [215560]
O58 - SDL:11/07/2016 - 13:01:50 ---A- . (.IBM Corp. - RapportKE.) -- C:\Windows\System32\Drivers\RapportKE64.sys   [470056]
O58 - SDL:21/12/2013 - 02:01:06 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys   [883928]
O58 - SDL:10/06/2009 - 20:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [23040]
O58 - SDL:14/07/2009 - 01:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys   [43584]
O58 - SDL:14/07/2009 - 01:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [80464]
O58 - SDL:21/12/2013 - 02:05:12 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys   [32496]
O58 - SDL:14/07/2009 - 01:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:23/03/2010 - 13:53:06 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys   [505344]
O58 - SDL:14/10/2011 - 03:37:44 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys   [396848]
O58 - SDL:04/01/2015 - 17:12:00 ---A- . (...) -- C:\Windows\System32\Drivers\TrueSight.sys   [37624]
O58 - SDL:10/06/2015 - 22:08:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [54784]
O58 - SDL:14/07/2009 - 01:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [17488]
O58 - SDL:14/07/2009 - 01:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [161872]
O58 - SDL:10/06/2009 - 21:01:11 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\System32\Drivers\VSTAZL6.SYS   [292864]
O58 - SDL:10/06/2009 - 21:01:11 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\Drivers\VSTCNXT6.SYS   [740864]
O58 - SDL:10/06/2009 - 21:01:11 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\Drivers\VSTDPV6.SYS   [1485312]
O58 - SDL:10/06/2009 - 20:35:33 ---A- . (.Marvell - Miniport Driver for Marvell Yukon Ethernet Controller..) -- C:\Windows\System32\Drivers\yk62x64.sys   [389120]
O58 - SDL:23/03/2011 - 15:17:48 ---A- . (.No owner - SmartRoaming Client.) -- C:\Windows\SysWOW64\drivers\mdvrmng.sys   [10240]
~ Drivers: 86 Scanned in 01mn 01s
 
 
 
---\\ Last modified or created user files (O61)
O61 - LFC: 20/07/2016 - 23:39:49 ---A- . (.Google Inc..) -- C:\Users\TEMP.Pauls-PC\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.903\_platform_specific\win_x86\widevinecdm.dll   [5790712]
~ 114 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 1 Scanned in 00mn 06s
 
 
 
---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s
 
 
 
