Publicité
Publicité
Commentaire : mon rapport de zhpdiag
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2018.6.17.138 Par Nicolas Coolman (2018/06/17)
~ Démarré par Boss (Administrator) (2018/06/19 10:16:32)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ Etat de la version: Version KO
~ Mode: Scanner
~ Rapport: C:\Users\Boss\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Boss\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation
---\\ NAVIGATEURS INTERNET (3) - 0s
~ GCIE: Google Chrome v67.0.3396.87
~ MFIE: Mozilla Firefox 60.0.2 (x64 fr)
~ MSIE: Internet Explorer v8.0.7601.17514
---\\ INFORMATIONS SUR LES PRODUITS WINDOWS (9) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, VOLUME_KMSCLIENT channel
~ Windows Partial Key : GPDD4
Windows License : OK
Expiration Licence Windows : 259080 minute(s) (179 jour(s))
~ Windows Remaining Initializations Number : 1
Windows Automatic Updates : OK
Windows Activation Technologies : KO
---\\ LOGICIELS DE PROTECTION (2) - 0s
Microsoft Security Essentials v4.10.209.0 (Protection)
Microsoft Security Client v4.10.0209.0 (Protection)
---\\ SURVEILLANCE LOGICIEL (1) - 0s
~ Adobe Reader X (Surveillance)
---\\ LOGICIELS D'OPTIMISATION (1) - 0s
~ CCleaner v5.43 (Optimisation)
---\\ LOGICIELS DE PARTAGE P2P (1) - 0s
~ µTorrent v3.5.0.43804 (P2P)
---\\ INFORMATIONS SUR LE SYSTÈME (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4083.996 MB (10% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 239 GB (86%) free of 276 GB : OK =>.Disk Space
---\\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: SAID
~ User Name: Boss
~ Logged in as Administrator
---\\ ÉNUMÉRATION DES UNITÉS DE STOCKAGE (3) - 0s
~ Drive C: has 239 GB free of 276 GB (System)
~ Drive D: has 123 GB free of 199 GB
~ Drive G: has 0 GB free of 1 GB
---\\ ÉTAT DU CENTRE DE SÉCURITÉ WINDOWS (10) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ RECHERCHE PARTICULIÈRE DE FICHIERS GÉNÉRIQUES (26) - 2s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 21/11/2010 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - 21/11/2010 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 21/11/2010 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 21/11/2010 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 21/11/2010 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - 12/04/2011 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] =>.Microsoft Corporation
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 21/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Corporation
[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - 21/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation
[MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 21/11/2010 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Corporation
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 21/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Corporation
---\\ LISTE DES SERVICES (Non désactivés) (57) - 9s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: C:\Windows\System32\audiosrv.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Service Audio Windows.) - C:\Windows\System32\Audiosrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\audiosrv.dll (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) - C:\Windows\System32\Audiosrv.dll =>.Microsoft Corporation
O23 - Service: Background Logic Handler (backlh) . (. - ExtManager.) - C:\ProgramData\Logic Cramble\set.exe =>PUP.Optional.LogicHandler
O23 - Service: C:\Windows\System32\bfe.dll (BFE) . (.Microsoft Corporation - Moteur de filtrage de base.) - C:\Windows\System32\bfe.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\qmgr.dll (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) - C:\Windows\System32\qmgr.dll =>.Microsoft Corporation
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) . (.Microsoft Corporation - .NET Runtime Optimization Service.) - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe {6105573300010000006E} =>.Microsoft Corporation
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X64 (clr_optimization_v4.0.30319_64) . (.Microsoft Corporation - .NET Runtime Optimization Service.) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe {6105573300010000006E} =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Services de chiffrement.) - C:\Windows\System32\cryptsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cscsvc.dll (CscService) . (.Microsoft Corporation - DLL du service CSC.) - C:\Windows\System32\cscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - Service client DHCP.) - C:\Windows\System32\dhcpcore.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - Service de résolution du cache DNS.) - C:\Windows\System32\dnsrslvr.dll =>.Microsoft Corporation
O23 - Service: ellfService (ellfService) . (...) - C:\ProgramData\ellfService\ellfService.exe {00BA10A33204664713A8690A55F0AD7176} =>PUP.Optional.Youndoo
O23 - Service: C:\Windows\System32\wevtsvc.dll (eventlog) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Service de cache de police Windows.) - C:\Windows\System32\FntCache.dll =>.Microsoft Corporation
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) - C:\Windows\System32\gpsvc.dll =>.Microsoft Corporation
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc. - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe =>.HP Inc.®
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation - Intel® Management Engine Firmware®
O23 - Service: C:\Windows\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - C:\Windows\System32\iphlpsvc.dll =>.Microsoft Corporation
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
O23 - Service: C:\Windows\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - DLL du service Serveur.) - C:\Windows\System32\srvsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - DLL du service Station de travail.) - C:\Windows\System32\wkssvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\lmhsvc.dll (lmhosts) . (.Microsoft Corporation - DLL des services de transport NetBIOS sur T.) - C:\Windows\System32\lmhsvc.dll =>.Microsoft Corporation
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
O23 - Service: C:\Windows\System32\mmcss.dll (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) - C:\Windows\System32\mmcss.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (MpsSvc) . (.Microsoft Corporation - Service de protection Microsoft.) - C:\Windows\System32\mpssvc.dll =>.Microsoft Corporation
O23 - Service: Microsoft Antimalware Service (MsMpSvc) . (.Microsoft Corporation - Antimalware Service Executable.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe =>.Microsoft Corporation®
O23 - Service: Prefs Secure (Nettrans) . (. - Network Packet Monitor.) - C:\ProgramData\PrefsSecure\Nettrans.exe =>PUP.Optional.LogicHandler
O23 - Service: C:\Windows\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Connaissance des emplacements réseau 2.) - C:\Windows\System32\nlasvc.dll =>.Microsoft Corporation
O23 - Service: novaPDF Server (NovaPdfServer) . (.Microsoft - novaPDF Server.) - C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe =>.Softland S.R.L.®
O23 - Service: C:\Windows\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Serveur RPC de l’interface du magasin résea.) - C:\Windows\System32\nsisvc.dll =>.Microsoft Corporation
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 332.2.) - C:\Windows\system32\nvvsvc.exe =>.NVIDIA Corporation
O23 - Service: C:\Windows\System32\pcasvc.dll (PcaSvc) . (.Microsoft Corporation - Service de l’Assistant Compatibilité des pr.) - C:\Windows\System32\pcasvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\umpnpmgr.dll (PlugPlay) . (.Microsoft Corporation - Service mode utilisateur de Plug-and-Play.) - C:\Windows\System32\umpnpmgr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\umpo.dll (Power) . (.Microsoft Corporation - Service d’alimentation en mode utilisateur.) - C:\Windows\System32\umpo.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\Windows\System32\profsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - Mappeur de point de terminaison RPC.) - C:\Windows\System32\RpcEpMap.dll =>.Microsoft Corporation
