Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.9.28.146 Par Nicolas Coolman (2015/09/28)
~ Démarré par tech (Administrator) (2015/09/28 13:56:11)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\tech\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\tech\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Navigateurs Internet (3) - 0s
GCIE: Google Chrome v45.0.2454.99
MFIE: Mozilla Firefox 40.0.3 (x86 en-US) v40.0.3
MSIE: Internet Explorer v11.0.9600.18015
---\\ Informations sur les produits Windows (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection (3) - 2s
Avast Premier v10.3.2225
Malwarebytes Anti-Malware version 2.1.8.1057
Windows Defender W7 (Activate)
---\\ Logiciels de protection et autres (Superflus) (1) - 3s
McAfee Security Scan Plus v3.8.150.1
---\\ Surveillance de Logiciels (2) - 3s
Adobe Flash Player 19 NPAPI
Adobe Reader X
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4157.312 MB (62% free)
~ System Restore: Activé (Enable)
~ System drive C: has 46 GB free of 102 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: TECH-PC
~ User Name: tech
~ Logged in as Administrator
---\\ Enumération des unités disques (3) - 0s
~ Drive C: has 46 GB free of 102 GB (System)
~ Drive D: has 67 GB free of 101 GB
~ Drive E: has 75 GB free of 101 GB
---\\ Etat du Centre de Sécurité Windows (15) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Recherche particulière de fichiers génériques (26) - 1s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2871808] ©
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568] ©
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [129024] ©
[MD5.A55305B1CACD38EAC176CC532B2053AC] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2427392] ©
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [455168] ©
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [232448] ©
[MD5.492D07D79E7024CA310867B526D9636D] - (.Microsoft Corporation - DNS DLL de l’API Client.) () -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - (.Microsoft Corporation - DNS DLL de l’API Client.) () -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] ©
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152] ©
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128] ©
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160] ©
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456] ©
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400] ©
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368] ©
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472] ©
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224] ©
[MD5.43E1F4B0EFDC244D2A83995CCD7846F7] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [159232] ©
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632] ©
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928] ©
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [97280] ©
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] ©
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888] ©
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184] ©
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296] ©
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [295808] ©
---\\ Processus lancés (40) - 1s
[MD5.310F86335B0505DDC6D2DD48E66EF06B] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [241152] [PID.956] ©
[MD5.4956380A54B1C9E6BFDF3D80DACB9698] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1276] ©
[MD5.AF09E0E7239052DDE959F2662C42D94A] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [109008] [PID.1456] ©
[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1568] ©
[MD5.BA268AF05C0911BC65EA4DE2DE26105F] - (...) -- C:\ProgramData\EdocSave\EdocSave.exe [441856] [PID.1756]
[MD5.C99F8E90DE4B8F0C7FE15BB1CBCD29DC] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104] [PID.2020] ©
[MD5.78ABBE558F57144047F10A0F50FE4B2F] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720] [PID.1296] ©
[MD5.301E3FDFCF33640BB8763BA444BC5093] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1576] ©
[MD5.83C982A395D00BAFF6515FB38424EA76] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880] [PID.2068] ©
[MD5.B1EF4686961986DFFB7FE8F18E6FCB5B] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\nlssrv32.exe [66560] [PID.2104] ©
[MD5.439BD966130226F464DC15F55ABD266E] - (.TechSmith Corporation - TechSmith Uploader Service.) -- C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384] [PID.2452] ©
[MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.1144] ©
[MD5.B8FFCE08932042E0D108F92FED9CF59E] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [562688] [PID.3320] ©
[MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.3140] ©
[MD5.834A309C2FDF52FC09353F348CFE1235] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184] [PID.3856] ©
[MD5.ADE3D7AD36CA238C6D58E5E93392D2F8] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056] [PID.3180] ©
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.3748] ©
[MD5.4D3FA23829B4AE3A0563113716259AC9] - (.TechSmith Corporation - Snagit.) -- C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe [7434560] [PID.3168] ©
[MD5.A72BB48D9014A7D7C05F02F595F52D60] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe [245576] [PID.3932] ©
[MD5.E337785DA1958E9AB02DDB2369EF46E8] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe [307016] [PID.624] ©
[MD5.07A37CB5C5A01E73FB69F138FAE2DB0E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128] [PID.3284] ©
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3960] ©
[MD5.1E09DFA4048196C9D3CC40C485A39422] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299008] [PID.3328] ©
[MD5.74CDE657245C114B98816E89B8D4CCD1] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299008] [PID.2760] ©
[MD5.E1F5833D38EF98EC19C5DE6436A5F969] - (.Glarysoft Ltd - Glary Utilities 5.) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [889632] [PID.4700] ©
[MD5.F66203AF9C159E2CBD54DF981654F499] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824] [PID.4180] ©
[MD5.84289E333459DD1C5E9F2DC204FB1608] - (.TechSmith Corporation - Snagit RPC Helper.) -- C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe [151872] [PID.1340] ©
[MD5.BA268AF05C0911BC65EA4DE2DE26105F] - (...) -- C:\ProgramData\EdocSave\EdocSave.exe [441856] [PID.4948]
[MD5.0A1810F3CF866F67856C8A4E98194493] - (.TechSmith Corporation - TechSmith HTML Help Helper.) -- C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe [46080] [PID.4820] ©
[MD5.749A4EA9D92161BDA3CD59BBF6706949] - (.TechSmith Corporation - Snagit Editor.) -- C:\Program Files (x86)\TechSmith\Snagit 12\snagiteditor.exe [8604992] [PID.5092] ©
[MD5.2C24DC448DBE8DB9BE1441B824C57E79] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824] [PID.3492] ©
[MD5.E1A119AD21F5AFE22EB516C549306D3D] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365376] [PID.4940] ©
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.772] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.6092] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5408] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5436] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5388] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.6032] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5516] ©
[MD5.BEB274EF932F3AD40F15AE7DCD1F53DA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\tech\Downloads\Programs\ZHPDiag3.exe [1939968] [PID.5380] ©
---\\ Google Chrome, Démarrage,Recherche,Extensions (30) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://fonts.googleapis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lp.baboom.audio
G0 - GCSP: Preferences [User Data\Default][HomePage] http://n20.adshostnet.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://n20adshostnet.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://srv.desk-top-app.info
G0 - GCSP: Preferences [User Data\Default][HomePage] http://stats.g.doubleclick.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.googleusercontent.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mynamedomain.koko
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/ =>PUP.Optional.OurSurfing
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bmnlcjabgnpnenekpadlanbbkooimhnj] Honey
G2 - GCE: Preference [User Data\Default] [bpgpffljkgjmijjdmjbdppndoojdgboe] Facebook Secret Emoticons
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dhdgffkkebhmkfjojejmpbldmpobfkfo] Tampermonkey
G2 - GCE: Preference [User Data\Default] [dkfhfaphfkopdgpbfkebjfcblcafcmpi] MightyText SMS from PC Text from Computer
G2 - GCE: Preference [User Data\Default] [eofcbnmajmjmplflapaojjnihcjkigck] Avast SafePrice
G2 - GCE: Preference [User Data\Default] [fdcgdnkidjaadafnichfpabhfomcebme] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fngmhnnpilhplaeedifhccceomclgfbg] EditThisCookie
G2 - GCE: Preference [User Data\Default] [immhpnclomdloikkpcefncmfgjbkojmh] Emoji Input by EmojiStuff.com
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [omghfjlpggmjjaagoclmmobgdodcjboh] Browsec
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (4) - 1s
M0 - MFSP: prefs.js [tech - lu02qlv9.default-1443311399777] https://www.malwarebytes.org/restorebrowser/
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - FPN: [HKCU] [@hola.org/vlc,version=1.8.164] - (...) -- C:\Users\tech\AppData\Local\Hola\firefox\app\vlc
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll ©
---\\ Opera, Démarrage,Recherche,Plugins (1) - 0s
B2 - EXT: [__MSG_appName__] C:\Users\tech\AppData\Roaming\Opera Software\Opera Stable\Extensions\chfnopmklmpinabemlmldefhbhgkglmc
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (23) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
---\\ Internet Explorer,Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©
---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)
---\\ Browser Helper Object de navigateur (BHO) (4) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} (Orphean)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ©
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
---\\ Applications lancées au démarrage du système (14) - 0s
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ©
O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe ©
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1443442034
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe ©
O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe ©
O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©
O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\RunOnce: [Adobe Speed Launcher] 1443442034
---\\ Winsock hijacker (Layered Service Provider) (3) - 1s
O10 - WLSP:\Catalog_Entries64\000000000001\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000002\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000013\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock
---\\ Modification Domaine/Adresses DNS (9) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpDomain = domain.name
---\\ Protocole additionnel (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL ©
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\ProgramData\EdocSave\ZerStatsoft.dll
---\\ Liste des services NT non Microsoft et non désactivés (16) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe ©
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: Avast Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe ©
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe ©
O23 - Service: EdocSave (EdocSave) . (...) - C:\ProgramData\EdocSave\EdocSave.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: This service enables products that use the Nalpeiron Licens (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\nlssrv32.exe ©
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation - TechSmith Uploader Service.) - C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe ©
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©
---\\ Enumère les données de BootExecute (1) - 0s
O34 - HKLM BootExecute: (BootDefrag.exe)
---\\ Tâches planifiées en automatique (44) - 4s
[MD5.C6D147C12C424373B016C0AB0A6C61EB] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] ©
[MD5.76F586CEF7018BD376CBBD74AEAC93F5] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1373872] ©
[MD5.00000000000000000000000000000000] [APT] [Driver Booster SkipUAC (tech)] (...) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (.not file.) [0]
[MD5.5168ABDED2C163FEC3699C6BF0723AB2] [APT] [GlaryInitialize 5] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [118048] ©
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.E1F5833D38EF98EC19C5DE6436A5F969] [APT] [GU5SkipUAC] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [889632] ©
[MD5.00000000000000000000000000000000] [APT] [LaunchApp] (...) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (.not file.) [0] =>PUP.Optional.MyPCBackup
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] ©
[MD5.00000000000000000000000000000000] [APT] [Opera scheduled Autoupdate 1434049471] (...) -- C:\Program Files (x86)\Opera\launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [PCShower2014] (...) -- C:\Program Files (x86)\PC Shower 2014\StartupShield.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.) [0]
[MD5.E0DEBE808C0FC71F6CAAB979547F84CD] [APT] [TechSmith Updater] (.TechSmith Corporation.) -- C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56704] ©
[MD5.00000000000000000000000000000000] [APT] [Trojan Remover] (...) -- C:\Program Files\Loaris\Trojan Remover\ltr.exe (.not file.) [0]
[MD5.3D9C36AEF23B3ECFDFD1375BBF1ACAA7] [APT] [update-S-1-5-21-978478050-2410835614-1606204549-1000] (.Copyright 2009.) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105760]
[MD5.3D9C36AEF23B3ECFDFD1375BBF1ACAA7] [APT] [update-sys] (.Copyright 2009.) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105760]
[MD5.00000000000000000000000000000000] [APT] [YTAHelper] (...) -- C:\Program Files (x86)\YTAHelper\YTAHelper.exe (.not file.) [0] =>PUP.Optional.Goobzo
[MD5.00000000000000000000000000000000] [APT] [{9C8DAFD3-EDD0-4C64-93BA-C49E0FB77DDA}] (...) -- C:\Program Files (x86)\Time Stopper\Time Stopper.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [834] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [838] ©
O39 - APT: update-S-1-5-21-978478050-2410835614-1606204549-1000 - (.Copyright 2009.) -- C:\Windows\Tasks\update-S-1-5-21-978478050-2410835614-1606204549-1000.job [386]
O39 - APT: update-sys - (.Copyright 2009.) -- C:\Windows\Tasks\update-sys.job [386]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3940] ©
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] ©
O39 - APT: Driver Booster SkipUAC (tech) - (...) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (tech) [2854]
O39 - APT: GlaryInitialize 5 - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\GlaryInitialize 5 [3308] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3582] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3834] ©
O39 - APT: GU5SkipUAC - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\GU5SkipUAC [2968] ©
O39 - APT: LaunchApp - (...) -- C:\Windows\System32\Tasks\LaunchApp [4022] =>PUP.Optional.MyPCBackup
O39 - APT: Maxthon Update - (.Maxthon International ltd..) -- C:\Windows\System32\Tasks\Maxthon Update [3578] ©
O39 - APT: Opera scheduled Autoupdate 1434049471 - (...) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434049471 [3842]
O39 - APT: PCShower2014 - (...) -- C:\Windows\System32\Tasks\PCShower2014 [3294]
O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000 [3222]
O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000 [3358]
O39 - APT: Run RoboForm TaskBar Icon - (...) -- C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon [3488]
O39 - APT: TechSmith Updater - (.TechSmith Corporation.) -- C:\Windows\System32\Tasks\TechSmith Updater [3800] ©
O39 - APT: Trojan Remover - (...) -- C:\Windows\System32\Tasks\Trojan Remover [3126]
O39 - APT: update-S-1-5-21-978478050-2410835614-1606204549-1000 - (.Copyright 2009.) -- C:\Windows\System32\Tasks\update-S-1-5-21-978478050-2410835614-1606204549-1000 [3258]
O39 - APT: update-sys - (.Copyright 2009.) -- C:\Windows\System32\Tasks\update-sys [3282]
O39 - APT: YTAHelper - (...) -- C:\Windows\System32\Tasks\YTAHelper [4642] =>PUP.Optional.Goobzo
---\\ Logiciels installés (86) - 10s
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player ©
O42 - Logiciel: WinRAR 4.11 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {003B37AE-21F5-5BC5-F5EB-CD60A8928696} ©
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {35D00343-3BFA-46A1-C6DD-FFD770501E0B} ©
O42 - Logiciel: Revo Uninstaller Pro 3.1.2 - (.VS Revo Group, Ltd..) [HKLM][64Bits] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0} ©
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: ASMubashir - (.ApeeeGoSoft.) [HKLM][64Bits] -- ASMubashir
O42 - Logiciel: Avast Premier - (.AVAST Software.) [HKLM][64Bits] -- Avast ©
O42 - Logiciel: AVS Registry Cleaner 3.0.2.271 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Registry Cleaner_is1 ©
O42 - Logiciel: Format Factory - (.Free Time.) [HKLM][64Bits] -- Format Factory ©
O42 - Logiciel: Glary Utilities 5.32 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities 5 ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager ©
O42 - Logiciel: LAV Filters 0.60.1 - (.Hendrik Leppkes.) [HKLM][64Bits] -- lavfilters_is1 ©
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM][64Bits] -- Maxthon3 ©
O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 en-US) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: Potplayer - (.Daum Kakao Corp..) [HKLM][64Bits] -- PotPlayer
O42 - Logiciel: Snagit Stamps Green-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {018BD7C8-4113-11E1-A9E6-C0BD4724019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {05C08CC0-5D33-48A6-B06F-CFE75FFD9843} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {076C6BC1-C1C9-4936-86A7-09CC8521571D} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {07AF20A1-FF2E-40DB-899E-3DB94E1C784F} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {083245AC-CB49-4986-9131-0B87C4BCCCFA} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {09E69001-06F9-4767-A7C5-414985CD44CA} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {0F01AF26-ABB5-4F07-8202-4A2E461EDA4F} ©
O42 - Logiciel: Microsoft VC90 CRT + OMP - (.ZJMedia Ltd..) [HKLM][64Bits] -- {0F931735-0098-4FF6-A49D-17882A294F51}
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {1055F079-7664-4990-83FB-F41F67B5A278} ©
O42 - Logiciel: Snagit Stamps Black-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {1BCD39C2-4084-11E1-AF82-C8814824019B} ©
O42 - Logiciel: Snagit Stamps Orange-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {22EDAC30-4117-11E1-BA47-02C34724019B} ©
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {26B0419F-123C-44C7-8FB0-1A30CAE4E2DF} ©
O42 - Logiciel: Snagit Stamps Orange-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {26E5FC52-4117-11E1-9874-03C34724019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {274A3B8B-68B7-4F41-95FD-D93B0AEB7EAA} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {2911949E-976C-4635-9CE1-77E8669EAB74} ©