---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\adp94xx.sys (adp94xx)  .(.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - LEGACY_ADP94XX
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\adpahci.sys (adpahci)  .(.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - LEGACY_ADPAHCI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\adpu320.sys (adpu320)  .(.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - LEGACY_ADPU320
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\aliide.sys (aliide)  .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE
O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\amdsata.sys (amdsata)  .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMDSATA
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\amdsbs.sys (amdsbs)  .(.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) - LEGACY_AMDSBS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\arc.sys (arc)  .(.Adaptec, Inc. - Adaptec RAID Storport Driver.) - LEGACY_ARC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\arcsas.sys (arcsas)  .(.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - LEGACY_ARCSAS
O64 - Services: CurCS - 13/05/2016 - C:\Windows\System32\DRIVERS\avgdiska.sys (Avgdiska)  .(.AVG Technologies CZ, s.r.o. - AVG File Vault Driver.) - LEGACY_AVGDISKA
O64 - Services: CurCS - 09/06/2016 - C:\Windows\System32\DRIVERS\avgidsdrivera.sys (AVGIDSDriver)  .(.AVG Technologies CZ, s.r.o. - AVG IDS Application Activity Monitor Driver.) - LEGACY_AVGIDSDRIVER
O64 - Services: CurCS - 01/06/2016 - C:\Windows\System32\DRIVERS\avgidsha.sys (AVGIDSHA)  .(.AVG Technologies CZ, s.r.o. - AVG Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSHA
O64 - Services: CurCS - 01/06/2016 - C:\Windows\System32\DRIVERS\avgldx64.sys (Avgldx64)  .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX64
O64 - Services: CurCS - 16/02/2016 - C:\Windows\System32\DRIVERS\avgloga.sys (Avgloga)  .(.AVG Technologies CZ, s.r.o. - AVG Logging Driver.) - LEGACY_AVGLOGA
O64 - Services: CurCS - 02/06/2016 - C:\Windows\System32\DRIVERS\avgmfx64.sys (Avgmfx64)  .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX64
O64 - Services: CurCS - 01/06/2016 - C:\Windows\System32\DRIVERS\avgrkx64.sys (Avgrkx64)  .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX64
O64 - Services: CurCS - 01/06/2016 - C:\Windows\System32\DRIVERS\avgtdia.sys (Avgtdia)  .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIA
O64 - Services: CurCS - 01/06/2016 - C:\Windows\System32\DRIVERS\avguniva.sys (Avguniva)  .(.AVG Technologies CZ, s.r.o. - AVG Universal Driver.) - LEGACY_AVGUNIVA
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\cmdide.sys (cmdide)  .(.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) - LEGACY_CMDIDE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\elxstor.sys (elxstor)  .(.Emulex - Storport Miniport Driver for LightPulse HBA.) - LEGACY_ELXSTOR
O64 - Services: CurCS - 19/11/2010 - C:\Windows\System32\drivers\HpSAMD.sys (HpSAMD)  .(.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) - LEGACY_HPSAMD
O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\iaStorV.sys (iaStorV)  .(.Intel Corporation - Intel Matrix Storage Manager driver - x64.) - LEGACY_IASTORV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\iirsp.sys (iirsp)  .(.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - LEGACY_IIRSP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lsi_fc.sys (LSI_FC)  .(.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) - LEGACY_LSI_FC
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lsi_sas.sys (LSI_SAS)  .(.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) - LEGACY_LSI_SAS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lsi_sas2.sys (LSI_SAS2)  .(.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) - LEGACY_LSI_SAS2
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lsi_scsi.sys (LSI_SCSI)  .(.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) - LEGACY_LSI_SCSI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\megasas.sys (megasas)  .(.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) - LEGACY_MEGASAS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\MegaSR.sys (MegaSR)  .(.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) - LEGACY_MEGASR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\nfrd960.sys (nfrd960)  .(.IBM Corporation - IBM ServeRAID Controller Driver.) - LEGACY_NFRD960
O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\nvraid.sys (nvraid)  .(.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) - LEGACY_NVRAID
O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\drivers\nvstor.sys (nvstor)  .(.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) - LEGACY_NVSTOR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\ql2300.sys (ql2300)  .(.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) - LEGACY_QL2300
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\ql40xx.sys (ql40xx)  .(.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) - LEGACY_QL40XX
O64 - Services: CurCS - 19/07/2016 - C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys (RapportCerberus_1609042)  .(.IBM Corp. - RapportCerberus.) - LEGACY_RAPPORTCERBERUS_1609042  =>.Cerberus
O64 - Services: CurCS - 11/07/2016 - C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (RapportEI64)  .(.IBM Corp. - RapportEI64.) - LEGACY_RAPPORTEI64
O64 - Services: CurCS - 11/07/2016 - C:\Windows\System32\Drivers\RapportHades64.sys (RapportHades64)  .(.IBM Corp. - RapportHades64.) - LEGACY_RAPPORTHADES64
O64 - Services: CurCS - 11/07/2016 - C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (RapportPG64)  .(.IBM Corp. - RapportPG64.) - LEGACY_RAPPORTPG64
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\SiSRaid2.sys (SiSRaid2)  .(.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) - LEGACY_SISRAID2
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\sisraid4.sys (SiSRaid4)  .(.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) - LEGACY_SISRAID4
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\stexstor.sys (stexstor)  .(.Promise Technology - Promise  SuperTrak EX Series Driver for Win.) - LEGACY_STEXSTOR
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\viaide.sys (viaide)  .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\vsmraid.sys (vsmraid)  .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) - LEGACY_VSMRAID
~ Legacy: 171 Scanned in 00mn 01s
 
 
 
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s
 
 
 
---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s
 
 
 
---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - (Google) - http://www.google.com
~ Keys:  Scanned in 00mn 00s
 
 
 
---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation Service.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation Service.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll   [794624]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll   [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll   [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote Connections Manager.) -- C:\Windows\System32\termsrv.dll   [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll   [2610688]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over an IPv4 network..) -- C:\Windows\System32\iphlpsvc.dll   [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll   [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll   [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [210432]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll   [100864]
~ Services: 32 Scanned in 00mn 19s
 
 
 
---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: iCloud Photos - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 1 Scanned in 00mn 00s
 
 
 