O23 - Service: @oleres.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\Windows\System32\rpcss.dll =>.Microsoft Corporation
O23 - Service: saiyi technology limit (saiyitechnology) . (.PandaViewer - .) - C:\ProgramData\yahoochrome_D\desktop186.exe =>Hijacker.Browser
O23 - Service: C:\Windows\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) - C:\Windows\System32\schedsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\Sens.dll (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) - C:\Windows\System32\Sens.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) - C:\Windows\System32\shsvcs.dll =>.Microsoft Corporation
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: C:\Windows\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Application sous-système spouleur.) - C:\Windows\System32\spoolsv.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Service de la plateforme de protection logi.) - C:\Windows\System32\sppsvc.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wiaservc.dll (stisvc) . (.Microsoft Corporation - Service de périphériques d’images fixes.) - C:\Windows\System32\wiaservc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - Hôte de service Superfetch.) - C:\Windows\System32\sysmain.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\themeservice.dll (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) - C:\Windows\System32\themeservice.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dwm.exe,-2000 (UxSms) . (.Microsoft Corporation - Microsoft User Experience Session Managemen.) - C:\Windows\System32\uxsms.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\Windows\System32\wbem\WMIsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wlansvc.dll (Wlansvc) . (.Microsoft Corporation - DLL du service de configuration automatique.) - C:\Windows\System32\wlansvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Service Centre de sécurité de Windows.) - C:\Windows\System32\wscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - C:\Windows\System32\SearchIndexer.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) - C:\Windows\System32\wuaueng.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wudfsvc.dll (wudfsvc) . (.Microsoft Corporation - Windows Driver Foundation - Service d’infra.) - C:\Windows\System32\WUDFSvc.dll =>.Microsoft Corporation
---\\ SERVICES NON MICROSOFT (SR=Démarré,SS=Stoppé) (17) - 22s
SR - Auto [24/09/2015] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SR - Auto [18/06/2018] [ 3780096] Background Logic Handler (backlh) . (...) - C:\ProgramData\Logic Cramble\set.exe =>PUP.Optional.LogicHandler
SS - Demand [24/08/2013] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - Software and Firmware Products®
SR - Auto [18/06/2018] [ 1131728] ellfService (ellfService) . (...) - C:\ProgramData\ellfService\ellfService.exe {00BA10A33204664713A8690A55F0AD7176} =>PUP.Optional.Youndoo
SS - Demand [28/04/2015] [ 1102472] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe =>.Hewlett-Packard Company®
SR - Auto [02/05/2018] [ 332656] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc..) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe =>.HP Inc.®
SR - Auto [27/08/2013] [ 747520] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
SS - Demand [27/08/2013] [ 828376] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service®
SR - Auto [22/02/2017] [ 131544] Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation - Intel® Management Engine Firmware®
SR - Auto [22/02/2017] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
SR - Auto [22/02/2017] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
SS - Demand [12/06/2018] [ 194512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [18/06/2018] [ 43520] Prefs Secure (Nettrans) . (...) - C:\ProgramData\PrefsSecure\Nettrans.exe =>PUP.Optional.LogicHandler
SS - Auto [19/12/2013] [ 922912] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe =>.NVIDIA Corporation®
SS - Auto [21/05/2018] [ 517432] saiyi technology limit (saiyitechnology) . (.PandaViewer.) - C:\ProgramData\yahoochrome_D\desktop186.exe =>Hijacker.Browser =>Hijacker.Browser
SS - Auto [18/07/2017] [ 317408] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SS - Demand [17/06/2018] [ 593920] SystemUpdate64 (SystemUpdate64) . (.SystemaRev.) - C:\Program Files\SystemaRev\RevServicesX\SystemUpdate64x.exe =>Trojan.Agent
---\\ TÂCHES PLANIFIÉES EN AUTOMATIQUE (Registre) (42) - 78s
O38 - TASK: {12EFB363-688B-4620-8351-B8E803D2274D} [64Bits][\Update_4.0.10] - (.SystemaRev - SystemUpdate64x 4.0.10.) -- C:\Program Files\SystemaRev\RevServicesX\SystemUpdate64x.exe [593920] =>Trojan.Agent
O38 - TASK: {3249588A-B062-459F-A8FC-95F863DD9C76} [64Bits][\{49CBE634-3501-6F0E-F0EA-60B592492738}] - (.Microsoft Corporation - Windows® installer.) -- C:\Program Files (x86)\EiPdaxGyo.exe [73216] [/q /i http://freshrefreshnerer186.info/2292R6wNZSl] =>Adware.TasksRedirect
O38 - TASK: {34F5F74C-C238-4365-939C-67FC81E6B969} [64Bits][\GoogleUpdateSecurityTaskMachine_SY] - (. - HandlerExecution.) -- C:\Users\Boss\AppData\Roaming\314167cb8d0b4418a5cdad8e89a566ad\HandlerExecution.exe [8192]
O38 - TASK: {462DC1A6-FB38-4BDB-B438-AD7DEE0AED59} [64Bits][\doPDF Update] - (. - UpdateApplication.) -- C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [654336]
O38 - TASK: {4A60A05F-8AF0-4275-BD8D-5C944A9A2A45} [64Bits][\GoogleUpdateSecurityTaskMachine_SV] - (. - HandlerExecution.) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\HandlerExecution.exe [8192]
O38 - TASK: {52F15CDA-6F44-4546-B981-6F7549B35665} [64Bits][\GoogleUpdateSecurityTaskMachine_TN] - (. - HandlerExecution.) -- C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a\HandlerExecution.exe [8192]
O38 - TASK: {57DDF491-BE97-44C8-8A15-795F908AB4EC} [64Bits][\{32D00B6F-F2C5-35DA-740F-AD649242F953}] - (.Microsoft Corporation - Windows® installer.) -- C:\Windows\ojaGor.exe [73216] [/q /i http://freshrefreshnerer186.info/Qg8NZ6e9.gA] =>Adware.TasksRedirect
O38 - TASK: {5F8D016F-B007-4988-9559-F2BCAE69A798} [64Bits][\CCleaner Update] - (.Piriform Ltd - CCleaner emergency updater.) -- C:\Program Files\CCleaner\CCUpdate.exe [532176] =>.Piriform Ltd
O38 - TASK: {733915A8-9DBF-43FE-A69C-0F17C3749CAC} [64Bits][\KnPQHVchzdGfrlHaz2] - (...) -- C:\Program Files (x86)\OxoywZINBbQwrioRGrR\watktxG.dll [3574227]
O38 - TASK: {73581B9A-255B-4F03-8935-BBF999BCAE97} [64Bits][\Wevice a Art Home Simulator] - (...) -- C:\Program Files\Wevice a Art Home Simulator\Wevice a Art Home Simulator.dll [3631104]
O38 - TASK: {79E22353-397E-41B0-8E95-C44446F00A68} [64Bits][\RestoreRevTask] - (...) -- C:\Program Files\Common Files\restore_rev.bat [164]
O38 - TASK: {8D2BCDE2-D092-4742-9208-8F79E93D25ED} [64Bits][\TdqeVjasHzsikvrWtEm2] - (...) -- C:\Program Files (x86)\wCCFxMJCsZmzC\OJrsGfq.dll [3552211]
O38 - TASK: {B2107CB5-4304-4224-A241-04B20E9A7B7B} [64Bits][\rArHIXNWKfbeRtR2] - (...) -- C:\Program Files (x86)\EgDGbQEiU\AXcnbL.dll [256000]
O38 - TASK: {B3EBE08D-1493-42AA-A418-9676BCEF51BB} [64Bits][\{0D490574-3B8F-3092-DC71-0E0377C96287}] - (.Microsoft Corporation - Windows® installer.) -- C:\Users\Boss\AppData\Roaming\RBlEuqIya.exe [73216] [/q /i http://freshrefreshnerer186rb.info/hLn0nw1V3] =>Adware.TasksRedirect
O38 - TASK: {BC321EDD-13A2-423F-8095-B29C75457D2B} [64Bits][\XLqsfoKFUKuTqG] - (...) -- C:\Program Files (x86)\ijcQGTqqPStU2\wAkXacrnBbCLm.dll [3528147]
O38 - TASK: {BE5A360C-EBDD-451F-99D9-BB60B9738986} [64Bits][\GoogleUpdateSecurityTaskMachine_YK] - (. - HandlerExecution.) -- C:\Users\Boss\AppData\Local\Temp\307e73b0368d4bf298e925b8bfc972dd\HandlerExecution.exe [8192]
O38 - TASK: {BEBD40E2-A582-4455-AC3B-35746A94B06A} [64Bits][\CCleanerSkipUAC] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [13643880] =>.Piriform Ltd
O38 - TASK: {DB4ACD2E-0F70-49A2-85C5-4C2B8AF453C1} [64Bits][\{51AD4E75-D4F3-9F0A-A118-A9DEF52AA51E}] - (.Microsoft Corporation - Windows® installer.) -- C:\Windows\goYMyUt.exe [73216] [/q /i http://freshrefreshnerer186rb.info/73aJ8AhyQ] =>Adware.TasksRedirect
O38 - TASK: {DFD0F018-D71F-4214-9FE4-14E55D2CAC49} [64Bits][\Spot Arabic - Volume] - (...) -- C:\Program Files\Spot Arabic - Volume\Spot Arabic - Volume.dll [4614144]
