~ ZHPDiag v2015.12.4.178 By Nicolas Coolman (2015/12/04) ~ Run by Albert (Administrator) (2015/12/04 18:15:17) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Albert\Desktop\ZHPDiag.txt ~ Report: C:\Users\Albert\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 10 Home, 64-bit (Build 10240) ---\\ Internet Browsers (2) - 0s GCIE: Google Chrome v46.0.2490.86 MSIE: Internet Explorer v11.0.10240.16431 ---\\ Windows Product Information (3) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (1) - 2s Windows Defender (Activate) ---\\ System optimization software (1) - 3s CCleaner v5.11 ---\\ Surveillance software (1) - 3s Adobe Acrobat Reader DC ---\\ Information on the system (6) - 0s ~ Operating System: AMD64 Family 21 Model 16 Stepping 1, AuthenticAMD ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 7829.768 MB (73% free) System Restore: Activé (Enable) System drive C: has 864 GB () free of 942 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: JEAN ~ User Name: Albert ~ Logged in as Administrator ---\\ Enumeration of the disk units (1) - 0s ~ Drive C: has 864 GB free of 942 GB (System) ---\\ State of the Windows Security Center (7) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (24) - 1s [MD5.F1CBCB7FA6F3B309639AA2D4EF74469C] - 11/08/2015 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4532304] =>.Microsoft Windows® [MD5.5DED2A3F11AE916C8F2724947E736261] - 10/07/2015 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] © [MD5.7718A2A9B2BFB2C8E2BAEB03310CA3FD] - 01/08/2015 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [290312] =>.Microsoft Windows Publisher® [MD5.E5D86250453B33900666D92ED1A92ABE] - 17/09/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2740224] © [MD5.C527C9231D39BF69611F5F8C80C36140] - 21/10/2015 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [579072] © [MD5.ECB1943967424DFB96E03F6A098434EF] - 01/08/2015 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] © [MD5.C287D0E32771E3222A444DC527A29477] - 10/07/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [680256] =>.Microsoft Windows® [MD5.BB5BBD0E4D04047585E4ED0F07AA51E7] - 10/07/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [534064] =>.Microsoft Windows® [MD5.6C12C7E01A4F64E0AA9C88AF66955CC9] - 10/07/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [577888] =>.Microsoft Windows® [MD5.8921DF6060DB5C7700AA48CB12E9EA08] - 10/07/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows® [MD5.F2829DC6D292DCAC5029893BB2E9FEE3] - 10/07/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] © [MD5.CA160E02F35A61C6F5C681FB4669C519] - 10/07/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [174080] © [MD5.25435407D97419627F4B10653433BF2B] - 10/07/2015 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [138240] © [MD5.C277A49F8A8295840DEBC9240B75A282] - 10/07/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [80896] © [MD5.D4CDEE4A62BDFFF6E8558A9552148EA7] - 10/07/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] © [MD5.5D3744E6FDEC1A6FB3FA9B1DD4AF0694] - 10/07/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] © [MD5.1DF2C5FD2710A13B07E663A12F0E0EEA] - 10/07/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [415232] © [MD5.F0D791348AD254360CC3C3E501CCB745] - 10/07/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [273408] © [MD5.466EC5659C02ED53DBD47DC1BC2B8086] - 30/07/2015 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2116448] =>.Microsoft Windows® [MD5.38F1AE32339731F6E5A7281AE8042545] - 10/07/2015 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] © [MD5.CA60F6C03611AF1710BC903ED9F566FB] - 10/07/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] © [MD5.A32AED8C644734B283A7C9D08D76064D] - 10/07/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [176128] © [MD5.28E1E63A1AC65E17B3194238FA2CF3BF] - 10/07/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [116576] =>.Microsoft Windows® [MD5.823A237D871CD652C6BFD47BECB6810A] - 10/07/2015 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [378720] =>.Microsoft Windows® ---\\ Software installed (106) - 16s O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} © O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824161310} © O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BF93B4E3-CA34-DAAE-C385-2A1EBE13FD81} © O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441} © O42 - Logiciel: AMD Catalyst Control Center - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {0E52338D-4C09-BAF9-B2BC-A6633D78A594} © O42 - Logiciel: AMD Catalyst Control Center - (.AMD.) [HKLM][64Bits] -- WUCCCApp © O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {14718008-7D73-53AA-D0FF-88E805958D42} © O42 - Logiciel: AMD Fuel - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E80C395A-82DD-9C17-87FC-0C86D498079D} © O42 - Logiciel: AMD Quick Stream - (.AppEx Networks.) [HKLM][64Bits] -- {E9EED4AE-682B-4501-9574-D09A21717599}_is1 © O42 - Logiciel: AMD VISION Engine Control Center - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {3647D93A-EF32-09F7-DEC3-5CD545054000} © O42 - Logiciel: Athan Basic 4.5 - (...) [HKLM][64Bits] -- Athan O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} © O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-ab60688d-9a7a-4d57-9a19-e2d4b021883a © =>.WildTangent O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47} © O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {24D38277-CE6E-4E12-A2EE-F46832A4FA2F} © O42 - Logiciel: Catalyst Control Center Graphics Previews Common - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {3DDD7C37-4E0C-FED0-0A18-06D1F7610929} © O42 - Logiciel: Catalyst Control Center InstallProxy - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {3E275667-C19E-1AC0-A9EC-6D37AE67469C} © O42 - Logiciel: Catalyst Control Center InstallProxy - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C28E8D4A-C424-71CF-DFBE-597810641712} © O42 - Logiciel: Catalyst Control Center InstallProxy - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E3827F8B-56EA-C716-5284-07A1786DBBE2} © O42 - Logiciel: Catalyst Control Center Localization All - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {8A4F8020-ED9F-5FFC-9917-CB52CF811382} © O42 - Logiciel: Catalyst Control Center Localization All - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BD480432-A4D9-F182-F5FA-2089544FB615} © O42 - Logiciel: CCC Help Chinese Standard - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {19946C87-EB80-2BBF-D932-5BDB2799B6F5} © O42 - Logiciel: CCC Help Chinese Standard - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {89CD8E4A-F892-6F32-B2CF-993B7FD984AA} © O42 - Logiciel: CCC Help Chinese Traditional - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {18957EE1-7C98-5365-F300-1353AC70E694} © O42 - Logiciel: CCC Help Chinese Traditional - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {2A5E854E-9967-A0E8-F246-FE3572F44F57} © O42 - Logiciel: CCC Help Czech - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {72A76D02-1907-C805-0B77-2374C6013D64} © O42 - Logiciel: CCC Help Czech - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {ECDD08D5-5326-D047-509F-1529A98FDAA2} © O42 - Logiciel: CCC Help Danish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {DA74DDB4-EB8D-A688-4E27-7C2680A7C26E} © O42 - Logiciel: CCC Help Danish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F7E95AFC-CE81-48F2-E34D-55541826C7C1} © O42 - Logiciel: CCC Help Dutch - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BB48BFDC-E6E1-4542-162E-574D4248FE52} © O42 - Logiciel: CCC Help Dutch - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {CA355E6F-717E-A17C-05B0-AD951118875C} © O42 - Logiciel: CCC Help English - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {6A3D3784-DBD8-DFB2-3FFA-528C1CAEAC72} © O42 - Logiciel: CCC Help English - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {710ED0F7-8E69-704F-E5F7-E44EB8D3A032} © O42 - Logiciel: CCC Help Finnish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {9593EEEE-3CA0-1038-928F-51D3F01B809A} © O42 - Logiciel: CCC Help Finnish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {D5B2B522-05A2-77CB-8BB5-971E6C613764} © O42 - Logiciel: CCC Help French - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {79463523-00FE-FA43-EB05-A1935014F9DE} © O42 - Logiciel: CCC Help French - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {8BBDD2B5-85C7-9421-3913-844D8A6C9D7E} © O42 - Logiciel: CCC Help German - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {BB411CBB-9E34-94FD-4691-36B33D9DC181} © O42 - Logiciel: CCC Help German - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E8F094CD-A262-2708-36BB-3BB84DF18B6D} © O42 - Logiciel: CCC Help Greek - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {7DBAF0EE-86A7-868F-63D7-976FD1414C34} © O42 - Logiciel: CCC Help Greek - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {AB0C889A-285D-3ED0-EDEF-0122564A8B2A} © O42 - Logiciel: CCC Help Hungarian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {7EFA185C-179A-E07B-6F67-AFE491EFD4E1} © O42 - Logiciel: CCC Help Hungarian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E687AE32-1A97-6FAB-08CE-87242E60C570} © O42 - Logiciel: CCC Help Italian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {3419ABF8-BBBA-E7A7-05E1-7B8A30268FDC} © O42 - Logiciel: CCC Help Italian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {4A5282ED-F9DB-E888-AC4A-F22827674589} © O42 - Logiciel: CCC Help Japanese - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {09EDE6DF-A9A9-DC54-24E4-AA2E506718BE} © O42 - Logiciel: CCC Help Japanese - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {63AA5070-B027-C82B-A24E-B2A9C4722127} © O42 - Logiciel: CCC Help Korean - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {76D5F1FC-5A08-7F44-8E13-0249EAB8B031} © O42 - Logiciel: CCC Help Korean - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {FF4ACD96-2D77-4468-0EF1-6F63320ADF9A} © O42 - Logiciel: CCC Help Norwegian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {10B87AC0-7179-37F2-0DF1-2F399E91B4FA} © O42 - Logiciel: CCC Help Norwegian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {90932CBF-33F2-CF3F-C553-D76136AC8C5A} © O42 - Logiciel: CCC Help Polish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C5306ABD-EED5-13B6-21C9-BA96BA08D5F6} © O42 - Logiciel: CCC Help Polish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {DFC4F9CE-EED9-2167-E579-D4A43EF9C00B} © O42 - Logiciel: CCC Help Portuguese - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {4AE89394-5111-B38F-9BCE-7D66FFFF1D53} © O42 - Logiciel: CCC Help Portuguese - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {CAA5ED80-3F00-FA30-12B4-39073E135E7E} © O42 - Logiciel: CCC Help Russian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {19E56914-9DCA-3460-58AD-9BE6DA5C3063} © O42 - Logiciel: CCC Help Russian - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {87459992-7B4E-7E68-CFCD-8BE703D76D30} © O42 - Logiciel: CCC Help Spanish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {23572E0F-F4A3-0EC1-2049-A2975668C755} © O42 - Logiciel: CCC Help Spanish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E5BE63DE-CD83-49DB-FA2C-14BD29CD0489} © O42 - Logiciel: CCC Help Swedish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {6CAA7ACD-5361-13FE-530B-7B5B0FFED21C} © O42 - Logiciel: CCC Help Swedish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {CCEC41F0-1B86-B07B-C8D6-97CA8D616B16} © O42 - Logiciel: CCC Help Thai - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {9E8C1E18-CBCB-FA12-7A97-B4BA2B1AD946} © O42 - Logiciel: CCC Help Thai - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C2EA734A-92B2-AD20-2C85-337FDF0E8053} © O42 - Logiciel: CCC Help Turkish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {46D1DAAD-BA7B-18DF-5515-E158E54AF847} © O42 - Logiciel: CCC Help Turkish - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {9E688348-FD79-8C2E-1BD2-A5DBFCADFB43} © O42 - Logiciel: ccc-utility64 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {1CE38326-223E-F7D2-F7BF-4D624D420A9F} © O42 - Logiciel: ccc-utility64 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {4989485C-EF16-161E-4F02-8A8BFB16CAC3} © O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner © O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} © O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {AF312B06-5C5C-468E-89B3-BE6DE2645722} © O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F} © O42 - Logiciel: Evernote v. 4.5.7 - (.Evernote Corp..) [HKLM][64Bits] -- {0BE73D3C-B5AF-11E1-933A-984BE15F174E} © O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} © O42 - Logiciel: Intel AppUp(SM) center - (.Intel.) [HKLM][64Bits] -- Intel AppUp(SM) center 33235 © O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-4f33a714-33bf-4667-b357-c0f27312928e © =>.WildTangent O42 - Logiciel: Premium Sound HD - (.SRS Labs, Inc..) [HKLM][64Bits] -- {94F03B8E-CB73-4653-AFE9-79112C01FED2} © O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} © O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} © O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {95F38874-065A-40AB-AFC1-B764B192FFE7} © O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7} © O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16} © O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} © O42 - Logiciel: Skype™ 7.13 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} © O42 - Logiciel: Splashtop Remote Client - (.Splashtop Inc..) [HKLM][64Bits] -- {3CBAA9A5-2584-42C6-8A1D-E28CBD7A506D} O42 - Logiciel: Splashtop Remote Client - (.Splashtop Inc..) [HKLM][64Bits] -- InstallShield_{3CBAA9A5-2584-42C6-8A1D-E28CBD7A506D} O42 - Logiciel: Splashtop Software Updater - (.Splashtop Inc..) [HKLM][64Bits] -- Splashtop Software Updater O42 - Logiciel: Splashtop Streamer - (.Splashtop Inc..) [HKLM][64Bits] -- {2EFEAD58-3311-4B2B-9D8A-8D663581D109} O42 - Logiciel: Splashtop Streamer - (.Splashtop Inc..) [HKLM][64Bits] -- InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey © O42 - Logiciel: TOSHIBA Desktop Assist - (.Toshiba Corporation.) [HKLM][64Bits] -- {95CCACF0-010D-45F0-82BF-858643D8BC02} © O42 - Logiciel: TOSHIBA eco Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- {5944B9D4-3C2A-48DE-931E-26B31714A2F7} © O42 - Logiciel: TOSHIBA Function Key - (.Toshiba Corporation.) [HKLM][64Bits] -- {16562A90-71BC-41A0-B890-D91B0C267120} © O42 - Logiciel: TOSHIBA Password Utility - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {B1786E63-2127-42C9-95A3-146E5F727BF1} © O42 - Logiciel: TOSHIBA PC Health Monitor - (.Toshiba Corporation.) [HKLM][64Bits] -- {9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4} © O42 - Logiciel: TOSHIBA Recovery Media Creator - (.Toshiba Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF} © O42 - Logiciel: TOSHIBA Resolution+ Plug-in for Windows Media Player - (.Toshiba Corporation.) [HKLM][64Bits] -- {6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94} © O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {B8C8422F-01F1-4791-B084-047AAFF9BFCC} © O42 - Logiciel: TOSHIBA System Driver - (.Toshiba Corporation.) [HKLM][64Bits] -- {1E6A96A1-2BAB-43EF-8087-30437593C66C} © O42 - Logiciel: TOSHIBA System Settings - (.Toshiba Corporation.) [HKLM][64Bits] -- {05A55927-DB9B-4E26-BA44-828EBFF829F0} © O42 - Logiciel: TOSHIBA VIDEO PLAYER - (.Toshiba Corporation.) [HKLM][64Bits] -- {FF07604E-C860-40E9-A230-E37FA41F103A} © O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App © =>.WildTangent O42 - Logiciel: Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {5b5caf26-a9fb-463e-817a-4b5df4e7687f} © O42 - Logiciel: WildTangent Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall © =>.WildTangent O42 - Logiciel: WildTangent Games App (Toshiba Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba © =>.WildTangent O42 - Logiciel: Zuma's Revenge - (.WildTangent.) [HKLM][64Bits] -- WTA-d275036a-21dc-42a0-a966-760b0b2259ff © =>.WildTangent ---\\ HKCU & HKLM Software Keys (56) - 16s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\AMD HKLM\SOFTWARE\Wow6432Node\Atheros Communications Inc. HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\ATI Technologies HKLM\SOFTWARE\Wow6432Node\Evernote HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\Lavasoft HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\McAfee.com HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Norton HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\sMedio HKLM\SOFTWARE\Wow6432Node\Splashtop Inc. HKLM\SOFTWARE\Wow6432Node\Symantec HKLM\SOFTWARE\Wow6432Node\TOSHIBA HKLM\SOFTWARE\Wow6432Node\Toshiba Corporation HKLM\SOFTWARE\Wow6432Node\WildTangent HKLM\SOFTWARE\Wow6432Node\Wow6432Node HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\ATI HKCU\SOFTWARE\Evernote HKCU\SOFTWARE\Google HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\MirWoj HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SMModifier HKCU\SOFTWARE\Splashtop Inc. HKCU\SOFTWARE\Symantec HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Toshiba HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\Intel HKCU\SOFTWARE\AppDataLow\Software ---\\ Non Microsoft non disabled Windows Services (12) - 7s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe {330000001DC31A761624754F8000000000001D} © O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - AMD Fuel Service.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe © O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: LavasoftTcpService (LavasoftTcpService) . (.Lavasoft Limited - .) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe {35F57ADDEF0015E6FEBE6AE2710D4873} © O23 - Service: IE Search Set (SearchProtectionService) . (.Copyright © 2014 - SPWindowsService.) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe {35F57ADDEF0015E6FEBE6AE2710D4873} O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: Splashtop® Remote Service (SplashtopRemoteService) . (.Splashtop Inc. - Splashtop® Streamer Service.) - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe {666619AB98FEE33C8C59F45ACFF5F0} O23 - Service: Splashtop Software Updater Service (SSUService) . (.Splashtop Inc. - Splashtop Software Updater Service.) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe {666619AB98FEE33C8C59F45ACFF5F0} O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe {1D9FF0CFF14FE700963E52F6CDACF575} © O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\System32\TODDSrv.exe {41369CAD5B75B96FADA9F10CD65979C2} © O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.Toshiba Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\Teco\TecoService.exe {3752DF28690DF18A9BD134827378E202} © ---\\ Task Planned Automatically (12) - 19s [MD5.B89A82FB10E98F2FDF51FA82C7366DD3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736] =>.Adobe Systems, Incorporated® [MD5.E49FD011745BFC5621C586CCD07FF81E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6564776] {4B48B27C8224FE37B17A6A2ED7A81C9F} © [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848] =>.Google Inc® [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848] =>.Google Inc® [MD5.D9310C25B167AA7162FE2107D7F1F488] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- \Program Files\Synaptics\SynTP\SynTPEnh.exe [3946184] {1D9FF0CFF14FE700963E52F6CDACF575} © O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [912] © O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [916] © O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3972] © O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2850] © O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3742] © O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3974] © O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements [3092] © ---\\ Process running (36) - 7s [MD5.8F312E43E6BFED69705881D49B2A01B4] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [255472] [PID.1132] {330000001DC31A761624754F8000000000001D} © [MD5.5DB2C6B908C50767E2EDAA294A7566B5] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1868] =>.Adobe Systems, Incorporated® [MD5.17DBF2825FFA6D66B1B3C55665721884] - (.Advanced Micro Devices, Inc. - AMD Fuel Service.) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064] [PID.1944] © [MD5.A507D0060EEB23B89E76E08C240B5E99] - (.Copyright © 2014 - SPWindowsService.) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17168] [PID.2036] {35F57ADDEF0015E6FEBE6AE2710D4873} [MD5.8FB6D64CB42E660C4534D38013D64A03] - (.Lavasoft Limited - .) -- C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760] [PID.2044] {35F57ADDEF0015E6FEBE6AE2710D4873} © [MD5.2AC95C47E4A05A8188D506A80FD05EE5] - (.Splashtop Inc. - Splashtop Software Updater Service.) -- C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [609056] [PID.2052] {666619AB98FEE33C8C59F45ACFF5F0} [MD5.8A17ADFF44B5F3AF2AB8AD815BBE394E] - (.Splashtop Inc. - Splashtop® Streamer Service.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [531328] [PID.2080] {666619AB98FEE33C8C59F45ACFF5F0} [MD5.0B8D4A6329C874C303A41C1EC6E7A4FA] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472] [PID.2144] {1D9FF0CFF14FE700963E52F6CDACF575} © [MD5.ED32035BDFECED1AD66D459FD9CC1140] - (.TOSHIBA Corporation - TDCSrv Application.) -- C:\Windows\System32\TODDSrv.exe [140632] [PID.2272] {41369CAD5B75B96FADA9F10CD65979C2} © [MD5.380192EE4C9FA50A083C14522E6240C8] - (.Toshiba Corporation - TOSHIBA eco Utility Service.) -- C:\Program Files\TOSHIBA\Teco\TecoService.exe [328544] [PID.2420] {3752DF28690DF18A9BD134827378E202} © [MD5.8608681DC6E2975815A593209A6432CD] - (.TOSHIBA Corporation - TOSHIBA PC Health Monitor.) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [458152] [PID.5064] {4DFA235FB8E4E89715CC62FACB68438D} © [MD5.5201342394DD42848027CE96A37043DB] - (.TOSHIBA Corporation - TSS TMachInfo Service.) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [53384] [PID.1400] {4DFA235FB8E4E89715CC62FACB68438D} © [MD5.70CD53490EFA428C0CDE7754F357AEBB] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [683504] [PID.8948] {330000001DC31A761624754F8000000000001D} © [MD5.D9310C25B167AA7162FE2107D7F1F488] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3946184] [PID.8] {1D9FF0CFF14FE700963E52F6CDACF575} © [MD5.9DDD4DE2838C4BAB72AE11C3A3486BEF] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [210120] [PID.5676] {1D9FF0CFF14FE700963E52F6CDACF575} © [MD5.FA0F9AD6B3D544B86A63C3C37DEE6B0D] - (.Splashtop Inc. - Splashtop® Streamer OOBE.) -- C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRSOOBE.exe [1920888] [PID.7120] {666619AB98FEE33C8C59F45ACFF5F0} [MD5.65E8545F1297CD83534C354A7BED1848] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696] [PID.940] {13222A5DCCF716DF5AF9C87084412DD9} © [MD5.4DF11CDE53A5AF536178AEC3D4A053B1] - (.SRS Labs, Inc. - SRS Control Panel.) -- C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784] [PID.5596] {394650E407B396A27D4662F7DC5B2884} © [MD5.CF74C5BE20CD4DE1299F6C92A738A2DF] - (.TOSHIBA Corporation - Sleep and Charge Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952] [PID.8636] {4DFA235FB8E4E89715CC62FACB68438D} © [MD5.788D0DE4CF3FEAE0782437CC2CF6E23A] - (.TOSHIBA Corporation - Resident module of eco Utility.) -- C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016] [PID.9092] {3752DF28690DF18A9BD134827378E202} © [MD5.22FCD0750F598EFEAC2E438CD08FA0C6] - (.TOSHIBA Corporation - TOSHIBA PC Health Monitor.) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe [518056] [PID.7572] {4DFA235FB8E4E89715CC62FACB68438D} © [MD5.919C80271F41A85B28D218CED3E26A16] - (.TOSHIBA Corporation - TOSHIBA Function Key Main Module.) -- C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768] [PID.9004] {3752DF28690DF18A9BD134827378E202} © [MD5.34D5DC6EC232F2F91ACAA1C5E0B1C6A2] - (.Lavasoft - Web Companion.) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1445648] [PID.6976] {35F57ADDEF0015E6FEBE6AE2710D4873} © [MD5.43E946AAD268FEAFB1E286677E70CB5D] - (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488] [PID.8972] {14AAE84D000100008365} © [MD5.F67991C4EE448C5FF03F148E0A79EF9D] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files (x86)\Athan\Athan.exe [1216512] [PID.4648] [MD5.E61CA2821C853D02FA71CB4EDEC89C71] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [307400] [PID.7700] {4CD9E755850C1372B48DC182A7308BAB} © [MD5.FD5FCA422BD5D9DF440F2F823E772BEA] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [307912] [PID.1936] {4CD9E755850C1372B48DC182A7308BAB} © [MD5.B05E1CE24CC555E189FCEB1AD07DFCED] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe [8551848] [PID.8196] {4B48B27C8224FE37B17A6A2ED7A81C9F} © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.1348] =>.Google Inc® [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.7984] =>.Google Inc® [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.5152] =>.Google Inc® [MD5.B7C0AC916884B05310E85E45C7FC2EDF] - (.TOSHIBA Corporation - TOSHIBA Service Station.) -- C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [1295496] [PID.1312] {4DFA235FB8E4E89715CC62FACB68438D} © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.6192] =>.Google Inc® [MD5.4504234DE3F4C7B2683775DD9237E7ED] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\Albert\Downloads\ZHPDiag3.exe [1989632] [PID.4544] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.6748] =>.Google Inc® [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848] [PID.7640] =>.Google Inc® ---\\ Google Chrome, Start,Search,Extensions (9) - 1s G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] __MSG_extName__ G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (4) - 1s P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll © P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll © P2 - FPN: [HKLM] [@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll © P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc..) -- C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll © ---\\ Internet Explorer Extensions, Start, Search (19) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.toshiba.ca/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Proxy Management (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet= ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (23) ---\\ Browser Helper Object (BHO) (1) - 0s O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® ---\\ Auto loading programs from Registry and folders (19) - 2s O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe {13222A5DCCF716DF5AF9C87084412DD9} © O4 - HKLM\..\Run: [SRS Premium Sound HD] . (.SRS Labs, Inc. - SRS Control Panel.) -- C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe {394650E407B396A27D4662F7DC5B2884} © O4 - HKLM\..\Run: [TSleepSrv] . (.TOSHIBA Corporation - Sleep and Charge Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe {4DFA235FB8E4E89715CC62FACB68438D} © O4 - HKLM\..\Run: [TODDMain] . (.Copyright (C) 2012 TOSHIBA Corporation. All rights r - TOSHIBA System Settings Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe {4DFA235FB8E4E89715CC62FACB68438D} O4 - HKLM\..\Run: [TecoResident] . (.TOSHIBA Corporation - Resident module of eco Utility.) -- C:\Program Files\TOSHIBA\Teco\TecoResident.exe {3752DF28690DF18A9BD134827378E202} © O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.) O4 - HKLM\..