O42 - Logiciel: Snagit Stamps Black-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {2D39E78E-4082-11E1-8E70-837F4824019B} ©
O42 - Logiciel: Snagit Stamps Blue-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {30443A94-4085-11E1-AB66-47834824019B} ©
O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM][64Bits] -- {31B12C11-AE4E-479F-8D6D-242DC265368D}
O42 - Logiciel: Snagit Stamps Windows-Interface - (.TechSmith Corporation.) [HKLM][64Bits] -- {39375D14-42D0-11E1-8E6B-27824824019B} ©
O42 - Logiciel: Snagit Stamps Geometry - (.TechSmith Corporation.) [HKLM][64Bits] -- {3A8A51E6-FB51-11E1-A58B-13826188709B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {3D102FE6-622F-406E-8AB4-925A8E3A7D5A} ©
O42 - Logiciel: Snagit Stamps Blue-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {3D86B9C0-4085-11E1-83C7-5D834824019B} ©
O42 - Logiciel: Snagit Stamps Purple-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {483B10D6-4117-11E1-925B-27C34724019B} ©
O42 - Logiciel: Snagit Stamps Purple-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {4B777136-4117-11E1-AE24-28C34724019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {4C6BC9DF-9D69-4544-9FC3-E01FD463FF5A} ©
O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM][64Bits] -- {50f2d2b0-9e6e-466f-b418-b3526b61aa3f} ©
O42 - Logiciel: Camtasia Studio 8 - (.TechSmith Corporation.) [HKLM][64Bits] -- {5303CFB5-D635-44F0-A94B-9611E81F07C4} ©
O42 - Logiciel: Realtek HDMI Audio Driver for ATI - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5449FB4F-1802-4D5B-A6D8-087DB1142147} ©
O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM][64Bits] -- {588591F5-74D7-4646-87C5-6A07E526F303} ©
O42 - Logiciel: Snagit Stamps Business - (.TechSmith Corporation.) [HKLM][64Bits] -- {5CFC8740-4124-11E1-B134-42D54724019B} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {65406A75-3FC2-4CA4-A139-35D2ED14B9B9} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {6D9E366A-907C-4FBD-8C3D-D0F99309E0F4} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {6F9B01C2-9DD8-49D7-A19D-F1F55ECF4D4A} ©
O42 - Logiciel: Snagit Stamps Algebra - (.TechSmith Corporation.) [HKLM][64Bits] -- {77B73A50-FB53-11E1-82FE-F7836188709B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {7ABB4A2D-73AD-4758-B4A8-79D1B90C474D} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {80FCAC3D-C5F2-429F-BBCF-A360CDC88BBA} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8317B24F-7C37-4E01-B19F-72318D8B4D65} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {881D807E-D4B8-4C38-9FB5-E3DB78B77825} ©
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {89A20651-156D-4CA1-8DF0-98C62ACCFD48} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8C603F0B-3130-41F8-9995-751F2750D544} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8E919001-99F2-441D-9DFD-47DDCB4D9D1F} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {9442353B-D459-4B4F-8A42-A6EE44CA8F29} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {AB78404A-FF9C-428B-9DE3-95260C86A197} ©
O42 - Logiciel: Adobe Reader X (10.1.13) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001} ©
O42 - Logiciel: Snagit Stamps Red-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {ADE8CCAC-4117-11E1-9571-7CC34724019B} ©
O42 - Logiciel: Snagit Stamps Red-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {B29C2D02-4117-11E1-B33A-7DC34724019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {BE14995C-790A-4531-BBF2-2E1AAAC0EDB9} ©
O42 - Logiciel: Snagit Stamps Powered-By-Snagit - (.TechSmith Corporation.) [HKLM][64Bits] -- {E0A34714-4142-11E1-AE8D-6AFD4724019B} ©
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1} ©
O42 - Logiciel: Snagit Stamps Windows-Cursors - (.TechSmith Corporation.) [HKLM][64Bits] -- {E5D3C548-4146-11E1-87F1-83034824019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {EE6B9D86-79BD-4669-B9AA-B2D5021B9883} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {F16969E6-348A-462F-A7A0-2F35499A2CCB} ©
O42 - Logiciel: Snagit Stamps Windows-Keyboard - (.TechSmith Corporation.) [HKLM][64Bits] -- {F26248F2-4146-11E1-8A7A-88034824019B} ©
O42 - Logiciel: Snagit Stamps Green-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {FBEC8682-4112-11E1-92F9-ABBD4724019B} ©
O42 - Logiciel: 3D Youtube Downloader - (.3DYD Soft.) [HKCU][64Bits] -- 3D Youtube Downloader
---\\ HKCU & HKLM Software Keys (213) - 10s
HKLM\SOFTWARE\Wow6432Node\46db666a-4fe4-41ed-872d-18cc50d0d222 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\ADSRemoval
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Arafasoft
HKLM\SOFTWARE\Wow6432Node\AS_Mubashir
HKLM\SOFTWARE\Wow6432Node\ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\AVS4YOU
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Bitcoin Core (32-bit)
HKLM\SOFTWARE\Wow6432Node\ChrisPC DNS Switch
HKLM\SOFTWARE\Wow6432Node\ChrisPC Proxy
HKLM\SOFTWARE\Wow6432Node\Chromium
HKLM\SOFTWARE\Wow6432Node\Comodo
HKLM\SOFTWARE\Wow6432Node\CoreCodec
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\DAUM
HKLM\SOFTWARE\Wow6432Node\Debug
HKLM\SOFTWARE\Wow6432Node\DivX
HKLM\SOFTWARE\Wow6432Node\Glarysoft
HKLM\SOFTWARE\Wow6432Node\Glowshares
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Greatis
HKLM\SOFTWARE\Wow6432Node\GSA
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\InterVideo
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Litecoin
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MassFaces
HKLM\SOFTWARE\Wow6432Node\Maxthon3
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Minergate Inc
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\mtEdocSave
HKLM\SOFTWARE\Wow6432Node\MunSoft
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OldTimer Tools
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Panda Software
HKLM\SOFTWARE\Wow6432Node\PandaCoin
HKLM\SOFTWARE\Wow6432Node\Paycoin
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\RSystem64
HKLM\SOFTWARE\Wow6432Node\SafetyNut =>PUP.Optional.MoviesToolbar
HKLM\SOFTWARE\Wow6432Node\Siber Systems
HKLM\SOFTWARE\Wow6432Node\SiteFinder =>PUP.Optional.ShoppingReport
HKLM\SOFTWARE\Wow6432Node\SkillBrains
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SoftEther Project
HKLM\SOFTWARE\Wow6432Node\Sonic
HKLM\SOFTWARE\Wow6432Node\Speedcoin Wallet
HKLM\SOFTWARE\Wow6432Node\Steganos
HKLM\SOFTWARE\Wow6432Node\Swearware
HKLM\SOFTWARE\Wow6432Node\TechSmith
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\VisioForge Media Player SDK Redist (Delphi)
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3DYD Soft
HKCU\SOFTWARE\4kdownload.com
HKCU\SOFTWARE\ABSoft
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Aidfile recovery professional
HKCU\SOFTWARE\AMD
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Arafasoft
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\B1bl3Coin
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Beyluxe Messenger
HKCU\SOFTWARE\Bitcoin
HKCU\SOFTWARE\Boilsoft
HKCU\SOFTWARE\CAPTcoin
HKCU\SOFTWARE\CardRecoveryPro
HKCU\SOFTWARE\CardRecoveryPro_Init
HKCU\SOFTWARE\Chedot
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Code Industry
HKCU\SOFTWARE\Code Sector
HKCU\SOFTWARE\DAUM
HKCU\SOFTWARE\David Esperalta
HKCU\SOFTWARE\Dogecoin
HKCU\SOFTWARE\DownloadCenter
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Drivers
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Elecard
HKCU\SOFTWARE\ELTIMA Software
HKCU\SOFTWARE\EximiousSoft
HKCU\SOFTWARE\FDC Manager
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\giveawayoftheday.com
HKCU\SOFTWARE\GlarySoft
HKCU\SOFTWARE\GlobalBoost
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Goobzo =>PUP.Optional.Goobzo
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Greatis
HKCU\SOFTWARE\Gyazo
HKCU\SOFTWARE\Hardware Settings
HKCU\SOFTWARE\HitLeap
HKCU\SOFTWARE\Hola
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\iMacros
HKCU\SOFTWARE\inSpeakData
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\iSpring Solutions
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Kungsoft
HKCU\SOFTWARE\Latium
HKCU\SOFTWARE\LAV
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Litecoin
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Maxthon3
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Mirage
HKCU\SOFTWARE\Mirillis
HKCU\SOFTWARE\MOVAVI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MultiTech
HKCU\SOFTWARE\MunSoft
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nimbuzz
HKCU\SOFTWARE\Obsidium
HKCU\SOFTWARE\ObviousIdea
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\OmniCoin
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Orobit
HKCU\SOFTWARE\PanoramaStudio
HKCU\SOFTWARE\Paycoin
HKCU\SOFTWARE\Phoenixcoin
HKCU\SOFTWARE\PowerPack
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RSystem64
HKCU\SOFTWARE\Rtp
HKCU\SOFTWARE\Screenshoter
HKCU\SOFTWARE\Siber Systems
HKCU\SOFTWARE\SimonTatham
HKCU\SOFTWARE\Skillbrains
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Smart Devices
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\Solveig Multimedia
HKCU\SOFTWARE\SourceTec
HKCU\SOFTWARE\Speedcoin
HKCU\SOFTWARE\Steganos
HKCU\SOFTWARE\SuperChainMedia
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\System Profiles
HKCU\SOFTWARE\SYV
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\UCBrowserPID
HKCU\SOFTWARE\Universal Digital Works
HKCU\SOFTWARE\University of Tsukuba
HKCU\SOFTWARE\UpdateStar
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VirtualDub.org
HKCU\SOFTWARE\VirusSecureLab
HKCU\SOFTWARE\VOS
HKCU\SOFTWARE\VS Revo Group
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Win
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Womble
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>PUP.Optional.SmartBar
---\\ Contenu des dossiers Programmes (387) - 12s
O43 - CFD: 2014/11/11 18:59:00 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2014/05/20 01:32:52 - [] D -- C:\Program Files (x86)\AMD AVT
O43 - CFD: 2015/09/23 21:00:36 - [] D -- C:\Program Files (x86)\ApeeeGoSoft
O43 - CFD: 2015/07/14 19:11:03 - [0] D -- C:\Program Files (x86)\Application Updater =>PUP.Optional.Dealio
O43 - CFD: 2015/07/20 14:15:32 - [] D -- C:\Program Files (x86)\Ashampoo
O43 - CFD: 2014/05/20 01:31:16 - [] D -- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\Program Files (x86)\AVS4YOU
O43 - CFD: 2015/07/31 10:37:32 - [] D -- C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker
O43 - CFD: 2015/07/14 03:57:11 - [] D -- C:\Program Files (x86)\BlueSprig
O43 - CFD: 2014/07/11 15:28:00 - [] D -- C:\Program Files (x86)\CodeMeter
O43 - CFD: 2015/09/28 12:57:53 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/07/31 18:45:04 - [] D -- C:\Program Files (x86)\Cracklock
O43 - CFD: 2015/07/29 00:52:29 - [] D -- C:\Program Files (x86)\CuTTihEPrrice =>PUP.Optional.Multiplug
O43 - CFD: 2015/07/29 10:56:28 - [] D -- C:\Program Files (x86)\DAUM
O43 - CFD: 2014/10/20 12:30:39 - [] D -- C:\Program Files (x86)\DriverToolkit =>PUP.Optional.DriverToolkit
O43 - CFD: 2015/07/15 02:53:56 - [0] D -- C:\Program Files (x86)\Dynatrace
O43 - CFD: 2015/09/04 22:32:03 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 2015/09/28 13:09:16 - [] D -- C:\Program Files (x86)\Glary Utilities 5
O43 - CFD: 2014/08/20 23:18:37 - [] D -- C:\Program Files (x86)\Glarysoft
O43 - CFD: 2015/09/22 22:29:59 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/09/02 11:39:32 - [] D -- C:\Program Files (x86)\HitLeap
O43 - CFD: 2015/08/01 18:55:08 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2014/05/20 01:41:45 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/06/09 22:27:38 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2015/09/09 15:24:47 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2014/05/24 00:08:45 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/06/02 01:06:25 - [] D -- C:\Program Files (x86)\Kepard
O43 - CFD: 2015/09/27 16:56:50 - [] D -- C:\Program Files (x86)\LAV Filters
O43 - CFD: 2015/09/04 11:15:35 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
O43 - CFD: 2015/09/28 12:28:15 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/09/11 18:31:35 - [] D -- C:\Program Files (x86)\Maxthon
O43 - CFD: 2014/05/20 15:30:11 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/09/17 23:31:26 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2014/11/15 15:11:38 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/28 23:31:31 - [] D -- C:\Program Files (x86)\MightyText SMS from PC Text from Computer
O43 - CFD: 2015/09/28 00:10:58 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/09/28 00:11:01 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/09/05 14:28:35 - [0] D -- C:\Program Files (x86)\OpenVPN Technologies
O43 - CFD: 2014/07/22 02:47:19 - [] D -- C:\Program Files (x86)\Panda Security
O43 - CFD: 2014/08/21 17:57:59 - [] D -- C:\Program Files (x86)\RealNetworks
O43 - CFD: 2014/05/20 01:40:16 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2009/07/14 06:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/01 18:38:43 - [] D -- C:\Program Files (x86)\Skillbrains
O43 - CFD: 2015/07/31 10:37:49 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/06/03 19:43:24 - [0] D -- C:\Program Files (x86)\ssaave on =>PUP.Optional.Multiplug
O43 - CFD: 2014/10/07 17:56:03 - [] D -- C:\Program Files (x86)\Stamp0.85
O43 - CFD: 2015/09/26 16:39:46 - [] D -- C:\Program Files (x86)\TechSmith
O43 - CFD: 2014/05/20 01:40:17 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2015/09/11 18:12:22 - [] D -- C:\Program Files (x86)\UCBrowser
O43 - CFD: 2009/07/14 05:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/09/28 00:30:39 - [] D -- C:\Program Files (x86)\Virus Effect Remover
O43 - CFD: 2015/07/15 02:54:24 - [0] D -- C:\Program Files (x86)\VS Revo Group
O43 - CFD: 2015/07/14 19:06:50 - [] D -- C:\Program Files (x86)\Websoft Solution
O43 - CFD: 2014/07/07 03:24:53 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/06/11 19:07:39 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 06:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/04/26 15:44:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/07/05 02:03:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 2014/05/20 15:33:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
O43 - CFD: 2015/07/31 17:47:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
O43 - CFD: 2014/05/20 15:33:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/31 10:37:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GISolution
O43 - CFD: 2015/07/31 10:37:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
O43 - CFD: 2015/09/22 22:30:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/06/08 23:59:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/08/09 18:40:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/09/27 16:56:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
O43 - CFD: 2014/11/07 12:02:17 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LinkYoutube Downloader
O43 - CFD: 2014/05/20 15:33:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/09/28 12:28:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/09/11 18:31:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 2014/11/09 12:02:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 2014/11/27 19:58:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/09/17 23:31:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/08/01 18:02:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
O43 - CFD: 2015/04/12 10:01:54 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/10/07 17:56:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stamp v0.85
O43 - CFD: 2015/09/26 17:03:53 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2009/07/14 16:35:18 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/09/26 17:03:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
O43 - CFD: 2015/09/21 23:28:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2014/05/20 15:33:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/11/19 21:46:13 - [] D -- C:\ProgramData\500604cb1577411a
O43 - CFD: 2014/12/05 09:58:24 - [] D -- C:\ProgramData\Ad
O43 - CFD: 2014/11/11 18:59:37 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/07/23 03:02:49 - [] D -- C:\ProgramData\Allegorithmic
O43 - CFD: 2015/09/28 11:37:40 - [0] D -- C:\ProgramData\All_Disabled
O43 - CFD: 2014/05/20 01:32:52 - [] D -- C:\ProgramData\AMD
O43 - CFD: 2015/09/28 12:57:53 - [0] D -- C:\ProgramData\APN =>Toolbar.Ask
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\ProgramData\ATI
O43 - CFD: 2014/08/21 18:01:31 - [] D -- C:\ProgramData\AutoUpdate
O43 - CFD: 2014/12/26 17:40:06 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2014/08/23 21:28:04 - [] D -- C:\ProgramData\AVG
O43 - CFD: 2014/11/12 17:40:56 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 2015/09/24 23:31:40 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/08/22 00:12:03 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2014/08/23 21:25:50 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/09/28 13:39:07 - [] D -- C:\ProgramData\EdocSave
O43 - CFD: 2015/09/28 13:51:45 - [] D -- C:\ProgramData\EdocSaves
O43 - CFD: 2014/08/21 18:01:01 - [] D -- C:\ProgramData\Eltima Software
O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/02/06 23:20:36 - [] D -- C:\ProgramData\GridinSoft
O43 - CFD: 2014/05/20 22:17:03 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2014/07/11 15:30:34 - [] D -- C:\ProgramData\InstallMate =>PUP.Optional.Tarma
O43 - CFD: 2014/05/20 01:41:51 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2014/07/20 02:39:50 - [] D -- C:\ProgramData\IObit
O43 - CFD: 2015/07/26 00:07:30 - [] D -- C:\ProgramData\Isolated Storage
O43 - CFD: 2015/04/18 17:57:34 - [] D -- C:\ProgramData\IsolatedStorage
O43 - CFD: 2014/11/19 21:46:01 - [0] D -- C:\ProgramData\Logs
O43 - CFD: 2014/06/24 14:00:07 - [] D -- C:\ProgramData\LogSys
O43 - CFD: 2015/09/28 12:28:13 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/09/04 10:58:18 - [] D -- C:\ProgramData\Malwarebytes Anti-Exploit
O43 - CFD: 2014/06/04 18:58:04 - [] D -- C:\ProgramData\Martau
O43 - CFD: 2014/05/20 16:12:42 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2014/11/09 12:02:22 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2014/08/24 00:53:46 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 2014/12/12 10:02:30 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/11/17 01:47:54 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2014/05/24 00:09:08 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/09/26 17:02:51 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/07/27 00:37:46 - [] D -- C:\ProgramData\PC1Data
O43 - CFD: 2015/05/23 09:53:53 - [] D -- C:\ProgramData\ProductData =>PUP.Optional.Generic
O43 - CFD: 2014/10/11 16:32:31 - [0] D -- C:\ProgramData\ProgDVB
O43 - CFD: 2014/08/21 17:58:26 - [] D -- C:\ProgramData\Real
O43 - CFD: 2014/07/07 22:57:30 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/09/26 17:03:40 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith
O43 - CFD: 2014/07/12 18:54:52 - [] D -- C:\ProgramData\RegRun
O43 - CFD: 2014/06/09 22:54:42 - [] D -- C:\ProgramData\Screaming Bee
O43 - CFD: 2015/07/31 10:29:30 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2014/07/16 03:00:13 - [] D -- C:\ProgramData\slicify