O38 - TASK: {E38C2E31-F5AA-43BA-A058-EE4C4B9DAFE0} [64Bits][\GoogleUpdateSecurityTaskMachine_FR] - (. - HandlerExecution.) -- C:\ProgramData\959924f715474eb48b64e9340ac14260\HandlerExecution.exe [8192]
O38 - TASK: {F8BDBC6D-27F8-481B-85D0-59C65AF509EB} [64Bits][\Opera scheduled Autoupdate 4086469641] - (...) -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\rtugvirb\urfwtcsb.exe [149504]
C:\Windows\System32\Tasks\Update_4.0.10 - (.SystemaRev.) -- C:\Program Files\SystemaRev\RevServicesX\SystemUpdate64x.exe [/silentall -nofreqcheck -nogui./silentall] =>Trojan.Agent
C:\Windows\System32\Tasks\{49CBE634-3501-6F0E-F0EA-60B592492738} - (.Microsoft Corporation.) -- C:\Program Files (x86)\EiPdaxGyo.exe [/q /i http://freshrefreshnerer186.info/2292R6wNZSl] [/q /i http://freshrefreshnerer186.info/2292R6wNZSl] =>Adware.TasksRedirect
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_SY - (..) -- C:\Users\Boss\AppData\Roaming\314167cb8d0b4418a5cdad8e89a566ad\HandlerExecution.exe [AiLPXENn+0O9fxaif/E1z/+t8PzNdT1l80bvG9HhjMh46rwaDx]
C:\Windows\System32\Tasks\doPDF Update - (..) -- C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [/oem=doPdf8_Softland ./oem=doPdf8_Softland]
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_SV - (..) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\HandlerExecution.exe [bIIwiMKpZJ/l/YFwO0KErsZ7rJlKLxUxk/7hwDg/c/6ZSe6Alj]
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_TN - (..) -- C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a\HandlerExecution.exe [AiLPXENn+0O9fxaif/E1z/+t8PzNdT1l80bvG9HhjMh46rwaDx]
C:\Windows\System32\Tasks\{32D00B6F-F2C5-35DA-740F-AD649242F953} - (.Microsoft Corporation.) -- C:\Windows\ojaGor.exe [/q /i http://freshrefreshnerer186.info/Qg8NZ6e9.gA] [/q /i http://freshrefreshnerer186.info/Qg8NZ6e9.gA] =>Adware.TasksRedirect
C:\Windows\System32\Tasks\CCleaner Update - (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCUpdate.exe [] =>.Piriform Ltd
C:\Windows\System32\Tasks\KnPQHVchzdGfrlHaz2 - (...) -- C:\Program Files (x86)\OxoywZINBbQwrioRGrR\watktxG.dll [C:\Program Files (x86)\OxoywZINBbQwrioRGrR\watktxG.dll]
C:\Windows\System32\Tasks\Wevice a Art Home Simulator - (...) -- C:\Program Files\Wevice a Art Home Simulator\Wevice a Art Home Simulator.dll [C:\Program Files\Wevice a Art Home Simulator\Wevice a Art Home Simulator.dll]
C:\Windows\System32\Tasks\RestoreRevTask - (...) -- C:\Program Files\Common Files\restore_rev.bat []
C:\Windows\System32\Tasks\TdqeVjasHzsikvrWtEm2 - (...) -- C:\Program Files (x86)\wCCFxMJCsZmzC\OJrsGfq.dll [C:\Program Files (x86)\wCCFxMJCsZmzC\OJrsGfq.dll]
C:\Windows\System32\Tasks\rArHIXNWKfbeRtR2 - (...) -- C:\Program Files (x86)\EgDGbQEiU\AXcnbL.dll [C:\Program Files (x86)\EgDGbQEiU\AXcnbL.dll]
C:\Windows\System32\Tasks\{0D490574-3B8F-3092-DC71-0E0377C96287} - (.Microsoft Corporation.) -- C:\Users\Boss\AppData\Roaming\RBlEuqIya.exe [/q /i http://freshrefreshnerer186rb.info/hLn0nw1V3] [/q /i http://freshrefreshnerer186rb.info/hLn0nw1V3] =>Adware.TasksRedirect
C:\Windows\System32\Tasks\XLqsfoKFUKuTqG - (...) -- C:\Program Files (x86)\ijcQGTqqPStU2\wAkXacrnBbCLm.dll [C:\Program Files (x86)\ijcQGTqqPStU2\wAkXacrnBbCLm.dll]
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_YK - (..) -- C:\Users\Boss\AppData\Local\Temp\307e73b0368d4bf298e925b8bfc972dd\HandlerExecution.exe [pQUkSdAdDReSWNiKVt4wlzMriNt8lZYPybe1DD2AiyGZSe6Alj]
C:\Windows\System32\Tasks\CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [$(Arg0)] =>.Piriform Ltd
C:\Windows\System32\Tasks\{51AD4E75-D4F3-9F0A-A118-A9DEF52AA51E} - (.Microsoft Corporation.) -- C:\Windows\goYMyUt.exe [/q /i http://freshrefreshnerer186rb.info/73aJ8AhyQ] [/q /i http://freshrefreshnerer186rb.info/73aJ8AhyQ] =>Adware.TasksRedirect
C:\Windows\System32\Tasks\Spot Arabic - Volume - (...) -- C:\Program Files\Spot Arabic - Volume\Spot Arabic - Volume.dll [C:\Program Files\Spot Arabic - Volume\Spot Arabic - Volume.dll]
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_FR - (..) -- C:\ProgramData\959924f715474eb48b64e9340ac14260\HandlerExecution.exe [bIIwiMKpZJ/l/YFwO0KErsZ7rJlKLxUxk/7hwDg/c/6ZSe6Alj]
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 4086469641 - (...) -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\rtugvirb\urfwtcsb.exe []
---\\ APPLICATIONS LANCÉES AU DÉMARRAGE DU SYSTÈME (218) - 56s
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe =>.Intel Corporation
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe =>.Intel Corporation
O4 - HKLM\..\Run: [rundll32] . (...) -- C:\Program Files\Wevice a Art Home Simulator\Wevice a Art Home Simulator.dll
O4 - HKLM\..\Run: [JServicesManager] . (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation®
O4 - HKLM\..\RunOnce: [tp2brwavj0y] . (. - SanOo.) -- C:\Program Files (x86)\AAAZZZ\190880.exe
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_V3SB9] . (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-VN8AG.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_V7YIZ] . (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-R95IK.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_1CJW2] . (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-GR2SV.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_0WMHX] . (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-B2J5P.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_I7RD8] . (.ROFN - ROFNT.) -- C:\Users\Boss\AppData\Local\Temp\is-J078D.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_WLFZO] . (.TFIRB - TFIRB.) -- C:\Users\Boss\AppData\Local\Temp\is-SGPE7.tmp\up.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKCU\..\Run: [PrintToPDF] . (. - Print_To_PDF_Config.) -- C:\Program Files\Free PDF Solutions\Print To PDF\Print_To_PDF_Config.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - HKCU\..\Run: [LPuosp1TlR.exe] . (. - PackageProvider.) -- C:\Program Files\Windows Sidebar\XMBRK641UQYN03LLSNI0V0QWFA\LPuosp1TlR.exe
O4 - HKCU\..\Run: [I8CWS1SWYRJCYCZ] . (.%ZZ46XN1 - .) -- C:\Program Files\4RJYZ4FLY1\4RJYZ4FLY.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [6125488] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe
O4 - HKCU\..\Run: [255931] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe
O4 - HKCU\..\Run: [YKR3C4PD4QVV2GR] . (.%ZZ46XN1 - .) -- C:\Program Files\4N2XTR691F\4N2XTR691.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [1066770] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe
O4 - HKCU\..\Run: [6636207] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe
O4 - HKCU\..\Run: [5BT2E1G7PK0BWU0] . (.%ZZ46XN1 - .) -- C:\Program Files\IY73DZJN1A\2Q24L2L7U.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [OD6NT1AY47SI489] . (.%ZZ46XN1 - .) -- C:\Program Files\UEP61973CJ\UEP61973C.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [535399] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe
O4 - HKCU\..\Run: [4747377] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe
O4 - HKCU\..\Run: [8912136] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe
O4 - HKCU\..\Run: [4576838] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe
O4 - HKCU\..\Run: [5OAZQI2LSKM3FOL] . (. - LJZ.) -- C:\Program Files\DZVTM5DNXU\DZVTM5DNX.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [7RZYXA9EBBO7CJ7] . (. - LJZ.) -- C:\Program Files\EF044BI1YY\EF044BI1Y.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [5099347] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe
O4 - HKCU\..\Run: [XDM6OAX8AIFB0FI] . (. - LJZ.) -- C:\Program Files\MOUNR5U7CO\MOUNR5U7C.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [2894337] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe
O4 - HKCU\..\Run: [MY2XVUXT7WCW2FR] . (. - LJZ.) -- C:\Program Files\DKQ9ELO4CM\7Y7G6PEN7.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [3869858] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe
O4 - HKCU\..\Run: [6420086] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe
O4 - HKCU\..\Run: [3922761] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe
O4 - HKCU\..\Run: [HUZ6DFTQLQKAJ1J] . (. - LJZ.) -- C:\Program Files\7KV3ACDMTO\7KV3ACDMT.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [DTDPTXH3K46HEG5] . (. - LJZ.) -- C:\Program Files\23L6WSE3LA\23L6WSE3L.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [9284153] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe
O4 - HKCU\..\Run: [715067] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe
O4 - HKCU\..\Run: [5AL51DAELQ61ZZ2] . (. - LJZ.) -- C:\Program Files\CXFWDCVC0N\CXFWDCVC0.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [931793] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe
O4 - HKCU\..\Run: [OLE8OV9N0NTN5OB] . (. - LJZ.) -- C:\Program Files\0IP40NNURL\0IP40NNUR.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [5386803] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe
O4 - HKCU\..\Run: [8813188] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe
O4 - HKCU\..\Run: [6387857] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe
O4 - HKCU\..\Run: [DEYCUNSBVJN5RG6] . (. - LJZ.) -- C:\Program Files\BCQQKEZTW6\Y7MX72MBI.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [JKHRSL0Z996SOXF] . (. - LJZ.) -- C:\Program Files\JF5F9TWOH8\JF5F9TWOH.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [5138180] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe
O4 - HKCU\..\Run: [QHOICKXWPX.exe] . (.Copyright - .) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\QHOICKXWPX.exe
O4 - HKCU\..\Run: [6503659] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe
O4 - HKCU\..\Run: [ZT67JV2BUQE6GBO] . (. - LJZ.) -- C:\Program Files\O8SRM406DJ\O8SRM406D.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [3639185] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe
O4 - HKCU\..\Run: [100125] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe
O4 - HKCU\..\Run: [HAL8FI3TN32MH62] . (. - LJZ.) -- C:\Program Files\XBZEUQP4OX\9K8FXDNO9.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [POL5E9WTLMR8RIT] . (. - LJZ.) -- C:\Program Files\Q8BSUMTKUH\9K8FXDNO9.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [4570198] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe
O4 - HKCU\..\Run: [5745109] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe
O4 - HKCU\..\Run: [5798024] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe
O4 - HKCU\..\Run: [7402951] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe
O4 - HKCU\..\Run: [3392918] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe
O4 - HKCU\..\Run: [M6MVJTTYDEGTSL0] . (.ROFN - ROFNT.) -- C:\Program Files\HHDVUWO3MW\H4MNFV2OE.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [QRBXZYX4Z2P7FIS] . (.ROFN - ROFNT.) -- C:\Program Files\RIO1WF5WR1\4FG87VWNF.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [6274540] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe
O4 - HKCU\..\Run: [852997] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe
O4 - HKCU\..\Run: [1ETYASYW3V00VZS] . (.ROFN - ROFNT.) -- C:\Program Files\UKLSHLMZBX\UKLSHLMZB.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [4328810] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe
O4 - HKCU\..\Run: [3544482] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe
O4 - HKCU\..\Run: [SWKB4HOYYSQLZX7] . (.ROFN - ROFNT.) -- C:\Program Files\RIJN2Z22I4\RIJN2Z22I.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [AOLMKTK78BOD83E] . (.ROFN - ROFNT.) -- C:\Program Files\QUH4P9I665\QUH4P9I66.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [TFVTCYEE60N1MR5] . (.ROFN - ROFNT.) -- C:\Program Files\LAPLRC4S52\AO2F7BHU4.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [8818952] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hufopmim0n1\av0sqaq5hgu.exe
O4 - HKCU\..\Run: [5061173] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe
O4 - HKCU\..\Run: [PND44T8JYN58KKY] . (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [4554055] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe
O4 - HKCU\..\Run: [7960684] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe
O4 - HKCU\..\Run: [C661RFPISDMZS55] . (.XKSTV - XKSTVF.) -- C:\Program Files\OUN3UTN243\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [3OWEM3ELNADKW4L] . (.XKSTV - XKSTVF.) -- C:\Program Files\51S1MQLHBR\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [7HCOZSQ57WB22KD] . (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\B8NUC532C.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [JServicesManager] . (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
O4 - HKCU\..\Run: [417731] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe
O4 - HKCU\..\Run: [2VVWM0M1FTGTKK9] . (.XKSTV - XKSTVF.) -- C:\Program Files\PZ77R66BSC\PZ77R66BS.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [2109060] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe
O4 - HKCU\..\Run: [KH30Y7FKGLFAZ5T] . (.XKSTV - XKSTVF.) -- C:\Program Files\0CC1QIJSJR\I4DC6UF1U.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [AN1XHBOO1RP9EGL] . (.XKSTV - XKSTVF.) -- C:\Program Files\E97JWYQPWS\E97JWYQPW.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [49Q7U243LKVWKDI] . (.XKSTV - XKSTVF.) -- C:\Program Files\59FTT6TX6N\59FTT6TX6.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [1952070] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe
O4 - HKCU\..\Run: [GRIJJEE4HA58F1K] . (.XKSTV - XKSTVF.) -- C:\Program Files\NCS9KETNVR\NCS9KETNV.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [1230171] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe
O4 - HKCU\..\Run: [BA5B9VZEKZNJSO9] . (.XKSTV - XKSTVF.) -- C:\Program Files\2B1ZGSCKRL\2B1ZGSCKR.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [9619388] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe
O4 - HKCU\..\Run: [5574024] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe
O4 - HKCU\..\Run: [3267384] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe
O4 - HKCU\..\Run: [6139207] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe
O4 - HKCU\..\Run: [YMSBA3XYC35F3IA] . (.XKSTV - XKSTVF.) -- C:\Program Files\JSTAJHCVC7\JSTAJHCVC.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [LNRX3QQU436PTYH] . (.XKSTV - XKSTVF.) -- C:\Program Files\V2TI5WPWUS\V2TI5WPWU.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [PFFM6POMVKEBA04] . (.TFIRB - TFIRB.) -- C:\Program Files\8VEUIXN1JS\8VEUIXN1J.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [5371368] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe
O4 - HKCU\..\Run: [7262951] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe
O4 - HKCU\..\Run: [XGBJ7LVNVJSBHW6] . (.TFIRB - TFIRB.) -- C:\Program Files\06UK5MMVGE\06UK5MMVG.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKCU\..\Run: [MOF41FKWWP9BDLI] . (. - 5HG%FNMO.) -- C:\Program Files\J1EOM5NN6Q\J1EOM5NN6.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [6334670] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe
O4 - HKCU\..\Run: [ZDJK6LEPTF75ZTD] . (. - 5HG%FNMO.) -- C:\Program Files\9GC25M9TIX\9GC25M9TI.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [6697299] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\jum1zmblfzl\mu3ew1mrmma.exe
O4 - HKCU\..\Run: [4644125] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe
O4 - HKCU\..\Run: [032KD2756E2NBUQ] . (. - 5HG%FNMO.) -- C:\Program Files\Z2GOWJEWBY\Z2GOWJEWB.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [7614726] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe
O4 - HKCU\..\Run: [A6IU6GNDYMAOQPS] . (. - 5HG%FNMO.) -- C:\Program Files\KYOP6JTQ2X\KYOP6JTQ2.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [3193692] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe
O4 - HKCU\..\Run: [259792] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5\421qmditfqu.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation®
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [JServicesManager] . (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