\Run: [TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Function Key Main Module.) -- C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe {3752DF28690DF18A9BD134827378E202} © O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Albert\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKCU\..\Run: [Web Companion] . (.Lavasoft - Web Companion.) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe {35F57ADDEF0015E6FEBE6AE2710D4873} © O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe {4B48B27C8224FE37B17A6A2ED7A81C9F} © O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe {14AAE84D000100008365} © O4 - HKLM\..\Wow6432Node\Run: [Athan] . (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- C:\Program Files (x86)\Athan\Athan.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe {4CD9E755850C1372B48DC182A7308BAB} © O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-2031099915-2056526596-1125144251-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Albert\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-2031099915-2056526596-1125144251-1001\..\Run: [Web Companion] . (.Lavasoft - Web Companion.) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe {35F57ADDEF0015E6FEBE6AE2710D4873} © O4 - HKUS\S-1-5-21-2031099915-2056526596-1125144251-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe {4B48B27C8224FE37B17A6A2ED7A81C9F} © ---\\ Lop.com/Domain Hijackers (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 ---\\ Extra protocols (24) - 3s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll © O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll © O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {330000009D1E8D27AEB8F3D83800010000009D} © O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll © O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll © O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll © O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll © O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll © O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL {61062781000000000008} © ---\\ Contents of the Common Files folders (149) - 8s O43 - CFD: 01/07/2015 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\AMD APP O43 - CFD: 01/08/2015 - [] D -- C:\Program Files (x86)\AMD AVT O43 - CFD: 18/07/2015 - [] D -- C:\Program Files (x86)\Athan O43 - CFD: 22/10/2015 - [] D -- C:\Program Files (x86)\ATI Technologies O43 - CFD: 15/07/2015 - [] D -- C:\Program Files (x86)\Cisco O43 - CFD: 25/10/2015 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\Evernote O43 - CFD: 01/07/2015 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 15/07/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 06/08/2015 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 29/10/2015 - [] D -- C:\Program Files (x86)\Lavasoft O43 - CFD: 06/08/2015 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 01/07/2015 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 01/07/2015 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 05/08/2015 - [] D -- C:\Program Files (x86)\Microsoft Works O43 - CFD: 01/08/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 01/08/2015 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 18/07/2015 - [] D -- C:\Program Files (x86)\MSECache O43 - CFD: 29/10/2015 - [] D -- C:\Program Files (x86)\NortonInstaller O43 - CFD: 15/07/2015 - [] D -- C:\Program Files (x86)\Realtek O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\Realtek WLAN Driver O43 - CFD: 01/08/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 25/10/2015 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\Splashtop O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\Symantec O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\SymSilent O43 - CFD: 11/01/2013 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 01/08/2015 - [] D -- C:\Program Files (x86)\TOSHIBA O43 - CFD: 30/06/2015 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\WildGames O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\WildTangent Games O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 10/07/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 10/07/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 03/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 10/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 10/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 22/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Athan O43 - CFD: 10/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote O43 - CFD: 01/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 25/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs O43 - CFD: 29/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 10/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 10/07/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA O43 - CFD: 01/07/2015 - [] D -- C:\ProgramData\Adobe O43 - CFD: 22/10/2015 - [] D -- C:\ProgramData\AMD O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 22/10/2015 - [] D -- C:\ProgramData\ATI O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 11/01/2013 - [] D -- C:\ProgramData\boost_interprocess O43 - CFD: 10/07/2015 - [0] D -- C:\ProgramData\Comms O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 11/01/2013 - [] D -- C:\ProgramData\Downloaded Installations O43 - CFD: 11/01/2013 - [0] D -- C:\ProgramData\Evernote O43 - CFD: 11/01/2013 - [] D -- C:\ProgramData\Intel O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\Lavasoft O43 - CFD: 01/07/2015 - [] D -- C:\ProgramData\McAfee O43 - CFD: 28/10/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 12/11/2015 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\Norton O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\NortonInstaller O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\PRICache O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 25/10/2015 - [] D -- C:\ProgramData\Skype O43 - CFD: 10/07/2015 - [0] D -- C:\ProgramData\SoftwareDistribution O43 - CFD: 11/01/2013 - [] D -- C:\ProgramData\Splashtop O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 11/01/2013 - [] D -- C:\ProgramData\Symantec O43 - CFD: 10/07/2015 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 30/06/2015 - [] D -- C:\ProgramData\Toshiba O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\USOShared O43 - CFD: 30/06/2015 - [] D -- C:\ProgramData\WildTangent O43 - CFD: 01/07/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 06/08/2015 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 11/01/2013 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 05/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 10/07/2015 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 25/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 30/07/2015 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 06/08/2015 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 11/07/2015 - [] D -- C:\Program Files (x86)\Common Files\Toshiba Shared O43 - CFD: 07/07/2015 - [] D -- C:\Users\Albert\AppData\Roaming\Adobe O43 - CFD: 30/06/2015 - [] D -- C:\Users\Albert\AppData\Roaming\ATI O43 - CFD: 07/07/2015 - [] D -- C:\Users\Albert\AppData\Roaming\Identities O43 - CFD: 01/11/2015 - [] D -- C:\Users\Albert\AppData\Roaming\Lavasoft O43 - CFD: 30/06/2015 - [] D -- C:\Users\Albert\AppData\Roaming\Macromedia O43 - CFD: 02/11/2015 - [] SD -- C:\Users\Albert\AppData\Roaming\Microsoft O43 - CFD: 03/12/2015 - [] D -- C:\Users\Albert\AppData\Roaming\Skype O43 - CFD: 30/06/2015 - [] D -- C:\Users\Albert\AppData\Roaming\WildTangent O43 - CFD: 11/07/2015 - [] D -- C:\Users\Albert\AppData\Roaming\WinBatch O43 - CFD: 04/12/2015 - [] D -- C:\Users\Albert\AppData\Roaming\ZHP O43 - CFD: 07/07/2015 - [] D -- C:\Users\Albert\AppData\Local\Adobe O43 - CFD: 01/08/2015 - [] D -- C:\Users\Albert\AppData\Local\AMD O43 - CFD: 01/08/2015 - [0] SHD -- C:\Users\Albert\AppData\Local\Application Data O43 - CFD: 01/07/2015 - [] D -- C:\Users\Albert\AppData\Local\Apps O43 - CFD: 30/06/2015 - [] D -- C:\Users\Albert\AppData\Local\ATI O43 - CFD: 18/07/2015 - [] D -- C:\Users\Albert\AppData\Local\CEF O43 - CFD: 20/08/2015 - [] D -- C:\Users\Albert\AppData\Local\Comms O43 - CFD: 29/10/2015 - [0] D -- C:\Users\Albert\AppData\Local\CrashDumps O43 - CFD: 25/11/2015 - [] D -- C:\Users\Albert\AppData\Local\Diagnostics O43 - CFD: 25/11/2015 - [] D -- C:\Users\Albert\AppData\Local\ElevatedDiagnostics O43 - CFD: 30/06/2015 - [] D -- C:\Users\Albert\AppData\Local\Evernote O43 - CFD: 12/09/2015 - [] D -- C:\Users\Albert\AppData\Local\Google O43 - CFD: 10/07/2015 - [] D -- C:\Users\Albert\AppData\Local\GWX O43 - CFD: 01/08/2015 - [0] SHD -- C:\Users\Albert\AppData\Local\History O43 - CFD: 29/10/2015 - [] D -- C:\Users\Albert\AppData\Local\Lavasoft O43 - CFD: 20/11/2015 - [] D -- C:\Users\Albert\AppData\Local\Microsoft O43 - CFD: 18/07/2015 - [] D -- C:\Users\Albert\AppData\Local\Microsoft Help O43 - CFD: 09/08/2015 - [] D -- C:\Users\Albert\AppData\Local\MicrosoftEdge O43 - CFD: 02/08/2015 - [0] D -- C:\Users\Albert\AppData\Local\NetworkTiles O43 - CFD: 19/11/2015 - [] D -- C:\Users\Albert\AppData\Local\Packages O43 - CFD: 01/08/2015 - [] D -- C:\Users\Albert\AppData\Local\Publishers O43 - CFD: 02/07/2015 - [] D -- C:\Users\Albert\AppData\Local\Skype O43 - CFD: 30/06/2015 - [] D -- C:\Users\Albert\AppData\Local\SRS Labs O43 - CFD: 04/12/2015 - [] D -- C:\Users\Albert\AppData\Local\Temp O43 - CFD: 01/08/2015 - [0] SHD -- C:\Users\Albert\AppData\Local\Temporary Internet Files O43 - CFD: 01/08/2015 - [] D -- C:\Users\Albert\AppData\Local\TileDataLayer O43 - CFD: 30/06/2015 - [] D -- C:\Users\Albert\AppData\Local\TOSHIBA O43 - CFD: 19/07/2015 - [] D -- C:\Users\Albert\AppData\Local\VirtualStore O43 - CFD: 10/07/2015 - [] RD -- C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 01/08/2015 - [] RD -- C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 15/10/2015 - [] RD -- C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 10/07/2015 - [] D -- C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 15/10/2015 - [] RD -- C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 01/08/2015 - [] RD -- C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 10/07/2015 - [] RSD -- C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell ---\\ Latest files created in Prefetcher (1) - 14s O45 - LFCP:[MD5.7F0888732603383E8B26A81E138DB3BC] 02/12/2015 A -- C:\WINDOWS\Prefetch\LAVASOFT.SEARCHPROTECT.WINSER-38BEE563.pf =>PUP.Optional.SearchProtect ---\\ ShellIconOverlayIdentifiers (SIOI) (5) - 1s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll © O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll © O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll © O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll © O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncShell.dll © ---\\ System Drivers List (57) - 9s O58 - SDL:2015/07/10 05:59:38 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] © O58 - SDL:2015/07/10 05:59:38 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] © O58 - SDL:2015/06/04 01:07:46 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\WINDOWS\System32\drivers\amdkmpfd.sys [73976] © O58 - SDL:2015/07/10 05:59:38 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] © O58 - SDL:2015/07/10 05:59:38 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] © O58 - SDL:2015/07/10 05:59:38 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] © O58 - SDL:2012/06/23 09:23:38 A . (.AppEx Networks Corporation - AppEx Accelerator LWF/WFP Driver L.E..) -- C:\WINDOWS\System32\drivers\appexDrv.sys [199008] © O58 - SDL:2015/07/10 05:59:38 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] © O58 - SDL:2012/07/17 10:59:12 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\AtihdW86.sys [98472] © O58 - SDL:2015/12/03 21:10:32 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\AtihdWT6.sys [102912] © O58 - SDL:2015/10/22 21:13:00 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [21648880] © O58 - SDL:2015/10/22 21:13:00 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [674288] © O58 - SDL:2015/07/10 05:59:38 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624] © O58 - SDL:2015/07/10 05:59:38 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] © O58 - SDL:2015/07/10 05:59:38 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] © O58 - SDL:2012/07/10 19:35:44 A . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\WINDOWS\System32\drivers\FwLnk.sys [9216] © O58 - SDL:2015/07/10 05:59:38 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] © O58 - SDL:2015/07/10 05:59:36 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] © O58 - SDL:2015/07/10 05:59:36 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [122608] © O58 - SDL:2015/07/10 05:59:38 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] © O58 - SDL:2015/07/10 05:59:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] © O58 - SDL:2015/07/10 05:59:39 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] © O58 - SDL:2015/07/10 05:59:39 A . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabi.) -- C:\WINDOWS\System32\drivers\L1C63x64.sys [129224] © O58 - SDL:2015/07/10 05:59:38 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] © O58 - SDL:2015/07/10 05:59:38 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] © O58 - SDL:2015/07/10 05:59:38 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] © O58 - SDL:2015/07/10 05:59:38 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] © O58 - SDL:2015/07/10 05:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] © O58 - SDL:2015/07/10 05:59:39 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] © O58 - SDL:2015/07/10 05:59:39 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] © O58 - SDL:2015/07/10 05:59:39 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] © O58 - SDL:2015/07/10 05:59:39 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] © O58 - SDL:2015/07/10 05:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] © O58 - SDL:2015/07/10 05:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] © O58 - SDL:2015/07/10 05:59:39 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] © O58 - SDL:2015/07/10 05:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] © O58 - SDL:2015/06/24 21:57:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4504320] © O58 - SDL:2015/07/03 09:00:52 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [410880] © O58 - SDL:2015/07/10 05:59:36 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driver 33003.) -- C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888] © O58 - SDL:2015/07/10 05:59:39 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] © O58 - SDL:2015/07/10 05:59:39 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] © O58 - SDL:2015/08/13 17:52:49 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [42184] © O58 - SDL:2015/08/13 17:52:49 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [42696] © O58 - SDL:2015/07/10 05:59:39 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] © O58 - SDL:2015/08/13 17:52:50 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [618696] © O58 - SDL:2012/07/25 03:54:00 A . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\WINDOWS\System32\drivers\tdcmdpst.sys [31184] © O58 - SDL:2013/10/15 15:03:14 A . (.TOSHIBA Corporation - TOSHIBA HDD Accelerator V2 Driver for x64.) -- C:\WINDOWS\System32\drivers\THAccel.sys [111488] © O58 - SDL:2015/07/29 05:54:54 A . (.Toshiba Corporation - Toshiba Hotkey Driver.) -- C:\WINDOWS\System32\drivers\Thotkey.sys [54424] © O58 - SDL:2012/06/18 13:30:56 A . (.TOSHIBA Corporation - tos_sps64.) -- C:\WINDOWS\System32\drivers\tos_sps64.sys [499096] © O58 - SDL:2012/07/21 18:59:02 A . (.TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver.) -- C:\WINDOWS\System32\drivers\TVALZFL.sys [16768] © O58 - SDL:2013/08/15 00:13:32 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\WINDOWS\System32\drivers\TVALZ_O.SYS [32832] © O58 - SDL:2015/07/10 05:59:48 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [44032] O58 - SDL:2012/08/29 10:27:24 A . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\WINDOWS\System32\drivers\usbfilter.sys [58536] © O58 - SDL:2015/07/10 05:59:39 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] © O58 - SDL:2015/07/10 05:59:39 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] © O58 - SDL:2015/07/10 05:59:39 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] © O58 - SDL:2015/07/10 05:59:39 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] © ---\\ Last modified or created user files (25) - 28s O61 - LFC: 2015/11/30 10:35:26 A . (.Xplode.) -- C:\Users\Albert\Downloads\AdwCleaner.exe [1736704] © O61 - LFC: 2015/11/30 10:57:12 A . (.Xplode.) -- C:\Users\Albert\Downloads\adwcleaner_5.022 (1).exe [1733632] © O61 - LFC: 2015/11/30 10:59:02 A . (.Xplode.) -- C:\Users\Albert\Downloads\adwcleaner_5.022 (2).exe [1733632] © O61 - LFC: 2015/11/30 10:44:01 A . (.Xplode.) -- C:\Users\Albert\Downloads\adwcleaner_5.022.exe [1733632] © O61 - LFC: 2015/11/30 10:58:12 A . (.Xplode.) -- C:\Users\Albert\Downloads\adwcleaner_5.023 (1).exe [1736704] © O61 - LFC: 2015/12/03 09:52:25 A . (.Xplode.) -- C:\Users\Albert\Downloads\adwcleaner_5.023 (2).exe [1736704] © O61 - LFC: 2015/11/30 10:42:15 A . (.Xplode.) -- C:\Users\Albert\Downloads\adwcleaner_5.023.exe [1736704] © O61 - LFC: 2015/12/03 20:45:22 A . (.Advanced Micro Devices, Inc..) -- C:\Users\Albert\Downloads\autodetectutility.exe [4947168] {4CD9E755850C1372B48DC182A7308BAB} © O61 - LFC: 2015/12/04 18:14:41 A . (.Copyright (C) 2015 Nicolas Coolman.) -- C:\Users\Albert\Downloads\ZHPDiag3.exe [1989632] © O61 - LFC: 2015/12/04 18:14:41 A . (.Copyright (C) 2015 Nicolas Coolman.) -- C:\Users\Albert\AppData\Roaming\ZHP\ZHPDiag3.exe [1989632] © O61 - LFC: 2015/11/30 11:22:49 A . (.Copyright © 2012.) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\TrueLink+\357a4840dc4a732764a7b72fe86bd69a\TrueLink+.ni.exe [2815488] O61 - LFC: 2015/11/30 11:23:04 A . (.Smedio.) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\Smedio.DLNAWinRT\0009651e13c090c4285b6b4b73b121bb\Smedio.DLNAWinRT.ni.dll [6091776] O61 - LFC: 2015/11/30 11:22:58 A . (..) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\Notificatioc5a47191#\a99fb15b9cc83b1f4b58546a4aa9bf61\NotificationsExtensions.ni.dll [915456] O61 - LFC: 2015/11/30 11:22:57 A . (..) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\MetroHelpers\e18c54184f4f5e4110dabdb0a169852a\MetroHelpers.ni.dll [16384] O61 - LFC: 2015/11/30 11:23:07 A . (..) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\HDAudioPlayer\e8f20dbfc22b4828d55c581a2ed0ce23\HDAudioPlayer.ni.dll [57856] O61 - LFC: 2015/11/30 11:23:06 A . (.Copyright © 2015.) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\EOnkyoLibrary\d056913ec797baa6bced2e388fed59f4\EOnkyoLibrary.ni.dll [348160] O61 - LFC: 2015/11/30 11:22:56 A . (.Copyright © 2013.) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\CoreLib\94ac3799ecd9e935ba4b2e210d0b70af\CoreLib.ni.dll [6452736] O61 - LFC: 2015/11/30 11:23:07 A . (..) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\AudioParser\e07d804e8bc20874b5cd4090b343df67\AudioParser.ni.dll [25088] O61 - LFC: 2015/11/30 11:22:57 A . (.Copyright © 2012.) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\AppResouceLibrary\087c1d7e965014b1e591718b68e5bcd2\AppResouceLibrary.ni.dll [12288] O61 - LFC: 2015/11/30 11:23:05 A . (.Copyright © 2012.) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\AirGetSDK\5d49e2302b3919bf9e2fec71b00e39c5\AirGetSDK.ni.dll [984064] O61 - LFC: 2015/11/30 11:22:49 A . (.Copyright © 2013.) -- C:\Users\Albert\AppData\Local\Packages\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_679ekb9hp1h62\AC\Microsoft\CLR_v4.0\NativeImages\AirGetConfigure\1bf05b53023eae8b1a729222c25c2786\AirGetConfigure.ni.dll [19968] O61 - LFC: 2015/11/30 10:39:24 A . (..) -- C:\Users\Albert\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635844871575547970.bin [51396] O61 - LFC: 2015/12/02 21:03:04 A . (.Adobe Systems Incorporated.) -- C:\Users\Albert\AppData\Local\Microsoft\Windows\INetCache\IE\J4KDK2EC\RdrServicesUpdater[1].exe [150200] =>.Adobe Systems, Incorporated® O61 - LFC: 2015/12/04 18:09:06 A . (..) -- C:\Users\Albert\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082] O61 - LFC: 2015/12/04 18:08:14 A . (..) -- C:\Users\Albert\AppData\Local\ATI\ACE\Manifest.Bin [29892] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (8) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © ---\\ Search Browser Infection (1) - 0s O69 - SBI: SearchScopes [HKCU] {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} [DefaultScope] - (Bing) - http://www.bing.com/ ---\\ Search Svchost Services (41) - 3s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [192000] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [283136] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1335296] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [954368] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [954880] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [31232] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [93696] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [151040] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [106496] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1008640] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [226304] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [133120] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [324608] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [371200] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [95744] © O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [2093056] © O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\Windows\System32\dcpsvc.dll [196096] © O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [167424] © O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll [187392] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [106496] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [679936] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [497152] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [72192] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [452608] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2236416] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1168896] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [593920] © O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [63488] © O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [1149440] © O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [1019392] © O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [343040] © O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [713216] © O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] © O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [267776] © O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [918016] © O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\Windows\System32\RDXService.dll [1010176] © O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [359936] © O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [237568] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [58368] © ---\\ Firewall Active Exception List (239) - 17s O87 - FAEL: "vm-monitoring-dcom" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "vm-monitoring-rpc" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMP-In-UDP-x86" [In-None-P17-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-Out-UDP-x86" [Out-None-P17-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-Out-TCP-x86" [Out-None-P6-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-In-UDP" [In-None-P17-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-Out-UDP" [Out-None-P17-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "SNMPTRAP-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - SNMP Trap.) -- C:\WINDOWS\system32\snmptrap.exe © O87 - FAEL: "SNMPTRAP-In-UDP-NoScope" [In-None-P17-FALSE] .(.Microsoft Corporation - SNMP Trap.) -- C:\WINDOWS\system32\snmptrap.exe © O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC" [In-None-P6-FALSE] .(.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\system32\wininit.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper" [In-None-P6-FALSE] .(.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\system32\wininit.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PNRPMNRS-PNRP-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PNRPMNRS-PNRP-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PNRPMNRS-SSDPSrv-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PNRPMNRS-SSDPSrv-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "DeliveryOptimization-TCP-In" [In-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "DeliveryOptimization-UDP-In" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "EventForwarder-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Event Forwarder.) -- C:\WINDOWS\system32\NetEvtFwdr.exe © O87 - FAEL: "EventForwarder-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MsiScsi-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MsiScsi-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MsiScsi-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MsiScsi-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteFwAdmin-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteFwAdmin-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteFwAdmin-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "ProximityUxHost-Sharing-In-TCP-NoScope" [In-None-P6-TRUE] .(.Microsoft Corporation - Proximity UX Host.) -- C:\WINDOWS\system32\proximityuxhost.exe =>.Microsoft Windows® O87 - FAEL: "ProximityUxHost-Sharing-Out-TCP-NoScope" [Out-None-P6-TRUE] .(.Microsoft Corporation - Proximity UX Host.) -- C:\WINDOWS\system32\proximityuxhost.exe =>.Microsoft Windows® O87 - FAEL: "AllJoyn-Router-In-TCP" [In-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "AllJoyn-Router-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "AllJoyn-Router-In-UDP" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "AllJoyn-Router-Out-UDP" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-SSDPSrv-In-UDP-Active" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP-Active" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-UPnPHost-Out-TCP-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-UPnP-Out-TCP-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-FDPHOST-In-UDP-Active" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-DAS-In-UDP-Active" [In-None-P17-TRUE] .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\WINDOWS\system32\dashost.exe © O87 - FAEL: "NETDIS-FDPHOST-Out-UDP-Active" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-LLMNR-In-UDP-Active" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-LLMNR-Out-UDP-Active" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP-Active" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP-Active" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-SSDPSrv-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-SSDPSrv-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-UPnP-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-UPnPHost-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-FDPHOST-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-DAS-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\WINDOWS\system32\dashost.exe © O87 - FAEL: "NETDIS-FDPHOST-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-LLMNR-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-LLMNR-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-FDRESPUB-WSD-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-FDRESPUB-WSD-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-WSDEVNTS-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "NETDIS-WSDEVNT-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Netlogon-TCP-RPC-In" [In-None-P6-FALSE] .