~ ZHPDiag v2015.9.28.146 Par Nicolas Coolman (2015/09/28) ~ Démarré par tech (Administrator) (2015/09/28 13:56:11) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Etat de la version: Version OK ~ Mode: Scanner ~ Rapport: C:\Users\tech\Desktop\ZHPDiag.txt ~ Rapport: C:\Users\tech\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Démarrage du système: Normal (Normal boot) Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\\ Navigateurs Internet (3) - 0s GCIE: Google Chrome v45.0.2454.99 MFIE: Mozilla Firefox 40.0.3 (x86 en-US) v40.0.3 MSIE: Internet Explorer v11.0.9600.18015 ---\\ Informations sur les produits Windows (4) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection (3) - 2s Avast Premier v10.3.2225 Malwarebytes Anti-Malware version 2.1.8.1057 Windows Defender W7 (Activate) ---\\ Logiciels de protection et autres (Superflus) (1) - 3s McAfee Security Scan Plus v3.8.150.1 ---\\ Surveillance de Logiciels (2) - 3s Adobe Flash Player 19 NPAPI Adobe Reader X ---\\ Informations sur le système (6) - 0s ~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 4157.312 MB (62% free) ~ System Restore: Activé (Enable) ~ System drive C: has 46 GB free of 102 GB ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: TECH-PC ~ User Name: tech ~ Logged in as Administrator ---\\ Enumération des unités disques (3) - 0s ~ Drive C: has 46 GB free of 102 GB (System) ~ Drive D: has 67 GB free of 101 GB ~ Drive E: has 75 GB free of 101 GB ---\\ Etat du Centre de Sécurité Windows (15) - 0s [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Recherche particulière de fichiers génériques (26) - 1s [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2871808] © [MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568] © [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [129024] © [MD5.A55305B1CACD38EAC176CC532B2053AC] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2427392] © [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [455168] © [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [232448] © [MD5.492D07D79E7024CA310867B526D9636D] - (.Microsoft Corporation - DNS DLL de l’API Client.) () -- C:\Windows\System32\dnsapi.dll [357888] © [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - (.Microsoft Corporation - DNS DLL de l’API Client.) () -- C:\Windows\Syswow64\dnsapi.dll [270336] © [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] © [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152] © [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128] © [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160] © [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456] © [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400] © [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368] © [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472] © [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224] © [MD5.43E1F4B0EFDC244D2A83995CCD7846F7] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [159232] © [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632] © [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928] © [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [97280] © [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] © [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888] © [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184] © [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296] © [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [295808] © ---\\ Processus lancés (40) - 1s [MD5.310F86335B0505DDC6D2DD48E66EF06B] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [241152] [PID.956] © [MD5.4956380A54B1C9E6BFDF3D80DACB9698] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1276] © [MD5.AF09E0E7239052DDE959F2662C42D94A] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [109008] [PID.1456] © [MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1568] © [MD5.BA268AF05C0911BC65EA4DE2DE26105F] - (...) -- C:\ProgramData\EdocSave\EdocSave.exe [441856] [PID.1756] [MD5.C99F8E90DE4B8F0C7FE15BB1CBCD29DC] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104] [PID.2020] © [MD5.78ABBE558F57144047F10A0F50FE4B2F] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720] [PID.1296] © [MD5.301E3FDFCF33640BB8763BA444BC5093] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1576] © [MD5.83C982A395D00BAFF6515FB38424EA76] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880] [PID.2068] © [MD5.B1EF4686961986DFFB7FE8F18E6FCB5B] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\nlssrv32.exe [66560] [PID.2104] © [MD5.439BD966130226F464DC15F55ABD266E] - (.TechSmith Corporation - TechSmith Uploader Service.) -- C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384] [PID.2452] © [MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.1144] © [MD5.B8FFCE08932042E0D108F92FED9CF59E] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [562688] [PID.3320] © [MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.3140] © [MD5.834A309C2FDF52FC09353F348CFE1235] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184] [PID.3856] © [MD5.ADE3D7AD36CA238C6D58E5E93392D2F8] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056] [PID.3180] © [MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.3748] © [MD5.4D3FA23829B4AE3A0563113716259AC9] - (.TechSmith Corporation - Snagit.) -- C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe [7434560] [PID.3168] © [MD5.A72BB48D9014A7D7C05F02F595F52D60] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe [245576] [PID.3932] © [MD5.E337785DA1958E9AB02DDB2369EF46E8] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe [307016] [PID.624] © [MD5.07A37CB5C5A01E73FB69F138FAE2DB0E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128] [PID.3284] © [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3960] © [MD5.1E09DFA4048196C9D3CC40C485A39422] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299008] [PID.3328] © [MD5.74CDE657245C114B98816E89B8D4CCD1] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299008] [PID.2760] © [MD5.E1F5833D38EF98EC19C5DE6436A5F969] - (.Glarysoft Ltd - Glary Utilities 5.) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [889632] [PID.4700] © [MD5.F66203AF9C159E2CBD54DF981654F499] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824] [PID.4180] © [MD5.84289E333459DD1C5E9F2DC204FB1608] - (.TechSmith Corporation - Snagit RPC Helper.) -- C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe [151872] [PID.1340] © [MD5.BA268AF05C0911BC65EA4DE2DE26105F] - (...) -- C:\ProgramData\EdocSave\EdocSave.exe [441856] [PID.4948] [MD5.0A1810F3CF866F67856C8A4E98194493] - (.TechSmith Corporation - TechSmith HTML Help Helper.) -- C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe [46080] [PID.4820] © [MD5.749A4EA9D92161BDA3CD59BBF6706949] - (.TechSmith Corporation - Snagit Editor.) -- C:\Program Files (x86)\TechSmith\Snagit 12\snagiteditor.exe [8604992] [PID.5092] © [MD5.2C24DC448DBE8DB9BE1441B824C57E79] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824] [PID.3492] © [MD5.E1A119AD21F5AFE22EB516C549306D3D] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365376] [PID.4940] © [MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.772] © [MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.6092] © [MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5408] © [MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5436] © [MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5388] © [MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.6032] © [MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5516] © [MD5.BEB274EF932F3AD40F15AE7DCD1F53DA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\tech\Downloads\Programs\ZHPDiag3.exe [1939968] [PID.5380] © ---\\ Google Chrome, Démarrage,Recherche,Extensions (30) - 1s G0 - GCSP: Preferences [User Data\Default][HomePage] http://fonts.googleapis.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://lp.baboom.audio G0 - GCSP: Preferences [User Data\Default][HomePage] http://n20.adshostnet.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://n20adshostnet.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://srv.desk-top-app.info G0 - GCSP: Preferences [User Data\Default][HomePage] http://stats.g.doubleclick.net G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.googleusercontent.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://mynamedomain.koko G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/ =>PUP.Optional.OurSurfing G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [bmnlcjabgnpnenekpadlanbbkooimhnj] Honey G2 - GCE: Preference [User Data\Default] [bpgpffljkgjmijjdmjbdppndoojdgboe] Facebook Secret Emoticons G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [dhdgffkkebhmkfjojejmpbldmpobfkfo] Tampermonkey G2 - GCE: Preference [User Data\Default] [dkfhfaphfkopdgpbfkebjfcblcafcmpi] MightyText SMS from PC Text from Computer G2 - GCE: Preference [User Data\Default] [eofcbnmajmjmplflapaojjnihcjkigck] Avast SafePrice G2 - GCE: Preference [User Data\Default] [fdcgdnkidjaadafnichfpabhfomcebme] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [fngmhnnpilhplaeedifhccceomclgfbg] EditThisCookie G2 - GCE: Preference [User Data\Default] [immhpnclomdloikkpcefncmfgjbkojmh] Emoji Input by EmojiStuff.com G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [omghfjlpggmjjaagoclmmobgdodcjboh] Browsec G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (4) - 1s M0 - MFSP: prefs.js [tech - lu02qlv9.default-1443311399777] https://www.malwarebytes.org/restorebrowser/ P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - FPN: [HKCU] [@hola.org/vlc,version=1.8.164] - (...) -- C:\Users\tech\AppData\Local\Hola\firefox\app\vlc P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll © ---\\ Opera, Démarrage,Recherche,Plugins (1) - 0s B2 - EXT: [__MSG_appName__] C:\Users\tech\AppData\Roaming\Opera Software\Opera Stable\Extensions\chfnopmklmpinabemlmldefhbhgkglmc ---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (23) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer,Proxy Management (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) © F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) © ---\\ Etude du fichier hosts (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (1) ---\\ Browser Helper Object de navigateur (BHO) (4) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll © O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} (Orphean) O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll © O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll © ---\\ Applications lancées au démarrage du système (14) - 0s O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe © O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe © O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe © O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe © O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1443442034 O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe © O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe © O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe © O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe © O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe © O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe © O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe © O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe © O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\RunOnce: [Adobe Speed Launcher] 1443442034 ---\\ Winsock hijacker (Layered Service Provider) (3) - 1s O10 - WLSP:\Catalog_Entries64\000000000001\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock O10 - WLSP:\Catalog_Entries64\000000000002\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock O10 - WLSP:\Catalog_Entries64\000000000013\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock ---\\ Modification Domaine/Adresses DNS (9) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = domain.name O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpDomain = domain.name ---\\ Protocole additionnel (24) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll © O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll © O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll © O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll © O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL © ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (1) - 0s O20 - AppInit_DLLs: . (...) - C:\ProgramData\EdocSave\ZerStatsoft.dll ---\\ Liste des services NT non Microsoft et non désactivés (16) - 1s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe © O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © O23 - Service: Avast Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe © O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe © O23 - Service: EdocSave (EdocSave) . (...) - C:\ProgramData\EdocSave\EdocSave.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe © O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe © O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe © O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe © O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe © O23 - Service: This service enables products that use the Nalpeiron Licens (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\nlssrv32.exe © O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © O23 - Service: TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation - TechSmith Uploader Service.) - C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe © O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe © ---\\ Enumère les données de BootExecute (1) - 0s O34 - HKLM BootExecute: (BootDefrag.exe) ---\\ Tâches planifiées en automatique (44) - 4s [MD5.C6D147C12C424373B016C0AB0A6C61EB] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] © [MD5.76F586CEF7018BD376CBBD74AEAC93F5] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1373872] © [MD5.00000000000000000000000000000000] [APT] [Driver Booster SkipUAC (tech)] (...) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (.not file.) [0] [MD5.5168ABDED2C163FEC3699C6BF0723AB2] [APT] [GlaryInitialize 5] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [118048] © [MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] © [MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] © [MD5.E1F5833D38EF98EC19C5DE6436A5F969] [APT] [GU5SkipUAC] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [889632] © [MD5.00000000000000000000000000000000] [APT] [LaunchApp] (...) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (.not file.) [0] =>PUP.Optional.MyPCBackup [MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] © [MD5.00000000000000000000000000000000] [APT] [Opera scheduled Autoupdate 1434049471] (...) -- C:\Program Files (x86)\Opera\launcher.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [PCShower2014] (...) -- C:\Program Files (x86)\PC Shower 2014\StartupShield.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.) [0] [MD5.E0DEBE808C0FC71F6CAAB979547F84CD] [APT] [TechSmith Updater] (.TechSmith Corporation.) -- C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56704] © [MD5.00000000000000000000000000000000] [APT] [Trojan Remover] (...) -- C:\Program Files\Loaris\Trojan Remover\ltr.exe (.not file.) [0] [MD5.3D9C36AEF23B3ECFDFD1375BBF1ACAA7] [APT] [update-S-1-5-21-978478050-2410835614-1606204549-1000] (.Copyright 2009.) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105760] [MD5.3D9C36AEF23B3ECFDFD1375BBF1ACAA7] [APT] [update-sys] (.Copyright 2009.) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105760] [MD5.00000000000000000000000000000000] [APT] [YTAHelper] (...) -- C:\Program Files (x86)\YTAHelper\YTAHelper.exe (.not file.) [0] =>PUP.Optional.Goobzo [MD5.00000000000000000000000000000000] [APT] [{9C8DAFD3-EDD0-4C64-93BA-C49E0FB77DDA}] (...) -- C:\Program Files (x86)\Time Stopper\Time Stopper.exe (.not file.) [0] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] © O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [834] © O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [838] © O39 - APT: update-S-1-5-21-978478050-2410835614-1606204549-1000 - (.Copyright 2009.) -- C:\Windows\Tasks\update-S-1-5-21-978478050-2410835614-1606204549-1000.job [386] O39 - APT: update-sys - (.Copyright 2009.) -- C:\Windows\Tasks\update-sys.job [386] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3940] © O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] © O39 - APT: Driver Booster SkipUAC (tech) - (...) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (tech) [2854] O39 - APT: GlaryInitialize 5 - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\GlaryInitialize 5 [3308] © O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3582] © O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3834] © O39 - APT: GU5SkipUAC - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\GU5SkipUAC [2968] © O39 - APT: LaunchApp - (...) -- C:\Windows\System32\Tasks\LaunchApp [4022] =>PUP.Optional.MyPCBackup O39 - APT: Maxthon Update - (.Maxthon International ltd..) -- C:\Windows\System32\Tasks\Maxthon Update [3578] © O39 - APT: Opera scheduled Autoupdate 1434049471 - (...) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434049471 [3842] O39 - APT: PCShower2014 - (...) -- C:\Windows\System32\Tasks\PCShower2014 [3294] O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000 [3222] O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000 [3358] O39 - APT: Run RoboForm TaskBar Icon - (...) -- C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon [3488] O39 - APT: TechSmith Updater - (.TechSmith Corporation.) -- C:\Windows\System32\Tasks\TechSmith Updater [3800] © O39 - APT: Trojan Remover - (...) -- C:\Windows\System32\Tasks\Trojan Remover [3126] O39 - APT: update-S-1-5-21-978478050-2410835614-1606204549-1000 - (.Copyright 2009.) -- C:\Windows\System32\Tasks\update-S-1-5-21-978478050-2410835614-1606204549-1000 [3258] O39 - APT: update-sys - (.Copyright 2009.) -- C:\Windows\System32\Tasks\update-sys [3282] O39 - APT: YTAHelper - (...) -- C:\Windows\System32\Tasks\YTAHelper [4642] =>PUP.Optional.Goobzo ---\\ Logiciels installés (86) - 10s O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan © O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player © O42 - Logiciel: WinRAR 4.11 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver © O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {003B37AE-21F5-5BC5-F5EB-CD60A8928696} © O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {35D00343-3BFA-46A1-C6DD-FFD770501E0B} © O42 - Logiciel: Revo Uninstaller Pro 3.1.2 - (.VS Revo Group, Ltd..) [HKLM][64Bits] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 © O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} © O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0} © O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} © O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI © O42 - Logiciel: ASMubashir - (.ApeeeGoSoft.) [HKLM][64Bits] -- ASMubashir O42 - Logiciel: Avast Premier - (.AVAST Software.) [HKLM][64Bits] -- Avast © O42 - Logiciel: AVS Registry Cleaner 3.0.2.271 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Registry Cleaner_is1 © O42 - Logiciel: Format Factory - (.Free Time.) [HKLM][64Bits] -- Format Factory © O42 - Logiciel: Glary Utilities 5.32 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities 5 © O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome © O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager © O42 - Logiciel: LAV Filters 0.60.1 - (.Hendrik Leppkes.) [HKLM][64Bits] -- lavfilters_is1 © O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 © O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM][64Bits] -- Maxthon3 © O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 en-US) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService © O42 - Logiciel: Potplayer - (.Daum Kakao Corp..) [HKLM][64Bits] -- PotPlayer O42 - Logiciel: Snagit Stamps Green-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {018BD7C8-4113-11E1-A9E6-C0BD4724019B} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {05C08CC0-5D33-48A6-B06F-CFE75FFD9843} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {076C6BC1-C1C9-4936-86A7-09CC8521571D} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {07AF20A1-FF2E-40DB-899E-3DB94E1C784F} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {083245AC-CB49-4986-9131-0B87C4BCCCFA} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {09E69001-06F9-4767-A7C5-414985CD44CA} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {0F01AF26-ABB5-4F07-8202-4A2E461EDA4F} © O42 - Logiciel: Microsoft VC90 CRT + OMP - (.ZJMedia Ltd..) [HKLM][64Bits] -- {0F931735-0098-4FF6-A49D-17882A294F51} O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {1055F079-7664-4990-83FB-F41F67B5A278} © O42 - Logiciel: Snagit Stamps Black-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {1BCD39C2-4084-11E1-AF82-C8814824019B} © O42 - Logiciel: Snagit Stamps Orange-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {22EDAC30-4117-11E1-BA47-02C34724019B} © O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} © O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {26B0419F-123C-44C7-8FB0-1A30CAE4E2DF} © O42 - Logiciel: Snagit Stamps Orange-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {26E5FC52-4117-11E1-9874-03C34724019B} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {274A3B8B-68B7-4F41-95FD-D93B0AEB7EAA} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {2911949E-976C-4635-9CE1-77E8669EAB74} © O42 - Logiciel: Snagit Stamps Black-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {2D39E78E-4082-11E1-8E70-837F4824019B} © O42 - Logiciel: Snagit Stamps Blue-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {30443A94-4085-11E1-AB66-47834824019B} © O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM][64Bits] -- {31B12C11-AE4E-479F-8D6D-242DC265368D} O42 - Logiciel: Snagit Stamps Windows-Interface - (.TechSmith Corporation.) [HKLM][64Bits] -- {39375D14-42D0-11E1-8E6B-27824824019B} © O42 - Logiciel: Snagit Stamps Geometry - (.TechSmith Corporation.) [HKLM][64Bits] -- {3A8A51E6-FB51-11E1-A58B-13826188709B} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {3D102FE6-622F-406E-8AB4-925A8E3A7D5A} © O42 - Logiciel: Snagit Stamps Blue-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {3D86B9C0-4085-11E1-83C7-5D834824019B} © O42 - Logiciel: Snagit Stamps Purple-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {483B10D6-4117-11E1-925B-27C34724019B} © O42 - Logiciel: Snagit Stamps Purple-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {4B777136-4117-11E1-AE24-28C34724019B} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {4C6BC9DF-9D69-4544-9FC3-E01FD463FF5A} © O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM][64Bits] -- {50f2d2b0-9e6e-466f-b418-b3526b61aa3f} © O42 - Logiciel: Camtasia Studio 8 - (.TechSmith Corporation.) [HKLM][64Bits] -- {5303CFB5-D635-44F0-A94B-9611E81F07C4} © O42 - Logiciel: Realtek HDMI Audio Driver for ATI - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5449FB4F-1802-4D5B-A6D8-087DB1142147} © O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM][64Bits] -- {588591F5-74D7-4646-87C5-6A07E526F303} © O42 - Logiciel: Snagit Stamps Business - (.TechSmith Corporation.) [HKLM][64Bits] -- {5CFC8740-4124-11E1-B134-42D54724019B} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} © O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {65406A75-3FC2-4CA4-A139-35D2ED14B9B9} © O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {6D9E366A-907C-4FBD-8C3D-D0F99309E0F4} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {6F9B01C2-9DD8-49D7-A19D-F1F55ECF4D4A} © O42 - Logiciel: Snagit Stamps Algebra - (.TechSmith Corporation.) [HKLM][64Bits] -- {77B73A50-FB53-11E1-82FE-F7836188709B} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {7ABB4A2D-73AD-4758-B4A8-79D1B90C474D} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {80FCAC3D-C5F2-429F-BBCF-A360CDC88BBA} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8317B24F-7C37-4E01-B19F-72318D8B4D65} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {881D807E-D4B8-4C38-9FB5-E3DB78B77825} © O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {89A20651-156D-4CA1-8DF0-98C62ACCFD48} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8C603F0B-3130-41F8-9995-751F2750D544} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8E919001-99F2-441D-9DFD-47DDCB4D9D1F} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {9442353B-D459-4B4F-8A42-A6EE44CA8F29} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {AB78404A-FF9C-428B-9DE3-95260C86A197} © O42 - Logiciel: Adobe Reader X (10.1.13) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001} © O42 - Logiciel: Snagit Stamps Red-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {ADE8CCAC-4117-11E1-9571-7CC34724019B} © O42 - Logiciel: Snagit Stamps Red-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {B29C2D02-4117-11E1-B33A-7DC34724019B} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {BE14995C-790A-4531-BBF2-2E1AAAC0EDB9} © O42 - Logiciel: Snagit Stamps Powered-By-Snagit - (.TechSmith Corporation.) [HKLM][64Bits] -- {E0A34714-4142-11E1-AE8D-6AFD4724019B} © O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1} © O42 - Logiciel: Snagit Stamps Windows-Cursors - (.TechSmith Corporation.) [HKLM][64Bits] -- {E5D3C548-4146-11E1-87F1-83034824019B} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {EE6B9D86-79BD-4669-B9AA-B2D5021B9883} © O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} © O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {F16969E6-348A-462F-A7A0-2F35499A2CCB} © O42 - Logiciel: Snagit Stamps Windows-Keyboard - (.TechSmith Corporation.) [HKLM][64Bits] -- {F26248F2-4146-11E1-8A7A-88034824019B} © O42 - Logiciel: Snagit Stamps Green-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {FBEC8682-4112-11E1-92F9-ABBD4724019B} © O42 - Logiciel: 3D Youtube Downloader - (.3DYD Soft.) [HKCU][64Bits] -- 3D Youtube Downloader ---\\ HKCU & HKLM Software Keys (213) - 10s HKLM\SOFTWARE\Wow6432Node\46db666a-4fe4-41ed-872d-18cc50d0d222 =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\ADSRemoval HKLM\SOFTWARE\Wow6432Node\AMD HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\Arafasoft HKLM\SOFTWARE\Wow6432Node\AS_Mubashir HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\ATI Technologies HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\AVS4YOU HKLM\SOFTWARE\Wow6432Node\Baidu Security HKLM\SOFTWARE\Wow6432Node\Bitcoin Core (32-bit) HKLM\SOFTWARE\Wow6432Node\ChrisPC DNS Switch HKLM\SOFTWARE\Wow6432Node\ChrisPC Proxy HKLM\SOFTWARE\Wow6432Node\Chromium HKLM\SOFTWARE\Wow6432Node\Comodo HKLM\SOFTWARE\Wow6432Node\CoreCodec HKLM\SOFTWARE\Wow6432Node\CyberLink HKLM\SOFTWARE\Wow6432Node\DAUM HKLM\SOFTWARE\Wow6432Node\Debug HKLM\SOFTWARE\Wow6432Node\DivX HKLM\SOFTWARE\Wow6432Node\Glarysoft HKLM\SOFTWARE\Wow6432Node\Glowshares HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\Greatis HKLM\SOFTWARE\Wow6432Node\GSA HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\InterVideo HKLM\SOFTWARE\Wow6432Node\IObit HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\Lake HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\Litecoin HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\MassFaces HKLM\SOFTWARE\Wow6432Node\Maxthon3 HKLM\SOFTWARE\Wow6432Node\McAfee.com HKLM\SOFTWARE\Wow6432Node\mcafeeupdater HKLM\SOFTWARE\Wow6432Node\Minergate Inc HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\mtEdocSave HKLM\SOFTWARE\Wow6432Node\MunSoft HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OldTimer Tools HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\Panda Software HKLM\SOFTWARE\Wow6432Node\PandaCoin HKLM\SOFTWARE\Wow6432Node\Paycoin HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\RSystem64 HKLM\SOFTWARE\Wow6432Node\SafetyNut =>PUP.Optional.MoviesToolbar HKLM\SOFTWARE\Wow6432Node\Siber Systems HKLM\SOFTWARE\Wow6432Node\SiteFinder =>PUP.Optional.ShoppingReport HKLM\SOFTWARE\Wow6432Node\SkillBrains HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\SoftEther Project HKLM\SOFTWARE\Wow6432Node\Sonic HKLM\SOFTWARE\Wow6432Node\Speedcoin Wallet HKLM\SOFTWARE\Wow6432Node\Steganos HKLM\SOFTWARE\Wow6432Node\Swearware HKLM\SOFTWARE\Wow6432Node\TechSmith HKLM\SOFTWARE\Wow6432Node\TuneUp HKLM\SOFTWARE\Wow6432Node\UCBrowserPID HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\VisioForge Media Player SDK Redist (Delphi) HKLM\SOFTWARE\Wow6432Node\Wise Solutions HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\3DYD Soft HKCU\SOFTWARE\4kdownload.com HKCU\SOFTWARE\ABSoft HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Aidfile recovery professional HKCU\SOFTWARE\AMD HKCU\SOFTWARE\AnchorFree HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Arafasoft HKCU\SOFTWARE\ATI HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\AVG HKCU\SOFTWARE\AVS4YOU HKCU\SOFTWARE\B1bl3Coin HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\Baidu Security HKCU\SOFTWARE\Beyluxe Messenger HKCU\SOFTWARE\Bitcoin HKCU\SOFTWARE\Boilsoft HKCU\SOFTWARE\CAPTcoin HKCU\SOFTWARE\CardRecoveryPro HKCU\SOFTWARE\CardRecoveryPro_Init HKCU\SOFTWARE\Chedot HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Code Industry HKCU\SOFTWARE\Code Sector HKCU\SOFTWARE\DAUM HKCU\SOFTWARE\David Esperalta HKCU\SOFTWARE\Dogecoin HKCU\SOFTWARE\DownloadCenter HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\Drivers HKCU\SOFTWARE\ej-technologies HKCU\SOFTWARE\Elecard HKCU\SOFTWARE\ELTIMA Software HKCU\SOFTWARE\EximiousSoft HKCU\SOFTWARE\FDC Manager HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\GetData HKCU\SOFTWARE\giveawayoftheday.com HKCU\SOFTWARE\GlarySoft HKCU\SOFTWARE\GlobalBoost HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Goobzo =>PUP.Optional.Goobzo HKCU\SOFTWARE\Google HKCU\SOFTWARE\Greatis HKCU\SOFTWARE\Gyazo HKCU\SOFTWARE\Hardware Settings HKCU\SOFTWARE\HitLeap HKCU\SOFTWARE\Hola HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\iMacros HKCU\SOFTWARE\inSpeakData HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\Intel HKCU\SOFTWARE\iSpring Solutions HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Kungsoft HKCU\SOFTWARE\Latium HKCU\SOFTWARE\LAV HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Litecoin HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\Maxthon3 HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\Mirage HKCU\SOFTWARE\Mirillis