O4 - HKLM\..\Wow6432Node\Run: [chrome] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [PrintToPDF] . (. - Print_To_PDF_Config.) -- C:\Program Files\Free PDF Solutions\Print To PDF\Print_To_PDF_Config.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [LPuosp1TlR.exe] . (. - PackageProvider.) -- C:\Program Files\Windows Sidebar\XMBRK641UQYN03LLSNI0V0QWFA\LPuosp1TlR.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [I8CWS1SWYRJCYCZ] . (.%ZZ46XN1 - .) -- C:\Program Files\4RJYZ4FLY1\4RJYZ4FLY.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6125488] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [255931] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [YKR3C4PD4QVV2GR] . (.%ZZ46XN1 - .) -- C:\Program Files\4N2XTR691F\4N2XTR691.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [1066770] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6636207] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5BT2E1G7PK0BWU0] . (.%ZZ46XN1 - .) -- C:\Program Files\IY73DZJN1A\2Q24L2L7U.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [OD6NT1AY47SI489] . (.%ZZ46XN1 - .) -- C:\Program Files\UEP61973CJ\UEP61973C.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [535399] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4747377] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [8912136] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4576838] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5OAZQI2LSKM3FOL] . (. - LJZ.) -- C:\Program Files\DZVTM5DNXU\DZVTM5DNX.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7RZYXA9EBBO7CJ7] . (. - LJZ.) -- C:\Program Files\EF044BI1YY\EF044BI1Y.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5099347] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [XDM6OAX8AIFB0FI] . (. - LJZ.) -- C:\Program Files\MOUNR5U7CO\MOUNR5U7C.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [2894337] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [MY2XVUXT7WCW2FR] . (. - LJZ.) -- C:\Program Files\DKQ9ELO4CM\7Y7G6PEN7.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3869858] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6420086] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3922761] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [HUZ6DFTQLQKAJ1J] . (. - LJZ.) -- C:\Program Files\7KV3ACDMTO\7KV3ACDMT.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [DTDPTXH3K46HEG5] . (. - LJZ.) -- C:\Program Files\23L6WSE3LA\23L6WSE3L.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [9284153] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [715067] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5AL51DAELQ61ZZ2] . (. - LJZ.) -- C:\Program Files\CXFWDCVC0N\CXFWDCVC0.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [931793] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [OLE8OV9N0NTN5OB] . (. - LJZ.) -- C:\Program Files\0IP40NNURL\0IP40NNUR.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5386803] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [8813188] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6387857] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [DEYCUNSBVJN5RG6] . (. - LJZ.) -- C:\Program Files\BCQQKEZTW6\Y7MX72MBI.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [JKHRSL0Z996SOXF] . (. - LJZ.) -- C:\Program Files\JF5F9TWOH8\JF5F9TWOH.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5138180] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [QHOICKXWPX.exe] . (.Copyright - .) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\QHOICKXWPX.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6503659] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [ZT67JV2BUQE6GBO] . (. - LJZ.) -- C:\Program Files\O8SRM406DJ\O8SRM406D.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3639185] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [100125] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [HAL8FI3TN32MH62] . (. - LJZ.) -- C:\Program Files\XBZEUQP4OX\9K8FXDNO9.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [POL5E9WTLMR8RIT] . (. - LJZ.) -- C:\Program Files\Q8BSUMTKUH\9K8FXDNO9.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4570198] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5745109] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5798024] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7402951] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3392918] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [M6MVJTTYDEGTSL0] . (.ROFN - ROFNT.) -- C:\Program Files\HHDVUWO3MW\H4MNFV2OE.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [QRBXZYX4Z2P7FIS] . (.ROFN - ROFNT.) -- C:\Program Files\RIO1WF5WR1\4FG87VWNF.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6274540] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [852997] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [1ETYASYW3V00VZS] . (.ROFN - ROFNT.) -- C:\Program Files\UKLSHLMZBX\UKLSHLMZB.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4328810] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3544482] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [SWKB4HOYYSQLZX7] . (.ROFN - ROFNT.) -- C:\Program Files\RIJN2Z22I4\RIJN2Z22I.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [AOLMKTK78BOD83E] . (.ROFN - ROFNT.) -- C:\Program Files\QUH4P9I665\QUH4P9I66.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [TFVTCYEE60N1MR5] . (.ROFN - ROFNT.) -- C:\Program Files\LAPLRC4S52\AO2F7BHU4.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [8818952] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hufopmim0n1\av0sqaq5hgu.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5061173] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [PND44T8JYN58KKY] . (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4554055] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7960684] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [C661RFPISDMZS55] . (.XKSTV - XKSTVF.) -- C:\Program Files\OUN3UTN243\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3OWEM3ELNADKW4L] . (.XKSTV - XKSTVF.) -- C:\Program Files\51S1MQLHBR\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7HCOZSQ57WB22KD] . (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\B8NUC532C.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [JServicesManager] . (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [417731] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [2VVWM0M1FTGTKK9] . (.XKSTV - XKSTVF.) -- C:\Program Files\PZ77R66BSC\PZ77R66BS.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [2109060] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [KH30Y7FKGLFAZ5T] . (.XKSTV - XKSTVF.) -- C:\Program Files\0CC1QIJSJR\I4DC6UF1U.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [AN1XHBOO1RP9EGL] . (.XKSTV - XKSTVF.) -- C:\Program Files\E97JWYQPWS\E97JWYQPW.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [49Q7U243LKVWKDI] . (.XKSTV - XKSTVF.) -- C:\Program Files\59FTT6TX6N\59FTT6TX6.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [1952070] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [GRIJJEE4HA58F1K] . (.XKSTV - XKSTVF.) -- C:\Program Files\NCS9KETNVR\NCS9KETNV.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [1230171] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [BA5B9VZEKZNJSO9] . (.XKSTV - XKSTVF.) -- C:\Program Files\2B1ZGSCKRL\2B1ZGSCKR.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [9619388] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5574024] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3267384] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6139207] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [YMSBA3XYC35F3IA] . (.XKSTV - XKSTVF.) -- C:\Program Files\JSTAJHCVC7\JSTAJHCVC.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [LNRX3QQU436PTYH] . (.XKSTV - XKSTVF.) -- C:\Program Files\V2TI5WPWUS\V2TI5WPWU.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [PFFM6POMVKEBA04] . (.TFIRB - TFIRB.) -- C:\Program Files\8VEUIXN1JS\8VEUIXN1J.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5371368] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7262951] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [XGBJ7LVNVJSBHW6] . (.TFIRB - TFIRB.) -- C:\Program Files\06UK5MMVGE\06UK5MMVG.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [MOF41FKWWP9BDLI] . (. - 5HG%FNMO.) -- C:\Program Files\J1EOM5NN6Q\J1EOM5NN6.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6334670] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [ZDJK6LEPTF75ZTD] . (. - 5HG%FNMO.) -- C:\Program Files\9GC25M9TIX\9GC25M9TI.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6697299] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\jum1zmblfzl\mu3ew1mrmma.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4644125] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [032KD2756E2NBUQ] . (. - 5HG%FNMO.) -- C:\Program Files\Z2GOWJEWBY\Z2GOWJEWB.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7614726] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [A6IU6GNDYMAOQPS] . (. - 5HG%FNMO.) -- C:\Program Files\KYOP6JTQ2X\KYOP6JTQ2.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3193692] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [259792] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5\421qmditfqu.exe