O43 - CFD: 2014/06/03 21:43:33 - [0] D -- C:\ProgramData\ssaave on =>PUP.Optional.Multiplug
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/05/24 00:09:06 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/09/15 16:17:58 - [] SHD -- C:\ProgramData\System Restore
O43 - CFD: 2015/09/26 17:03:15 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 2015/09/24 00:11:32 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/07/09 02:41:01 - [] D -- C:\ProgramData\The Foundry
O43 - CFD: 2015/08/01 18:02:07 - [] D -- C:\ProgramData\VS Revo Group
O43 - CFD: 2015/08/11 19:21:58 - [0] D -- C:\ProgramData\Web Page Maker
O43 - CFD: 2014/07/11 15:30:35 - [] D -- C:\ProgramData\Wondershare Player
O43 - CFD: 2015/02/08 16:37:53 - [] D -- C:\ProgramData\YTAHelper =>PUP.Optional.Goobzo
O43 - CFD: 2014/09/20 23:01:51 - [0] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 - CFD: 2014/07/20 02:38:44 - [0] D -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 2014/07/15 23:52:33 - [] D -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
O43 - CFD: 2014/07/15 23:52:33 - [] D -- C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
O43 - CFD: 2015/02/11 19:59:37 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2014/11/11 19:00:04 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2014/05/20 01:32:48 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 2015/09/11 18:21:08 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 2014/11/17 01:45:10 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2014/05/20 01:39:15 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2014/05/24 00:09:04 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2015/07/31 10:37:48 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2014/05/20 01:41:13 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/07/31 10:37:48 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/09/26 17:03:33 - [] D -- C:\Program Files (x86)\Common Files\TechSmith Shared
O43 - CFD: 2015/08/05 19:41:14 - [] D -- C:\Program Files (x86)\Common Files\VisioForge Shared
O43 - CFD: 2014/07/12 22:46:37 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2015/09/02 14:56:41 - [] D -- C:\Users\tech\AppData\Roaming\10KHits
O43 - CFD: 2015/04/28 19:17:37 - [] D -- C:\Users\tech\AppData\Roaming\3DYD Soft
O43 - CFD: 2014/10/30 16:54:40 - [] D -- C:\Users\tech\AppData\Roaming\4inarow-6e3328d6cb70bf28cd38217dca28083d
O43 - CFD: 2014/05/23 00:21:56 - [0] D -- C:\Users\tech\AppData\Roaming\8-Bit Commando
O43 - CFD: 2014/10/07 18:01:36 - [] D -- C:\Users\tech\AppData\Roaming\ACEStream
O43 - CFD: 2014/07/08 23:46:33 - [] D -- C:\Users\tech\AppData\Roaming\Adobe
O43 - CFD: 2014/05/30 20:24:01 - [] D -- C:\Users\tech\AppData\Roaming\AnvSoft
O43 - CFD: 2014/07/15 23:52:43 - [] D -- C:\Users\tech\AppData\Roaming\Apple Computer
O43 - CFD: 2015/01/07 21:38:54 - [] D -- C:\Users\tech\AppData\Roaming\Ashampoo
O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\Users\tech\AppData\Roaming\ATI
O43 - CFD: 2014/07/27 01:44:06 - [] D -- C:\Users\tech\AppData\Roaming\Atiz
O43 - CFD: 2014/07/10 17:56:53 - [] D -- C:\Users\tech\AppData\Roaming\autoconnections
O43 - CFD: 2014/12/26 16:52:22 - [] D -- C:\Users\tech\AppData\Roaming\AVAST Software
O43 - CFD: 2014/08/23 21:27:16 - [] D -- C:\Users\tech\AppData\Roaming\AVG
O43 - CFD: 2015/09/11 18:23:12 - [] D -- C:\Users\tech\AppData\Roaming\AVS4YOU
O43 - CFD: 2014/11/19 21:45:58 - [] D -- C:\Users\tech\AppData\Roaming\B1bl3Coin
O43 - CFD: 2015/09/24 23:31:40 - [] D -- C:\Users\tech\AppData\Roaming\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/08/24 00:51:24 - [] D -- C:\Users\tech\AppData\Roaming\Baidu
O43 - CFD: 2014/06/08 23:42:42 - [] D -- C:\Users\tech\AppData\Roaming\Beyluxe
O43 - CFD: 2014/11/19 21:46:03 - [] D -- C:\Users\tech\AppData\Roaming\Bitcoin
O43 - CFD: 2014/11/19 21:46:16 - [] D -- C:\Users\tech\AppData\Roaming\BlackCoin
O43 - CFD: 2015/07/14 03:57:19 - [] D -- C:\Users\tech\AppData\Roaming\BlueSprig
O43 - CFD: 2014/09/01 20:24:49 - [] D -- C:\Users\tech\AppData\Roaming\Boilsoft
O43 - CFD: 2014/11/19 21:46:13 - [] D -- C:\Users\tech\AppData\Roaming\CAPTcoin
O43 - CFD: 2014/10/27 17:38:41 - [] D -- C:\Users\tech\AppData\Roaming\CoinMiner
O43 - CFD: 2014/07/14 15:43:35 - [] D -- C:\Users\tech\AppData\Roaming\CompuClever
O43 - CFD: 2015/01/26 19:32:12 - [] D -- C:\Users\tech\AppData\Roaming\CrystalIdea Software
O43 - CFD: 2014/07/13 22:45:42 - [] D -- C:\Users\tech\AppData\Roaming\Digiarty
O43 - CFD: 2015/09/25 11:04:55 - [] D -- C:\Users\tech\AppData\Roaming\DiskDefrag
O43 - CFD: 2015/09/28 12:59:17 - [] D -- C:\Users\tech\AppData\Roaming\DMCache
O43 - CFD: 2015/08/31 22:36:38 - [] D -- C:\Users\tech\AppData\Roaming\DM_Software
O43 - CFD: 2014/11/19 21:44:14 - [] D -- C:\Users\tech\AppData\Roaming\Dogecoin
O43 - CFD: 2014/08/21 18:31:51 - [] D -- C:\Users\tech\AppData\Roaming\Download Master
O43 - CFD: 2015/08/11 19:22:01 - [] D -- C:\Users\tech\AppData\Roaming\FileZilla
O43 - CFD: 2014/10/22 17:31:36 - [] D -- C:\Users\tech\AppData\Roaming\financialcalculator-6154b4757bad7cacda740d14c58b6388
O43 - CFD: 2014/12/25 19:04:39 - [] D -- C:\Users\tech\AppData\Roaming\gauthauthenticator-78ef3156e1ca5b74c14beac161614be7
O43 - CFD: 2014/08/20 23:18:37 - [] D -- C:\Users\tech\AppData\Roaming\GlarySoft
O43 - CFD: 2015/01/04 23:07:23 - [] D -- C:\Users\tech\AppData\Roaming\GlobalBoostY
O43 - CFD: 2014/12/25 21:57:56 - [] D -- C:\Users\tech\AppData\Roaming\Glowshares
O43 - CFD: 2014/11/24 00:30:22 - [] D -- C:\Users\tech\AppData\Roaming\Gomez
O43 - CFD: 2015/08/02 16:21:10 - [] D -- C:\Users\tech\AppData\Roaming\GSA Captcha Breaker
O43 - CFD: 2014/12/25 20:07:03 - [] D -- C:\Users\tech\AppData\Roaming\Gyazo
O43 - CFD: 2015/05/24 14:47:58 - [] D -- C:\Users\tech\AppData\Roaming\HyperAV
O43 - CFD: 2014/05/20 01:22:29 - [] D -- C:\Users\tech\AppData\Roaming\Identities
O43 - CFD: 2015/09/26 11:07:41 - [] D -- C:\Users\tech\AppData\Roaming\IDM
O43 - CFD: 2015/09/28 12:57:53 - [0] D -- C:\Users\tech\AppData\Roaming\IHlpr =>PUP.Optional.IHlpr
O43 - CFD: 2015/07/15 02:59:04 - [] D -- C:\Users\tech\AppData\Roaming\InAppBrowserInstaller
O43 - CFD: 2014/05/20 01:41:03 - [] D -- C:\Users\tech\AppData\Roaming\InstallShield
O43 - CFD: 2014/10/22 17:31:36 - [] D -- C:\Users\tech\AppData\Roaming\instantbuttons-onfire-57c10b32c0c702a51349c27e77268f5d
O43 - CFD: 2015/05/14 18:03:00 - [] D -- C:\Users\tech\AppData\Roaming\IObit
O43 - CFD: 2015/01/07 00:58:09 - [] D -- C:\Users\tech\AppData\Roaming\IPKInstaller
O43 - CFD: 2015/04/18 17:57:34 - [] D -- C:\Users\tech\AppData\Roaming\IsolatedStorage
O43 - CFD: 2014/07/03 02:14:09 - [] D -- C:\Users\tech\AppData\Roaming\iSpring Solutions
O43 - CFD: 2015/09/02 12:23:21 - [] D -- C:\Users\tech\AppData\Roaming\Klixion
O43 - CFD: 2014/11/19 21:46:23 - [] D -- C:\Users\tech\AppData\Roaming\Latium
O43 - CFD: 2015/09/15 15:58:01 - [] D -- C:\Users\tech\AppData\Roaming\lifebrowser.life-host.info-17
O43 - CFD: 2015/04/17 11:17:51 - [] D -- C:\Users\tech\AppData\Roaming\Litecoin
O43 - CFD: 2014/06/24 14:00:32 - [] D -- C:\Users\tech\AppData\Roaming\LogSys
O43 - CFD: 2015/07/31 10:32:05 - [] D -- C:\Users\tech\AppData\Roaming\Macromedia
O43 - CFD: 2014/11/19 21:45:58 - [0] D -- C:\Users\tech\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate
O43 - CFD: 2014/11/05 22:29:02 - [] D -- C:\Users\tech\AppData\Roaming\MassFaces
O43 - CFD: 2014/07/10 17:56:46 - [0] D -- C:\Users\tech\AppData\Roaming\Maxidix Wifi Autoconnection
O43 - CFD: 2015/09/13 11:49:19 - [] D -- C:\Users\tech\AppData\Roaming\Maxthon3
O43 - CFD: 2009/07/14 16:35:18 - [0] D -- C:\Users\tech\AppData\Roaming\Media Center Programs
O43 - CFD: 2014/05/30 18:38:00 - [] D -- C:\Users\tech\AppData\Roaming\MegaTypers
O43 - CFD: 2015/09/02 11:39:32 - [] SD -- C:\Users\tech\AppData\Roaming\Microsoft
O43 - CFD: 2014/05/23 18:37:16 - [] D -- C:\Users\tech\AppData\Roaming\Mirillis
O43 - CFD: 2015/09/15 16:00:01 - [0] D -- C:\Users\tech\AppData\Roaming\Moonchild Productions
O43 - CFD: 2014/11/12 12:38:47 - [] D -- C:\Users\tech\AppData\Roaming\MOVAVI
O43 - CFD: 2015/09/04 15:41:08 - [] D -- C:\Users\tech\AppData\Roaming\Mozilla
O43 - CFD: 2015/03/16 21:45:57 - [] D -- C:\Users\tech\AppData\Roaming\MultiBit
O43 - CFD: 2014/11/07 18:45:15 - [] D -- C:\Users\tech\AppData\Roaming\MultiDoge
O43 - CFD: 2014/12/30 22:23:43 - [] D -- C:\Users\tech\AppData\Roaming\myfreebit.co.in
O43 - CFD: 2014/07/08 15:02:49 - [0] D -- C:\Users\tech\AppData\Roaming\NeatImage SL
O43 - CFD: 2014/12/30 19:30:06 - [] D -- C:\Users\tech\AppData\Roaming\Obsidium
O43 - CFD: 2014/07/26 21:25:05 - [0] D -- C:\Users\tech\AppData\Roaming\ObviousIdea
O43 - CFD: 2015/09/09 17:53:50 - [0] D -- C:\Users\tech\AppData\Roaming\Octoshape
O43 - CFD: 2015/02/05 18:17:14 - [] D -- C:\Users\tech\AppData\Roaming\OmniCoin
O43 - CFD: 2015/06/11 20:04:47 - [] D -- C:\Users\tech\AppData\Roaming\Opera Software
O43 - CFD: 2014/12/26 16:33:18 - [] D -- C:\Users\tech\AppData\Roaming\Orobit
O43 - CFD: 2014/11/19 21:46:07 - [] D -- C:\Users\tech\AppData\Roaming\Pandacoin
O43 - CFD: 2014/10/15 14:35:08 - [] D -- C:\Users\tech\AppData\Roaming\PanoramaStudio2Pro
O43 - CFD: 2014/12/22 17:59:55 - [] D -- C:\Users\tech\AppData\Roaming\Paycoin
O43 - CFD: 2014/06/25 23:42:12 - [] D -- C:\Users\tech\AppData\Roaming\PotPlayerMini
O43 - CFD: 2014/10/24 16:02:58 - [] D -- C:\Users\tech\AppData\Roaming\prionote-1ca7c679d6c57098d0dccead4d2121e9
O43 - CFD: 2014/10/24 16:03:07 - [] D -- C:\Users\tech\AppData\Roaming\probmxtricks-ca9ecd17abd18da80b1c9ac9cb030e26
O43 - CFD: 2014/10/22 17:31:46 - [] D -- C:\Users\tech\AppData\Roaming\ProductData
O43 - CFD: 2014/08/21 17:58:32 - [] D -- C:\Users\tech\AppData\Roaming\Real
O43 - CFD: 2014/12/19 17:25:11 - [] D -- C:\Users\tech\AppData\Roaming\RoboForm
O43 - CFD: 2014/06/09 22:54:43 - [] D -- C:\Users\tech\AppData\Roaming\Screaming Bee
O43 - CFD: 2015/08/05 23:13:55 - [] D -- C:\Users\tech\AppData\Roaming\Skype
O43 - CFD: 2014/07/23 03:46:10 - [] D -- C:\Users\tech\AppData\Roaming\Softplicity
O43 - CFD: 2014/09/01 21:29:56 - [] D -- C:\Users\tech\AppData\Roaming\Solveig Multimedia
O43 - CFD: 2015/04/19 00:01:21 - [0] D -- C:\Users\tech\AppData\Roaming\Solvusoft
O43 - CFD: 2014/09/01 14:56:11 - [] D -- C:\Users\tech\AppData\Roaming\SourceTec
O43 - CFD: 2014/11/19 21:45:52 - [] D -- C:\Users\tech\AppData\Roaming\Speedcoin
O43 - CFD: 2014/05/24 15:02:24 - [] D -- C:\Users\tech\AppData\Roaming\Spiritsoft
O43 - CFD: 2014/07/28 22:04:58 - [] D -- C:\Users\tech\AppData\Roaming\Steganos
O43 - CFD: 2014/07/14 04:40:19 - [] D -- C:\Users\tech\AppData\Roaming\Steganos VPN
O43 - CFD: 2014/07/14 00:32:29 - [] D -- C:\Users\tech\AppData\Roaming\SuperHideIP
O43 - CFD: 2014/07/11 03:04:15 - [] D -- C:\Users\tech\AppData\Roaming\TechSmith
O43 - CFD: 2014/12/30 22:23:11 - [] D -- C:\Users\tech\AppData\Roaming\TeraCopy
O43 - CFD: 2014/10/17 21:35:52 - [] D -- C:\Users\tech\AppData\Roaming\Thinstall
O43 - CFD: 2014/06/12 16:58:55 - [] D -- C:\Users\tech\AppData\Roaming\Tomabo
O43 - CFD: 2015/03/31 22:20:51 - [] D -- C:\Users\tech\AppData\Roaming\tor
O43 - CFD: 2014/09/20 22:48:50 - [] D -- C:\Users\tech\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/07/31 10:32:25 - [] D -- C:\Users\tech\AppData\Roaming\UBot Studio
O43 - CFD: 2014/08/24 11:13:53 - [] D -- C:\Users\tech\AppData\Roaming\URSoft
O43 - CFD: 2014/12/25 19:05:04 - [] D -- C:\Users\tech\AppData\Roaming\uTorrent
O43 - CFD: 2014/07/23 03:28:22 - [] D -- C:\Users\tech\AppData\Roaming\VideoBooth
O43 - CFD: 2015/09/26 18:36:58 - [] D -- C:\Users\tech\AppData\Roaming\vlc
O43 - CFD: 2015/08/11 20:04:59 - [] D -- C:\Users\tech\AppData\Roaming\Web Page Maker
O43 - CFD: 2014/05/20 15:33:37 - [] D -- C:\Users\tech\AppData\Roaming\WinAVI
O43 - CFD: 2014/05/20 02:00:25 - [] D -- C:\Users\tech\AppData\Roaming\WinRAR
O43 - CFD: 2015/06/25 14:07:42 - [] SHD -- C:\Users\tech\AppData\Roaming\wyUpdate AU
O43 - CFD: 2014/07/05 00:42:14 - [] D -- C:\Users\tech\AppData\Roaming\xrecode2
O43 - CFD: 2015/07/31 15:53:16 - [] D -- C:\Users\tech\AppData\Roaming\YCanPDF
O43 - CFD: 2015/09/28 13:56:26 - [] D -- C:\Users\tech\AppData\Roaming\ZHP
O43 - CFD: 2015/08/31 20:31:31 - [0] D -- C:\Users\tech\AppData\Local\03D40274-1438123439-0541-2D06-890700080009
O43 - CFD: 2014/08/21 18:51:11 - [] D -- C:\Users\tech\AppData\Local\4kdownload.com
O43 - CFD: 2015/09/28 12:57:50 - [0] D -- C:\Users\tech\AppData\Local\73312950-F061-4E29-B2B4-46BDACD4F82C
O43 - CFD: 2015/07/02 15:17:16 - [] D -- C:\Users\tech\AppData\Local\Adobe
O43 - CFD: 2014/07/23 03:02:46 - [] D -- C:\Users\tech\AppData\Local\Allegorithmic
O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Application Data
O43 - CFD: 2014/10/22 11:35:16 - [] D -- C:\Users\tech\AppData\Local\Apps
O43 - CFD: 2015/01/07 21:37:25 - [] D -- C:\Users\tech\AppData\Local\ashampoo
O43 - CFD: 2015/09/24 20:29:10 - [] D -- C:\Users\tech\AppData\Local\assembly
O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\Users\tech\AppData\Local\ATI
O43 - CFD: 2014/10/23 00:33:33 - [] D -- C:\Users\tech\AppData\Local\Aurora 3D Animation Maker
O43 - CFD: 2014/08/23 21:27:16 - [] D -- C:\Users\tech\AppData\Local\AVG
O43 - CFD: 2014/08/24 00:52:54 - [] D -- C:\Users\tech\AppData\Local\Avg2014
O43 - CFD: 2015/09/24 23:31:43 - [] D -- C:\Users\tech\AppData\Local\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2015/01/16 16:20:02 - [] D -- C:\Users\tech\AppData\Local\BlackHawk
O43 - CFD: 2015/07/31 10:37:12 - [] D -- C:\Users\tech\AppData\Local\Blackwersus™
O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Chromatic Browser =>PUP.Optional.ChromaticBrowser
O43 - CFD: 2015/09/18 15:20:29 - [] D -- C:\Users\tech\AppData\Local\Chromium
O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Comodo
O43 - CFD: 2014/10/23 00:33:35 - [] D -- C:\Users\tech\AppData\Local\Configure
O43 - CFD: 2015/09/28 01:17:49 - [] D -- C:\Users\tech\AppData\Local\CrashDumps
O43 - CFD: 2015/01/07 21:38:53 - [] D -- C:\Users\tech\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 2015/09/13 23:25:35 - [] D -- C:\Users\tech\AppData\Local\CurrentCode
O43 - CFD: 2014/06/25 23:42:12 - [] D -- C:\Users\tech\AppData\Local\Daum
O43 - CFD: 2014/10/22 13:21:12 - [0] D -- C:\Users\tech\AppData\Local\Deployment
O43 - CFD: 2015/09/13 12:59:52 - [0] D -- C:\Users\tech\AppData\Local\Diagnostics
O43 - CFD: 2014/10/19 19:56:36 - [0] D -- C:\Users\tech\AppData\Local\DriverToolkit =>PUP.Optional.DriverToolkit
O43 - CFD: 2015/09/02 23:52:26 - [] D -- C:\Users\tech\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/04/12 16:04:03 - [] D -- C:\Users\tech\AppData\Local\Email_Account_Creator_Ext
O43 - CFD: 2015/06/17 14:22:05 - [0] SHD -- C:\Users\tech\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/17 14:22:04 - [0] SHD -- C:\Users\tech\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/17 14:22:05 - [0] SHD -- C:\Users\tech\AppData\Local\EmieUserList
O43 - CFD: 2015/04/18 17:57:41 - [] D -- C:\Users\tech\AppData\Local\FileViewPro
O43 - CFD: 2014/10/20 17:48:24 - [] D -- C:\Users\tech\AppData\Local\financialcalculator-6154b4757bad7cacda740d14c58b6388
O43 - CFD: 2014/10/18 23:41:56 - [] D -- C:\Users\tech\AppData\Local\gauthauthenticator-78ef3156e1ca5b74c14beac161614be7
O43 - CFD: 2015/07/20 23:32:30 - [] D -- C:\Users\tech\AppData\Local\Geckofx
O43 - CFD: 2014/11/24 00:30:22 - [] D -- C:\Users\tech\AppData\Local\Gomez
O43 - CFD: 2015/09/13 23:28:10 - [] D -- C:\Users\tech\AppData\Local\Google
O43 - CFD: 2014/08/09 19:43:02 - [] D -- C:\Users\tech\AppData\Local\GUI_9KW
O43 - CFD: 2015/06/01 11:41:48 - [] D -- C:\Users\tech\AppData\Local\GWX
O43 - CFD: 2015/02/04 15:39:03 - [] D -- C:\Users\tech\AppData\Local\hanahouhanah____Sender
O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Historique
O43 - CFD: 2015/02/09 23:57:40 - [] D -- C:\Users\tech\AppData\Local\Hola
O43 - CFD: 2014/06/04 18:38:26 - [] D -- C:\Users\tech\AppData\Local\Installer =>PUP.Optional.InstallPedia
O43 - CFD: 2015/07/31 10:37:10 - [0] D -- C:\Users\tech\AppData\Local\IntelRCapability
O43 - CFD: 2015/09/15 15:58:01 - [] D -- C:\Users\tech\AppData\Local\lifebrowser.life-host.info-17
O43 - CFD: 2014/05/20 20:54:09 - [] D -- C:\Users\tech\AppData\Local\Macromedia
O43 - CFD: 2015/08/15 18:58:39 - [0] D -- C:\Users\tech\AppData\Local\Master PDF Editor
O43 - CFD: 2015/08/18 16:26:50 - [] D -- C:\Users\tech\AppData\Local\Mega Limited
O43 - CFD: 2014/08/24 00:52:54 - [] D -- C:\Users\tech\AppData\Local\MFAData
O43 - CFD: 2015/09/02 17:00:29 - [] D -- C:\Users\tech\AppData\Local\Microsoft
O43 - CFD: 2014/05/19 19:20:21 - [0] D -- C:\Users\tech\AppData\Local\Microsoft Help
O43 - CFD: 2015/02/25 00:31:31 - [] D -- C:\Users\tech\AppData\Local\minergate
O43 - CFD: 2014/05/23 18:37:17 - [] D -- C:\Users\tech\AppData\Local\Mirillis
O43 - CFD: 2014/11/12 12:38:47 - [] D -- C:\Users\tech\AppData\Local\Movavi
O43 - CFD: 2014/08/20 00:43:00 - [] D -- C:\Users\tech\AppData\Local\Mozilla
O43 - CFD: 2014/07/08 22:56:50 - [] D -- C:\Users\tech\AppData\Local\Nik Software
O43 - CFD: 2015/06/11 20:04:48 - [] D -- C:\Users\tech\AppData\Local\Opera Software
O43 - CFD: 2014/10/19 00:21:15 - [] D -- C:\Users\tech\AppData\Local\prionote-1ca7c679d6c57098d0dccead4d2121e9
O43 - CFD: 2015/04/28 19:17:17 - [] D -- C:\Users\tech\AppData\Local\Programs
O43 - CFD: 2015/07/31 10:37:10 - [] D -- C:\Users\tech\AppData\Local\ServiceGoogle
O43 - CFD: 2014/10/19 22:46:37 - [] D -- C:\Users\tech\AppData\Local\Skype
O43 - CFD: 2014/05/23 18:56:41 - [] D -- C:\Users\tech\AppData\Local\TechSmith
O43 - CFD: 2015/09/28 12:14:38 - [0] D -- C:\Users\tech\AppData\Local\temp
O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/08/21 17:09:37 - [] D -- C:\Users\tech\AppData\Local\Thinstall
O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Torch =>PUP.Optional.Torch
O43 - CFD: 2014/09/20 22:48:50 - [] D -- C:\Users\tech\AppData\Local\TuneUp Software
O43 - CFD: 2015/09/11 17:59:21 - [] D -- C:\Users\tech\AppData\Local\UCBrowser
O43 - CFD: 2014/07/29 19:35:51 - [] D -- C:\Users\tech\AppData\Local\VirtualStore
O43 - CFD: 2014/10/03 20:23:09 - [] D -- C:\Users\tech\AppData\Local\VPNium
O43 - CFD: 2015/08/01 18:02:12 - [] D -- C:\Users\tech\AppData\Local\VS Revo Group
O43 - CFD: 2015/09/02 01:08:16 - [] D -- C:\Users\tech\AppData\Local\WiFi Guard
O43 - CFD: 2014/06/05 00:27:32 - [0] D -- C:\Users\tech\AppData\Local\WinAVI
O43 - CFD: 2014/09/16 21:59:58 - [] D -- C:\Users\tech\AppData\Local\womble
O43 - CFD: 2014/06/19 23:58:36 - [] D -- C:\Users\tech\AppData\Local\Wondershare
O43 - CFD: 2015/08/01 18:53:33 - [0] D -- C:\Users\tech\AppData\Local\Xara
O43 - CFD: 2015/05/26 19:44:54 - [] D -- C:\Users\tech\AppData\Local\YTMonster
O43 - CFD: 2014/05/20 15:33:37 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/13 10:40:08 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/09/27 16:34:56 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ApeeeGoSoft
O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 2015/09/04 22:32:13 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Format Factory
O43 - CFD: 2015/03/21 23:24:37 - [0] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/04/16 15:08:00 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GISolution