(.Microsoft Corporation - Local Security Authority Process.) -- C:\WINDOWS\System32\lsass.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WirelessDisplay-In-TCP" [In-None-P6-TRUE] .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\system32\WUDFHost.exe © O87 - FAEL: "WirelessDisplay-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\system32\WUDFHost.exe © O87 - FAEL: "WirelessDisplay-Out-UDP" [Out-None-P17-TRUE] .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\system32\WUDFHost.exe © O87 - FAEL: "WMI-RPCSS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMI-WINMGMT-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMI-WINMGMT-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMI-ASYNC-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Sink to receive asynchronous callbacks for.) -- C:\WINDOWS\system32\wbem\unsecapp.exe © O87 - FAEL: "WMI-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMI-WINMGMT-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMI-WINMGMT-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMI-ASYNC-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Sink to receive asynchronous callbacks for.) -- C:\WINDOWS\system32\wbem\unsecapp.exe © O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe © O87 - FAEL: "FPS-SpoolSvc-In-TCP" [In-None-P6-TRUE] .(.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe © O87 - FAEL: "FPS-LLMNR-In-UDP" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "FPS-LLMNR-Out-UDP" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "TPMVSCMGR-Server-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\WINDOWS\system32\RmtTpmVscMgrSvr.exe © O87 - FAEL: "TPMVSCMGR-Server-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\WINDOWS\system32\RmtTpmVscMgrSvr.exe © O87 - FAEL: "TPMVSCMGR-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "TPMVSCMGR-Server-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\WINDOWS\system32\RmtTpmVscMgrSvr.exe © O87 - FAEL: "TPMVSCMGR-Server-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - TPM Virtual Smart Card Manager DCOM Server.) -- C:\WINDOWS\system32\RmtTpmVscMgrSvr.exe © O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-In" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-TCP3587-Out" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-In" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Microsoft-Windows-HomeGroup-ProvSvc-UDP3540-Out" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Collab-PNRP-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Collab-PNRP-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Collab-PNRP-SSDPSrv-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Collab-PNRP-SSDPSrv-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope" [In-None-P6-TRUE] .(.Microsoft Corporation - Windows Remote Assistance.) -- C:\WINDOWS\system32\msra.exe © O87 - FAEL: "RemoteAssistance-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Windows Remote Assistance.) -- C:\WINDOWS\system32\msra.exe © O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteAssistance-RAServer-In-TCP-NoScope-Active" [In-None-P6-TRUE] .(.Microsoft Corporation - Windows Remote Assistance COM Server.) -- C:\WINDOWS\system32\raserver.exe © O87 - FAEL: "RemoteAssistance-RAServer-Out-TCP-NoScope-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Windows Remote Assistance COM Server.) -- C:\WINDOWS\system32\raserver.exe © O87 - FAEL: "RemoteAssistance-DCOM-In-TCP-NoScope-Active" [In-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteAssistance-In-TCP-EdgeScope-Active" [In-None-P6-TRUE] .(.Microsoft Corporation - Windows Remote Assistance.) -- C:\WINDOWS\system32\msra.exe © O87 - FAEL: "RemoteAssistance-Out-TCP-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Windows Remote Assistance.) -- C:\WINDOWS\system32\msra.exe © O87 - FAEL: "RemoteAssistance-SSDPSrv-In-UDP-Active" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteAssistance-SSDPSrv-Out-UDP-Active" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-In-EdgeScope-Active" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteAssistance-PnrpSvc-UDP-OUT-Active" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MSDTC-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Microsoft Distributed Transaction Coordinat.) -- C:\WINDOWS\system32\msdtc.exe © O87 - FAEL: "MSDTC-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Microsoft Distributed Transaction Coordinat.) -- C:\WINDOWS\system32\msdtc.exe © O87 - FAEL: "MSDTC-KTMRM-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MSDTC-RPCSS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MSDTC-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Microsoft Distributed Transaction Coordinat.) -- C:\WINDOWS\system32\msdtc.exe © O87 - FAEL: "MSDTC-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Microsoft Distributed Transaction Coordinat.) -- C:\WINDOWS\system32\msdtc.exe © O87 - FAEL: "MSDTC-KTMRM-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MSDTC-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-In-UDP-NoScope" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-Out-UDP-NoScope" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-WMP-In-UDP-NoScope" [In-None-P17-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-WMP-Out-UDP-NoScope" [Out-None-P17-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-WMP-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-In-UDP-NoScope" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-Out-UDP-NoScope" [Out-None-P17-FALSE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-In-TCP-NoScope" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-Out-TCP-NoScope" [Out-None-P6-FALSE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-QWave-In-UDP" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-Out-UDP" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-In-TCP" [In-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-WMP-In-UDP" [In-None-P17-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-WMP-Out-UDP" [Out-None-P17-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-WMP-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-In-UDP" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-Out-UDP" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-In-TCP" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-Out-TCP" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-UPnP-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteEventLogSvc-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteEventLogSvc-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteEventLogSvc-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PlayTo-In-UDP-NoScope" [In-None-P17-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-In-UDP-LocalSubnetScope" [In-None-P17-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-In-UDP-PlayToScope" [In-None-P17-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-Out-UDP-NoScope" [Out-None-P17-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-Out-UDP-LocalSubnetScope" [Out-None-P17-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-Out-UDP-PlayToScope" [Out-None-P17-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-In-RTSP-NoScope" [In-None-P6-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-In-RTSP-LocalSubnetScope" [In-None-P6-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-In-RTSP-PlayToScope" [In-None-P6-TRUE] .(.Microsoft Corporation - Cast to Device Server.) -- C:\WINDOWS\system32\mdeserver.exe © O87 - FAEL: "PlayTo-SSDP-Discovery-PlayToScope" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PlayTo-QWave-In-UDP-PlayToScope" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PlayTo-QWave-Out-UDP-PlayToScope" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PlayTo-QWave-In-TCP-PlayToScope" [In-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PlayTo-QWave-Out-TCP-PlayToScope" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WFDPRINT-DAFWSD-In-Active" [In-None-P6-TRUE] .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\WINDOWS\system32\dashost.exe © O87 - FAEL: "WFDPRINT-DAFWSD-Out-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Device Association Framework Provider Host.) -- C:\WINDOWS\system32\dashost.exe © O87 - FAEL: "WFDPRINT-SPOOL-In-Active" [In-None-P6-TRUE] .(.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe © O87 - FAEL: "WFDPRINT-SPOOL-Out-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Spooler SubSystem App.) -- C:\WINDOWS\system32\spoolsv.exe © O87 - FAEL: "WFDPRINT-SCAN-In-Active" [In-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WFDPRINT-SCAN-Out-Active" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Microsoft-Windows-WLANSvc-ASP-CP-In" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "Microsoft-Windows-WLANSvc-ASP-CP-Out" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Services and Controller app.) -- C:\WINDOWS\system32\services.