---\\ PROCESSUS LANCÉS (223) - 186s
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1728] =>.Adobe Systems, Incorporated®
[MD5.E633D69DA35942B1206815A42F094205] - (. - ExtManager.) -- C:\ProgramData\Logic Cramble\set.exe [3780096] [PID.1752]
[MD5.80DACE127AD4CC01FA67DD1F1EB4FAE6] - (...) -- C:\ProgramData\ellfService\ellfService.exe [1131728] [PID.1820] {00BA10A33204664713A8690A55F0AD7176} =>PUP.Optional.Youndoo
[MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.2012] =>.Intel(R) Corporation
[MD5.339C65128A0A4687022F25A19F66D7D0] - (. - Network Packet Monitor.) -- C:\ProgramData\PrefsSecure\Nettrans.exe [43520] [PID.2040]
[MD5.4077277CEBDD7BDFDD638A375EABBF59] - (.Microsoft - novaPDF Server.) -- C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616] [PID.1328] =>.Softland S.R.L.®
[MD5.4EE3E5E13794A040B98A7D111B695464] - (...) -- C:\Windows\Temp\g8E9D.tmp.exe [972288] [PID.2868] =>Heuristic.Suspect
[MD5.B1510CA072444F6DDE81ECCB3FE6E6C9] - (. - SanOo.) -- C:\Program Files (x86)\AAAZZZ\190880.exe [670720] [PID.3892]
[MD5.2B9AB2EE347F56A023DD7B93C3B2AFD8] - (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-VN8AG.tmp\up.exe [52224] [PID.4016]
[MD5.2B9AB2EE347F56A023DD7B93C3B2AFD8] - (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-R95IK.tmp\up.exe [52224] [PID.3256]
[MD5.2B9AB2EE347F56A023DD7B93C3B2AFD8] - (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-GR2SV.tmp\up.exe [52224] [PID.3412]
[MD5.2B9AB2EE347F56A023DD7B93C3B2AFD8] - (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-B2J5P.tmp\up.exe [52224] [PID.2992]
[MD5.1B109720ED21E87191F6387869B13E92] - (.ROFN - ROFNT.) -- C:\Users\Boss\AppData\Local\Temp\is-J078D.tmp\up.exe [52224] [PID.3616] =>Adware.Wizzcaster
[MD5.AA1EB36E966EE0AE8BD99E4A5CEFDB0C] - (.TFIRB - TFIRB.) -- C:\Users\Boss\AppData\Local\Temp\is-SGPE7.tmp\up.exe [52224] [PID.3884] =>Adware.Wizzcaster
[MD5.7CF0F9D2179C977E7ABFCE37A390B134] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [166384] [PID.4984] =>.Intel Corporation
[MD5.50435B03298F1A3F952C36A391F1123B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [408560] [PID.4992] =>.Intel Corporation
[MD5.CAFBEC4F6353DEAC22E61719D94C89F7] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [444400] [PID.5000] =>.Intel Corporation
[MD5.21D4E0623F176AB3133B9FF6820E4622] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [530928] [PID.5048] =>.Intel Corporation
[MD5.0904BD6E1A504908BB7F567A3393C54E] - (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe [3822592] [PID.5056]
[MD5.F3701202DE3B0BD688AF3AF2BAD37CCD] - (. - Print_To_PDF_Config.) -- C:\Program Files\Free PDF Solutions\Print To PDF\Print_To_PDF_Config.exe [8704] [PID.4276]
[MD5.91AA54AF8C8D828918DF1863EFCD304E] - (. - PackageProvider.) -- C:\Program Files\Windows Sidebar\XMBRK641UQYN03LLSNI0V0QWFA\LPuosp1TlR.exe [642560] [PID.4336]
[MD5.60AA76A9A4FFF5936E050EEAE6961268] - (.%ZZ46XN1 - .) -- C:\Program Files\4RJYZ4FLY1\4RJYZ4FLY.exe [666624] [PID.4768] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe [649849] [PID.4848]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe [649849] [PID.3012]
[MD5.60AA76A9A4FFF5936E050EEAE6961268] - (.%ZZ46XN1 - .) -- C:\Program Files\4N2XTR691F\4N2XTR691.exe [666624] [PID.4944] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe [649849] [PID.4924]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe [649849] [PID.5132]
[MD5.60AA76A9A4FFF5936E050EEAE6961268] - (.%ZZ46XN1 - .) -- C:\Program Files\IY73DZJN1A\2Q24L2L7U.exe [666624] [PID.5184] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-T06DL.tmp\ueqx01fsjtb.tmp [824320] [PID.5248]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-G9A2E.tmp\ht3gp3agdld.tmp [824320] [PID.5264]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-N2RKB.tmp\a0rt0t0nxc1.tmp [824320] [PID.5284]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-0CV6K.tmp\fy2yomyxlt1.tmp [824320] [PID.5312]
[MD5.60AA76A9A4FFF5936E050EEAE6961268] - (.%ZZ46XN1 - .) -- C:\Program Files\UEP61973CJ\UEP61973C.exe [666624] [PID.5456] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe [649849] [PID.5464]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe [649849] [PID.5484]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe [649849] [PID.5500]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8N59V.tmp\rshnzkefq3a.tmp [824320] [PID.5508]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe [649849] [PID.5524]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\DZVTM5DNXU\DZVTM5DNX.exe [666624] [PID.5548] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-JNQKT.tmp\o4uultgnwco.tmp [824320] [PID.5600]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\EF044BI1YY\EF044BI1Y.exe [666624] [PID.5608] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe [649849] [PID.5636]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-I4ASG.tmp\ecp3klz3jro.tmp [824320] [PID.5644]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-LODTP.tmp\wqqyyp0wiij.tmp [824320] [PID.5656]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\MOUNR5U7CO\MOUNR5U7C.exe [666624] [PID.5668] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2CJ14.tmp\nii52ndrv14.tmp [824320] [PID.5684]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe [649849] [PID.5736]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\DKQ9ELO4CM\7Y7G6PEN7.exe [666624] [PID.5800] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe [649849] [PID.5824]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-R32NO.tmp\lbvouvxtkxm.tmp [824320] [PID.5904]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe [649849] [PID.5960]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\5jqaxe4cvws\pgtmsxmxa4t.exe [503731] [PID.6040]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-680AN.tmp\21q0oe2sxld.tmp [824320] [PID.6092]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe [649849] [PID.6124]
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-84BBJ.tmp\pgtmsxmxa4t.tmp [709632] [PID.2892]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\7KV3ACDMTO\7KV3ACDMT.exe [666624] [PID.1416] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2B8QA.tmp\tkphzgeruqu.tmp [824320] [PID.5520]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\23L6WSE3LA\23L6WSE3L.exe [666624] [PID.1996] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe [649849] [PID.3924]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2CPQF.tmp\vx3sywuyswv.tmp [824320] [PID.3808]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe [649849] [PID.3828]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\CXFWDCVC0N\CXFWDCVC0.exe [666624] [PID.6248] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe [649849] [PID.6352]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-MTBVR.tmp\juppnhlt4oj.tmp [824320] [PID.6416]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3OGJ3.tmp\ck3ckm4gaqi.tmp [824320] [PID.6452]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\0IP40NNURL\0IP40NNUR.exe [666624] [PID.6548] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe [649849] [PID.6636]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe [649849] [PID.6696]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-RES1F.tmp\vlbw0dm50qs.tmp [824320] [PID.6724]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe [649849] [PID.6760]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-6OEKD.tmp\tobuxtu40h5.tmp [824320] [PID.6868]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-VIRQM.tmp\yo5yy5fzqcc.tmp [824320] [PID.6888]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\BCQQKEZTW6\Y7MX72MBI.exe [666624] [PID.6896] =>Adware.Wizzcaster