O43 - CFD: 2015/09/10 22:15:09 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/05/20 15:33:37 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/10/07 17:56:02 - [0] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stamp v0.85
O43 - CFD: 2015/08/18 16:38:44 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/05/20 15:33:37 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll ©
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll ©
---\\ Liste des pilotes du système (78) - 6s
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] ©
O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] ©
O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] ©
O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] ©
O58 - SDL:2015/08/31 18:42:40 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\drivers\aswKbd.sys [28144] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] ©
O58 - SDL:2015/08/31 18:42:32 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [454016] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] ©
O58 - SDL:2015/08/31 18:43:53 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1048344] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [447944] ©
O58 - SDL:2015/08/31 18:42:56 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [150672] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] ©
O58 - SDL:2013/02/14 12:41:10 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdW76.sys [96768] ©
O58 - SDL:2013/03/29 03:35:02 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [11658752] ©
O58 - SDL:2013/03/29 02:09:44 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [581120] ©
O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] ©
O58 - SDL:2014/07/18 08:11:34 A . (.Glarysoft Ltd - Boot Defrag Driver.) -- C:\Windows\System32\drivers\BootDefragDriver.sys [17600] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] ©
O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] ©
O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] ©
O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] ©
O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] ©
O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] ©
O58 - SDL:2015/05/22 09:59:06 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\Windows\System32\drivers\GUBootStartup.sys [20160] ©
O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] ©
O58 - SDL:2012/07/02 15:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [62784] ©
O58 - SDL:2010/11/20 14:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] ©
O58 - SDL:2011/03/11 07:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] ©
O58 - SDL:2015/05/20 13:55:54 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] ©
O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] ©
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816] ©
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272] ©
O58 - SDL:2015/09/28 13:07:06 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] ©
O58 - SDL:2015/06/18 08:41:56 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704] ©
O58 - SDL:2015/09/07 16:56:04 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\Neo_0002.sys [28640] ©
O58 - SDL:2015/04/29 18:40:14 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\Neo_0042.sys [28640] ©
O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] ©
O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] ©
O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] ©
O58 - SDL:2013/04/29 09:17:34 A . (.Panda Security, S.L. - Panda Kernel Memory Access Driver (x86).) -- C:\Windows\System32\drivers\PSKMAD.sys [47632]
O58 - SDL:2015/06/19 21:35:30 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\ptun0901.sys [27136] ©
O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] ©
O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] ©
O58 - SDL:2009/12/30 10:21:26 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\drivers\revoflt.sys [31800] ©
O58 - SDL:2011/09/29 10:30:34 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [646248] ©
O58 - SDL:2011/12/02 11:38:08 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RtHDMIVX.sys [239208] ©
O58 - SDL:2012/06/19 09:54:20 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4065296] ©
O58 - SDL:2014/02/07 13:17:24 A . (.Screaming Bee LLC - Screaming Bee Audio Driver.) -- C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992]
O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2015/09/07 16:55:15 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\see.sys [38240] ©
O58 - SDL:2009/07/14 01:00:40 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208] ©
O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] ©
O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] ©
O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] ©
O58 - SDL:2014/11/05 14:16:32 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\tap0901.sys [27136] ©
O58 - SDL:2014/05/17 01:42:38 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184] ©
O58 - SDL:2013/09/06 14:27:12 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [238352] ©
O58 - SDL:2013/09/06 14:25:40 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [131856] ©
O58 - SDL:2013/09/06 14:25:40 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [119056] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] ©
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (17) - 33s
O61 - LFC: 2015/09/28 00:18:29 A . (..) -- C:\Users\tech\Downloads\Programs\SalityKiller.exe [217928]
O61 - LFC: 2015/09/27 01:54:43 A . (.TheWindowsClub.com.) -- C:\Users\tech\Desktop\FixWin v 1.2.exe [541696]
O61 - LFC: 2015/09/28 00:14:42 A . (..) -- C:\Users\tech\Desktop\Uninstall Mozilla Firefox\Uninstall Mozilla Firefox\Uninstall Mozilla Firefox BySam.exe [252416]
O61 - LFC: 2015/09/28 00:14:22 A . (.GUWOU.) -- C:\Users\tech\Desktop\setup\setup.exe [544936]
O61 - LFC: 2015/09/28 01:33:24 A . (..) -- C:\Users\tech\AppData\Local\TechSmith\Snagit\Tray.bin [630]
O61 - LFC: 2015/09/28 01:18:03 A . (..) -- C:\Users\tech\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
O61 - LFC: 2015/09/28 13:07:29 A . (..) -- C:\Users\tech\AppData\Local\ATI\ACE\Manifest.Bin [28362]
O61 - LFC: 2015/09/24 20:29:18 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\b47f4cf8\00e9d8f6_7d9cd001\TechSmith.WPF.DLL [26112]
O61 - LFC: 2015/09/24 20:29:20 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\8a8dec68\00296891_35a8d001\Interop.SNAGITLib.DLL [110592]
O61 - LFC: 2015/09/24 20:29:17 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\482181c8\00e9d8f6_7d9cd001\TechSmith.WPF.DLL [26112]
O61 - LFC: 2015/09/24 23:13:34 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\f0e44b20\0040ae5f_d434cf01\Interop.SNAGITLib.DLL [110592]
O61 - LFC: 2015/09/24 23:13:36 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\c7a4940d\802ecf82_2437cf01\Interop.SNAGITLib.DLL [110592]
O61 - LFC: 2015/09/26 17:04:41 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\c7a4940d\008e6bb2_e875d001\Interop.SNAGITLib.DLL [110592]
O61 - LFC: 2015/09/26 17:04:34 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\9d0149fd\00bf21e1_795bd001\TechSmith.WPF.DLL [26112]
O61 - LFC: 2015/09/26 17:04:32 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\59e1c1d2\00bf21e1_795bd001\TechSmith.WPF.DLL [26112]
O61 - LFC: 2015/09/26 17:04:39 A . (.TechSmith Corp.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\48edac49\e082d56e_c372d001\TechSmith.CloudServices.Api.DLL [173888]
O61 - LFC: 2015/09/25 17:52:25 A . (..) -- C:\Users\tech\AppData\Local\Adobe\Acrobat\10.0\UserCache.bin [208450]
---\\ Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ©
---\\ Menu de démarrage Internet (20) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
---\\ Recherche d'infection sur les navigateurs (4) - 2s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - (Microsoft (Bing)) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {CCA24F17-73EA-46FB-BAB6-911673737192} - (Ask Search) - http://www.search.ask.com/ =>Toolbar.Ask
---\\ Enumère les services démarrés par Svchost (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928] ©
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [683520] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2606080] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\system32\qmgr.dll [849920] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] ©
---\\ Liste des exceptions du parefeu Windows (19) - 1s
O87 - FAEL: "{DF0AE690-43D9-4ABA-8AA7-88090A2084BC}" [In-None-P6-TRUE] .(.Copyright © Slicify/Affine Group Ltd 2013 - Slicify Node Service.) -- C:\ProgramData\slicify\Install\NodeService.exe
O87 - FAEL: "{E3C5979E-D02C-4F18-A1A9-CD45EFF427F4}" [In-None-P17-TRUE] .(.Copyright © Slicify/Affine Group Ltd 2013 - Slicify Node Service.) -- C:\ProgramData\slicify\Install\NodeService.exe
O87 - FAEL: "TCP Query User{7B58F1A2-65C3-4C1A-9469-11B05A9E9295}C:\program files (x86)\orobit\orobit-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\orobit\orobit-qt.exe (.not file.)
O87 - FAEL: "UDP Query User{8D51F735-4B83-4B25-B009-B66862F9FA16}C:\program files (x86)\orobit\orobit-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\orobit\orobit-qt.exe (.not file.)
O87 - FAEL: "TCP Query User{D1D066BC-FA4E-4A7E-A874-AE55C0D755C9}C:\program files (x86)\glowshares\glowshares-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\glowshares\glowshares-qt.exe (.not file.)
O87 - FAEL: "UDP Query User{412704B1-8299-49A4-BB68-12E7BECCED6F}C:\program files (x86)\glowshares\glowshares-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\glowshares\glowshares-qt.exe (.not file.)
O87 - FAEL: "TCP Query User{60E13269-957A-40CE-A799-0FA0D5114029}C:\windows\temp\rar$exa0.094\globalboost-y.exe" [In-None-P6-TRUE] .(...) -- C:\windows\temp\rar$exa0.094\globalboost-y.exe (.not file.)
O87 - FAEL: "UDP Query User{A2C3DD03-272B-4D03-B459-9D9723AC09A9}C:\windows\temp\rar$exa0.094\globalboost-y.exe" [In-None-P17-TRUE] .(...) -- C:\windows\temp\rar$exa0.094\globalboost-y.exe (.not file.)
O87 - FAEL: "TCP Query User{97D2D037-5E84-4AE7-B311-75D32F047B2C}C:\program files (x86)\litecoin\litecoin-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\litecoin\litecoin-qt.exe (.not file.)
O87 - FAEL: "UDP Query User{F8E5E286-99C5-4C74-9BE6-1791B4AD55F8}C:\program files (x86)\litecoin\litecoin-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\litecoin\litecoin-qt.exe (.not file.)
O87 - FAEL: "TCP Query User{4BC4628B-3046-4E7A-9E1E-AE89326AA5EF}C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe" [In-None-P6-TRUE] .(...) -- C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe (.not file.)
O87 - FAEL: "UDP Query User{DD24C5E3-D22F-4B25-8F28-DC2A51559FA6}C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe" [In-None-P17-TRUE] .(...) -- C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe (.not file.)
O87 - FAEL: "{54B47ED4-2E27-40AE-922A-E5A25BFBBCED}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Hide My IP 6\HideMyIP.exe (.not file.)
O87 - FAEL: "{52213FF1-40E7-4703-AC78-DDD37DC3F67D}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Hide My IP 6\HideMyIpSrv.exe (.not file.)
O87 - FAEL: "{B8EE7BF2-2A0A-4871-BC29-577AFF73BA6E}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.)
O87 - FAEL: "{BC289903-7FBB-41C8-AF15-0FC3F24947D8}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.)
O87 - FAEL: "{45A1933B-4202-4E5B-9EA3-228A0FB619CC}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.)
O87 - FAEL: "{10ADF3A6-7F5B-4936-9245-A59E6338ADA5}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.)
O87 - FAEL: "{93383CE2-5118-4774-9386-193632807739}" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.)
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (21) - 12s
SR - Auto [2014/12/03 10:06:08] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [2015/09/22 10:21:08] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [2013/03/29 02:34:18] [ 241152] (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe ©
SR - Auto [2015/08/31 18:42:48] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
SR - Auto [2015/08/31 18:42:31] [ 109008] Avast Firewall (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe ©
SR - Auto [2013/11/27 12:26:14] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe ©
SR - Auto [2015/09/17 13:18:58] [ 441856] EdocSave (EdocSave) . (...) - C:\ProgramData\EdocSave\EdocSave.exe
SS - Auto [2015/09/22 22:20:45] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/09/22 22:20:45] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Disabled [2014/12/19 17:14:12] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe ©
SR - Auto [2012/04/20 14:16:12] [ 635104] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
SR - Auto [2012/06/25 10:57:14] [ 166720] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
SR - Auto [2012/07/17 14:57:20] [ 277824] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
SR - Auto [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SR - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2015/08/26 13:46:31] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SR - Auto [2011/09/22 17:30:58] [ 66560] This service enables products that use the Nalpeiron Licens (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\nlssrv32.exe ©
SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SR - Auto [2015/01/26 08:48:10] [ 3408384] TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation.) - C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe ©
SR - Auto [2012/07/17 14:57:22] [ 365376] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©
---\\ Recherche de clés de registre Tracing (12) - 3s
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASAPI32 =>PUP.Optional.RegistryReviver
HKLM\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASMANCS =>PUP.Optional.RegistryReviver
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>PUP.Optional.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>PUP.Optional.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASAPI32 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASMANCS =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>PUP.Optional.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>PUP.Optional.BabSolution
---\\ Scan Additionnel (44) - 0s
C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock
C:\Windows\System32\Tasks\LaunchApp =>PUP.Optional.MyPCBackup
C:\Windows\System32\Tasks\YTAHelper =>PUP.Optional.Goobzo
HKLM\SOFTWARE\Wow6432Node\46db666a-4fe4-41ed-872d-18cc50d0d222 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\SafetyNut =>PUP.Optional.MoviesToolbar
HKLM\SOFTWARE\Wow6432Node\SiteFinder =>PUP.Optional.ShoppingReport
HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader
HKCU\SOFTWARE\Goobzo =>PUP.Optional.Goobzo
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>PUP.Optional.SmartBar
C:\Program Files (x86)\Application Updater =>PUP.Optional.Dealio
C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker
C:\Program Files (x86)\CuTTihEPrrice =>PUP.Optional.Multiplug
C:\Program Files (x86)\DriverToolkit =>PUP.Optional.DriverToolkit
C:\Program Files (x86)\ssaave on =>PUP.Optional.Multiplug
C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\Babylon =>PUP.Optional.Babylon
C:\ProgramData\InstallMate =>PUP.Optional.Tarma
C:\ProgramData\ProductData =>PUP.Optional.Generic
C:\ProgramData\ssaave on =>PUP.Optional.Multiplug
C:\ProgramData\YTAHelper =>PUP.Optional.Goobzo
C:\Users\tech\AppData\Roaming\Babylon =>PUP.Optional.Babylon
C:\Users\tech\AppData\Roaming\IHlpr =>PUP.Optional.IHlpr
C:\Users\tech\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate
C:\Users\tech\AppData\Local\Babylon =>PUP.Optional.Babylon
C:\Users\tech\AppData\Local\Chromatic Browser =>PUP.Optional.ChromaticBrowser
C:\Users\tech\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\Users\tech\AppData\Local\DriverToolkit =>PUP.Optional.DriverToolkit
C:\Users\tech\AppData\Local\Installer =>PUP.Optional.InstallPedia
C:\Users\tech\AppData\Local\Torch =>PUP.Optional.Torch
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASAPI32 =>PUP.Optional.RegistryReviver
HKLM64\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASMANCS =>PUP.Optional.RegistryReviver
HKLM64\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>PUP.Optional.TornTV
HKLM64\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>PUP.Optional.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASAPI32 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASMANCS =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>PUP.Optional.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>PUP.Optional.BabSolution
---\\ Récapitulatif des éléments trouvées sur votre station (27) - 0s
http://www.nicolascoolman.fr/blog =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/pup-mypcbackup/ =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/pup-goobzo/ =>PUP.Optional.Goobzo
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/blog =>PUP.Optional.MoviesToolbar
http://www.nicolascoolman.fr/adware-shoppingreport/ =>PUP.Optional.ShoppingReport
http://www.nicolascoolman.fr/pup-yourfiledownloader/ =>PUP.Optional.YourFileDownloader
http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/pup-dealio/ =>PUP.Optional.Dealio
http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/blog =>PUP.Optional.DriverToolkit
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Optional.Babylon
http://www.nicolascoolman.fr/pup-tarma/ =>PUP.Optional.Tarma
http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic
http://www.nicolascoolman.fr/blog =>PUP.Optional.IHlpr
http://www.nicolascoolman.fr/blog =>PUP.Optional.MailUpdate
http://www.nicolascoolman.fr/blog =>PUP.Optional.ChromaticBrowser
http://www.nicolascoolman.fr/blog =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia
http://www.nicolascoolman.fr/blog =>PUP.Optional.Torch
http://www.nicolascoolman.fr/blog =>PUP.Optional.RegistryReviver
http://www.nicolascoolman.fr/hijacker-torntv/ =>PUP.Optional.TornTV
http://www.nicolascoolman.fr/hijacker-babsolution/ =>PUP.Optional.BabSolution
~ End of the scan, 33437 items in 113 seconds (1309)(0)()
~ Démarré par tech (Administrator) (2015/09/28 13:56:11)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\tech\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\tech\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Navigateurs Internet (3) - 0s
GCIE: Google Chrome v45.0.2454.99
MFIE: Mozilla Firefox 40.0.3 (x86 en-US) v40.0.3
MSIE: Internet Explorer v11.0.9600.18015
---\\ Informations sur les produits Windows (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection (3) - 2s
Avast Premier v10.3.2225
Malwarebytes Anti-Malware version 2.1.8.1057
Windows Defender W7 (Activate)
---\\ Logiciels de protection et autres (Superflus) (1) - 3s
McAfee Security Scan Plus v3.8.150.1
---\\ Surveillance de Logiciels (2) - 3s
Adobe Flash Player 19 NPAPI
Adobe Reader X
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4157.312 MB (62% free)
~ System Restore: Activé (Enable)
~ System drive C: has 46 GB free of 102 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: TECH-PC
~ User Name: tech
~ Logged in as Administrator
---\\ Enumération des unités disques (3) - 0s
