start 
CloseProcesses:
Hosts:
CreateRestorePoint:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\corel paintshop pro.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ctaudcs.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\inetreg.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\resetdb.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\startliveupdate.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts: Restriction <======= ATTENTION
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKLM - Pas de nom - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  Pas de fichier
Toolbar: HKLM-x32 - Pas de nom - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  Pas de fichier
Toolbar: HKU\S-1-5-21-2059986674-2935039958-1512771893-1000 -> Pas de nom - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} -  Pas de fichier
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
2015-10-19 10:46 - 2015-07-31 12:19 - 00000296 _____ C:\WINDOWS\Tasks\AutoKMS.job
2015-10-17 17:05 - 2015-07-31 01:21 - 00007488 _____ C:\ProgramData\Coinstaller.log
2012-12-23 00:43 - 2012-12-23 00:43 - 0000252 _____ () C:\ProgramData\FastPics.log
2015-03-17 18:29 - 2015-03-17 18:29 - 0279278 _____ () C:\ProgramData\SPL21D4.tmp
2014-10-09 18:08 - 2014-10-09 18:08 - 0867725 _____ () C:\ProgramData\SPL24E2.tmp
2013-03-21 23:34 - 2013-03-21 23:34 - 0982559 _____ () C:\ProgramData\SPL2F1F.tmp
2014-01-22 22:44 - 2014-01-22 22:44 - 1729808 _____ () C:\ProgramData\SPL3BA4.tmp
2015-07-16 10:14 - 2015-07-16 10:14 - 0246712 _____ () C:\ProgramData\SPL3CD2.tmp
2015-10-08 09:43 - 2015-10-08 09:43 - 2497184 _____ () C:\ProgramData\SPL44B5.tmp
2015-02-11 15:10 - 2015-02-11 15:10 - 0629638 _____ () C:\ProgramData\SPL4954.tmp
2013-03-19 20:24 - 2013-03-19 20:24 - 0364768 _____ () C:\ProgramData\SPL4B1.tmp
2014-06-21 18:20 - 2014-06-21 18:20 - 2031505 _____ () C:\ProgramData\SPL523B.tmp
2014-07-01 18:33 - 2014-07-01 18:33 - 0089188 _____ () C:\ProgramData\SPL5318.tmp
2015-10-07 15:53 - 2015-10-07 15:53 - 2497184 _____ () C:\ProgramData\SPL5321.tmp
2013-04-24 12:26 - 2013-04-24 12:26 - 0650863 _____ () C:\ProgramData\SPL53E9.tmp
2014-11-18 10:18 - 2014-11-18 10:18 - 0517044 _____ () C:\ProgramData\SPL585C.tmp
2015-03-12 19:29 - 2015-03-12 19:29 - 0713067 _____ () C:\ProgramData\SPL6172.tmp
2015-05-28 18:11 - 2015-05-28 18:11 - 1052345 _____ () C:\ProgramData\SPL659E.tmp
2015-01-18 18:49 - 2015-01-18 18:49 - 1722627 _____ () C:\ProgramData\SPL6C6B.tmp
2015-03-25 22:51 - 2015-03-25 22:51 - 0442682 _____ () C:\ProgramData\SPL73E5.tmp
2014-10-20 17:26 - 2014-10-20 17:26 - 0252624 _____ () C:\ProgramData\SPL77A7.tmp
2013-03-19 09:38 - 2013-03-19 09:38 - 0364768 _____ () C:\ProgramData\SPL8288.tmp
2013-07-19 18:43 - 2013-07-19 18:43 - 0728024 _____ () C:\ProgramData\SPL834D.tmp