HKCU\SOFTWARE\MOVAVI HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MultiTech HKCU\SOFTWARE\MunSoft HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nimbuzz HKCU\SOFTWARE\Obsidium HKCU\SOFTWARE\ObviousIdea HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\OmniCoin HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Orobit HKCU\SOFTWARE\PanoramaStudio HKCU\SOFTWARE\Paycoin HKCU\SOFTWARE\Phoenixcoin HKCU\SOFTWARE\PowerPack HKCU\SOFTWARE\Psiphon3 HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\RSystem64 HKCU\SOFTWARE\Rtp HKCU\SOFTWARE\Screenshoter HKCU\SOFTWARE\Siber Systems HKCU\SOFTWARE\SimonTatham HKCU\SOFTWARE\Skillbrains HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Smart Devices HKCU\SOFTWARE\SoftEther Project HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\Solveig Multimedia HKCU\SOFTWARE\SourceTec HKCU\SOFTWARE\Speedcoin HKCU\SOFTWARE\Steganos HKCU\SOFTWARE\SuperChainMedia HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\System Profiles HKCU\SOFTWARE\SYV HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\The Silicon Realms Toolworks HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\TuneUp HKCU\SOFTWARE\UCBrowserPID HKCU\SOFTWARE\Universal Digital Works HKCU\SOFTWARE\University of Tsukuba HKCU\SOFTWARE\UpdateStar HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\VirtualDub.org HKCU\SOFTWARE\VirusSecureLab HKCU\SOFTWARE\VOS HKCU\SOFTWARE\VS Revo Group HKCU\SOFTWARE\WebApp HKCU\SOFTWARE\Win HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Womble HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>PUP.Optional.SmartBar ---\\ Contenu des dossiers Programmes (387) - 12s O43 - CFD: 2014/11/11 18:59:00 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 2014/05/20 01:32:52 - [] D -- C:\Program Files (x86)\AMD AVT O43 - CFD: 2015/09/23 21:00:36 - [] D -- C:\Program Files (x86)\ApeeeGoSoft O43 - CFD: 2015/07/14 19:11:03 - [0] D -- C:\Program Files (x86)\Application Updater =>PUP.Optional.Dealio O43 - CFD: 2015/07/20 14:15:32 - [] D -- C:\Program Files (x86)\Ashampoo O43 - CFD: 2014/05/20 01:31:16 - [] D -- C:\Program Files (x86)\ATI Technologies O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\Program Files (x86)\AVS4YOU O43 - CFD: 2015/07/31 10:37:32 - [] D -- C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker O43 - CFD: 2015/07/14 03:57:11 - [] D -- C:\Program Files (x86)\BlueSprig O43 - CFD: 2014/07/11 15:28:00 - [] D -- C:\Program Files (x86)\CodeMeter O43 - CFD: 2015/09/28 12:57:53 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2015/07/31 18:45:04 - [] D -- C:\Program Files (x86)\Cracklock O43 - CFD: 2015/07/29 00:52:29 - [] D -- C:\Program Files (x86)\CuTTihEPrrice =>PUP.Optional.Multiplug O43 - CFD: 2015/07/29 10:56:28 - [] D -- C:\Program Files (x86)\DAUM O43 - CFD: 2014/10/20 12:30:39 - [] D -- C:\Program Files (x86)\DriverToolkit =>PUP.Optional.DriverToolkit O43 - CFD: 2015/07/15 02:53:56 - [0] D -- C:\Program Files (x86)\Dynatrace O43 - CFD: 2015/09/04 22:32:03 - [] D -- C:\Program Files (x86)\FreeTime O43 - CFD: 2015/09/28 13:09:16 - [] D -- C:\Program Files (x86)\Glary Utilities 5 O43 - CFD: 2014/08/20 23:18:37 - [] D -- C:\Program Files (x86)\Glarysoft O43 - CFD: 2015/09/22 22:29:59 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 2015/09/02 11:39:32 - [] D -- C:\Program Files (x86)\HitLeap O43 - CFD: 2015/08/01 18:55:08 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2014/05/20 01:41:45 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 2015/06/09 22:27:38 - [] D -- C:\Program Files (x86)\Internet Download Manager O43 - CFD: 2015/09/09 15:24:47 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2014/05/24 00:08:45 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 2014/06/02 01:06:25 - [] D -- C:\Program Files (x86)\Kepard O43 - CFD: 2015/09/27 16:56:50 - [] D -- C:\Program Files (x86)\LAV Filters O43 - CFD: 2015/09/04 11:15:35 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Exploit O43 - CFD: 2015/09/28 12:28:15 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 2015/09/11 18:31:35 - [] D -- C:\Program Files (x86)\Maxthon O43 - CFD: 2014/05/20 15:30:11 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2015/09/17 23:31:26 - [] D -- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 2014/11/15 15:11:38 - [] D -- C:\Program Files (x86)\Microsoft Works O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2015/07/28 23:31:31 - [] D -- C:\Program Files (x86)\MightyText SMS from PC Text from Computer O43 - CFD: 2015/09/28 00:10:58 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2015/09/28 00:11:01 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2015/09/05 14:28:35 - [0] D -- C:\Program Files (x86)\OpenVPN Technologies O43 - CFD: 2014/07/22 02:47:19 - [] D -- C:\Program Files (x86)\Panda Security O43 - CFD: 2014/08/21 17:57:59 - [] D -- C:\Program Files (x86)\RealNetworks O43 - CFD: 2014/05/20 01:40:16 - [] D -- C:\Program Files (x86)\Realtek O43 - CFD: 2009/07/14 06:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2015/08/01 18:38:43 - [] D -- C:\Program Files (x86)\Skillbrains O43 - CFD: 2015/07/31 10:37:49 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 2014/06/03 19:43:24 - [0] D -- C:\Program Files (x86)\ssaave on =>PUP.Optional.Multiplug O43 - CFD: 2014/10/07 17:56:03 - [] D -- C:\Program Files (x86)\Stamp0.85 O43 - CFD: 2015/09/26 16:39:46 - [] D -- C:\Program Files (x86)\TechSmith O43 - CFD: 2014/05/20 01:40:17 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 2015/09/11 18:12:22 - [] D -- C:\Program Files (x86)\UCBrowser O43 - CFD: 2009/07/14 05:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 2015/09/28 00:30:39 - [] D -- C:\Program Files (x86)\Virus Effect Remover O43 - CFD: 2015/07/15 02:54:24 - [0] D -- C:\Program Files (x86)\VS Revo Group O43 - CFD: 2015/07/14 19:06:50 - [] D -- C:\Program Files (x86)\Websoft Solution O43 - CFD: 2014/07/07 03:24:53 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2015/06/11 19:07:39 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2009/07/14 06:32:38 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2015/04/26 15:44:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2014/07/05 02:03:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU O43 - CFD: 2014/05/20 15:33:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center O43 - CFD: 2015/07/31 17:47:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum O43 - CFD: 2014/05/20 15:33:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2015/07/31 10:37:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GISolution O43 - CFD: 2015/07/31 10:37:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 O43 - CFD: 2015/09/22 22:30:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 2015/06/08 23:59:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2014/08/09 18:40:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 2015/09/27 16:56:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters O43 - CFD: 2014/11/07 12:02:17 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LinkYoutube Downloader O43 - CFD: 2014/05/20 15:33:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/09/28 12:28:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 2015/09/11 18:31:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser O43 - CFD: 2014/11/09 12:02:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus O43 - CFD: 2014/11/27 19:58:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 2015/09/17 23:31:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 2015/08/01 18:02:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro O43 - CFD: 2015/04/12 10:01:54 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 2014/10/07 17:56:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stamp v0.85 O43 - CFD: 2015/09/26 17:03:53 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2009/07/14 16:35:18 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2015/09/26 17:03:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith O43 - CFD: 2015/09/21 23:28:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 2014/05/20 15:33:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2014/11/19 21:46:13 - [] D -- C:\ProgramData\500604cb1577411a O43 - CFD: 2014/12/05 09:58:24 - [] D -- C:\ProgramData\Ad O43 - CFD: 2014/11/11 18:59:37 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2014/07/23 03:02:49 - [] D -- C:\ProgramData\Allegorithmic O43 - CFD: 2015/09/28 11:37:40 - [0] D -- C:\ProgramData\All_Disabled O43 - CFD: 2014/05/20 01:32:52 - [] D -- C:\ProgramData\AMD O43 - CFD: 2015/09/28 12:57:53 - [0] D -- C:\ProgramData\APN =>Toolbar.Ask O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\ProgramData\ATI O43 - CFD: 2014/08/21 18:01:31 - [] D -- C:\ProgramData\AutoUpdate O43 - CFD: 2014/12/26 17:40:06 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 2014/08/23 21:28:04 - [] D -- C:\ProgramData\AVG O43 - CFD: 2014/11/12 17:40:56 - [] D -- C:\ProgramData\AVS4YOU O43 - CFD: 2015/09/24 23:31:40 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon O43 - CFD: 2014/08/22 00:12:03 - [] D -- C:\ProgramData\Baidu O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Bureau O43 - CFD: 2014/08/23 21:25:50 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2015/09/28 13:39:07 - [] D -- C:\ProgramData\EdocSave O43 - CFD: 2015/09/28 13:51:45 - [] D -- C:\ProgramData\EdocSaves O43 - CFD: 2014/08/21 18:01:01 - [] D -- C:\ProgramData\Eltima Software O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Favoris O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 2015/02/06 23:20:36 - [] D -- C:\ProgramData\GridinSoft O43 - CFD: 2014/05/20 22:17:03 - [0] D -- C:\ProgramData\IDM O43 - CFD: 2014/07/11 15:30:34 - [] D -- C:\ProgramData\InstallMate =>PUP.Optional.Tarma O43 - CFD: 2014/05/20 01:41:51 - [] D -- C:\ProgramData\Intel O43 - CFD: 2014/07/20 02:39:50 - [] D -- C:\ProgramData\IObit O43 - CFD: 2015/07/26 00:07:30 - [] D -- C:\ProgramData\Isolated Storage O43 - CFD: 2015/04/18 17:57:34 - [] D -- C:\ProgramData\IsolatedStorage O43 - CFD: 2014/11/19 21:46:01 - [0] D -- C:\ProgramData\Logs O43 - CFD: 2014/06/24 14:00:07 - [] D -- C:\ProgramData\LogSys