---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 14/07/2016 270016 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/06/2016 637944 |  (AvgAMPS) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\Av\avgamps.exe
SS - | Auto 13/09/2015 144200 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 13/09/2015 144200 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/04/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 23/03/2016 327808 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 18/09/2009 9216 |  (VMCService) . (.Vodafone.) - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 18/03/2010 113152 |  (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 25/06/2016 82128 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 02/03/2009 89600 |  (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
SR - | Auto 02/03/2016 83768 |  (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 29/06/2016 5251808 |  (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
SR - | Auto 21/06/2016 1080080 |  (avgsvc) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
SR - | Auto 29/06/2016 712792 |  (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
SR - | Auto 23/03/2011 1740696 |  (BecHelperService) . (...) - C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
SR - | Auto 12/08/2015 462096 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 28/04/2015 1102472 |  (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 25/04/2016 28552 |  (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
SR - | Demand 01/06/2016 651576 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 22/01/2010 73728 |  (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 28/06/2012 233344 |  (Mobile Broadband HL Service) . (...) - C:\ProgramData\MobileBrServ\mbbservice.exe
SR - | Auto 11/07/2016 2383344 |  (RapportMgmtService) . (.IBM Corp..) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
SR - | Auto 21/01/2009 247152 |  (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
SR - | Auto 23/03/2010 247808 |  (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
SR - | Auto 22/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 20s
 
 
 
---\\ Search Master Boot Record Infection (MBR)(O80)
Run by Administrator at 22/07/2016 00:02:11
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
 
 
 
---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Administrator at 22/07/2016 00:02:14
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s
 
 
 
---\\ Scan Additionnel (O88)
Database Version : 13008 - (29/03/2015)
Clés trouvées (Keys found) : 4
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 2
 
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp]   =>Toolbar.AVGSafeGuard^
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}]   =>Toolbar.AVGSearch
[HKCU\Software\AVG SafeGuard toolbar]   =>Toolbar.AVGSafeGuard
[HKLM\Software\Wow6432Node\KoyoteSRTB]   =>Toolbar.CoyoteSoft
[HKCU\Software\AVG Web TuneUp]   =>Toolbar.AVGSafeGuard^
[HKLM\Software\AVG Web TuneUp]   =>Toolbar.AVGSafeGuard^
~ Additionnel Scan: 454016 Items scanned in 01mn 45s
 
 
 
---\\ Additional information about modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Auto loading programs from Registry and folders (O4)
~ AMI: 3 Scanned in 00mn 00s
 
 
 
---\\ Summary of the detections found on your workstation
http://www.nicolascoolman.fr/blog/  =>Toolbar.AVGSafeGuard
http://www.nicolascoolman.fr/blog/  =>Toolbar.CoyoteSoft
~ MSI: 2 link(s) detected in 00mn 00s
 
 
 
End of the scan (1376 lines in 32mn 22s)(0.7)
 
Below is the result of the Zemana AntiMalware scan:
 
Zemana AntiMalware 2.21.2.139 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/7/22
Operating System       : Windows 7 64-bit
Processor              : 2X Pentium® Dual-Core CPU T4300 @ 2.10GHz
BIOS Mode              : Legacy
CUID                   : 128CD5F5232B1BF3004186
Scan Type              : Smart Scan
Duration               : 5m 28s
Scanned Objects        : 11289
Detected Objects       : 1
Excluded Objects       : 0
Read Level             : Normal
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
Hosts File
Status             : Scanned
Object             : %systemroot%\system32\drivers\etc\hosts
MD5                : F666B6456726DB927939D86012073291
Publisher          : -
Size               : 89
Version            : -
Detection          : Hosts Hijack
Cleaning Action    : Repair
Related Objects    :
                Hosts file - Hosts file is hidden
                File - %systemroot%\system32\drivers\etc\hosts
 
 
 
 
 
 
 
 
 
 
 
 
 

Edited by maineboy64, 21 July 2016 - 06:22 PM.


#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 21 July 2016 - 06:13 PM

How is your machine running now?



#7 maineboy64

maineboy64
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 21 July 2016 - 06:24 PM

How is your machine running now?

 

What differences should I notice?



#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 21 July 2016 - 07:54 PM

What issues remain?

 

 

 

Malwarebytes Scan.

 

We need you to run MalwareBytes to get a log, please download the free version of MalwareBytes HERE

http://data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe  Alternate Link.

Save the file to somewhere you can easily find it. Double click the saved file to start the install, accept any security warnings that may appear, and after the install click the new desktop icon to start the program. We need to modify a couple of things with MalwareBytes before we use it so please follow the steps below.

  1. If the dashboard is not already displayed select it.
  2. Then select "Update Now" to get the latest database.

VSKiiIc.jpg

  1. Next we need to change a scanning option, select "Settings" on the main menu, then "Detection and Protection" on the left.
  2. Then select "Scan for rootkits" in the detection options, as well as the other two options already checked.