~ Drive C: has 46 GB free of 102 GB (System)
~ Drive D: has 67 GB free of 101 GB
~ Drive E: has 75 GB free of 101 GB
---\\ Etat du Centre de Sécurité Windows (15) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Recherche particulière de fichiers génériques (26) - 1s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2871808] ©
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568] ©
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [129024] ©
[MD5.A55305B1CACD38EAC176CC532B2053AC] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2427392] ©
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [455168] ©
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [232448] ©
[MD5.492D07D79E7024CA310867B526D9636D] - (.Microsoft Corporation - DNS DLL de l’API Client.) () -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - (.Microsoft Corporation - DNS DLL de l’API Client.) () -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] ©
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152] ©
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128] ©
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160] ©
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456] ©
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400] ©
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368] ©
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472] ©
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224] ©
[MD5.43E1F4B0EFDC244D2A83995CCD7846F7] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [159232] ©
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632] ©
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928] ©
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [97280] ©
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] ©
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [165888] ©
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184] ©
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296] ©
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [295808] ©
---\\ Processus lancés (40) - 1s
[MD5.310F86335B0505DDC6D2DD48E66EF06B] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [241152] [PID.956] ©
[MD5.4956380A54B1C9E6BFDF3D80DACB9698] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1276] ©
[MD5.AF09E0E7239052DDE959F2662C42D94A] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [109008] [PID.1456] ©
[MD5.4C72FDD915D62EAEF149BD9C73AB9CF4] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1568] ©
[MD5.BA268AF05C0911BC65EA4DE2DE26105F] - (...) -- C:\ProgramData\EdocSave\EdocSave.exe [441856] [PID.1756]
[MD5.C99F8E90DE4B8F0C7FE15BB1CBCD29DC] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104] [PID.2020] ©
[MD5.78ABBE558F57144047F10A0F50FE4B2F] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720] [PID.1296] ©
[MD5.301E3FDFCF33640BB8763BA444BC5093] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1576] ©
[MD5.83C982A395D00BAFF6515FB38424EA76] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880] [PID.2068] ©
[MD5.B1EF4686961986DFFB7FE8F18E6FCB5B] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\nlssrv32.exe [66560] [PID.2104] ©
[MD5.439BD966130226F464DC15F55ABD266E] - (.TechSmith Corporation - TechSmith Uploader Service.) -- C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384] [PID.2452] ©
[MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.1144] ©
[MD5.B8FFCE08932042E0D108F92FED9CF59E] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [562688] [PID.3320] ©
[MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.3140] ©
[MD5.834A309C2FDF52FC09353F348CFE1235] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184] [PID.3856] ©
[MD5.ADE3D7AD36CA238C6D58E5E93392D2F8] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056] [PID.3180] ©
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.3748] ©
[MD5.4D3FA23829B4AE3A0563113716259AC9] - (.TechSmith Corporation - Snagit.) -- C:\Program Files (x86)\TechSmith\Snagit 12\Snagit32.exe [7434560] [PID.3168] ©
[MD5.A72BB48D9014A7D7C05F02F595F52D60] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe [245576] [PID.3932] ©
[MD5.E337785DA1958E9AB02DDB2369EF46E8] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe [307016] [PID.624] ©
[MD5.07A37CB5C5A01E73FB69F138FAE2DB0E] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128] [PID.3284] ©
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3960] ©
[MD5.1E09DFA4048196C9D3CC40C485A39422] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299008] [PID.3328] ©
[MD5.74CDE657245C114B98816E89B8D4CCD1] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299008] [PID.2760] ©
[MD5.E1F5833D38EF98EC19C5DE6436A5F969] - (.Glarysoft Ltd - Glary Utilities 5.) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [889632] [PID.4700] ©
[MD5.F66203AF9C159E2CBD54DF981654F499] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824] [PID.4180] ©
[MD5.84289E333459DD1C5E9F2DC204FB1608] - (.TechSmith Corporation - Snagit RPC Helper.) -- C:\Program Files (x86)\TechSmith\Snagit 12\SnagPriv.exe [151872] [PID.1340] ©
[MD5.BA268AF05C0911BC65EA4DE2DE26105F] - (...) -- C:\ProgramData\EdocSave\EdocSave.exe [441856] [PID.4948]
[MD5.0A1810F3CF866F67856C8A4E98194493] - (.TechSmith Corporation - TechSmith HTML Help Helper.) -- C:\Program Files (x86)\TechSmith\Snagit 12\TscHelp.exe [46080] [PID.4820] ©
[MD5.749A4EA9D92161BDA3CD59BBF6706949] - (.TechSmith Corporation - Snagit Editor.) -- C:\Program Files (x86)\TechSmith\Snagit 12\snagiteditor.exe [8604992] [PID.5092] ©
[MD5.2C24DC448DBE8DB9BE1441B824C57E79] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277824] [PID.3492] ©
[MD5.E1A119AD21F5AFE22EB516C549306D3D] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [365376] [PID.4940] ©
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.772] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.6092] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5408] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5436] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5388] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.6032] ©
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] [PID.5516] ©
[MD5.BEB274EF932F3AD40F15AE7DCD1F53DA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\tech\Downloads\Programs\ZHPDiag3.exe [1939968] [PID.5380] ©
---\\ Google Chrome, Démarrage,Recherche,Extensions (30) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://fonts.googleapis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lp.baboom.audio
G0 - GCSP: Preferences [User Data\Default][HomePage] http://n20.adshostnet.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://n20adshostnet.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://srv.desk-top-app.info
G0 - GCSP: Preferences [User Data\Default][HomePage] http://stats.g.doubleclick.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.googleusercontent.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mynamedomain.koko
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/ =>PUP.Optional.OurSurfing
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bmnlcjabgnpnenekpadlanbbkooimhnj] Honey
G2 - GCE: Preference [User Data\Default] [bpgpffljkgjmijjdmjbdppndoojdgboe] Facebook Secret Emoticons
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dhdgffkkebhmkfjojejmpbldmpobfkfo] Tampermonkey
G2 - GCE: Preference [User Data\Default] [dkfhfaphfkopdgpbfkebjfcblcafcmpi] MightyText SMS from PC Text from Computer
G2 - GCE: Preference [User Data\Default] [eofcbnmajmjmplflapaojjnihcjkigck] Avast SafePrice
G2 - GCE: Preference [User Data\Default] [fdcgdnkidjaadafnichfpabhfomcebme] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fngmhnnpilhplaeedifhccceomclgfbg] EditThisCookie
G2 - GCE: Preference [User Data\Default] [immhpnclomdloikkpcefncmfgjbkojmh] Emoji Input by EmojiStuff.com
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [omghfjlpggmjjaagoclmmobgdodcjboh] Browsec
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Firefox, Plugins,Demarrage,Recherche,Extensions (4) - 1s
M0 - MFSP: prefs.js [tech - lu02qlv9.default-1443311399777] https://www.malwarebytes.org/restorebrowser/
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - FPN: [HKCU] [@hola.org/vlc,version=1.8.164] - (...) -- C:\Users\tech\AppData\Local\Hola\firefox\app\vlc
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll ©
---\\ Opera, Démarrage,Recherche,Plugins (1) - 0s
B2 - EXT: [__MSG_appName__] C:\Users\tech\AppData\Roaming\Opera Software\Opera Stable\Extensions\chfnopmklmpinabemlmldefhbhgkglmc
---\\ Internet Explorer,Démarrage,Recherche,URLSearchHook (23) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
---\\ Internet Explorer,Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Internet Explorer,IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©
---\\ Etude du fichier hosts (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)
---\\ Browser Helper Object de navigateur (BHO) (4) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} (Orphean)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ©
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
---\\ Applications lancées au démarrage du système (14) - 0s
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ©
O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe ©
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1443442034
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe ©
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe ©
O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - Glary Utilities StartupManager.) -- C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe ©
O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©
O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\tech\AppData\Local\Microsoft\BingSvc\BingSvc.exe ©
O4 - HKUS\S-1-5-21-978478050-2410835614-1606204549-1000\..\RunOnce: [Adobe Speed Launcher] 1443442034
---\\ Winsock hijacker (Layered Service Provider) (3) - 1s
O10 - WLSP:\Catalog_Entries64\000000000001\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000002\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000013\Winsock LSP File . (.SumRando.) -- C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock
---\\ Modification Domaine/Adresses DNS (9) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpDomain = domain.name
---\\ Protocole additionnel (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL ©
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\ProgramData\EdocSave\ZerStatsoft.dll
---\\ Liste des services NT non Microsoft et non désactivés (16) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe ©
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: Avast Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe ©
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe ©
O23 - Service: EdocSave (EdocSave) . (...) - C:\ProgramData\EdocSave\EdocSave.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: This service enables products that use the Nalpeiron Licens (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\nlssrv32.exe ©
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation - TechSmith Uploader Service.) - C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe ©
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©
---\\ Enumère les données de BootExecute (1) - 0s
O34 - HKLM BootExecute: (BootDefrag.exe)
---\\ Tâches planifiées en automatique (44) - 4s
[MD5.C6D147C12C424373B016C0AB0A6C61EB] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] ©
[MD5.76F586CEF7018BD376CBBD74AEAC93F5] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1373872] ©
[MD5.00000000000000000000000000000000] [APT] [Driver Booster SkipUAC (tech)] (...) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (.not file.) [0]
[MD5.5168ABDED2C163FEC3699C6BF0723AB2] [APT] [GlaryInitialize 5] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [118048] ©
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.E1F5833D38EF98EC19C5DE6436A5F969] [APT] [GU5SkipUAC] (.Glarysoft Ltd.) -- C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [889632] ©
[MD5.00000000000000000000000000000000] [APT] [LaunchApp] (...) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (.not file.) [0] =>PUP.Optional.MyPCBackup
[MD5.63D4BC1DABF35B13C94A9FAE02D7C0FF] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [265640] ©
[MD5.00000000000000000000000000000000] [APT] [Opera scheduled Autoupdate 1434049471] (...) -- C:\Program Files (x86)\Opera\launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [PCShower2014] (...) -- C:\Program Files (x86)\PC Shower 2014\StartupShield.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Run RoboForm TaskBar Icon] (...) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (.not file.) [0]
[MD5.E0DEBE808C0FC71F6CAAB979547F84CD] [APT] [TechSmith Updater] (.TechSmith Corporation.) -- C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56704] ©
[MD5.00000000000000000000000000000000] [APT] [Trojan Remover] (...) -- C:\Program Files\Loaris\Trojan Remover\ltr.exe (.not file.) [0]
[MD5.3D9C36AEF23B3ECFDFD1375BBF1ACAA7] [APT] [update-S-1-5-21-978478050-2410835614-1606204549-1000] (.Copyright 2009.) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105760]
[MD5.3D9C36AEF23B3ECFDFD1375BBF1ACAA7] [APT] [update-sys] (.Copyright 2009.) -- C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [105760]
[MD5.00000000000000000000000000000000] [APT] [YTAHelper] (...) -- C:\Program Files (x86)\YTAHelper\YTAHelper.exe (.not file.) [0] =>PUP.Optional.Goobzo
[MD5.00000000000000000000000000000000] [APT] [{9C8DAFD3-EDD0-4C64-93BA-C49E0FB77DDA}] (...) -- C:\Program Files (x86)\Time Stopper\Time Stopper.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [834] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [838] ©
O39 - APT: update-S-1-5-21-978478050-2410835614-1606204549-1000 - (.Copyright 2009.) -- C:\Windows\Tasks\update-S-1-5-21-978478050-2410835614-1606204549-1000.job [386]
O39 - APT: update-sys - (.Copyright 2009.) -- C:\Windows\Tasks\update-sys.job [386]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3940] ©
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] ©
O39 - APT: Driver Booster SkipUAC (tech) - (...) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (tech) [2854]
O39 - APT: GlaryInitialize 5 - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\GlaryInitialize 5 [3308] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3582] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3834] ©
O39 - APT: GU5SkipUAC - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\GU5SkipUAC [2968] ©
O39 - APT: LaunchApp - (...) -- C:\Windows\System32\Tasks\LaunchApp [4022] =>PUP.Optional.MyPCBackup
O39 - APT: Maxthon Update - (.Maxthon International ltd..) -- C:\Windows\System32\Tasks\Maxthon Update [3578] ©
O39 - APT: Opera scheduled Autoupdate 1434049471 - (...) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434049471 [3842]
O39 - APT: PCShower2014 - (...) -- C:\Windows\System32\Tasks\PCShower2014 [3294]
O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-978478050-2410835614-1606204549-1000 [3222]
O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-978478050-2410835614-1606204549-1000 [3358]
O39 - APT: Run RoboForm TaskBar Icon - (...) -- C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon [3488]
O39 - APT: TechSmith Updater - (.TechSmith Corporation.) -- C:\Windows\System32\Tasks\TechSmith Updater [3800] ©
O39 - APT: Trojan Remover - (...) -- C:\Windows\System32\Tasks\Trojan Remover [3126]
O39 - APT: update-S-1-5-21-978478050-2410835614-1606204549-1000 - (.Copyright 2009.) -- C:\Windows\System32\Tasks\update-S-1-5-21-978478050-2410835614-1606204549-1000 [3258]
O39 - APT: update-sys - (.Copyright 2009.) -- C:\Windows\System32\Tasks\update-sys [3282]
O39 - APT: YTAHelper - (...) -- C:\Windows\System32\Tasks\YTAHelper [4642] =>PUP.Optional.Goobzo
---\\ Logiciels installés (86) - 10s
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player ©
O42 - Logiciel: WinRAR 4.11 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {003B37AE-21F5-5BC5-F5EB-CD60A8928696} ©
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {35D00343-3BFA-46A1-C6DD-FFD770501E0B} ©
O42 - Logiciel: Revo Uninstaller Pro 3.1.2 - (.VS Revo Group, Ltd..) [HKLM][64Bits] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {AAFE68DD-A2D5-BDBF-E1B2-CB01DEFD6EB0} ©
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: ASMubashir - (.ApeeeGoSoft.) [HKLM][64Bits] -- ASMubashir
O42 - Logiciel: Avast Premier - (.AVAST Software.) [HKLM][64Bits] -- Avast ©
O42 - Logiciel: AVS Registry Cleaner 3.0.2.271 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Registry Cleaner_is1 ©
O42 - Logiciel: Format Factory - (.Free Time.) [HKLM][64Bits] -- Format Factory ©
O42 - Logiciel: Glary Utilities 5.32 - (.Glarysoft Ltd.) [HKLM][64Bits] -- Glary Utilities 5 ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager ©
O42 - Logiciel: LAV Filters 0.60.1 - (.Hendrik Leppkes.) [HKLM][64Bits] -- lavfilters_is1 ©
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM][64Bits] -- Maxthon3 ©
O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 en-US) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: Potplayer - (.Daum Kakao Corp..) [HKLM][64Bits] -- PotPlayer
O42 - Logiciel: Snagit Stamps Green-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {018BD7C8-4113-11E1-A9E6-C0BD4724019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {05C08CC0-5D33-48A6-B06F-CFE75FFD9843} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {076C6BC1-C1C9-4936-86A7-09CC8521571D} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {07AF20A1-FF2E-40DB-899E-3DB94E1C784F} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {083245AC-CB49-4986-9131-0B87C4BCCCFA} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {09E69001-06F9-4767-A7C5-414985CD44CA} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {0F01AF26-ABB5-4F07-8202-4A2E461EDA4F} ©
O42 - Logiciel: Microsoft VC90 CRT + OMP - (.ZJMedia Ltd..) [HKLM][64Bits] -- {0F931735-0098-4FF6-A49D-17882A294F51}
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {1055F079-7664-4990-83FB-F41F67B5A278} ©
O42 - Logiciel: Snagit Stamps Black-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {1BCD39C2-4084-11E1-AF82-C8814824019B} ©
O42 - Logiciel: Snagit Stamps Orange-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {22EDAC30-4117-11E1-BA47-02C34724019B} ©
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {26B0419F-123C-44C7-8FB0-1A30CAE4E2DF} ©
O42 - Logiciel: Snagit Stamps Orange-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {26E5FC52-4117-11E1-9874-03C34724019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {274A3B8B-68B7-4F41-95FD-D93B0AEB7EAA} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {2911949E-976C-4635-9CE1-77E8669EAB74} ©
O42 - Logiciel: Snagit Stamps Black-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {2D39E78E-4082-11E1-8E70-837F4824019B} ©
O42 - Logiciel: Snagit Stamps Blue-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {30443A94-4085-11E1-AB66-47834824019B} ©
O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM][64Bits] -- {31B12C11-AE4E-479F-8D6D-242DC265368D}
O42 - Logiciel: Snagit Stamps Windows-Interface - (.TechSmith Corporation.) [HKLM][64Bits] -- {39375D14-42D0-11E1-8E6B-27824824019B} ©