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\JF5F9TWOH8\JF5F9TWOH.exe [666624] [PID.6920] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2QVJM.tmp\0wqk4wmokfr.tmp [824320] [PID.6992]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe [649849] [PID.7100]
[MD5.9515FCC13560CC7EA6967E766D96F7F6] - (.Copyright - .) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\QHOICKXWPX.exe [498688] [PID.7152]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe [649849] [PID.2432]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\O8SRM406DJ\O8SRM406D.exe [666624] [PID.3048] =>Adware.Wizzcaster
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\rdrkuysirug\3bncm4l4241.exe [503731] [PID.1260]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\w3nmtqzva4g\bxljdrbg3xg.exe [503731] [PID.2316]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe [649849] [PID.3176]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\3oiiusgh5zi\mxq55nft3no.exe [503731] [PID.468]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-OPVPI.tmp\itngklpavv4.tmp [824320] [PID.2112]
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-MH5K8.tmp\3bncm4l4241.tmp [709632] [PID.3780]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe [649849] [PID.3108]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\ojuozu0x55w\hiedbulpww1.exe [503731] [PID.7688]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\fygjhctaglt\eka0teczs0v.exe [503731] [PID.7736]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-CUKC7.tmp\kkq2ykcfc1m.tmp [824320] [PID.7768]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\XBZEUQP4OX\9K8FXDNO9.exe [666624] [PID.7792] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-FQF99.tmp\rqahpbschqw.tmp [824320] [PID.8028]
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-QLVO3.tmp\hiedbulpww1.tmp [709632] [PID.8036]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\Q8BSUMTKUH\9K8FXDNO9.exe [666624] [PID.8044] =>Adware.Wizzcaster
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8IMPE.tmp\bxljdrbg3xg.tmp [709632] [PID.8136]
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-4KE8S.tmp\mxq55nft3no.tmp [709632] [PID.8148]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3UBGR.tmp\cte00yfqysm.tmp [824320] [PID.7732]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe [649849] [PID.7480]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe [649849] [PID.5176]
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\FU4YJTB7LN\6QNMQZ9C8.exe [666624] [PID.4440]
[MD5.8EE3C2F98E987B4BACFB1EC31CFB5D6B] - (.HP Inc. - HP Support Solutions Framework Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656] [PID.4724] =>.HP Inc.®
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-5MRSC.tmp\eka0teczs0v.tmp [709632] [PID.5588]
[MD5.57739E742ABC085C2A4340D4404B4A8B] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544] [PID.4804] =>.Intel Corporation - Intel® Management Engine Firmware®
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.5808] =>.Intel Corporation - Intel® Management Engine Firmware®
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\ZCDV3PPRT8\6Z43YGEU9.exe [666624] [PID.4728]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe [649849] [PID.6112]
[MD5.3DE66F47365AA8CEB18B1EE272F4FEBA] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.4224] =>.Intel Corporation - Software and Firmware Products®
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-DAQUN.tmp\yeazwo2ie21.tmp [824320] [PID.6772]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe [649849] [PID.3572]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8SUP2.tmp\hqyejghdurc.tmp [824320] [PID.7120]
[MD5.0BC1B6E2B5C7B5731580B1C7FEC02946] - (.HP Inc. - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1459056] [PID.2624] =>.HP Inc.®
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\Y62LMJ6B01\EHDQ4SPSE.exe [666624] [PID.3136]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe [649849] [PID.2544]
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\HHDVUWO3MW\H4MNFV2OE.exe [666624] [PID.7760] =>Adware.Wizzcaster
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\RIO1WF5WR1\4FG87VWNF.exe [666624] [PID.8172] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-9JF3P.tmp\dtltwtzgl5m.tmp [824320] [PID.6600]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe [649849] [PID.3032]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe [649849] [PID.5196]
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\UKLSHLMZBX\UKLSHLMZB.exe [666624] [PID.6288] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe [649849] [PID.4152]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-CDRH2.tmp\dekwhl5vgam.tmp [824320] [PID.1984]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe [649849] [PID.6172]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3QLS8.tmp\yllru3pflga.tmp [824320] [PID.8104]
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\RIJN2Z22I4\RIJN2Z22I.exe [666624] [PID.6972] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-08ETE.tmp\yqe0tcfjxt5.tmp [824320] [PID.6336]
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\QUH4P9I665\QUH4P9I66.exe [666624] [PID.6592] =>Adware.Wizzcaster
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\LAPLRC4S52\AO2F7BHU4.exe [666624] [PID.3532] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe [649849] [PID.1136]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\YJGF46W1D.exe [666624] [PID.6832] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe [649849] [PID.8260]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe [649849] [PID.8296]
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\8RGCJQFNR7\6QNMQZ9C8.exe [666624] [PID.8304]
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\XOBDQ06VI9\4SZZP32FC.exe [666624] [PID.8412]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\OUN3UTN243\YJGF46W1D.exe [666624] [PID.8420] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-E6ILU.tmp\ogn1tdeg1us.tmp [824320] [PID.8428]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\51S1MQLHBR\YJGF46W1D.exe [666624] [PID.8500] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-CVDP1.tmp\p1fmt11huoa.tmp [824320] [PID.8512]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-OO8NQ.tmp\attdckaw0zq.tmp [824320] [PID.8528]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\B8NUC532C.exe [666624] [PID.8536] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe [649849] [PID.8632]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-D5BR1.tmp\nc3qoabjofh.tmp [824320] [PID.8664]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8JG67.tmp\1p2vimdsxsu.tmp [824320] [PID.8676]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\PZ77R66BSC\PZ77R66BS.exe [666624] [PID.8740] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-BFIDF.tmp\1inuwq4kulf.tmp [824320] [PID.8764]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe [649849] [PID.8772]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\0CC1QIJSJR\I4DC6UF1U.exe [666624] [PID.8804] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-VDPLR.tmp\av0sqaq5hgu.tmp [824320] [PID.8844]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\E97JWYQPWS\E97JWYQPW.exe [666624] [PID.8852] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3C8VN.tmp\xhohom1t3at.tmp [824320] [PID.8864]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\59FTT6TX6N\59FTT6TX6.exe [666624] [PID.8928] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe [649849] [PID.9084]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\NCS9KETNVR\NCS9KETNV.exe [666624] [PID.9112] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe [649849] [PID.8204]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\2B1ZGSCKRL\2B1ZGSCKR.exe [666624] [PID.3788] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe [649849] [PID.6428]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe [649849] [PID.7984]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe [649849] [PID.4384]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe [649849] [PID.1652]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-5JKL9.tmp\dixuqdtid4e.tmp [824320] [PID.2064]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\JSTAJHCVC7\JSTAJHCVC.exe [666624] [PID.1308] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-UR915.tmp\cgqzyhi5cxo.tmp [824320] [PID.1940]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\V2TI5WPWUS\V2TI5WPWU.exe [666624] [PID.8956] =>Adware.Wizzcaster