ZU4W2g2.jpg

  • Now return to Dashboard on the main menu and select "Scan Now" at the bottom of the screen.

nF8dOcq.jpg

  • Allow MalwareBytes to scan your system, it may take some time depending on what you have loaded onto your hard drive.

L8lsasM.jpg

When the scan is finished

  1. Click "Save Results"
  2. Then click on "Text file"

5x4JOvA.jpg

  • A window will then open allowing you to choose a name for the logfile and also allowing you to choose where to save it, save it to the desktop.
  • Please copy and paste the contents of this file in your next post.

 

 

Eset Online Scanner.

 

Eset Scan

Click Me To Download Eset Scan

Disable your antivirus prior to this scan.
 
 esetonlinebtn.png
 

  •  Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Minitoolbox scan.

 

 

Please download Minitoolbox and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Security Check Scan.

 

Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.



#9 maineboy64

maineboy64
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 22 July 2016 - 05:38 AM

What issues remain?

 

Their is definitely an improvement in terms of speed and stability but it seems that I'm still in Safe Mode.(The font hasn't changed, for example.)  Did you identify anything weird in the logs?

 

BTW, I'll run all the new scans when I get home from work and see what comes up . . . 


Edited by maineboy64, 22 July 2016 - 05:38 AM.


#10 maineboy64

maineboy64
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 23 July 2016 - 03:53 AM

I was unable to save the MalwareBytes text.  I tried saving several times to the desktop and other places, but the file never appeared.  Actually this is an issue I've always had and suggests that something is still wrong.  Before I tried to save photos, but they wouldn't save either.

 

I next ran the ESET Online Scanner and it found nothing.  Couldn't save.

 

Here are the result of the Minitoolbox Scan@

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Administrator (administrator) on 23-07-2016 at 09:40:51
Running from "C:\Users\Default\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: HP G61 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Remote NDIS based Internet Sharing Device = Local Area Connection 5 (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)
Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Pauls-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Mixed
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection 5:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Remote NDIS based Internet Sharing Device #4
   Physical Address. . . . . . . . . : 58-2C-80-13-92-63
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3c1b:4218:bb48:8ca6%37(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 23 July 2016 09:29:15
   Lease Expires . . . . . . . . . . : 24 July 2016 09:29:15
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 794307712
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-ED-29-B7-00-26-9E-88-14-54
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 0C-EE-E6-CF-CB-AC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-26-9E-88-14-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{0985480C-B9DE-442A-B6E8-415D3C5ED732}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{3C990A9B-BB12-424C-B447-CC5ADF365E53}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 22:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{E2BED903-1DE0-43C6-A594-577FD541F6BA}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2a00:1450:4009:802::200e
 216.58.213.110
 
 
Pinging google.com [216.58.213.110] with 32 bytes of data:
Reply from 216.58.213.110: bytes=32 time=299ms TTL=53
Reply from 216.58.213.110: bytes=32 time=263ms TTL=53
 
Ping statistics for 216.58.213.110:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 263ms, Maximum = 299ms, Average = 281ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=376ms TTL=49
Reply from 98.138.253.109: bytes=32 time=560ms TTL=49
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 376ms, Maximum = 560ms, Average = 468ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 37...58 2c 80 13 92 63 ......Remote NDIS based Internet Sharing Device #4
 11...0c ee e6 cf cb ac ......Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
 10...00 26 9e 88 14 54 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
 33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 39...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 34...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    281
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 37    281 fe80::/64                On-link
 37    281 fe80::3c1b:4218:bb48:8ca6/128
                                    On-link
  1    306 ff00::/8                 On-link
 37    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 \Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 \Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 \Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 \Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 \Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 \Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/23/2016 09:38:18 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Pauls-PC)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 
 
 DETAIL - Access is denied.
 
Error: (07/23/2016 09:32:49 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Pauls-PC)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 
 
 DETAIL - Access is denied.
 
Error: (07/23/2016 09:26:44 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Pauls-PC)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 
 
 DETAIL - Access is denied.
 
Error: (07/23/2016 09:21:25 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Pauls-PC)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 
 
 DETAIL - Access is denied.
 
Error: (07/23/2016 09:15:55 AM) (Source: Microsoft-Windows-User Profiles Service) (User: Pauls-PC)
Description: Windows cannot load the user's profile but has logged you on with the default profile for the system. 
 