O43 - CFD: 2015/09/28 12:28:13 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 2015/09/04 10:58:18 - [] D -- C:\ProgramData\Malwarebytes Anti-Exploit O43 - CFD: 2014/06/04 18:58:04 - [] D -- C:\ProgramData\Martau O43 - CFD: 2014/05/20 16:12:42 - [] D -- C:\ProgramData\McAfee O43 - CFD: 2014/11/09 12:02:22 - [] D -- C:\ProgramData\McAfee Security Scan O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Menu Démarrer O43 - CFD: 2014/08/24 00:53:46 - [] D -- C:\ProgramData\MFAData O43 - CFD: 2014/12/12 10:02:30 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2014/11/17 01:47:54 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Modèles O43 - CFD: 2014/05/24 00:09:08 - [0] D -- C:\ProgramData\Oracle O43 - CFD: 2015/09/26 17:02:51 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 2014/07/27 00:37:46 - [] D -- C:\ProgramData\PC1Data O43 - CFD: 2015/05/23 09:53:53 - [] D -- C:\ProgramData\ProductData =>PUP.Optional.Generic O43 - CFD: 2014/10/11 16:32:31 - [0] D -- C:\ProgramData\ProgDVB O43 - CFD: 2014/08/21 17:58:26 - [] D -- C:\ProgramData\Real O43 - CFD: 2014/07/07 22:57:30 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 2015/09/26 17:03:40 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith O43 - CFD: 2014/07/12 18:54:52 - [] D -- C:\ProgramData\RegRun O43 - CFD: 2014/06/09 22:54:42 - [] D -- C:\ProgramData\Screaming Bee O43 - CFD: 2015/07/31 10:29:30 - [] D -- C:\ProgramData\Skype O43 - CFD: 2014/07/16 03:00:13 - [] D -- C:\ProgramData\slicify O43 - CFD: 2014/06/03 21:43:33 - [0] D -- C:\ProgramData\ssaave on =>PUP.Optional.Multiplug O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2014/05/24 00:09:06 - [] D -- C:\ProgramData\Sun O43 - CFD: 2015/09/15 16:17:58 - [] SHD -- C:\ProgramData\System Restore O43 - CFD: 2015/09/26 17:03:15 - [] D -- C:\ProgramData\TechSmith O43 - CFD: 2015/09/24 00:11:32 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2014/07/09 02:41:01 - [] D -- C:\ProgramData\The Foundry O43 - CFD: 2015/08/01 18:02:07 - [] D -- C:\ProgramData\VS Revo Group O43 - CFD: 2015/08/11 19:21:58 - [0] D -- C:\ProgramData\Web Page Maker O43 - CFD: 2014/07/11 15:30:35 - [] D -- C:\ProgramData\Wondershare Player O43 - CFD: 2015/02/08 16:37:53 - [] D -- C:\ProgramData\YTAHelper =>PUP.Optional.Goobzo O43 - CFD: 2014/09/20 23:01:51 - [0] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} O43 - CFD: 2014/07/20 02:38:44 - [0] D -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} O43 - CFD: 2014/07/15 23:52:33 - [] D -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690} O43 - CFD: 2014/07/15 23:52:33 - [] D -- C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424} O43 - CFD: 2015/02/11 19:59:37 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} O43 - CFD: 2014/11/11 19:00:04 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2014/05/20 01:32:48 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 2015/09/11 18:21:08 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia O43 - CFD: 2014/11/17 01:45:10 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2014/05/20 01:39:15 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 2014/05/24 00:09:04 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 2015/07/31 10:37:48 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 2014/05/20 01:41:13 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2015/07/31 10:37:48 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2015/09/26 17:03:33 - [] D -- C:\Program Files (x86)\Common Files\TechSmith Shared O43 - CFD: 2015/08/05 19:41:14 - [] D -- C:\Program Files (x86)\Common Files\VisioForge Shared O43 - CFD: 2014/07/12 22:46:37 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 2015/09/02 14:56:41 - [] D -- C:\Users\tech\AppData\Roaming\10KHits O43 - CFD: 2015/04/28 19:17:37 - [] D -- C:\Users\tech\AppData\Roaming\3DYD Soft O43 - CFD: 2014/10/30 16:54:40 - [] D -- C:\Users\tech\AppData\Roaming\4inarow-6e3328d6cb70bf28cd38217dca28083d O43 - CFD: 2014/05/23 00:21:56 - [0] D -- C:\Users\tech\AppData\Roaming\8-Bit Commando O43 - CFD: 2014/10/07 18:01:36 - [] D -- C:\Users\tech\AppData\Roaming\ACEStream O43 - CFD: 2014/07/08 23:46:33 - [] D -- C:\Users\tech\AppData\Roaming\Adobe O43 - CFD: 2014/05/30 20:24:01 - [] D -- C:\Users\tech\AppData\Roaming\AnvSoft O43 - CFD: 2014/07/15 23:52:43 - [] D -- C:\Users\tech\AppData\Roaming\Apple Computer O43 - CFD: 2015/01/07 21:38:54 - [] D -- C:\Users\tech\AppData\Roaming\Ashampoo O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\Users\tech\AppData\Roaming\ATI O43 - CFD: 2014/07/27 01:44:06 - [] D -- C:\Users\tech\AppData\Roaming\Atiz O43 - CFD: 2014/07/10 17:56:53 - [] D -- C:\Users\tech\AppData\Roaming\autoconnections O43 - CFD: 2014/12/26 16:52:22 - [] D -- C:\Users\tech\AppData\Roaming\AVAST Software O43 - CFD: 2014/08/23 21:27:16 - [] D -- C:\Users\tech\AppData\Roaming\AVG O43 - CFD: 2015/09/11 18:23:12 - [] D -- C:\Users\tech\AppData\Roaming\AVS4YOU O43 - CFD: 2014/11/19 21:45:58 - [] D -- C:\Users\tech\AppData\Roaming\B1bl3Coin O43 - CFD: 2015/09/24 23:31:40 - [] D -- C:\Users\tech\AppData\Roaming\Babylon =>PUP.Optional.Babylon O43 - CFD: 2014/08/24 00:51:24 - [] D -- C:\Users\tech\AppData\Roaming\Baidu O43 - CFD: 2014/06/08 23:42:42 - [] D -- C:\Users\tech\AppData\Roaming\Beyluxe O43 - CFD: 2014/11/19 21:46:03 - [] D -- C:\Users\tech\AppData\Roaming\Bitcoin O43 - CFD: 2014/11/19 21:46:16 - [] D -- C:\Users\tech\AppData\Roaming\BlackCoin O43 - CFD: 2015/07/14 03:57:19 - [] D -- C:\Users\tech\AppData\Roaming\BlueSprig O43 - CFD: 2014/09/01 20:24:49 - [] D -- C:\Users\tech\AppData\Roaming\Boilsoft O43 - CFD: 2014/11/19 21:46:13 - [] D -- C:\Users\tech\AppData\Roaming\CAPTcoin O43 - CFD: 2014/10/27 17:38:41 - [] D -- C:\Users\tech\AppData\Roaming\CoinMiner O43 - CFD: 2014/07/14 15:43:35 - [] D -- C:\Users\tech\AppData\Roaming\CompuClever O43 - CFD: 2015/01/26 19:32:12 - [] D -- C:\Users\tech\AppData\Roaming\CrystalIdea Software O43 - CFD: 2014/07/13 22:45:42 - [] D -- C:\Users\tech\AppData\Roaming\Digiarty O43 - CFD: 2015/09/25 11:04:55 - [] D -- C:\Users\tech\AppData\Roaming\DiskDefrag O43 - CFD: 2015/09/28 12:59:17 - [] D -- C:\Users\tech\AppData\Roaming\DMCache O43 - CFD: 2015/08/31 22:36:38 - [] D -- C:\Users\tech\AppData\Roaming\DM_Software O43 - CFD: 2014/11/19 21:44:14 - [] D -- C:\Users\tech\AppData\Roaming\Dogecoin O43 - CFD: 2014/08/21 18:31:51 - [] D -- C:\Users\tech\AppData\Roaming\Download Master O43 - CFD: 2015/08/11 19:22:01 - [] D -- C:\Users\tech\AppData\Roaming\FileZilla O43 - CFD: 2014/10/22 17:31:36 - [] D -- C:\Users\tech\AppData\Roaming\financialcalculator-6154b4757bad7cacda740d14c58b6388 O43 - CFD: 2014/12/25 19:04:39 - [] D -- C:\Users\tech\AppData\Roaming\gauthauthenticator-78ef3156e1ca5b74c14beac161614be7 O43 - CFD: 2014/08/20 23:18:37 - [] D -- C:\Users\tech\AppData\Roaming\GlarySoft O43 - CFD: 2015/01/04 23:07:23 - [] D -- C:\Users\tech\AppData\Roaming\GlobalBoostY O43 - CFD: 2014/12/25 21:57:56 - [] D -- C:\Users\tech\AppData\Roaming\Glowshares O43 - CFD: 2014/11/24 00:30:22 - [] D -- C:\Users\tech\AppData\Roaming\Gomez O43 - CFD: 2015/08/02 16:21:10 - [] D -- C:\Users\tech\AppData\Roaming\GSA Captcha Breaker O43 - CFD: 2014/12/25 20:07:03 - [] D -- C:\Users\tech\AppData\Roaming\Gyazo O43 - CFD: 2015/05/24 14:47:58 - [] D -- C:\Users\tech\AppData\Roaming\HyperAV O43 - CFD: 2014/05/20 01:22:29 - [] D -- C:\Users\tech\AppData\Roaming\Identities O43 - CFD: 2015/09/26 11:07:41 - [] D -- C:\Users\tech\AppData\Roaming\IDM O43 - CFD: 2015/09/28 12:57:53 - [0] D -- C:\Users\tech\AppData\Roaming\IHlpr =>PUP.Optional.IHlpr O43 - CFD: 2015/07/15 02:59:04 - [] D -- C:\Users\tech\AppData\Roaming\InAppBrowserInstaller O43 - CFD: 2014/05/20 01:41:03 - [] D -- C:\Users\tech\AppData\Roaming\InstallShield O43 - CFD: 2014/10/22 17:31:36 - [] D -- C:\Users\tech\AppData\Roaming\instantbuttons-onfire-57c10b32c0c702a51349c27e77268f5d O43 - CFD: 2015/05/14 18:03:00 - [] D -- C:\Users\tech\AppData\Roaming\IObit O43 - CFD: 2015/01/07 00:58:09 - [] D -- C:\Users\tech\AppData\Roaming\IPKInstaller O43 - CFD: 2015/04/18 17:57:34 - [] D -- C:\Users\tech\AppData\Roaming\IsolatedStorage O43 - CFD: 2014/07/03 02:14:09 - [] D -- C:\Users\tech\AppData\Roaming\iSpring Solutions O43 - CFD: 2015/09/02 12:23:21 - [] D -- C:\Users\tech\AppData\Roaming\Klixion O43 - CFD: 2014/11/19 21:46:23 - [] D -- C:\Users\tech\AppData\Roaming\Latium O43 - CFD: 2015/09/15 15:58:01 - [] D -- C:\Users\tech\AppData\Roaming\lifebrowser.life-host.info-17 O43 - CFD: 2015/04/17 11:17:51 - [] D -- C:\Users\tech\AppData\Roaming\Litecoin O43 - CFD: 2014/06/24 14:00:32 - [] D -- C:\Users\tech\AppData\Roaming\LogSys O43 - CFD: 2015/07/31 10:32:05 - [] D -- C:\Users\tech\AppData\Roaming\Macromedia O43 - CFD: 2014/11/19 21:45:58 - [0] D -- C:\Users\tech\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate O43 - CFD: 2014/11/05 22:29:02 - [] D -- C:\Users\tech\AppData\Roaming\MassFaces O43 - CFD: 2014/07/10 17:56:46 - [0] D -- C:\Users\tech\AppData\Roaming\Maxidix Wifi Autoconnection O43 - CFD: 2015/09/13 11:49:19 - [] D -- C:\Users\tech\AppData\Roaming\Maxthon3 O43 - CFD: 2009/07/14 16:35:18 - [0] D -- C:\Users\tech\AppData\Roaming\Media Center Programs O43 - CFD: 2014/05/30 18:38:00 - [] D -- C:\Users\tech\AppData\Roaming\MegaTypers O43 - CFD: 2015/09/02 11:39:32 - [] SD -- C:\Users\tech\AppData\Roaming\Microsoft O43 - CFD: 2014/05/23 18:37:16 - [] D -- C:\Users\tech\AppData\Roaming\Mirillis O43 - CFD: 2015/09/15 16:00:01 - [0] D -- C:\Users\tech\AppData\Roaming\Moonchild Productions O43 - CFD: 2014/11/12 12:38:47 - [] D -- C:\Users\tech\AppData\Roaming\MOVAVI O43 - CFD: 2015/09/04 15:41:08 - [] D -- C:\Users\tech\AppData\Roaming\Mozilla O43 - CFD: 2015/03/16 21:45:57 - [] D -- C:\Users\tech\AppData\Roaming\MultiBit O43 - CFD: 2014/11/07 18:45:15 - [] D -- C:\Users\tech\AppData\Roaming\MultiDoge O43 - CFD: 2014/12/30 22:23:43 - [] D -- C:\Users\tech\AppData\Roaming\myfreebit.co.in O43 - CFD: 2014/07/08 15:02:49 - [0] D -- C:\Users\tech\AppData\Roaming\NeatImage SL O43 - CFD: 2014/12/30 19:30:06 - [] D -- C:\Users\tech\AppData\Roaming\Obsidium O43 - CFD: 2014/07/26 21:25:05 - [0] D -- C:\Users\tech\AppData\Roaming\ObviousIdea O43 - CFD: 2015/09/09 17:53:50 - [0] D -- C:\Users\tech\AppData\Roaming\Octoshape O43 - CFD: 2015/02/05 18:17:14 - [] D -- C:\Users\tech\AppData\Roaming\OmniCoin O43 - CFD: 2015/06/11 20:04:47 - [] D -- C:\Users\tech\AppData\Roaming\Opera Software O43 - CFD: 2014/12/26 16:33:18 - [] D -- C:\Users\tech\AppData\Roaming\Orobit O43 - CFD: 2014/11/19 21:46:07 - [] D -- C:\Users\tech\AppData\Roaming\Pandacoin O43 - CFD: 2014/10/15 14:35:08 - [] D -- C:\Users\tech\AppData\Roaming\PanoramaStudio2Pro O43 - CFD: 2014/12/22 17:59:55 - [] D -- C:\Users\tech\AppData\Roaming\Paycoin O43 - CFD: 2014/06/25 23:42:12 - [] D -- C:\Users\tech\AppData\Roaming\PotPlayerMini O43 - CFD: 2014/10/24 16:02:58 - [] D -- C:\Users\tech\AppData\Roaming\prionote-1ca7c679d6c57098d0dccead4d2121e9 O43 - CFD: 2014/10/24 16:03:07 - [] D -- C:\Users\tech\AppData\Roaming\probmxtricks-ca9ecd17abd18da80b1c9ac9cb030e26 O43 - CFD: 2014/10/22 17:31:46 - [] D -- C:\Users\tech\AppData\Roaming\ProductData O43 - CFD: 2014/08/21 17:58:32 - [] D -- C:\Users\tech\AppData\Roaming\Real O43 - CFD: 2014/12/19 17:25:11 - [] D -- C:\Users\tech\AppData\Roaming\RoboForm O43 - CFD: 2014/06/09 22:54:43 - [] D -- C:\Users\tech\AppData\Roaming\Screaming Bee O43 - CFD: 2015/08/05 23:13:55 - [] D -- C:\Users\tech\AppData\Roaming\Skype O43 - CFD: 2014/07/23 03:46:10 - [] D -- C:\Users\tech\AppData\Roaming\Softplicity O43 - CFD: 2014/09/01 21:29:56 - [] D -- C:\Users\tech\AppData\Roaming\Solveig Multimedia O43 - CFD: 2015/04/19 00:01:21 - [0] D -- C:\Users\tech\AppData\Roaming\Solvusoft O43 - CFD: 2014/09/01 14:56:11 - [] D -- C:\Users\tech\AppData\Roaming\SourceTec O43 - CFD: 2014/11/19 21:45:52 - [] D -- C:\Users\tech\AppData\Roaming\Speedcoin O43 - CFD: 2014/05/24 15:02:24 - [] D -- C:\Users\tech\AppData\Roaming\Spiritsoft O43 - CFD: 2014/07/28 22:04:58 - [] D -- C:\Users\tech\AppData\Roaming\Steganos O43 - CFD: 2014/07/14 04:40:19 - [] D -- C:\Users\tech\AppData\Roaming\Steganos VPN O43 - CFD: 2014/07/14 00:32:29 - [] D -- C:\Users\tech\AppData\Roaming\SuperHideIP O43 - CFD: 2014/07/11 03:04:15 - [] D -- C:\Users\tech\AppData\Roaming\TechSmith O43 - CFD: 2014/12/30 22:23:11 - [] D -- C:\Users\tech\AppData\Roaming\TeraCopy O43 - CFD: 2014/10/17 21:35:52 - [] D -- C:\Users\tech\AppData\Roaming\Thinstall O43 - CFD: 2014/06/12 16:58:55 - [] D -- C:\Users\tech\AppData\Roaming\Tomabo O43 - CFD: 2015/03/31 22:20:51 - [] D -- C:\Users\tech\AppData\Roaming\tor O43 - CFD: 2014/09/20 22:48:50 - [] D -- C:\Users\tech\AppData\Roaming\TuneUp Software O43 - CFD: 2015/07/31 10:32:25 - [] D -- C:\Users\tech\AppData\Roaming\UBot Studio O43 - CFD: 2014/08/24 11:13:53 - [] D -- C:\Users\tech\AppData\Roaming\URSoft O43 - CFD: 2014/12/25 19:05:04 - [] D -- C:\Users\tech\AppData\Roaming\uTorrent O43 - CFD: 2014/07/23 03:28:22 - [] D -- C:\Users\tech\AppData\Roaming\VideoBooth O43 - CFD: 2015/09/26 18:36:58 - [] D -- C:\Users\tech\AppData\Roaming\vlc O43 - CFD: 2015/08/11 20:04:59 - [] D -- C:\Users\tech\AppData\Roaming\Web Page Maker O43 - CFD: 2014/05/20 15:33:37 - [] D -- C:\Users\tech\AppData\Roaming\WinAVI O43 - CFD: 2014/05/20 02:00:25 - [] D -- C:\Users\tech\AppData\Roaming\WinRAR O43 - CFD: 2015/06/25 14:07:42 - [] SHD -- C:\Users\tech\AppData\Roaming\wyUpdate AU O43 - CFD: 2014/07/05 00:42:14 - [] D -- C:\Users\tech\AppData\Roaming\xrecode2 O43 - CFD: 2015/07/31 15:53:16 - [] D -- C:\Users\tech\AppData\Roaming\YCanPDF O43 - CFD: 2015/09/28 13:56:26 - [] D -- C:\Users\tech\AppData\Roaming\ZHP O43 - CFD: 2015/08/31 20:31:31 - [0] D -- C:\Users\tech\AppData\Local\03D40274-1438123439-0541-2D06-890700080009 O43 - CFD: 2014/08/21 18:51:11 - [] D -- C:\Users\tech\AppData\Local\4kdownload.com O43 - CFD: 2015/09/28 12:57:50 - [0] D -- C:\Users\tech\AppData\Local\73312950-F061-4E29-B2B4-46BDACD4F82C O43 - CFD: 2015/07/02 15:17:16 - [] D -- C:\Users\tech\AppData\Local\Adobe O43 - CFD: 2014/07/23 03:02:46 - [] D -- C:\Users\tech\AppData\Local\Allegorithmic O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Application Data O43 - CFD: 2014/10/22 11:35:16 - [] D -- C:\Users\tech\AppData\Local\Apps O43 - CFD: 2015/01/07 21:37:25 - [] D -- C:\Users\tech\AppData\Local\ashampoo O43 - CFD: 2015/09/24 20:29:10 - [] D -- C:\Users\tech\AppData\Local\assembly O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\Users\tech\AppData\Local\ATI O43 - CFD: 2014/10/23 00:33:33 - [] D -- C:\Users\tech\AppData\Local\Aurora 3D Animation Maker O43 - CFD: 2014/08/23 21:27:16 - [] D -- C:\Users\tech\AppData\Local\AVG O43 - CFD: 2014/08/24 00:52:54 - [] D -- C:\Users\tech\AppData\Local\Avg2014 O43 - CFD: 2015/09/24 23:31:43 - [] D -- C:\Users\tech\AppData\Local\Babylon =>PUP.Optional.Babylon O43 - CFD: 2015/01/16 16:20:02 - [] D -- C:\Users\tech\AppData\Local\BlackHawk O43 - CFD: 2015/07/31 10:37:12 - [] D -- C:\Users\tech\AppData\Local\Blackwersus™ O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Chromatic Browser =>PUP.Optional.ChromaticBrowser O43 - CFD: 2015/09/18 15:20:29 - [] D -- C:\Users\tech\AppData\Local\Chromium O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Comodo O43 - CFD: 2014/10/23 00:33:35 - [] D -- C:\Users\tech\AppData\Local\Configure O43 - CFD: 2015/09/28 01:17:49 - [] D -- C:\Users\tech\AppData\Local\CrashDumps O43 - CFD: 2015/01/07 21:38:53 - [] D -- C:\Users\tech\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 2015/09/13 23:25:35 - [] D -- C:\Users\tech\AppData\Local\CurrentCode O43 - CFD: 2014/06/25 23:42:12 - [] D -- C:\Users\tech\AppData\Local\Daum O43 - CFD: 2014/10/22 13:21:12 - [0] D -- C:\Users\tech\AppData\Local\Deployment O43 - CFD: 2015/09/13 12:59:52 - [0] D -- C:\Users\tech\AppData\Local\Diagnostics O43 - CFD: 2014/10/19 19:56:36 - [0] D -- C:\Users\tech\AppData\Local\DriverToolkit =>PUP.Optional.DriverToolkit O43 - CFD: 2015/09/02 23:52:26 - [] D -- C:\Users\tech\AppData\Local\ElevatedDiagnostics O43 - CFD: 2015/04/12 16:04:03 - [] D -- C:\Users\tech\AppData\Local\Email_Account_Creator_Ext O43 - CFD: 2015/06/17 14:22:05 - [0] SHD -- C:\Users\tech\AppData\Local\EmieBrowserModeList O43 - CFD: 2015/06/17 14:22:04 - [0] SHD -- C:\Users\tech\AppData\Local\EmieSiteList O43 - CFD: 2015/06/17 14:22:05 - [0] SHD -- C:\Users\tech\AppData\Local\EmieUserList O43 - CFD: 2015/04/18 17:57:41 - [] D -- C:\Users\tech\AppData\Local\FileViewPro O43 - CFD: 2014/10/20 17:48:24 - [] D -- C:\Users\tech\AppData\Local\financialcalculator-6154b4757bad7cacda740d14c58b6388 O43 - CFD: 2014/10/18 23:41:56 - [] D -- C:\Users\tech\AppData\Local\gauthauthenticator-78ef3156e1ca5b74c14beac161614be7 O43 - CFD: 2015/07/20 23:32:30 - [] D -- C:\Users\tech\AppData\Local\Geckofx O43 - CFD: 2014/11/24 00:30:22 - [] D -- C:\Users\tech\AppData\Local\Gomez O43 - CFD: 2015/09/13 23:28:10 - [] D -- C:\Users\tech\AppData\Local\Google O43 - CFD: 2014/08/09 19:43:02 - [] D -- C:\Users\tech\AppData\Local\GUI_9KW O43 - CFD: 2015/06/01 11:41:48 - [] D -- C:\Users\tech\AppData\Local\GWX O43 - CFD: 2015/02/04 15:39:03 - [] D -- C:\Users\tech\AppData\Local\hanahouhanah____Sender O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Historique O43 - CFD: 2015/02/09 23:57:40 - [] D -- C:\Users\tech\AppData\Local\Hola O43 - CFD: 2014/06/04 18:38:26 - [] D -- C:\Users\tech\AppData\Local\Installer =>PUP.Optional.InstallPedia O43 - CFD: 2015/07/31 10:37:10 - [0] D -- C:\Users\tech\AppData\Local\IntelRCapability O43 - CFD: 2015/09/15 15:58:01 - [] D -- C:\Users\tech\AppData\Local\lifebrowser.life-host.info-17 O43 - CFD: 2014/05/20 20:54:09 - [] D -- C:\Users\tech\AppData\Local\Macromedia O43 - CFD: 2015/08/15 18:58:39 - [0] D -- C:\Users\tech\AppData\Local\Master PDF Editor O43 - CFD: 2015/08/18 16:26:50 - [] D -- C:\Users\tech\AppData\Local\Mega Limited O43 - CFD: 2014/08/24 00:52:54 - [] D -- C:\Users\tech\AppData\Local\MFAData O43 - CFD: 2015/09/02 17:00:29 - [] D -- C:\Users\tech\AppData\Local\Microsoft O43 - CFD: 2014/05/19 19:20:21 - [0] D -- C:\Users\tech\AppData\Local\Microsoft Help O43 - CFD: 2015/02/25 00:31:31 - [] D -- C:\Users\tech\AppData\Local\minergate O43 - CFD: 2014/05/23 18:37:17 - [] D -- C:\Users\tech\AppData\Local\Mirillis O43 - CFD: 2014/11/12 12:38:47 - [] D -- C:\Users\tech\AppData\Local\Movavi O43 - CFD: 2014/08/20 00:43:00 - [] D -- C:\Users\tech\AppData\Local\Mozilla O43 - CFD: 2014/07/08 22:56:50 - [] D -- C:\Users\tech\AppData\Local\Nik Software O43 - CFD: 2015/06/11 20:04:48 - [] D -- C:\Users\tech\AppData\Local\Opera Software O43 - CFD: 2014/10/19 00:21:15 - [] D -- C:\Users\tech\AppData\Local\prionote-1ca7c679d6c57098d0dccead4d2121e9 O43 - CFD: 2015/04/28 19:17:17 - [] D -- C:\Users\tech\AppData\Local\Programs O43 - CFD: 2015/07/31 10:37:10 - [] D -- C:\Users\tech\AppData\Local\ServiceGoogle O43 - CFD: 2014/10/19 22:46:37 - [] D -- C:\Users\tech\AppData\Local\Skype O43 - CFD: 2014/05/23 18:56:41 - [] D -- C:\Users\tech\AppData\Local\TechSmith O43 - CFD: 2015/09/28 12:14:38 - [0] D -- C:\Users\tech\AppData\Local\temp O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Temporary Internet Files O43 - CFD: 2014/08/21 17:09:37 - [] D -- C:\Users\tech\AppData\Local\Thinstall O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Torch =>PUP.Optional.Torch O43 - CFD: 2014/09/20 22:48:50 - [] D -- C:\Users\tech\AppData\Local\TuneUp Software O43 - CFD: 2015/09/11 17:59:21 - [] D -- C:\Users\tech\AppData\Local\UCBrowser O43 - CFD: 2014/07/29 19:35:51 - [] D -- C:\Users\tech\AppData\Local\VirtualStore O43 - CFD: 2014/10/03 20:23:09 - [] D -- C:\Users\tech\AppData\Local\VPNium O43 - CFD: 2015/08/01 18:02:12 - [] D -- C:\Users\tech\AppData\Local\VS Revo Group O43 - CFD: 2015/09/02 01:08:16 - [] D -- C:\Users\tech\AppData\Local\WiFi Guard O43 - CFD: 2014/06/05 00:27:32 - [0] D -- C:\Users\tech\AppData\Local\WinAVI O43 - CFD: 2014/09/16 21:59:58 - [] D -- C:\Users\tech\AppData\Local\womble O43 - CFD: 2014/06/19 23:58:36 - [] D -- C:\Users\tech\AppData\Local\Wondershare O43 - CFD: 2015/08/01 18:53:33 - [0] D -- C:\Users\tech\AppData\Local\Xara O43 - CFD: 2015/05/26 19:44:54 - [] D -- C:\Users\tech\AppData\Local\YTMonster O43 - CFD: 2014/05/20 15:33:37 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/08/13 10:40:08 