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteSvcAdmin-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Services and Controller app.) -- C:\WINDOWS\system32\services.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteSvcAdmin-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\WINDOWS\system32\plasrv.exe © O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "PerfLogsAlerts-PLASrv-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Performance Logs and Alerts DCOM Server.) -- C:\WINDOWS\system32\plasrv.exe © O87 - FAEL: "PerfLogsAlerts-DCOM-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-DHCP-In" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-DHCP-Out" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-DHCPV6-In" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-DHCPV6-Out" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-Teredo-In" [In-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-Teredo-Out" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-IPHTTPS-Out" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-GP-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-DNS-Out-UDP" [Out-None-P17-TRUE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" [Out-None-P6-TRUE] .(.Microsoft Corporation - Local Security Authority Process.) -- C:\WINDOWS\system32\lsass.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RVM-VDS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Virtual Disk Service.) -- C:\WINDOWS\system32\vds.exe © O87 - FAEL: "RVM-VDSLDR-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\WINDOWS\system32\vdsldr.exe © O87 - FAEL: "RVM-RPCSS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RVM-VDS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Virtual Disk Service.) -- C:\WINDOWS\system32\vds.exe © O87 - FAEL: "RVM-VDSLDR-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Virtual Disk Service Loader.) -- C:\WINDOWS\system32\vdsldr.exe © O87 - FAEL: "RVM-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteTask-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteTask-RPCSS-In-TCP-NoScope" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteTask-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "RemoteTask-RPCSS-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-SSDPSrv-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-SSDPSrv-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-QWave-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-QWave-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-QWave-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-QWave-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-TERMSRV-In-TCP" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-MCX2SVC-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-PlayTo-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-PlayTo-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "MCX-FDPHost-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WPDMTP-Out-TCP-NoScope" [Out-None-P6-FALSE] .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\system32\wudfhost.exe © O87 - FAEL: "WPDMTP-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) -- C:\WINDOWS\system32\wudfhost.exe © O87 - FAEL: "WPDMTP-SSDPSrv-In-UDP" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WPDMTP-SSDPSrv-Out-UDP" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WPDMTP-UPnPHost-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WPDMTP-UPnP-Out-TCP" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "FPS-LLMNR-Out-UDP_1" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "FPS-LLMNR-In-UDP_1" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMP-Out-TCP_1" [Out-None-P6-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-Out-UDP_1" [Out-None-P17-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-In-UDP_1" [In-None-P17-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-Out-TCP-x86_1" [Out-None-P6-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-Out-UDP-x86_1" [Out-None-P17-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMP-In-UDP-x86_1" [In-None-P17-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-UPnP-Out-TCP_1" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-Out-TCP_1" [Out-None-P6-FALSE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-In-TCP_1" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-Out-UDP_1" [Out-None-P17-FALSE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-In-UDP_1" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) © O87 - FAEL: "WMPNSS-WMP-Out-TCP_1" [Out-None-P6-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-WMP-Out-UDP_1" [Out-None-P17-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-WMP-In-UDP_1" [In-None-P17-FALSE] .(.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe © O87 - FAEL: "WMPNSS-SSDPSrv-Out-UDP_1" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-SSDPSrv-In-UDP_1" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-Out-TCP_1" [Out-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-In-TCP_1" [In-None-P6-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-Out-UDP_1" [Out-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "WMPNSS-QWave-In-UDP_1" [In-None-P17-FALSE] .(.Microsoft Corporation - Host Process for Windows Services.) -- C:\WINDOWS\system32\svchost.exe =>.Microsoft Windows Publisher® O87 - FAEL: "{825D115B-FCE5-4898-A97D-0EF34F3DA0A5}" [In-None-P17-TRUE] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe =>.Microsoft Corporation® O87 - FAEL: "TCP Query User{16091889-4EE8-4698-8AA7-9E96ED776965}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" [In-None-P6-TRUE] .(.Intel Corporation - Intel Services Manager.) -- C:\program files (x86)\intel\intelappstore\bin\ismagent.exe {14AAE84D000100008365} © O87 - FAEL: "UDP Query User{854AF86C-930B-45ED-84A7-EC2B5FBC9431}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" [In-None-P17-TRUE] .(.Intel Corporation - Intel Services Manager.) -- C:\program files (x86)\intel\intelappstore\bin\ismagent.exe {14AAE84D000100008365} © O87 - FAEL: "TCP Query User{BDD2EA42-8C95-43B1-A1D6-527A4D24951D}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" [In-None-P6-TRUE] .(.Intel Corporation - Intel Services Manager.) -- C:\program files (x86)\intel\intelappstore\bin\ismagent.exe {14AAE84D000100008365} © O87 - FAEL: "UDP Query User{CD85704E-7720-4602-A6B3-7693F0E2C239}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe" [In-None-P17-TRUE] .(.Intel Corporation - Intel Services Manager.) -- C:\program files (x86)\intel\intelappstore\bin\ismagent.exe {14AAE84D000100008365} © O87 - FAEL: "{9580CF88-E166-491C-BF48-B2B368142C50}" [In-None-P17-TRUE] .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O87 - FAEL: "{79FD07DC-6EE8-41BC-B975-D29C4DAF6AE0}" [In-None-P17-TRUE] .(.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® ---\\ Services not Microsoft (SR=Run, SS=Stop) (17) - 24s SR - Auto [28/10/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © SR - Auto [22/10/2015] [ 255472] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe © SR - Auto [21/08/2015] [ 344064] AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe © SS - Demand [12/10/2010] [ 206072] GamesAppService (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe © SS - Auto [01/07/2015] [ 107848] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Demand [01/07/2015] [ 107848] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SR - Auto [02/12/2015] [ 2751760] LavasoftTcpService (LavasoftTcpService) . (.Lavasoft Limited.) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe © SR - Auto [02/12/2015] [ 17168] IE Search Set (SearchProtectionService) . (.Copyright © 2014.) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © SR - Auto [08/03/2012] [ 531328] Splashtop® Remote Service (SplashtopRemoteService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe SR - Auto [07/08/2013] [ 609056] Splashtop Software Updater Service (SSUService) . (.Splashtop Inc..) - C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe SR - Auto [13/08/2015] [ 246472] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe © SR - Demand [27/07/2012] [ 53384] TMachInfo (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe © SR - Auto [28/07/2009] [ 140632] TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\System32\TODDSrv.exe © SR - Auto [09/08/2013] [ 328544] TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.Toshiba Corporation.) - C:\Program Files\TOSHIBA\Teco\TecoService.exe © SR - Demand [28/07/2012] [ 458152] TPCH Service (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe © ---\\ Additional Scan (O88) (1) - 0s C:\WINDOWS\Prefetch\LAVASOFT.SEARCHPROTECT.WINSER-38BEE563.pf =>PUP.Optional.SearchProtect ---\\ Summary of the elements found (1) - 0s http://www.nicolascoolman.fr/?p=1633 =>PUP.Optional.SearchProtect ~ End of the scan, 36778 items in 226 seconds (950)(0)