 DETAIL - Access is denied.
 
Error: (07/23/2016 09:13:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19638514
 
Error: (07/23/2016 09:13:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19638514
 
Error: (07/23/2016 09:13:39 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/23/2016 09:13:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19637297
 
Error: (07/23/2016 09:13:38 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19637297
 
 
System errors:
=============
Error: (07/23/2016 09:35:22 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (07/23/2016 09:35:22 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\TEMP\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/23/2016 09:35:21 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (07/23/2016 09:35:21 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\TEMP\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/23/2016 09:35:20 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (07/23/2016 09:35:20 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\TEMP\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/23/2016 09:35:19 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (07/23/2016 09:35:19 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\TEMP\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/23/2016 09:35:18 AM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (07/23/2016 09:35:18 AM) (Source: Application Popup) (User: )
Description: \??\C:\Windows\TEMP\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-07 15:59:23.062
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-02-07 15:59:22.594
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
3Connect (HKLM-x32\...\{A899DA1F-D626-401C-8651-F2921E3B4CB3}) (Version: 3.0.0 - 3 Mobile Broadband)
9-lab Removal Tool (HKLM-x32\...\9-lab Removal Tool) (Version:  - )
Acrobat.com (HKLM-x32\...\{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}) (Version: 2.3.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.16.0.44025 - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ArcSoft Panorama Maker 5 (HKLM-x32\...\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}) (Version: 5.0.1.25 - ArcSoft)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
AVG (HKLM\...\{8DD226F0-3866-4965-9101-488D2AEE3D3B}) (Version: 16.91.7688 - AVG Technologies) Hidden
AVG 2016 (HKLM\...\{880D8FA8-C066-4D31-8B6F-0C69D90CB6B8}) (Version: 16.0.4627 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (en-GB) (HKLM-x32\...\{9D5E4F04-45E8-4E02-98EF-48A77423DB5C}) (Version: 15.0.1001.604 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7688 - AVG Technologies)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3115 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
Feedback Tool (HKLM-x32\...\{90024193-9F13-4877-89D5-A1CDF0CBBF28}) (Version: 1.1.0 - Microsoft Corporation)
File Uploader (HKLM-x32\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.2.3 - Nikon)
FMW 1 (HKLM\...\{69851B81-35BF-4B1B-AE90-3B1D67DD8857}) (Version: 1.102.4 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP DVD Play 3.7 (HKLM-x32\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.6623 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.4.18.7 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{4E432692-A736-4F77-AF77-F9078CF88D31}) (Version: 3.50.11.2 - Hewlett-Packard)
Huawei modem (HKLM-x32\...\Huawei Modems) (Version:  - )
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
iFunbox (v3.0.3109.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3109.1352 - iFunbox DevTeam)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Japanese Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
Legalsounds Download Manager (HKLM-x32\...\{581DD69C-527E-BADD-70E2-1F1C218BD318}) (Version: 1.4.5 - LegalMedia) Hidden
Legalsounds Download Manager (HKLM-x32\...\LegalsoundsDownloadManager) (Version: 1.4.5 - LegalMedia)
LightScribe System Software (HKLM-x32\...\{FA8BFB25-BF48-4F8B-8859-B30810745190}) (Version: 1.18.11.1 - LightScribe)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.16.00.03 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{DE626616-D7C4-4F00-7E0B-EAF26FA65749}) (Version: 7.0.43.12698 - muvee Technologies Pte Ltd)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.5.2 - Nikon)
PC Camer@ (HKLM-x32\...\{C679F9B9-C65D-4C65-BD6C-BF90B859E281}) (Version: 1.0.4.15 - Aecotech)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.9 - Nikon)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerRecover (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.1923 - CyberLink Corp.) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1205.15 - Trusteer) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1609.76 - Trusteer) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.76 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
ViewNX (HKLM-x32\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.5.1 - Nikon)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Vodafone Mobile Connect Lite (HKLM-x32\...\{96B51C0B-D3BE-4DF3-959C-28B22C10CFBB}) (Version: 9.4.4.17702 - Vodafone)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17332 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.21.139 - Zemana Ltd.)
ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 59%
Total physical RAM: 3998.93 MB
Available physical RAM: 1639.55 MB
Total Virtual: 7996.04 MB
Available Virtual: 5307.85 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:285.3 GB) (Free:1.74 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.59 GB) (Free:2.08 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\PAULS-PC
 
Administrator            Guest                    Paul                     
 
 
**** End of log ****
 
And finally are the results of the Security Check Plan:
 