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/09/27 16:34:56 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ApeeeGoSoft O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU O43 - CFD: 2015/09/04 22:32:13 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Format Factory O43 - CFD: 2015/03/21 23:24:37 - [0] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 2015/04/16 15:08:00 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GISolution O43 - CFD: 2015/09/10 22:15:09 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2014/05/20 15:33:37 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2014/10/07 17:56:02 - [0] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stamp v0.85 O43 - CFD: 2015/08/18 16:38:44 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2014/05/20 15:33:37 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll © O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll © O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll © O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll © O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll © O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll © O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll © O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll © ---\\ Liste des pilotes du système (78) - 6s O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] © O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] © O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] © O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] © O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] © O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] © O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] © O58 - SDL:2015/08/31 18:42:40 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\drivers\aswKbd.sys [28144] © O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] © O58 - SDL:2015/08/31 18:42:32 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [454016] © O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] © O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] © O58 - SDL:2015/08/31 18:43:53 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1048344] © O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [447944] © O58 - SDL:2015/08/31 18:42:56 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [150672] © O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] © O58 - SDL:2013/02/14 12:41:10 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdW76.sys [96768] © O58 - SDL:2013/03/29 03:35:02 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [11658752] © O58 - SDL:2013/03/29 02:09:44 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [581120] © O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] © O58 - SDL:2014/07/18 08:11:34 A . (.Glarysoft Ltd - Boot Defrag Driver.) -- C:\Windows\System32\drivers\BootDefragDriver.sys [17600] © O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] © O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] © O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] © O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] © O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] © O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] © O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] © O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] © O58 - SDL:2015/05/22 09:59:06 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\Windows\System32\drivers\GUBootStartup.sys [20160] © O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] © O58 - SDL:2012/07/02 15:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [62784] © O58 - SDL:2010/11/20 14:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] © O58 - SDL:2011/03/11 07:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] © O58 - SDL:2015/05/20 13:55:54 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] © O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] © O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816] © O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272] © O58 - SDL:2015/09/28 13:07:06 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] © O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] © O58 - SDL:2015/06/18 08:41:56 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704] © O58 - SDL:2015/09/07 16:56:04 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\Neo_0002.sys [28640] © O58 - SDL:2015/04/29 18:40:14 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\Neo_0042.sys [28640] © O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] © O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] © O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] © O58 - SDL:2013/04/29 09:17:34 A . (.Panda Security, S.L. - Panda Kernel Memory Access Driver (x86).) -- C:\Windows\System32\drivers\PSKMAD.sys [47632] O58 - SDL:2015/06/19 21:35:30 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\ptun0901.sys [27136] © O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] © O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] © O58 - SDL:2009/12/30 10:21:26 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\drivers\revoflt.sys [31800] © O58 - SDL:2011/09/29 10:30:34 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [646248] © O58 - SDL:2011/12/02 11:38:08 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RtHDMIVX.sys [239208] © O58 - SDL:2012/06/19 09:54:20 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4065296] © O58 - SDL:2014/02/07 13:17:24 A . (.Screaming Bee LLC - Screaming Bee Audio Driver.) -- C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992] O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] © O58 - SDL:2015/09/07 16:55:15 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\see.sys [38240] © O58 - SDL:2009/07/14 01:00:40 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208] © O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] © O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] © O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] © O58 - SDL:2014/11/05 14:16:32 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\tap0901.sys [27136] © O58 - SDL:2014/05/17 01:42:38 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184] © O58 - SDL:2013/09/06 14:27:12 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [238352] © O58 - SDL:2013/09/06 14:25:40 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [131856] © O58 - SDL:2013/09/06 14:25:40 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [119056] © O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] © O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] © ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (17) - 33s O61 - LFC: 2015/09/28 00:18:29 A . (..) -- C:\Users\tech\Downloads\Programs\SalityKiller.exe [217928] O61 - LFC: 2015/09/27 01:54:43 A . (.TheWindowsClub.com.) -- C:\Users\tech\Desktop\FixWin v 1.2.exe [541696] O61 - LFC: 2015/09/28 00:14:42 A . (..) -- C:\Users\tech\Desktop\Uninstall Mozilla Firefox\Uninstall Mozilla Firefox\Uninstall Mozilla Firefox BySam.exe [252416] O61 - LFC: 2015/09/28 00:14:22 A . (.GUWOU.) -- C:\Users\tech\Desktop\setup\setup.exe [544936] O61 - LFC: 2015/09/28 01:33:24 A . (..) -- C:\Users\tech\AppData\Local\TechSmith\Snagit\Tray.bin [630] O61 - LFC: 2015/09/28 01:18:03 A . (..) -- C:\Users\tech\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082] O61 - LFC: 2015/09/28 13:07:29 A . (..) -- C:\Users\tech\AppData\Local\ATI\ACE\Manifest.Bin [28362] O61 - LFC: 2015/09/24 20:29:18 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\b47f4cf8\00e9d8f6_7d9cd001\TechSmith.WPF.DLL [26112] O61 - LFC: 2015/09/24 20:29:20 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\8a8dec68\00296891_35a8d001\Interop.SNAGITLib.DLL [110592] O61 - LFC: 2015/09/24 20:29:17 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\482181c8\00e9d8f6_7d9cd001\TechSmith.WPF.DLL [26112] O61 - LFC: 2015/09/24 23:13:34 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\f0e44b20\0040ae5f_d434cf01\Interop.SNAGITLib.DLL [110592] O61 - LFC: 2015/09/24 23:13:36 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\c7a4940d\802ecf82_2437cf01\Interop.SNAGITLib.DLL [110592] O61 - LFC: 2015/09/26 17:04:41 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\c7a4940d\008e6bb2_e875d001\Interop.SNAGITLib.DLL [110592] O61 - LFC: 2015/09/26 17:04:34 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\9d0149fd\00bf21e1_795bd001\TechSmith.WPF.DLL [26112] O61 - LFC: 2015/09/26 17:04:32 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\59e1c1d2\00bf21e1_795bd001\TechSmith.WPF.DLL [26112] O61 - LFC: 2015/09/26 17:04:39 A . (.TechSmith Corp.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\48edac49\e082d56e_c372d001\TechSmith.CloudServices.Api.DLL [173888] O61 - LFC: 2015/09/25 17:52:25 A . (..) -- C:\Users\tech\AppData\Local\Adobe\Acrobat\10.0\UserCache.bin [208450] ---\\ Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe © ---\\ Menu de démarrage Internet (20) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.) ---\\ Recherche d'infection sur les navigateurs (4) - 2s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - (Microsoft (Bing)) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {CCA24F17-73EA-46FB-BAB6-911673737192} - (Ask Search) - http://www.search.ask.com/ =>Toolbar.Ask ---\\ Enumère les services démarrés par Svchost (33) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] © O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648] © O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928] © O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [683520] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2606080] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\system32\qmgr.dll [849920] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672] © O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016] © O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544] © O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] © O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] © ---\\ Liste des exceptions du parefeu Windows (19) - 1s O87 - FAEL: "{DF0AE690-43D9-4ABA-8AA7-88090A2084BC}" [In-None-P6-TRUE] .