O42 - Logiciel: Snagit Stamps Geometry - (.TechSmith Corporation.) [HKLM][64Bits] -- {3A8A51E6-FB51-11E1-A58B-13826188709B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {3D102FE6-622F-406E-8AB4-925A8E3A7D5A} ©
O42 - Logiciel: Snagit Stamps Blue-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {3D86B9C0-4085-11E1-83C7-5D834824019B} ©
O42 - Logiciel: Snagit Stamps Purple-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {483B10D6-4117-11E1-925B-27C34724019B} ©
O42 - Logiciel: Snagit Stamps Purple-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {4B777136-4117-11E1-AE24-28C34724019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {4C6BC9DF-9D69-4544-9FC3-E01FD463FF5A} ©
O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM][64Bits] -- {50f2d2b0-9e6e-466f-b418-b3526b61aa3f} ©
O42 - Logiciel: Camtasia Studio 8 - (.TechSmith Corporation.) [HKLM][64Bits] -- {5303CFB5-D635-44F0-A94B-9611E81F07C4} ©
O42 - Logiciel: Realtek HDMI Audio Driver for ATI - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5449FB4F-1802-4D5B-A6D8-087DB1142147} ©
O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM][64Bits] -- {588591F5-74D7-4646-87C5-6A07E526F303} ©
O42 - Logiciel: Snagit Stamps Business - (.TechSmith Corporation.) [HKLM][64Bits] -- {5CFC8740-4124-11E1-B134-42D54724019B} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {65406A75-3FC2-4CA4-A139-35D2ED14B9B9} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {6D9E366A-907C-4FBD-8C3D-D0F99309E0F4} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {6F9B01C2-9DD8-49D7-A19D-F1F55ECF4D4A} ©
O42 - Logiciel: Snagit Stamps Algebra - (.TechSmith Corporation.) [HKLM][64Bits] -- {77B73A50-FB53-11E1-82FE-F7836188709B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {7ABB4A2D-73AD-4758-B4A8-79D1B90C474D} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {80FCAC3D-C5F2-429F-BBCF-A360CDC88BBA} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8317B24F-7C37-4E01-B19F-72318D8B4D65} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {881D807E-D4B8-4C38-9FB5-E3DB78B77825} ©
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {89A20651-156D-4CA1-8DF0-98C62ACCFD48} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8C603F0B-3130-41F8-9995-751F2750D544} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {8E919001-99F2-441D-9DFD-47DDCB4D9D1F} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {9442353B-D459-4B4F-8A42-A6EE44CA8F29} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {AB78404A-FF9C-428B-9DE3-95260C86A197} ©
O42 - Logiciel: Adobe Reader X (10.1.13) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001} ©
O42 - Logiciel: Snagit Stamps Red-Letters - (.TechSmith Corporation.) [HKLM][64Bits] -- {ADE8CCAC-4117-11E1-9571-7CC34724019B} ©
O42 - Logiciel: Snagit Stamps Red-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {B29C2D02-4117-11E1-B33A-7DC34724019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {BE14995C-790A-4531-BBF2-2E1AAAC0EDB9} ©
O42 - Logiciel: Snagit Stamps Powered-By-Snagit - (.TechSmith Corporation.) [HKLM][64Bits] -- {E0A34714-4142-11E1-AE8D-6AFD4724019B} ©
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E2F0AF23-FE2F-4222-9A43-55E63CC41EF1} ©
O42 - Logiciel: Snagit Stamps Windows-Cursors - (.TechSmith Corporation.) [HKLM][64Bits] -- {E5D3C548-4146-11E1-87F1-83034824019B} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {EE6B9D86-79BD-4669-B9AA-B2D5021B9883} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: Snagit Stamps GeneratedStamps - (.TechSmith Corporation.) [HKLM][64Bits] -- {F16969E6-348A-462F-A7A0-2F35499A2CCB} ©
O42 - Logiciel: Snagit Stamps Windows-Keyboard - (.TechSmith Corporation.) [HKLM][64Bits] -- {F26248F2-4146-11E1-8A7A-88034824019B} ©
O42 - Logiciel: Snagit Stamps Green-Numbers - (.TechSmith Corporation.) [HKLM][64Bits] -- {FBEC8682-4112-11E1-92F9-ABBD4724019B} ©
O42 - Logiciel: 3D Youtube Downloader - (.3DYD Soft.) [HKCU][64Bits] -- 3D Youtube Downloader
---\\ HKCU & HKLM Software Keys (213) - 10s
HKLM\SOFTWARE\Wow6432Node\46db666a-4fe4-41ed-872d-18cc50d0d222 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\ADSRemoval
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Arafasoft
HKLM\SOFTWARE\Wow6432Node\AS_Mubashir
HKLM\SOFTWARE\Wow6432Node\ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\AVS4YOU
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Bitcoin Core (32-bit)
HKLM\SOFTWARE\Wow6432Node\ChrisPC DNS Switch
HKLM\SOFTWARE\Wow6432Node\ChrisPC Proxy
HKLM\SOFTWARE\Wow6432Node\Chromium
HKLM\SOFTWARE\Wow6432Node\Comodo
HKLM\SOFTWARE\Wow6432Node\CoreCodec
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\DAUM
HKLM\SOFTWARE\Wow6432Node\Debug
HKLM\SOFTWARE\Wow6432Node\DivX
HKLM\SOFTWARE\Wow6432Node\Glarysoft
HKLM\SOFTWARE\Wow6432Node\Glowshares
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Greatis
HKLM\SOFTWARE\Wow6432Node\GSA
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\InterVideo
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Lake
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Litecoin
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MassFaces
HKLM\SOFTWARE\Wow6432Node\Maxthon3
HKLM\SOFTWARE\Wow6432Node\McAfee.com
HKLM\SOFTWARE\Wow6432Node\mcafeeupdater
HKLM\SOFTWARE\Wow6432Node\Minergate Inc
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\mtEdocSave
HKLM\SOFTWARE\Wow6432Node\MunSoft
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OldTimer Tools
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Panda Software
HKLM\SOFTWARE\Wow6432Node\PandaCoin
HKLM\SOFTWARE\Wow6432Node\Paycoin
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\RSystem64
HKLM\SOFTWARE\Wow6432Node\SafetyNut =>PUP.Optional.MoviesToolbar
HKLM\SOFTWARE\Wow6432Node\Siber Systems
HKLM\SOFTWARE\Wow6432Node\SiteFinder =>PUP.Optional.ShoppingReport
HKLM\SOFTWARE\Wow6432Node\SkillBrains
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SoftEther Project
HKLM\SOFTWARE\Wow6432Node\Sonic
HKLM\SOFTWARE\Wow6432Node\Speedcoin Wallet
HKLM\SOFTWARE\Wow6432Node\Steganos
HKLM\SOFTWARE\Wow6432Node\Swearware
HKLM\SOFTWARE\Wow6432Node\TechSmith
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\UCBrowserPID
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\VisioForge Media Player SDK Redist (Delphi)
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\3DYD Soft
HKCU\SOFTWARE\4kdownload.com
HKCU\SOFTWARE\ABSoft
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Aidfile recovery professional
HKCU\SOFTWARE\AMD
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Arafasoft
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\B1bl3Coin
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\Beyluxe Messenger
HKCU\SOFTWARE\Bitcoin
HKCU\SOFTWARE\Boilsoft
HKCU\SOFTWARE\CAPTcoin
HKCU\SOFTWARE\CardRecoveryPro
HKCU\SOFTWARE\CardRecoveryPro_Init
HKCU\SOFTWARE\Chedot
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Code Industry
HKCU\SOFTWARE\Code Sector
HKCU\SOFTWARE\DAUM
HKCU\SOFTWARE\David Esperalta
HKCU\SOFTWARE\Dogecoin
HKCU\SOFTWARE\DownloadCenter
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Drivers
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Elecard
HKCU\SOFTWARE\ELTIMA Software
HKCU\SOFTWARE\EximiousSoft
HKCU\SOFTWARE\FDC Manager
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\giveawayoftheday.com
HKCU\SOFTWARE\GlarySoft
HKCU\SOFTWARE\GlobalBoost
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Goobzo =>PUP.Optional.Goobzo
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Greatis
HKCU\SOFTWARE\Gyazo
HKCU\SOFTWARE\Hardware Settings
HKCU\SOFTWARE\HitLeap
HKCU\SOFTWARE\Hola
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\iMacros
HKCU\SOFTWARE\inSpeakData
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\iSpring Solutions
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Kungsoft
HKCU\SOFTWARE\Latium
HKCU\SOFTWARE\LAV
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Litecoin
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Maxthon3
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Mirage
HKCU\SOFTWARE\Mirillis
HKCU\SOFTWARE\MOVAVI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MultiTech
HKCU\SOFTWARE\MunSoft
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nimbuzz
HKCU\SOFTWARE\Obsidium
HKCU\SOFTWARE\ObviousIdea
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\OmniCoin
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Orobit
HKCU\SOFTWARE\PanoramaStudio
HKCU\SOFTWARE\Paycoin
HKCU\SOFTWARE\Phoenixcoin
HKCU\SOFTWARE\PowerPack
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RSystem64
HKCU\SOFTWARE\Rtp
HKCU\SOFTWARE\Screenshoter
HKCU\SOFTWARE\Siber Systems
HKCU\SOFTWARE\SimonTatham
HKCU\SOFTWARE\Skillbrains
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Smart Devices
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\Solveig Multimedia
HKCU\SOFTWARE\SourceTec
HKCU\SOFTWARE\Speedcoin
HKCU\SOFTWARE\Steganos
HKCU\SOFTWARE\SuperChainMedia
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\System Profiles
HKCU\SOFTWARE\SYV
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\UCBrowserPID
HKCU\SOFTWARE\Universal Digital Works
HKCU\SOFTWARE\University of Tsukuba
HKCU\SOFTWARE\UpdateStar
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VirtualDub.org
HKCU\SOFTWARE\VirusSecureLab
HKCU\SOFTWARE\VOS
HKCU\SOFTWARE\VS Revo Group
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Win
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Womble
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>PUP.Optional.SmartBar
---\\ Contenu des dossiers Programmes (387) - 12s
O43 - CFD: 2014/11/11 18:59:00 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2014/05/20 01:32:52 - [] D -- C:\Program Files (x86)\AMD AVT
O43 - CFD: 2015/09/23 21:00:36 - [] D -- C:\Program Files (x86)\ApeeeGoSoft
O43 - CFD: 2015/07/14 19:11:03 - [0] D -- C:\Program Files (x86)\Application Updater =>PUP.Optional.Dealio
O43 - CFD: 2015/07/20 14:15:32 - [] D -- C:\Program Files (x86)\Ashampoo
O43 - CFD: 2014/05/20 01:31:16 - [] D -- C:\Program Files (x86)\ATI Technologies
O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\Program Files (x86)\AVS4YOU
O43 - CFD: 2015/07/31 10:37:32 - [] D -- C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker
O43 - CFD: 2015/07/14 03:57:11 - [] D -- C:\Program Files (x86)\BlueSprig
O43 - CFD: 2014/07/11 15:28:00 - [] D -- C:\Program Files (x86)\CodeMeter
O43 - CFD: 2015/09/28 12:57:53 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/07/31 18:45:04 - [] D -- C:\Program Files (x86)\Cracklock
O43 - CFD: 2015/07/29 00:52:29 - [] D -- C:\Program Files (x86)\CuTTihEPrrice =>PUP.Optional.Multiplug
O43 - CFD: 2015/07/29 10:56:28 - [] D -- C:\Program Files (x86)\DAUM
O43 - CFD: 2014/10/20 12:30:39 - [] D -- C:\Program Files (x86)\DriverToolkit =>PUP.Optional.DriverToolkit
O43 - CFD: 2015/07/15 02:53:56 - [0] D -- C:\Program Files (x86)\Dynatrace
O43 - CFD: 2015/09/04 22:32:03 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 2015/09/28 13:09:16 - [] D -- C:\Program Files (x86)\Glary Utilities 5
O43 - CFD: 2014/08/20 23:18:37 - [] D -- C:\Program Files (x86)\Glarysoft
O43 - CFD: 2015/09/22 22:29:59 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/09/02 11:39:32 - [] D -- C:\Program Files (x86)\HitLeap
O43 - CFD: 2015/08/01 18:55:08 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2014/05/20 01:41:45 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/06/09 22:27:38 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2015/09/09 15:24:47 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2014/05/24 00:08:45 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/06/02 01:06:25 - [] D -- C:\Program Files (x86)\Kepard
O43 - CFD: 2015/09/27 16:56:50 - [] D -- C:\Program Files (x86)\LAV Filters
O43 - CFD: 2015/09/04 11:15:35 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
O43 - CFD: 2015/09/28 12:28:15 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/09/11 18:31:35 - [] D -- C:\Program Files (x86)\Maxthon
O43 - CFD: 2014/05/20 15:30:11 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/09/17 23:31:26 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2014/11/15 15:11:38 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/28 23:31:31 - [] D -- C:\Program Files (x86)\MightyText SMS from PC Text from Computer
O43 - CFD: 2015/09/28 00:10:58 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/09/28 00:11:01 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2014/05/20 15:33:29 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/09/05 14:28:35 - [0] D -- C:\Program Files (x86)\OpenVPN Technologies
O43 - CFD: 2014/07/22 02:47:19 - [] D -- C:\Program Files (x86)\Panda Security
O43 - CFD: 2014/08/21 17:57:59 - [] D -- C:\Program Files (x86)\RealNetworks
O43 - CFD: 2014/05/20 01:40:16 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2009/07/14 06:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/01 18:38:43 - [] D -- C:\Program Files (x86)\Skillbrains
O43 - CFD: 2015/07/31 10:37:49 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/06/03 19:43:24 - [0] D -- C:\Program Files (x86)\ssaave on =>PUP.Optional.Multiplug
O43 - CFD: 2014/10/07 17:56:03 - [] D -- C:\Program Files (x86)\Stamp0.85
O43 - CFD: 2015/09/26 16:39:46 - [] D -- C:\Program Files (x86)\TechSmith
O43 - CFD: 2014/05/20 01:40:17 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2015/09/11 18:12:22 - [] D -- C:\Program Files (x86)\UCBrowser
O43 - CFD: 2009/07/14 05:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/09/28 00:30:39 - [] D -- C:\Program Files (x86)\Virus Effect Remover
O43 - CFD: 2015/07/15 02:54:24 - [0] D -- C:\Program Files (x86)\VS Revo Group
O43 - CFD: 2015/07/14 19:06:50 - [] D -- C:\Program Files (x86)\Websoft Solution
O43 - CFD: 2014/07/07 03:24:53 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/06/11 19:07:39 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 06:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/04/26 15:44:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/07/05 02:03:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 2014/05/20 15:33:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
O43 - CFD: 2015/07/31 17:47:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
O43 - CFD: 2014/05/20 15:33:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/31 10:37:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GISolution
O43 - CFD: 2015/07/31 10:37:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
O43 - CFD: 2015/09/22 22:30:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/06/08 23:59:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/08/09 18:40:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/09/27 16:56:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAV Filters
O43 - CFD: 2014/11/07 12:02:17 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LinkYoutube Downloader
O43 - CFD: 2014/05/20 15:33:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/09/28 12:28:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/09/11 18:31:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 2014/11/09 12:02:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 2014/11/27 19:58:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/09/17 23:31:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/08/01 18:02:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
O43 - CFD: 2015/04/12 10:01:54 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/10/07 17:56:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stamp v0.85
O43 - CFD: 2015/09/26 17:03:53 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2009/07/14 16:35:18 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/09/26 17:03:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
O43 - CFD: 2015/09/21 23:28:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2014/05/20 15:33:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/11/19 21:46:13 - [] D -- C:\ProgramData\500604cb1577411a
O43 - CFD: 2014/12/05 09:58:24 - [] D -- C:\ProgramData\Ad
O43 - CFD: 2014/11/11 18:59:37 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/07/23 03:02:49 - [] D -- C:\ProgramData\Allegorithmic
O43 - CFD: 2015/09/28 11:37:40 - [0] D -- C:\ProgramData\All_Disabled
O43 - CFD: 2014/05/20 01:32:52 - [] D -- C:\ProgramData\AMD
O43 - CFD: 2015/09/28 12:57:53 - [0] D -- C:\ProgramData\APN =>Toolbar.Ask
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\ProgramData\ATI
O43 - CFD: 2014/08/21 18:01:31 - [] D -- C:\ProgramData\AutoUpdate
O43 - CFD: 2014/12/26 17:40:06 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2014/08/23 21:28:04 - [] D -- C:\ProgramData\AVG
O43 - CFD: 2014/11/12 17:40:56 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 2015/09/24 23:31:40 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/08/22 00:12:03 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2014/08/23 21:25:50 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/09/28 13:39:07 - [] D -- C:\ProgramData\EdocSave
O43 - CFD: 2015/09/28 13:51:45 - [] D -- C:\ProgramData\EdocSaves
O43 - CFD: 2014/08/21 18:01:01 - [] D -- C:\ProgramData\Eltima Software
O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/02/06 23:20:36 - [] D -- C:\ProgramData\GridinSoft
O43 - CFD: 2014/05/20 22:17:03 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2014/07/11 15:30:34 - [] D -- C:\ProgramData\InstallMate =>PUP.Optional.Tarma
O43 - CFD: 2014/05/20 01:41:51 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2014/07/20 02:39:50 - [] D -- C:\ProgramData\IObit
O43 - CFD: 2015/07/26 00:07:30 - [] D -- C:\ProgramData\Isolated Storage
O43 - CFD: 2015/04/18 17:57:34 - [] D -- C:\ProgramData\IsolatedStorage
O43 - CFD: 2014/11/19 21:46:01 - [0] D -- C:\ProgramData\Logs
O43 - CFD: 2014/06/24 14:00:07 - [] D -- C:\ProgramData\LogSys
O43 - CFD: 2015/09/28 12:28:13 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/09/04 10:58:18 - [] D -- C:\ProgramData\Malwarebytes Anti-Exploit
O43 - CFD: 2014/06/04 18:58:04 - [] D -- C:\ProgramData\Martau
O43 - CFD: 2014/05/20 16:12:42 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2014/11/09 12:02:22 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2014/08/24 00:53:46 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 2014/12/12 10:02:30 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/11/17 01:47:54 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/05/20 01:21:51 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2014/05/24 00:09:08 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/09/26 17:02:51 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/07/27 00:37:46 - [] D -- C:\ProgramData\PC1Data
O43 - CFD: 2015/05/23 09:53:53 - [] D -- C:\ProgramData\ProductData =>PUP.Optional.Generic
O43 - CFD: 2014/10/11 16:32:31 - [0] D -- C:\ProgramData\ProgDVB
O43 - CFD: 2014/08/21 17:58:26 - [] D -- C:\ProgramData\Real
O43 - CFD: 2014/07/07 22:57:30 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/09/26 17:03:40 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith
O43 - CFD: 2014/07/12 18:54:52 - [] D -- C:\ProgramData\RegRun
O43 - CFD: 2014/06/09 22:54:42 - [] D -- C:\ProgramData\Screaming Bee