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 23.07.2016 09:49:43
Path starting: C:\Windows\TEMP\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Administrator
VersionXML: 3.24is-22.07.2016
___________________________________________________________________________
 
Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 05.08.2010 21:26:23
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [285.3 Gb] Used: [283.6 Gb] Free: [1.7 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18376
User Account Control enabled
Automatic download and scheduled installation
Date install updates: 2016-07-16 04:21:56
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2007 v.12.0.6612.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
AVG AntiVirus Free Edition (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and up to date)
AVG AntiVirus Free Edition (disabled and up to date)
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.21.139
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.50428.0
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.24 v.7.24.104 Warning! Download Update
^Optional update.^
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 31 (64-bit) v.8.0.310 Warning! Download Update
Uninstall old version and install new one (jre-8u102-windows-x64.exe).
Java 8 Update 31 v.8.0.310 Warning! Download Update
Uninstall old version and install new one (jre-8u102-windows-i586.exe).
--------------------------- [ AppleProduction ] ---------------------------
Bonjour v.3.1.0.1
iTunes v.12.4.1.6 Warning! Download Update
^Please use Apple Software Update tool.^
QuickTime 7 v.7.79.80.95 Warning! This software is no longer supported. Please uninstall it and use another software.
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.3.8.0.1430 Warning! Download Update
Adobe Flash Player 22 ActiveX v.22.0.0.210
Adobe Acrobat Reader DC v.15.016.20045 Warning! Download Update
^Please run Acrobat Reader DC and go Help - Check for updates...^
------------------------------- [ Browser ] -------------------------------
Google Chrome v.51.0.2704.103 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.51.0.2704.103
------------------ [ AntivirusFirewallProcessServices ] -------------------
AvgAMPS (AvgAMPS) - The service has stopped
C:\PROGRA~2\AVG\Av\avgrsa.exe v.16.91.0.7688
C:\Program Files (x86)\AVG\Av\avgcsrva.exe v.16.91.0.7688
AVGIDSAgent (AVGIDSAgent) - The service is running
AVG Service (avgsvc) - The service is running
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe v.1.102.2.23246
AVG Service (avgsvc) - The service is running
AVG WatchDog (avgwd) - The service is running
C:\Program Files (x86)\AVG\Av\avgwdsvca.exe v.16.91.0.7688
C:\Program Files (x86)\AVG\Av\avgnsa.exe v.16.91.0.7688
C:\Program Files (x86)\AVG\Av\avgemca.exe v.16.91.0.7688
C:\Program Files (x86)\AVG\Av\avgui.exe v.16.91.0.7688
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe v.1.102.2.23246
Windows Defender (WinDefend) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Skype Click to Call v.8.3.0.9150 Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems.
AVG PC TuneUp 2015 (en-GB) v.15.0.1001.604 << Hidden Warning! Suspected demo version of anti-spyware or optimization program - scareware or badware. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 


#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 24 July 2016 - 05:29 AM

Go ahead and remove all  AVG items  from your machine with Geek Uninstaller, then reboot and tell me what issues remain.



#12 maineboy64

maineboy64
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 24 July 2016 - 07:29 AM

I have removed both AVG and Google Chrome from my computer.  As mentioned before, the computer seems faster and more stable but there are definitely still issues with the hardware.  For example, I just downloaded a picture to my Pictures Library but when I looked for it I was unable to locate it.  Generally, I'm getting the msg that the download has been successful, but of course it hasn't.  Other problems are that I still seem to be in safe mode because the fonts have changed.  Finally, Windows Explorer keeps crashing and then restarting up.  It's a mess, actually.

 

What anti virus do you think I should use?  Should I reinstall AVG or use something else?



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 24 July 2016 - 07:43 AM

Run chkdsk /f /r from elevated command prompt.

https://youtu.be/4feZG3LebOg

For now just leave AVG uninstalled you can certianly re install it later.

#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:20 AM

Posted 24 July 2016 - 08:01 AM

Also, remove all AVG traces from your machine with Everything Search Engine and Unlocker.

 

Type AVG into the Everything Search Window and right click and delete with Unlocker. Here is a guide on how to use unlocker and everything search engine together. :)



#15 maineboy64

maineboy64
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:04:20 PM

Posted 24 July 2016 - 03:53 PM

Run chkdsk /f /r from elevated command prompt.

https://youtu.be/4feZG3LebOg

For now just leave AVG uninstalled you can certianly re install it later.

 

I have done this and restarted the computer.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users