(.Copyright © Slicify/Affine Group Ltd 2013 - Slicify Node Service.) -- C:\ProgramData\slicify\Install\NodeService.exe O87 - FAEL: "{E3C5979E-D02C-4F18-A1A9-CD45EFF427F4}" [In-None-P17-TRUE] .(.Copyright © Slicify/Affine Group Ltd 2013 - Slicify Node Service.) -- C:\ProgramData\slicify\Install\NodeService.exe O87 - FAEL: "TCP Query User{7B58F1A2-65C3-4C1A-9469-11B05A9E9295}C:\program files (x86)\orobit\orobit-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\orobit\orobit-qt.exe (.not file.) O87 - FAEL: "UDP Query User{8D51F735-4B83-4B25-B009-B66862F9FA16}C:\program files (x86)\orobit\orobit-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\orobit\orobit-qt.exe (.not file.) O87 - FAEL: "TCP Query User{D1D066BC-FA4E-4A7E-A874-AE55C0D755C9}C:\program files (x86)\glowshares\glowshares-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\glowshares\glowshares-qt.exe (.not file.) O87 - FAEL: "UDP Query User{412704B1-8299-49A4-BB68-12E7BECCED6F}C:\program files (x86)\glowshares\glowshares-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\glowshares\glowshares-qt.exe (.not file.) O87 - FAEL: "TCP Query User{60E13269-957A-40CE-A799-0FA0D5114029}C:\windows\temp\rar$exa0.094\globalboost-y.exe" [In-None-P6-TRUE] .(...) -- C:\windows\temp\rar$exa0.094\globalboost-y.exe (.not file.) O87 - FAEL: "UDP Query User{A2C3DD03-272B-4D03-B459-9D9723AC09A9}C:\windows\temp\rar$exa0.094\globalboost-y.exe" [In-None-P17-TRUE] .(...) -- C:\windows\temp\rar$exa0.094\globalboost-y.exe (.not file.) O87 - FAEL: "TCP Query User{97D2D037-5E84-4AE7-B311-75D32F047B2C}C:\program files (x86)\litecoin\litecoin-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\litecoin\litecoin-qt.exe (.not file.) O87 - FAEL: "UDP Query User{F8E5E286-99C5-4C74-9BE6-1791B4AD55F8}C:\program files (x86)\litecoin\litecoin-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\litecoin\litecoin-qt.exe (.not file.) O87 - FAEL: "TCP Query User{4BC4628B-3046-4E7A-9E1E-AE89326AA5EF}C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe" [In-None-P6-TRUE] .(...) -- C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe (.not file.) O87 - FAEL: "UDP Query User{DD24C5E3-D22F-4B25-8F28-DC2A51559FA6}C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe" [In-None-P17-TRUE] .(...) -- C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe (.not file.) O87 - FAEL: "{54B47ED4-2E27-40AE-922A-E5A25BFBBCED}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Hide My IP 6\HideMyIP.exe (.not file.) O87 - FAEL: "{52213FF1-40E7-4703-AC78-DDD37DC3F67D}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Hide My IP 6\HideMyIpSrv.exe (.not file.) O87 - FAEL: "{B8EE7BF2-2A0A-4871-BC29-577AFF73BA6E}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.) O87 - FAEL: "{BC289903-7FBB-41C8-AF15-0FC3F24947D8}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.) O87 - FAEL: "{45A1933B-4202-4E5B-9EA3-228A0FB619CC}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.) O87 - FAEL: "{10ADF3A6-7F5B-4936-9245-A59E6338ADA5}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.) O87 - FAEL: "{93383CE2-5118-4774-9386-193632807739}" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.) ---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (21) - 12s SR - Auto [2014/12/03 10:06:08] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © SS - Demand [2015/09/22 10:21:08] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe © SR - Auto [2013/03/29 02:34:18] [ 241152] (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe © SR - Auto [2015/08/31 18:42:48] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © SR - Auto [2015/08/31 18:42:31] [ 109008] Avast Firewall (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe © SR - Auto [2013/11/27 12:26:14] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe © SR - Auto [2015/09/17 13:18:58] [ 441856] EdocSave (EdocSave) . (...) - C:\ProgramData\EdocSave\EdocSave.exe SS - Auto [2015/09/22 22:20:45] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Demand [2015/09/22 22:20:45] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe © SS - Disabled [2014/12/19 17:14:12] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe © SR - Auto [2012/04/20 14:16:12] [ 635104] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe © SR - Auto [2012/06/25 10:57:14] [ 166720] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe © SR - Auto [2012/07/17 14:57:20] [ 277824] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe © SR - Auto [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe © SR - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe © SS - Demand [2015/08/26 13:46:31] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe © SR - Auto [2011/09/22 17:30:58] [ 66560] This service enables products that use the Nalpeiron Licens (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\nlssrv32.exe © SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © SR - Auto [2015/01/26 08:48:10] [ 3408384] TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation.) - C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe © SR - Auto [2012/07/17 14:57:22] [ 365376] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe © ---\\ Recherche de clés de registre Tracing (12) - 3s HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASAPI32 =>PUP.Optional.RegistryReviver HKLM\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASMANCS =>PUP.Optional.RegistryReviver HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>PUP.Optional.TornTV HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>PUP.Optional.TornTV HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASAPI32 =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASMANCS =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>PUP.Optional.BabSolution HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>PUP.Optional.BabSolution ---\\ Scan Additionnel (44) - 0s C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock C:\Windows\System32\Tasks\LaunchApp =>PUP.Optional.MyPCBackup C:\Windows\System32\Tasks\YTAHelper =>PUP.Optional.Goobzo HKLM\SOFTWARE\Wow6432Node\46db666a-4fe4-41ed-872d-18cc50d0d222 =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\Wow6432Node\SafetyNut =>PUP.Optional.MoviesToolbar HKLM\SOFTWARE\Wow6432Node\SiteFinder =>PUP.Optional.ShoppingReport HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader HKCU\SOFTWARE\Goobzo =>PUP.Optional.Goobzo HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>PUP.Optional.SmartBar C:\Program Files (x86)\Application Updater =>PUP.Optional.Dealio C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker C:\Program Files (x86)\CuTTihEPrrice =>PUP.Optional.Multiplug C:\Program Files (x86)\DriverToolkit =>PUP.Optional.DriverToolkit C:\Program Files (x86)\ssaave on =>PUP.Optional.Multiplug C:\ProgramData\APN =>Toolbar.Ask C:\ProgramData\Babylon =>PUP.Optional.Babylon C:\ProgramData\InstallMate =>PUP.Optional.Tarma C:\ProgramData\ProductData =>PUP.Optional.Generic C:\ProgramData\ssaave on =>PUP.Optional.Multiplug C:\ProgramData\YTAHelper =>PUP.Optional.Goobzo C:\Users\tech\AppData\Roaming\Babylon =>PUP.Optional.Babylon C:\Users\tech\AppData\Roaming\IHlpr =>PUP.Optional.IHlpr C:\Users\tech\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate C:\Users\tech\AppData\Local\Babylon =>PUP.Optional.Babylon C:\Users\tech\AppData\Local\Chromatic Browser =>PUP.Optional.ChromaticBrowser C:\Users\tech\AppData\Local\CrashRpt =>.Superfluous.CrashReports C:\Users\tech\AppData\Local\DriverToolkit =>PUP.Optional.DriverToolkit C:\Users\tech\AppData\Local\Installer =>PUP.Optional.InstallPedia C:\Users\tech\AppData\Local\Torch =>PUP.Optional.Torch HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup HKLM64\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.Optional.MyPCBackup HKLM64\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.Optional.MyPCBackup HKLM64\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASAPI32 =>PUP.Optional.RegistryReviver HKLM64\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASMANCS =>PUP.Optional.RegistryReviver HKLM64\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>PUP.Optional.TornTV HKLM64\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>PUP.Optional.TornTV HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASAPI32 =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASMANCS =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>PUP.Optional.BabSolution HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>PUP.Optional.BabSolution ---\\ Récapitulatif des éléments trouvées sur votre station (27) - 0s http://www.nicolascoolman.fr/blog =>PUP.Optional.OurSurfing http://www.nicolascoolman.fr/pup-mypcbackup/ =>PUP.Optional.MyPCBackup http://www.nicolascoolman.fr/pup-goobzo/ =>PUP.Optional.Goobzo http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions http://www.nicolascoolman.fr/blog =>PUP.Optional.MoviesToolbar http://www.nicolascoolman.fr/adware-shoppingreport/ =>PUP.Optional.ShoppingReport http://www.nicolascoolman.fr/pup-yourfiledownloader/ =>PUP.Optional.YourFileDownloader http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar http://www.nicolascoolman.fr/pup-dealio/ =>PUP.Optional.Dealio http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug http://www.nicolascoolman.fr/blog =>PUP.Optional.DriverToolkit http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Optional.Babylon http://www.nicolascoolman.fr/pup-tarma/ =>PUP.Optional.Tarma http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic http://www.nicolascoolman.fr/blog =>PUP.Optional.IHlpr http://www.nicolascoolman.fr/blog =>PUP.Optional.MailUpdate http://www.nicolascoolman.fr/blog =>PUP.Optional.ChromaticBrowser http://www.nicolascoolman.fr/blog =>.Superfluous.CrashReports http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia http://www.nicolascoolman.fr/blog =>PUP.Optional.Torch http://www.nicolascoolman.fr/blog =>PUP.Optional.RegistryReviver http://www.nicolascoolman.fr/hijacker-torntv/ =>PUP.Optional.TornTV http://www.nicolascoolman.fr/hijacker-babsolution/ =>PUP.Optional.BabSolution ~ End of the scan, 33437 items in 113 seconds (1309)(0)()