O43 - CFD: 2015/07/31 10:29:30 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2014/07/16 03:00:13 - [] D -- C:\ProgramData\slicify
O43 - CFD: 2014/06/03 21:43:33 - [0] D -- C:\ProgramData\ssaave on =>PUP.Optional.Multiplug
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/05/24 00:09:06 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/09/15 16:17:58 - [] SHD -- C:\ProgramData\System Restore
O43 - CFD: 2015/09/26 17:03:15 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 2015/09/24 00:11:32 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 2009/07/14 06:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/07/09 02:41:01 - [] D -- C:\ProgramData\The Foundry
O43 - CFD: 2015/08/01 18:02:07 - [] D -- C:\ProgramData\VS Revo Group
O43 - CFD: 2015/08/11 19:21:58 - [0] D -- C:\ProgramData\Web Page Maker
O43 - CFD: 2014/07/11 15:30:35 - [] D -- C:\ProgramData\Wondershare Player
O43 - CFD: 2015/02/08 16:37:53 - [] D -- C:\ProgramData\YTAHelper =>PUP.Optional.Goobzo
O43 - CFD: 2014/09/20 23:01:51 - [0] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 - CFD: 2014/07/20 02:38:44 - [0] D -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 2014/07/15 23:52:33 - [] D -- C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690}
O43 - CFD: 2014/07/15 23:52:33 - [] D -- C:\ProgramData\{E1ED556E-3EA0-4F44-8BE7-CC5FB0F4B424}
O43 - CFD: 2015/02/11 19:59:37 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2014/11/11 19:00:04 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2014/05/20 01:32:48 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 2015/09/11 18:21:08 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 2014/11/17 01:45:10 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2014/05/20 01:39:15 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2014/05/24 00:09:04 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2015/07/31 10:37:48 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2014/05/20 01:41:13 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2015/07/31 10:38:32 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/07/31 10:37:48 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2009/07/14 04:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2014/07/05 01:59:18 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/09/26 17:03:33 - [] D -- C:\Program Files (x86)\Common Files\TechSmith Shared
O43 - CFD: 2015/08/05 19:41:14 - [] D -- C:\Program Files (x86)\Common Files\VisioForge Shared
O43 - CFD: 2014/07/12 22:46:37 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2015/09/02 14:56:41 - [] D -- C:\Users\tech\AppData\Roaming\10KHits
O43 - CFD: 2015/04/28 19:17:37 - [] D -- C:\Users\tech\AppData\Roaming\3DYD Soft
O43 - CFD: 2014/10/30 16:54:40 - [] D -- C:\Users\tech\AppData\Roaming\4inarow-6e3328d6cb70bf28cd38217dca28083d
O43 - CFD: 2014/05/23 00:21:56 - [0] D -- C:\Users\tech\AppData\Roaming\8-Bit Commando
O43 - CFD: 2014/10/07 18:01:36 - [] D -- C:\Users\tech\AppData\Roaming\ACEStream
O43 - CFD: 2014/07/08 23:46:33 - [] D -- C:\Users\tech\AppData\Roaming\Adobe
O43 - CFD: 2014/05/30 20:24:01 - [] D -- C:\Users\tech\AppData\Roaming\AnvSoft
O43 - CFD: 2014/07/15 23:52:43 - [] D -- C:\Users\tech\AppData\Roaming\Apple Computer
O43 - CFD: 2015/01/07 21:38:54 - [] D -- C:\Users\tech\AppData\Roaming\Ashampoo
O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\Users\tech\AppData\Roaming\ATI
O43 - CFD: 2014/07/27 01:44:06 - [] D -- C:\Users\tech\AppData\Roaming\Atiz
O43 - CFD: 2014/07/10 17:56:53 - [] D -- C:\Users\tech\AppData\Roaming\autoconnections
O43 - CFD: 2014/12/26 16:52:22 - [] D -- C:\Users\tech\AppData\Roaming\AVAST Software
O43 - CFD: 2014/08/23 21:27:16 - [] D -- C:\Users\tech\AppData\Roaming\AVG
O43 - CFD: 2015/09/11 18:23:12 - [] D -- C:\Users\tech\AppData\Roaming\AVS4YOU
O43 - CFD: 2014/11/19 21:45:58 - [] D -- C:\Users\tech\AppData\Roaming\B1bl3Coin
O43 - CFD: 2015/09/24 23:31:40 - [] D -- C:\Users\tech\AppData\Roaming\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2014/08/24 00:51:24 - [] D -- C:\Users\tech\AppData\Roaming\Baidu
O43 - CFD: 2014/06/08 23:42:42 - [] D -- C:\Users\tech\AppData\Roaming\Beyluxe
O43 - CFD: 2014/11/19 21:46:03 - [] D -- C:\Users\tech\AppData\Roaming\Bitcoin
O43 - CFD: 2014/11/19 21:46:16 - [] D -- C:\Users\tech\AppData\Roaming\BlackCoin
O43 - CFD: 2015/07/14 03:57:19 - [] D -- C:\Users\tech\AppData\Roaming\BlueSprig
O43 - CFD: 2014/09/01 20:24:49 - [] D -- C:\Users\tech\AppData\Roaming\Boilsoft
O43 - CFD: 2014/11/19 21:46:13 - [] D -- C:\Users\tech\AppData\Roaming\CAPTcoin
O43 - CFD: 2014/10/27 17:38:41 - [] D -- C:\Users\tech\AppData\Roaming\CoinMiner
O43 - CFD: 2014/07/14 15:43:35 - [] D -- C:\Users\tech\AppData\Roaming\CompuClever
O43 - CFD: 2015/01/26 19:32:12 - [] D -- C:\Users\tech\AppData\Roaming\CrystalIdea Software
O43 - CFD: 2014/07/13 22:45:42 - [] D -- C:\Users\tech\AppData\Roaming\Digiarty
O43 - CFD: 2015/09/25 11:04:55 - [] D -- C:\Users\tech\AppData\Roaming\DiskDefrag
O43 - CFD: 2015/09/28 12:59:17 - [] D -- C:\Users\tech\AppData\Roaming\DMCache
O43 - CFD: 2015/08/31 22:36:38 - [] D -- C:\Users\tech\AppData\Roaming\DM_Software
O43 - CFD: 2014/11/19 21:44:14 - [] D -- C:\Users\tech\AppData\Roaming\Dogecoin
O43 - CFD: 2014/08/21 18:31:51 - [] D -- C:\Users\tech\AppData\Roaming\Download Master
O43 - CFD: 2015/08/11 19:22:01 - [] D -- C:\Users\tech\AppData\Roaming\FileZilla
O43 - CFD: 2014/10/22 17:31:36 - [] D -- C:\Users\tech\AppData\Roaming\financialcalculator-6154b4757bad7cacda740d14c58b6388
O43 - CFD: 2014/12/25 19:04:39 - [] D -- C:\Users\tech\AppData\Roaming\gauthauthenticator-78ef3156e1ca5b74c14beac161614be7
O43 - CFD: 2014/08/20 23:18:37 - [] D -- C:\Users\tech\AppData\Roaming\GlarySoft
O43 - CFD: 2015/01/04 23:07:23 - [] D -- C:\Users\tech\AppData\Roaming\GlobalBoostY
O43 - CFD: 2014/12/25 21:57:56 - [] D -- C:\Users\tech\AppData\Roaming\Glowshares
O43 - CFD: 2014/11/24 00:30:22 - [] D -- C:\Users\tech\AppData\Roaming\Gomez
O43 - CFD: 2015/08/02 16:21:10 - [] D -- C:\Users\tech\AppData\Roaming\GSA Captcha Breaker
O43 - CFD: 2014/12/25 20:07:03 - [] D -- C:\Users\tech\AppData\Roaming\Gyazo
O43 - CFD: 2015/05/24 14:47:58 - [] D -- C:\Users\tech\AppData\Roaming\HyperAV
O43 - CFD: 2014/05/20 01:22:29 - [] D -- C:\Users\tech\AppData\Roaming\Identities
O43 - CFD: 2015/09/26 11:07:41 - [] D -- C:\Users\tech\AppData\Roaming\IDM
O43 - CFD: 2015/09/28 12:57:53 - [0] D -- C:\Users\tech\AppData\Roaming\IHlpr =>PUP.Optional.IHlpr
O43 - CFD: 2015/07/15 02:59:04 - [] D -- C:\Users\tech\AppData\Roaming\InAppBrowserInstaller
O43 - CFD: 2014/05/20 01:41:03 - [] D -- C:\Users\tech\AppData\Roaming\InstallShield
O43 - CFD: 2014/10/22 17:31:36 - [] D -- C:\Users\tech\AppData\Roaming\instantbuttons-onfire-57c10b32c0c702a51349c27e77268f5d
O43 - CFD: 2015/05/14 18:03:00 - [] D -- C:\Users\tech\AppData\Roaming\IObit
O43 - CFD: 2015/01/07 00:58:09 - [] D -- C:\Users\tech\AppData\Roaming\IPKInstaller
O43 - CFD: 2015/04/18 17:57:34 - [] D -- C:\Users\tech\AppData\Roaming\IsolatedStorage
O43 - CFD: 2014/07/03 02:14:09 - [] D -- C:\Users\tech\AppData\Roaming\iSpring Solutions
O43 - CFD: 2015/09/02 12:23:21 - [] D -- C:\Users\tech\AppData\Roaming\Klixion
O43 - CFD: 2014/11/19 21:46:23 - [] D -- C:\Users\tech\AppData\Roaming\Latium
O43 - CFD: 2015/09/15 15:58:01 - [] D -- C:\Users\tech\AppData\Roaming\lifebrowser.life-host.info-17
O43 - CFD: 2015/04/17 11:17:51 - [] D -- C:\Users\tech\AppData\Roaming\Litecoin
O43 - CFD: 2014/06/24 14:00:32 - [] D -- C:\Users\tech\AppData\Roaming\LogSys
O43 - CFD: 2015/07/31 10:32:05 - [] D -- C:\Users\tech\AppData\Roaming\Macromedia
O43 - CFD: 2014/11/19 21:45:58 - [0] D -- C:\Users\tech\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate
O43 - CFD: 2014/11/05 22:29:02 - [] D -- C:\Users\tech\AppData\Roaming\MassFaces
O43 - CFD: 2014/07/10 17:56:46 - [0] D -- C:\Users\tech\AppData\Roaming\Maxidix Wifi Autoconnection
O43 - CFD: 2015/09/13 11:49:19 - [] D -- C:\Users\tech\AppData\Roaming\Maxthon3
O43 - CFD: 2009/07/14 16:35:18 - [0] D -- C:\Users\tech\AppData\Roaming\Media Center Programs
O43 - CFD: 2014/05/30 18:38:00 - [] D -- C:\Users\tech\AppData\Roaming\MegaTypers
O43 - CFD: 2015/09/02 11:39:32 - [] SD -- C:\Users\tech\AppData\Roaming\Microsoft
O43 - CFD: 2014/05/23 18:37:16 - [] D -- C:\Users\tech\AppData\Roaming\Mirillis
O43 - CFD: 2015/09/15 16:00:01 - [0] D -- C:\Users\tech\AppData\Roaming\Moonchild Productions
O43 - CFD: 2014/11/12 12:38:47 - [] D -- C:\Users\tech\AppData\Roaming\MOVAVI
O43 - CFD: 2015/09/04 15:41:08 - [] D -- C:\Users\tech\AppData\Roaming\Mozilla
O43 - CFD: 2015/03/16 21:45:57 - [] D -- C:\Users\tech\AppData\Roaming\MultiBit
O43 - CFD: 2014/11/07 18:45:15 - [] D -- C:\Users\tech\AppData\Roaming\MultiDoge
O43 - CFD: 2014/12/30 22:23:43 - [] D -- C:\Users\tech\AppData\Roaming\myfreebit.co.in
O43 - CFD: 2014/07/08 15:02:49 - [0] D -- C:\Users\tech\AppData\Roaming\NeatImage SL
O43 - CFD: 2014/12/30 19:30:06 - [] D -- C:\Users\tech\AppData\Roaming\Obsidium
O43 - CFD: 2014/07/26 21:25:05 - [0] D -- C:\Users\tech\AppData\Roaming\ObviousIdea
O43 - CFD: 2015/09/09 17:53:50 - [0] D -- C:\Users\tech\AppData\Roaming\Octoshape
O43 - CFD: 2015/02/05 18:17:14 - [] D -- C:\Users\tech\AppData\Roaming\OmniCoin
O43 - CFD: 2015/06/11 20:04:47 - [] D -- C:\Users\tech\AppData\Roaming\Opera Software
O43 - CFD: 2014/12/26 16:33:18 - [] D -- C:\Users\tech\AppData\Roaming\Orobit
O43 - CFD: 2014/11/19 21:46:07 - [] D -- C:\Users\tech\AppData\Roaming\Pandacoin
O43 - CFD: 2014/10/15 14:35:08 - [] D -- C:\Users\tech\AppData\Roaming\PanoramaStudio2Pro
O43 - CFD: 2014/12/22 17:59:55 - [] D -- C:\Users\tech\AppData\Roaming\Paycoin
O43 - CFD: 2014/06/25 23:42:12 - [] D -- C:\Users\tech\AppData\Roaming\PotPlayerMini
O43 - CFD: 2014/10/24 16:02:58 - [] D -- C:\Users\tech\AppData\Roaming\prionote-1ca7c679d6c57098d0dccead4d2121e9
O43 - CFD: 2014/10/24 16:03:07 - [] D -- C:\Users\tech\AppData\Roaming\probmxtricks-ca9ecd17abd18da80b1c9ac9cb030e26
O43 - CFD: 2014/10/22 17:31:46 - [] D -- C:\Users\tech\AppData\Roaming\ProductData
O43 - CFD: 2014/08/21 17:58:32 - [] D -- C:\Users\tech\AppData\Roaming\Real
O43 - CFD: 2014/12/19 17:25:11 - [] D -- C:\Users\tech\AppData\Roaming\RoboForm
O43 - CFD: 2014/06/09 22:54:43 - [] D -- C:\Users\tech\AppData\Roaming\Screaming Bee
O43 - CFD: 2015/08/05 23:13:55 - [] D -- C:\Users\tech\AppData\Roaming\Skype
O43 - CFD: 2014/07/23 03:46:10 - [] D -- C:\Users\tech\AppData\Roaming\Softplicity
O43 - CFD: 2014/09/01 21:29:56 - [] D -- C:\Users\tech\AppData\Roaming\Solveig Multimedia
O43 - CFD: 2015/04/19 00:01:21 - [0] D -- C:\Users\tech\AppData\Roaming\Solvusoft
O43 - CFD: 2014/09/01 14:56:11 - [] D -- C:\Users\tech\AppData\Roaming\SourceTec
O43 - CFD: 2014/11/19 21:45:52 - [] D -- C:\Users\tech\AppData\Roaming\Speedcoin
O43 - CFD: 2014/05/24 15:02:24 - [] D -- C:\Users\tech\AppData\Roaming\Spiritsoft
O43 - CFD: 2014/07/28 22:04:58 - [] D -- C:\Users\tech\AppData\Roaming\Steganos
O43 - CFD: 2014/07/14 04:40:19 - [] D -- C:\Users\tech\AppData\Roaming\Steganos VPN
O43 - CFD: 2014/07/14 00:32:29 - [] D -- C:\Users\tech\AppData\Roaming\SuperHideIP
O43 - CFD: 2014/07/11 03:04:15 - [] D -- C:\Users\tech\AppData\Roaming\TechSmith
O43 - CFD: 2014/12/30 22:23:11 - [] D -- C:\Users\tech\AppData\Roaming\TeraCopy
O43 - CFD: 2014/10/17 21:35:52 - [] D -- C:\Users\tech\AppData\Roaming\Thinstall
O43 - CFD: 2014/06/12 16:58:55 - [] D -- C:\Users\tech\AppData\Roaming\Tomabo
O43 - CFD: 2015/03/31 22:20:51 - [] D -- C:\Users\tech\AppData\Roaming\tor
O43 - CFD: 2014/09/20 22:48:50 - [] D -- C:\Users\tech\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/07/31 10:32:25 - [] D -- C:\Users\tech\AppData\Roaming\UBot Studio
O43 - CFD: 2014/08/24 11:13:53 - [] D -- C:\Users\tech\AppData\Roaming\URSoft
O43 - CFD: 2014/12/25 19:05:04 - [] D -- C:\Users\tech\AppData\Roaming\uTorrent
O43 - CFD: 2014/07/23 03:28:22 - [] D -- C:\Users\tech\AppData\Roaming\VideoBooth
O43 - CFD: 2015/09/26 18:36:58 - [] D -- C:\Users\tech\AppData\Roaming\vlc
O43 - CFD: 2015/08/11 20:04:59 - [] D -- C:\Users\tech\AppData\Roaming\Web Page Maker
O43 - CFD: 2014/05/20 15:33:37 - [] D -- C:\Users\tech\AppData\Roaming\WinAVI
O43 - CFD: 2014/05/20 02:00:25 - [] D -- C:\Users\tech\AppData\Roaming\WinRAR
O43 - CFD: 2015/06/25 14:07:42 - [] SHD -- C:\Users\tech\AppData\Roaming\wyUpdate AU
O43 - CFD: 2014/07/05 00:42:14 - [] D -- C:\Users\tech\AppData\Roaming\xrecode2
O43 - CFD: 2015/07/31 15:53:16 - [] D -- C:\Users\tech\AppData\Roaming\YCanPDF
O43 - CFD: 2015/09/28 13:56:26 - [] D -- C:\Users\tech\AppData\Roaming\ZHP
O43 - CFD: 2015/08/31 20:31:31 - [0] D -- C:\Users\tech\AppData\Local\03D40274-1438123439-0541-2D06-890700080009
O43 - CFD: 2014/08/21 18:51:11 - [] D -- C:\Users\tech\AppData\Local\4kdownload.com
O43 - CFD: 2015/09/28 12:57:50 - [0] D -- C:\Users\tech\AppData\Local\73312950-F061-4E29-B2B4-46BDACD4F82C
O43 - CFD: 2015/07/02 15:17:16 - [] D -- C:\Users\tech\AppData\Local\Adobe
O43 - CFD: 2014/07/23 03:02:46 - [] D -- C:\Users\tech\AppData\Local\Allegorithmic
O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Application Data
O43 - CFD: 2014/10/22 11:35:16 - [] D -- C:\Users\tech\AppData\Local\Apps
O43 - CFD: 2015/01/07 21:37:25 - [] D -- C:\Users\tech\AppData\Local\ashampoo
O43 - CFD: 2015/09/24 20:29:10 - [] D -- C:\Users\tech\AppData\Local\assembly
O43 - CFD: 2014/05/20 01:36:55 - [] D -- C:\Users\tech\AppData\Local\ATI
O43 - CFD: 2014/10/23 00:33:33 - [] D -- C:\Users\tech\AppData\Local\Aurora 3D Animation Maker
O43 - CFD: 2014/08/23 21:27:16 - [] D -- C:\Users\tech\AppData\Local\AVG
O43 - CFD: 2014/08/24 00:52:54 - [] D -- C:\Users\tech\AppData\Local\Avg2014
O43 - CFD: 2015/09/24 23:31:43 - [] D -- C:\Users\tech\AppData\Local\Babylon =>PUP.Optional.Babylon
O43 - CFD: 2015/01/16 16:20:02 - [] D -- C:\Users\tech\AppData\Local\BlackHawk
O43 - CFD: 2015/07/31 10:37:12 - [] D -- C:\Users\tech\AppData\Local\Blackwersus™
O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Chromatic Browser =>PUP.Optional.ChromaticBrowser
O43 - CFD: 2015/09/18 15:20:29 - [] D -- C:\Users\tech\AppData\Local\Chromium
O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Comodo
O43 - CFD: 2014/10/23 00:33:35 - [] D -- C:\Users\tech\AppData\Local\Configure
O43 - CFD: 2015/09/28 01:17:49 - [] D -- C:\Users\tech\AppData\Local\CrashDumps
O43 - CFD: 2015/01/07 21:38:53 - [] D -- C:\Users\tech\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 2015/09/13 23:25:35 - [] D -- C:\Users\tech\AppData\Local\CurrentCode
O43 - CFD: 2014/06/25 23:42:12 - [] D -- C:\Users\tech\AppData\Local\Daum
O43 - CFD: 2014/10/22 13:21:12 - [0] D -- C:\Users\tech\AppData\Local\Deployment
O43 - CFD: 2015/09/13 12:59:52 - [0] D -- C:\Users\tech\AppData\Local\Diagnostics
O43 - CFD: 2014/10/19 19:56:36 - [0] D -- C:\Users\tech\AppData\Local\DriverToolkit =>PUP.Optional.DriverToolkit
O43 - CFD: 2015/09/02 23:52:26 - [] D -- C:\Users\tech\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/04/12 16:04:03 - [] D -- C:\Users\tech\AppData\Local\Email_Account_Creator_Ext
O43 - CFD: 2015/06/17 14:22:05 - [0] SHD -- C:\Users\tech\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/17 14:22:04 - [0] SHD -- C:\Users\tech\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/17 14:22:05 - [0] SHD -- C:\Users\tech\AppData\Local\EmieUserList
O43 - CFD: 2015/04/18 17:57:41 - [] D -- C:\Users\tech\AppData\Local\FileViewPro
O43 - CFD: 2014/10/20 17:48:24 - [] D -- C:\Users\tech\AppData\Local\financialcalculator-6154b4757bad7cacda740d14c58b6388
O43 - CFD: 2014/10/18 23:41:56 - [] D -- C:\Users\tech\AppData\Local\gauthauthenticator-78ef3156e1ca5b74c14beac161614be7
O43 - CFD: 2015/07/20 23:32:30 - [] D -- C:\Users\tech\AppData\Local\Geckofx
O43 - CFD: 2014/11/24 00:30:22 - [] D -- C:\Users\tech\AppData\Local\Gomez
O43 - CFD: 2015/09/13 23:28:10 - [] D -- C:\Users\tech\AppData\Local\Google
O43 - CFD: 2014/08/09 19:43:02 - [] D -- C:\Users\tech\AppData\Local\GUI_9KW
O43 - CFD: 2015/06/01 11:41:48 - [] D -- C:\Users\tech\AppData\Local\GWX
O43 - CFD: 2015/02/04 15:39:03 - [] D -- C:\Users\tech\AppData\Local\hanahouhanah____Sender
O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Historique
O43 - CFD: 2015/02/09 23:57:40 - [] D -- C:\Users\tech\AppData\Local\Hola
O43 - CFD: 2014/06/04 18:38:26 - [] D -- C:\Users\tech\AppData\Local\Installer =>PUP.Optional.InstallPedia
O43 - CFD: 2015/07/31 10:37:10 - [0] D -- C:\Users\tech\AppData\Local\IntelRCapability
O43 - CFD: 2015/09/15 15:58:01 - [] D -- C:\Users\tech\AppData\Local\lifebrowser.life-host.info-17
O43 - CFD: 2014/05/20 20:54:09 - [] D -- C:\Users\tech\AppData\Local\Macromedia
O43 - CFD: 2015/08/15 18:58:39 - [0] D -- C:\Users\tech\AppData\Local\Master PDF Editor
O43 - CFD: 2015/08/18 16:26:50 - [] D -- C:\Users\tech\AppData\Local\Mega Limited
O43 - CFD: 2014/08/24 00:52:54 - [] D -- C:\Users\tech\AppData\Local\MFAData
O43 - CFD: 2015/09/02 17:00:29 - [] D -- C:\Users\tech\AppData\Local\Microsoft
O43 - CFD: 2014/05/19 19:20:21 - [0] D -- C:\Users\tech\AppData\Local\Microsoft Help
O43 - CFD: 2015/02/25 00:31:31 - [] D -- C:\Users\tech\AppData\Local\minergate
O43 - CFD: 2014/05/23 18:37:17 - [] D -- C:\Users\tech\AppData\Local\Mirillis
O43 - CFD: 2014/11/12 12:38:47 - [] D -- C:\Users\tech\AppData\Local\Movavi
O43 - CFD: 2014/08/20 00:43:00 - [] D -- C:\Users\tech\AppData\Local\Mozilla
O43 - CFD: 2014/07/08 22:56:50 - [] D -- C:\Users\tech\AppData\Local\Nik Software
O43 - CFD: 2015/06/11 20:04:48 - [] D -- C:\Users\tech\AppData\Local\Opera Software
O43 - CFD: 2014/10/19 00:21:15 - [] D -- C:\Users\tech\AppData\Local\prionote-1ca7c679d6c57098d0dccead4d2121e9
O43 - CFD: 2015/04/28 19:17:17 - [] D -- C:\Users\tech\AppData\Local\Programs
O43 - CFD: 2015/07/31 10:37:10 - [] D -- C:\Users\tech\AppData\Local\ServiceGoogle
O43 - CFD: 2014/10/19 22:46:37 - [] D -- C:\Users\tech\AppData\Local\Skype
O43 - CFD: 2014/05/23 18:56:41 - [] D -- C:\Users\tech\AppData\Local\TechSmith
O43 - CFD: 2015/09/28 12:14:38 - [0] D -- C:\Users\tech\AppData\Local\temp
O43 - CFD: 2014/05/20 01:22:00 - [0] SHD -- C:\Users\tech\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/08/21 17:09:37 - [] D -- C:\Users\tech\AppData\Local\Thinstall
O43 - CFD: 2014/06/06 00:26:52 - [] D -- C:\Users\tech\AppData\Local\Torch =>PUP.Optional.Torch
O43 - CFD: 2014/09/20 22:48:50 - [] D -- C:\Users\tech\AppData\Local\TuneUp Software
O43 - CFD: 2015/09/11 17:59:21 - [] D -- C:\Users\tech\AppData\Local\UCBrowser
O43 - CFD: 2014/07/29 19:35:51 - [] D -- C:\Users\tech\AppData\Local\VirtualStore
O43 - CFD: 2014/10/03 20:23:09 - [] D -- C:\Users\tech\AppData\Local\VPNium
O43 - CFD: 2015/08/01 18:02:12 - [] D -- C:\Users\tech\AppData\Local\VS Revo Group
O43 - CFD: 2015/09/02 01:08:16 - [] D -- C:\Users\tech\AppData\Local\WiFi Guard
O43 - CFD: 2014/06/05 00:27:32 - [0] D -- C:\Users\tech\AppData\Local\WinAVI
O43 - CFD: 2014/09/16 21:59:58 - [] D -- C:\Users\tech\AppData\Local\womble
O43 - CFD: 2014/06/19 23:58:36 - [] D -- C:\Users\tech\AppData\Local\Wondershare
O43 - CFD: 2015/08/01 18:53:33 - [0] D -- C:\Users\tech\AppData\Local\Xara
O43 - CFD: 2015/05/26 19:44:54 - [] D -- C:\Users\tech\AppData\Local\YTMonster
O43 - CFD: 2014/05/20 15:33:37 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/13 10:40:08 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/09/27 16:34:56 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ApeeeGoSoft
