start 
CloseProcesses:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-3415388050-584009252-449344141-1002\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-3415388050-584009252-449344141-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3415388050-584009252-449344141-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3415388050-584009252-449344141-1002 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3415388050-584009252-449344141-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3415388050-584009252-449344141-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  Pas de fichier
FF Extension: New Tab by Yahoo - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\f7wm6n14.default\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-10-09] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a1}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a1} => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{91c612bf-2a7a-48b8-8c8c-6de28589b7a0}] - C:\Program Files (x86)\Splashtop\Splashtop Connect for Firefox\{91c612bf-2a7a-48b8-8c8c-6de28589b7a0} => non trouvé(e)
CHR dev: Chrome dev build détecté(e)! <======= ATTENTION
CHR Extension: (Torrent Beast) - C:\Users\patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjceekmpapinmdhfghihaeikdmbdnipm [2014-11-29] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
CHR Extension: (Google Wallet) - C:\Users\patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-28] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATTENTION
U3 idsvc; pas de ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; pas de ImagePath
C:\Users\patrick\AppData\Local\Temp\ytb.exe
Task: {842F373D-A23B-4BBB-8F13-63E3371B08CF} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {D7968E10-A6E5-41AF-9D92-19D52260C953} - System32\Tasks\WIN-statsAdmin => C:\Users\patrick\AppData\Local\Microsoft\WinU\~ofjshde.exe [2014-07-28] () <==== ATTENTION
Task: {0457512C-5D44-4FC2-B0D4-9AA916E07122} - System32\Tasks\WIN-statsSystem => C:\Users\patrick\AppData\Local\Microsoft\WinU\~iosratp.exe
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118]


EmptyTemp:
end