2015-06-03 15:34 - 2015-06-03 15:34 - 0642833 _____ () C:\ProgramData\SPL8462.tmp
2014-04-10 19:37 - 2014-04-10 19:39 - 2952932 _____ () C:\ProgramData\SPL8863.tmp
2013-03-20 12:09 - 2013-03-20 12:09 - 0364768 _____ () C:\ProgramData\SPL93E5.tmp
2015-06-10 15:12 - 2015-06-10 15:12 - 1516541 _____ () C:\ProgramData\SPL9443.tmp
2014-03-03 11:02 - 2014-03-03 11:02 - 1584267 _____ () C:\ProgramData\SPL9980.tmp
2014-09-14 18:51 - 2014-09-14 18:51 - 0577140 _____ () C:\ProgramData\SPL9CDD.tmp
2015-07-10 20:43 - 2015-07-10 20:43 - 1127268 _____ () C:\ProgramData\SPL9FE7.tmp
2015-06-07 15:22 - 2015-06-07 15:22 - 0435708 _____ () C:\ProgramData\SPLA029.tmp
2015-07-09 11:35 - 2015-07-09 11:35 - 0066776 _____ () C:\ProgramData\SPLA363.tmp
2014-09-11 18:20 - 2014-09-11 18:20 - 5371008 _____ () C:\ProgramData\SPLA4DA.tmp
2013-03-20 16:49 - 2013-03-20 16:49 - 0364768 _____ () C:\ProgramData\SPLA755.tmp
2013-02-14 21:42 - 2013-02-14 21:42 - 6582589 _____ () C:\ProgramData\SPLACE.tmp
2013-03-20 12:51 - 2013-03-20 12:51 - 0364768 _____ () C:\ProgramData\SPLAEB5.tmp
2013-02-16 15:40 - 2013-02-16 15:40 - 6582589 _____ () C:\ProgramData\SPLCC62.tmp
2014-07-02 09:34 - 2014-07-02 09:34 - 0089188 _____ () C:\ProgramData\SPLCED2.tmp
2014-06-06 18:36 - 2014-06-06 18:36 - 0495067 _____ () C:\ProgramData\SPLD4FE.tmp
2013-02-15 11:36 - 2013-02-15 11:36 - 6582589 _____ () C:\ProgramData\SPLD632.tmp
2014-09-15 16:06 - 2014-09-15 16:06 - 0577140 _____ () C:\ProgramData\SPLD90F.tmp
2014-03-04 19:08 - 2014-03-04 19:08 - 1584267 _____ () C:\ProgramData\SPLD9DA.tmp
2014-03-26 00:57 - 2014-03-26 00:57 - 0289583 _____ () C:\ProgramData\SPLE0D9.tmp
2014-11-23 13:38 - 2014-11-23 13:39 - 8126468 _____ () C:\ProgramData\SPLE2B0.tmp
2014-10-21 11:40 - 2014-10-21 11:40 - 0252624 _____ () C:\ProgramData\SPLEAAB.tmp
2013-03-20 13:15 - 2013-03-20 13:15 - 0364768 _____ () C:\ProgramData\SPLEDF6.tmp
2014-06-25 12:30 - 2014-06-25 12:30 - 0493848 _____ () C:\ProgramData\SPLEFE9.tmp
2015-04-06 20:52 - 2015-04-06 20:52 - 0464414 _____ () C:\ProgramData\SPLF509.tmp
2015-06-08 11:12 - 2015-06-08 11:12 - 0435708 _____ () C:\ProgramData\SPLF71A.tmp
2015-06-09 20:07 - 2015-06-09 20:07 - 1516541 _____ () C:\ProgramData\SPLF71B.tmp
C:\Users\erikseg\AppData\Local\Temp\sfamcc00001.dll
C:\Users\erikseg\AppData\Local\Temp\sfamcc00002.dll
C:\Users\erikseg\AppData\Local\Temp\sfareca00001.dll
C:\Users\erikseg\AppData\Local\Temp\sfareca00002.dll
Task: {13ABE613-21FC-4F0B-B49C-829E00FE6941} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-07-31] ()
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
2015-09-04 12:10 - 2015-10-19 10:46 - 00158720 _____ () C:\Users\erikseg\AppData\Local\Temp\sfareca00001.dll
2015-08-29 18:46 - 2015-10-19 10:46 - 00192512 _____ () C:\Users\erikseg\AppData\Local\Temp\sfamcc00001.dll



EmptyTemp:
end