O43 - CFD: 2015/09/11 18:21:09 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 2015/09/04 22:32:13 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Format Factory
O43 - CFD: 2015/03/21 23:24:37 - [0] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/04/16 15:08:00 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GISolution
O43 - CFD: 2015/09/10 22:15:09 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/05/20 15:33:37 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/10/07 17:56:02 - [0] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stamp v0.85
O43 - CFD: 2015/08/18 16:38:44 - [] RD -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/05/20 15:33:37 - [] D -- C:\Users\tech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll ©
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll ©
---\\ Liste des pilotes du système (78) - 6s
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] ©
O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] ©
O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] ©
O58 - SDL:2011/03/11 07:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] ©
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] ©
O58 - SDL:2015/08/31 18:42:40 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\drivers\aswKbd.sys [28144] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] ©
O58 - SDL:2015/08/31 18:42:32 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [454016] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] ©
O58 - SDL:2015/08/31 18:43:53 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1048344] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [447944] ©
O58 - SDL:2015/08/31 18:42:56 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [150672] ©
O58 - SDL:2015/08/31 18:42:55 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] ©
O58 - SDL:2013/02/14 12:41:10 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdW76.sys [96768] ©
O58 - SDL:2013/03/29 03:35:02 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [11658752] ©
O58 - SDL:2013/03/29 02:09:44 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [581120] ©
O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] ©
O58 - SDL:2014/07/18 08:11:34 A . (.Glarysoft Ltd - Boot Defrag Driver.) -- C:\Windows\System32\drivers\BootDefragDriver.sys [17600] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] ©
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] ©
O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] ©
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] ©
O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] ©
O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] ©
O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] ©
O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] ©
O58 - SDL:2015/05/22 09:59:06 A . (.Glarysoft Ltd - The driver for the Startup Manager tool.) -- C:\Windows\System32\drivers\GUBootStartup.sys [20160] ©
O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] ©
O58 - SDL:2012/07/02 15:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [62784] ©
O58 - SDL:2010/11/20 14:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] ©
O58 - SDL:2011/03/11 07:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] ©
O58 - SDL:2015/05/20 13:55:54 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] ©
O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] ©
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816] ©
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272] ©
O58 - SDL:2015/09/28 13:07:06 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] ©
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] ©
O58 - SDL:2015/06/18 08:41:56 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704] ©
O58 - SDL:2015/09/07 16:56:04 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\Neo_0002.sys [28640] ©
O58 - SDL:2015/04/29 18:40:14 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\Neo_0042.sys [28640] ©
O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] ©
O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] ©
O58 - SDL:2011/03/11 07:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] ©
O58 - SDL:2013/04/29 09:17:34 A . (.Panda Security, S.L. - Panda Kernel Memory Access Driver (x86).) -- C:\Windows\System32\drivers\PSKMAD.sys [47632]
O58 - SDL:2015/06/19 21:35:30 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\ptun0901.sys [27136] ©
O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] ©
O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] ©
O58 - SDL:2009/12/30 10:21:26 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\drivers\revoflt.sys [31800] ©
O58 - SDL:2011/09/29 10:30:34 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [646248] ©
O58 - SDL:2011/12/02 11:38:08 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RtHDMIVX.sys [239208] ©
O58 - SDL:2012/06/19 09:54:20 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4065296] ©
O58 - SDL:2014/02/07 13:17:24 A . (.Screaming Bee LLC - Screaming Bee Audio Driver.) -- C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992]
O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2015/09/07 16:55:15 A . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Windows\System32\drivers\see.sys [38240] ©
O58 - SDL:2009/07/14 01:00:40 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208] ©
O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] ©
O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] ©
O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] ©
O58 - SDL:2014/11/05 14:16:32 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\tap0901.sys [27136] ©
O58 - SDL:2014/05/17 01:42:38 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184] ©
O58 - SDL:2013/09/06 14:27:12 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [238352] ©
O58 - SDL:2013/09/06 14:25:40 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [131856] ©
O58 - SDL:2013/09/06 14:25:40 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [119056] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] ©
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] ©
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (17) - 33s
O61 - LFC: 2015/09/28 00:18:29 A . (..) -- C:\Users\tech\Downloads\Programs\SalityKiller.exe [217928]
O61 - LFC: 2015/09/27 01:54:43 A . (.TheWindowsClub.com.) -- C:\Users\tech\Desktop\FixWin v 1.2.exe [541696]
O61 - LFC: 2015/09/28 00:14:42 A . (..) -- C:\Users\tech\Desktop\Uninstall Mozilla Firefox\Uninstall Mozilla Firefox\Uninstall Mozilla Firefox BySam.exe [252416]
O61 - LFC: 2015/09/28 00:14:22 A . (.GUWOU.) -- C:\Users\tech\Desktop\setup\setup.exe [544936]
O61 - LFC: 2015/09/28 01:33:24 A . (..) -- C:\Users\tech\AppData\Local\TechSmith\Snagit\Tray.bin [630]
O61 - LFC: 2015/09/28 01:18:03 A . (..) -- C:\Users\tech\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
O61 - LFC: 2015/09/28 13:07:29 A . (..) -- C:\Users\tech\AppData\Local\ATI\ACE\Manifest.Bin [28362]
O61 - LFC: 2015/09/24 20:29:18 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\b47f4cf8\00e9d8f6_7d9cd001\TechSmith.WPF.DLL [26112]
O61 - LFC: 2015/09/24 20:29:20 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\8a8dec68\00296891_35a8d001\Interop.SNAGITLib.DLL [110592]
O61 - LFC: 2015/09/24 20:29:17 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\7TW5Z0DR.CEZ\RMYCM0O2.ZYO\482181c8\00e9d8f6_7d9cd001\TechSmith.WPF.DLL [26112]
O61 - LFC: 2015/09/24 23:13:34 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\f0e44b20\0040ae5f_d434cf01\Interop.SNAGITLib.DLL [110592]
O61 - LFC: 2015/09/24 23:13:36 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\c7a4940d\802ecf82_2437cf01\Interop.SNAGITLib.DLL [110592]
O61 - LFC: 2015/09/26 17:04:41 A . (..) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\c7a4940d\008e6bb2_e875d001\Interop.SNAGITLib.DLL [110592]
O61 - LFC: 2015/09/26 17:04:34 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\9d0149fd\00bf21e1_795bd001\TechSmith.WPF.DLL [26112]
O61 - LFC: 2015/09/26 17:04:32 A . (.Copyright © 2014.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\59e1c1d2\00bf21e1_795bd001\TechSmith.WPF.DLL [26112]
O61 - LFC: 2015/09/26 17:04:39 A . (.TechSmith Corp.) -- C:\Users\tech\AppData\Local\assembly\dl3\1QMQGCDV.KP2\LOKTAPVY.DP7\48edac49\e082d56e_c372d001\TechSmith.CloudServices.Api.DLL [173888]
O61 - LFC: 2015/09/25 17:52:25 A . (..) -- C:\Users\tech\AppData\Local\Adobe\Acrobat\10.0\UserCache.bin [208450]
---\\ Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
---\\ Menu de démarrage Internet (20) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Recherche d'infection sur les navigateurs (4) - 2s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - (Microsoft (Bing)) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {CCA24F17-73EA-46FB-BAB6-911673737192} - (Ask Search) - http://www.search.ask.com/ =>Toolbar.Ask
---\\ Enumère les services démarrés par Svchost (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928] ©
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [683520] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2606080] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\system32\qmgr.dll [849920] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] ©
---\\ Liste des exceptions du parefeu Windows (19) - 1s
O87 - FAEL: "{DF0AE690-43D9-4ABA-8AA7-88090A2084BC}" [In-None-P6-TRUE] .(.Copyright © Slicify/Affine Group Ltd 2013 - Slicify Node Service.) -- C:\ProgramData\slicify\Install\NodeService.exe
O87 - FAEL: "{E3C5979E-D02C-4F18-A1A9-CD45EFF427F4}" [In-None-P17-TRUE] .(.Copyright © Slicify/Affine Group Ltd 2013 - Slicify Node Service.) -- C:\ProgramData\slicify\Install\NodeService.exe
O87 - FAEL: "TCP Query User{7B58F1A2-65C3-4C1A-9469-11B05A9E9295}C:\program files (x86)\orobit\orobit-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\orobit\orobit-qt.exe (.not file.)
O87 - FAEL: "UDP Query User{8D51F735-4B83-4B25-B009-B66862F9FA16}C:\program files (x86)\orobit\orobit-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\orobit\orobit-qt.exe (.not file.)
O87 - FAEL: "TCP Query User{D1D066BC-FA4E-4A7E-A874-AE55C0D755C9}C:\program files (x86)\glowshares\glowshares-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\glowshares\glowshares-qt.exe (.not file.)
O87 - FAEL: "UDP Query User{412704B1-8299-49A4-BB68-12E7BECCED6F}C:\program files (x86)\glowshares\glowshares-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\glowshares\glowshares-qt.exe (.not file.)
O87 - FAEL: "TCP Query User{60E13269-957A-40CE-A799-0FA0D5114029}C:\windows\temp\rar$exa0.094\globalboost-y.exe" [In-None-P6-TRUE] .(...) -- C:\windows\temp\rar$exa0.094\globalboost-y.exe (.not file.)
O87 - FAEL: "UDP Query User{A2C3DD03-272B-4D03-B459-9D9723AC09A9}C:\windows\temp\rar$exa0.094\globalboost-y.exe" [In-None-P17-TRUE] .(...) -- C:\windows\temp\rar$exa0.094\globalboost-y.exe (.not file.)
O87 - FAEL: "TCP Query User{97D2D037-5E84-4AE7-B311-75D32F047B2C}C:\program files (x86)\litecoin\litecoin-qt.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\litecoin\litecoin-qt.exe (.not file.)
O87 - FAEL: "UDP Query User{F8E5E286-99C5-4C74-9BE6-1791B4AD55F8}C:\program files (x86)\litecoin\litecoin-qt.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\litecoin\litecoin-qt.exe (.not file.)
O87 - FAEL: "TCP Query User{4BC4628B-3046-4E7A-9E1E-AE89326AA5EF}C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe" [In-None-P6-TRUE] .(...) -- C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe (.not file.)
O87 - FAEL: "UDP Query User{DD24C5E3-D22F-4B25-8F28-DC2A51559FA6}C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe" [In-None-P17-TRUE] .(...) -- C:\windows\temp\rar$exa0.169\omnicoin-qt_windows_x86_64\omnicoin-qt.exe (.not file.)
O87 - FAEL: "{54B47ED4-2E27-40AE-922A-E5A25BFBBCED}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Hide My IP 6\HideMyIP.exe (.not file.)
O87 - FAEL: "{52213FF1-40E7-4703-AC78-DDD37DC3F67D}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Hide My IP 6\HideMyIpSrv.exe (.not file.)
O87 - FAEL: "{B8EE7BF2-2A0A-4871-BC29-577AFF73BA6E}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.)
O87 - FAEL: "{BC289903-7FBB-41C8-AF15-0FC3F24947D8}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Hola\app\hola_updater.exe (.not file.)
O87 - FAEL: "{45A1933B-4202-4E5B-9EA3-228A0FB619CC}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.)
O87 - FAEL: "{10ADF3A6-7F5B-4936-9245-A59E6338ADA5}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.)
O87 - FAEL: "{93383CE2-5118-4774-9386-193632807739}" [Out-None-P17-TRUE] .(...) -- C:\Program Files (x86)\GSA Captcha Breaker\GSA_CapBreak.exe (.not file.)
---\\ Services non Microsoft (SR=Démarré,SS=Stoppé) (21) - 12s
SR - Auto [2014/12/03 10:06:08] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [2015/09/22 10:21:08] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [2013/03/29 02:34:18] [ 241152] (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe ©
SR - Auto [2015/08/31 18:42:48] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
SR - Auto [2015/08/31 18:42:31] [ 109008] Avast Firewall (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe ©
SR - Auto [2013/11/27 12:26:14] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe ©
SR - Auto [2015/09/17 13:18:58] [ 441856] EdocSave (EdocSave) . (...) - C:\ProgramData\EdocSave\EdocSave.exe
SS - Auto [2015/09/22 22:20:45] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/09/22 22:20:45] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Disabled [2014/12/19 17:14:12] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe ©
SR - Auto [2012/04/20 14:16:12] [ 635104] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
SR - Auto [2012/06/25 10:57:14] [ 166720] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
SR - Auto [2012/07/17 14:57:20] [ 277824] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
SR - Auto [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SR - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2015/08/26 13:46:31] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SR - Auto [2011/09/22 17:30:58] [ 66560] This service enables products that use the Nalpeiron Licens (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\nlssrv32.exe ©
SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SR - Auto [2015/01/26 08:48:10] [ 3408384] TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation.) - C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe ©
SR - Auto [2012/07/17 14:57:22] [ 365376] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©
---\\ Recherche de clés de registre Tracing (12) - 3s
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASAPI32 =>PUP.Optional.RegistryReviver
HKLM\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASMANCS =>PUP.Optional.RegistryReviver
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>PUP.Optional.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>PUP.Optional.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASAPI32 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASMANCS =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>PUP.Optional.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>PUP.Optional.BabSolution
---\\ Scan Additionnel (44) - 0s
C:\Windows\System32\sslsp105.dll =>Hijacker.Winsock
C:\Windows\System32\Tasks\LaunchApp =>PUP.Optional.MyPCBackup
C:\Windows\System32\Tasks\YTAHelper =>PUP.Optional.Goobzo
HKLM\SOFTWARE\Wow6432Node\46db666a-4fe4-41ed-872d-18cc50d0d222 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\SafetyNut =>PUP.Optional.MoviesToolbar
HKLM\SOFTWARE\Wow6432Node\SiteFinder =>PUP.Optional.ShoppingReport
HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader
HKCU\SOFTWARE\Goobzo =>PUP.Optional.Goobzo
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>PUP.Optional.SmartBar
C:\Program Files (x86)\Application Updater =>PUP.Optional.Dealio
C:\Program Files (x86)\bestadblocker =>PUP.Optional.Adblocker
C:\Program Files (x86)\CuTTihEPrrice =>PUP.Optional.Multiplug
C:\Program Files (x86)\DriverToolkit =>PUP.Optional.DriverToolkit
C:\Program Files (x86)\ssaave on =>PUP.Optional.Multiplug
C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\Babylon =>PUP.Optional.Babylon
C:\ProgramData\InstallMate =>PUP.Optional.Tarma
C:\ProgramData\ProductData =>PUP.Optional.Generic
C:\ProgramData\ssaave on =>PUP.Optional.Multiplug
C:\ProgramData\YTAHelper =>PUP.Optional.Goobzo
C:\Users\tech\AppData\Roaming\Babylon =>PUP.Optional.Babylon
C:\Users\tech\AppData\Roaming\IHlpr =>PUP.Optional.IHlpr
C:\Users\tech\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate
C:\Users\tech\AppData\Local\Babylon =>PUP.Optional.Babylon
C:\Users\tech\AppData\Local\Chromatic Browser =>PUP.Optional.ChromaticBrowser
C:\Users\tech\AppData\Local\CrashRpt =>.Superfluous.CrashReports
C:\Users\tech\AppData\Local\DriverToolkit =>PUP.Optional.DriverToolkit
C:\Users\tech\AppData\Local\Installer =>PUP.Optional.InstallPedia
C:\Users\tech\AppData\Local\Torch =>PUP.Optional.Torch
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASAPI32 =>PUP.Optional.RegistryReviver
HKLM64\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASMANCS =>PUP.Optional.RegistryReviver
HKLM64\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>PUP.Optional.TornTV
HKLM64\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>PUP.Optional.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASAPI32 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\appshat_generic_RASMANCS =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>PUP.Optional.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>PUP.Optional.BabSolution
---\\ Récapitulatif des éléments trouvées sur votre station (27) - 0s
http://www.nicolascoolman.fr/blog =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/pup-mypcbackup/ =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/pup-goobzo/ =>PUP.Optional.Goobzo
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/blog =>PUP.Optional.MoviesToolbar
http://www.nicolascoolman.fr/adware-shoppingreport/ =>PUP.Optional.ShoppingReport
http://www.nicolascoolman.fr/pup-yourfiledownloader/ =>PUP.Optional.YourFileDownloader
http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/pup-dealio/ =>PUP.Optional.Dealio
http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/blog =>PUP.Optional.DriverToolkit
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Optional.Babylon
http://www.nicolascoolman.fr/pup-tarma/ =>PUP.Optional.Tarma
http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic
http://www.nicolascoolman.fr/blog =>PUP.Optional.IHlpr
http://www.nicolascoolman.fr/blog =>PUP.Optional.MailUpdate
http://www.nicolascoolman.fr/blog =>PUP.Optional.ChromaticBrowser
http://www.nicolascoolman.fr/blog =>.Superfluous.CrashReports
http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia
http://www.nicolascoolman.fr/blog =>PUP.Optional.Torch
http://www.nicolascoolman.fr/blog =>PUP.Optional.RegistryReviver
http://www.nicolascoolman.fr/hijacker-torntv/ =>PUP.Optional.TornTV
http://www.nicolascoolman.fr/hijacker-babsolution/ =>PUP.Optional.BabSolution
~ End of the scan, 33437 items in 113 seconds (1309)(0)()