[MD5.D6AD42FC5F5A7AE097C066AF941E50A4] - (.TFIRB - TFIRB.) -- C:\Program Files\8VEUIXN1JS\8VEUIXN1J.exe [666624] [PID.9184] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-F7IKE.tmp\anw1bms3a5u.tmp [824320] [PID.4716]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe [649849] [PID.9124]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-PAK5L.tmp\bcbontrqplm.tmp [824320] [PID.8180]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe [649849] [PID.8556]
[MD5.D6AD42FC5F5A7AE097C066AF941E50A4] - (.TFIRB - TFIRB.) -- C:\Program Files\06UK5MMVGE\06UK5MMVG.exe [666624] [PID.7644] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-TVQJL.tmp\wosv1yqsgtq.tmp [824320] [PID.3868]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2M8O2.tmp\1nkcuqih1lx.tmp [824320] [PID.7368]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-IKBDD.tmp\eux052aj2af.tmp [824320] [PID.4624]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\J1EOM5NN6Q\J1EOM5NN6.exe [666624] [PID.7256] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe [649849] [PID.7272]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\9GC25M9TIX\9GC25M9TI.exe [666624] [PID.7424] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2SJI0.tmp\v3q3t3kent3.tmp [824320] [PID.3380]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe [649849] [PID.7316]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\Z2GOWJEWBY\Z2GOWJEWB.exe [666624] [PID.4356] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe [649849] [PID.2028]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-HL93T.tmp\jeoqe2kbshm.tmp [824320] [PID.904]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\KYOP6JTQ2X\KYOP6JTQ2.exe [666624] [PID.3292] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe [649849] [PID.7012]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-KNEQT.tmp\ol3ykb11yz0.tmp [824320] [PID.9000]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\tj1y4qjfl40\kphgkwekwqi.exe [649849] [PID.7136]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-DHE4H.tmp\eppo3rjjpkl.tmp [824320] [PID.7116]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-FMR77.tmp\14zlxlvo42z.tmp [824320] [PID.5044]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\04aeuoajoun\v5pmrklxd2q.exe [649849] [PID.1204]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-DTP00.tmp\kphgkwekwqi.tmp [824320] [PID.5584]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-QTGJM.tmp\v5pmrklxd2q.tmp [824320] [PID.7564]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\s4j33tkjzyi\suoj5nacpt3.exe [649849] [PID.8732]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\45B9CW055O\45B9CW055.exe [666624] [PID.5556]
[MD5.009DCC9D6C5D3A7AE9233D312CC10D2F] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe [18364648] [PID.3404] =>.Piriform Ltd®
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8V1EQ.tmp\421qmditfqu.tmp [824320] [PID.8940]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-DRQD5.tmp\mu3ew1mrmma.tmp [824320] [PID.5976]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\HIVZM3HMW6\HIVZM3HMW.exe [666624] [PID.1928]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-U9RPU.tmp\2cwdbdvmen1.tmp [824320] [PID.2980]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\8DNWW3JFF1\8DNWW3JFF.exe [666624] [PID.6440]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8F9GN.tmp\suoj5nacpt3.tmp [824320] [PID.8836]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\C99D02G16Q\C99D02G16.exe [666624] [PID.412]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-9Q4PV.tmp\hus24axk1n2.tmp [824320] [PID.4092]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\H61S1G0VCJ\H61S1G0VC.exe [666624] [PID.8244]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\ZAUCWF3FSP\ZAUCWF3FS.exe [666624] [PID.8688]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hkyqvziz52h\ly4jw3pesbz.exe [649849] [PID.4756]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-5K0FB.tmp\xqoymku0iwj.tmp [824320] [PID.6496]
[MD5.EE6BD1B477931DBE536AFCD340AC964D] - (.P - PYOLKB.) -- C:\Program Files\SY8JAW81NY\SY8JAW81N.exe [666624] [PID.4080]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-IOB3F.tmp\jdd4jgzocpd.tmp [824320] [PID.6120]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ziio5fseiew\iefk2almc02.exe [649849] [PID.8356]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\orqxm1vp1i2\3ltipqff222.exe [649849] [PID.6060]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4uobljvyp20\3svjlzre0lk.exe [649849] [PID.5852]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\qzxcr435qdn\npgodgvyy2q.exe [649849] [PID.8400]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-9EA1J.tmp\3svjlzre0lk.tmp [824320] [PID.1100]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\2223kxo4nxo\p13sj1bgnsd.exe [649849] [PID.216]
[MD5.EE6BD1B477931DBE536AFCD340AC964D] - (.P - PYOLKB.) -- C:\Program Files\EHDQ4SPSES\YA8RCURC7.exe [666624] [PID.2712]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3SAV9.tmp\3ltipqff222.tmp [824320] [PID.4868]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-NCI32.tmp\ly4jw3pesbz.tmp [824320] [PID.7292]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-5N500.tmp\iefk2almc02.tmp [824320] [PID.8288]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-BJN49.tmp\p13sj1bgnsd.tmp [824320] [PID.6100]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-35FI7.tmp\npgodgvyy2q.tmp [824320] [PID.1300]
[MD5.EE6BD1B477931DBE536AFCD340AC964D] - (.P - PYOLKB.) -- C:\Program Files\4QHNSKO4SB\OICO0NQOM.exe [666624] [PID.5028]
[MD5.EE6BD1B477931DBE536AFCD340AC964D] - (.P - PYOLKB.) -- C:\Program Files\VITRIQ0UIC\VITRIQ0UI.exe [666624] [PID.9436]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\bu4x2q1xvar\oc23htwzs54.exe [649849] [PID.9624]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-F27MN.tmp\oc23htwzs54.tmp [824320] [PID.10964]
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152] [PID.8276] =>.Adobe Systems, Incorporated®
[MD5.7B0E6628A721F35124B4B89227862465] - (...) -- C:\Program Files (x86)\lJFUJMGEHIE\IbMsfckEkU.exe [797696] [PID.3704]
[MD5.E3A5B4DAE2B5FCF5923C7B47382279CE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Boss\Desktop\ZHPDiag3.exe [3136384] [PID.10828] =>.Nicolas Coolman
---\\ CHROME, Démarrage, Recherche, Extensions (13) - 4s
G2 - GCE: Preference [Boss][User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides}
G2 - GCE: Preference [Boss][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [Boss][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [Boss][User Data\Default] [bbfneagfdkkcpjojiigmahjplnbppkff] =>.profiappsplus {Deadpool}
G2 - GCE: Preference [Boss][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [Boss][User Data\Default] [cbjeefngifhocofohcienokjdgeejaga]
G2 - GCE: Preference [Boss][User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets}
G2 - GCE: Preference [Boss][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Boss][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [Boss][User Data\Default] [pbdpajcdgknpendpmecafmopknefafha] browser_action:{default_icon:{18:images/icon-18.pn =>PUP.Optional.DefaultSearch
G2 - GCE: Preference [Boss][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [Boss][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\SystemTable =>.SUP.BrowserExtension
---\\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (13) - 19s
P2 - EXT FILE: (.Test Pilot - Help make Firefox better by running us.) -- C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\533yvpjo.default\extensions\testpilot@labs.mozilla.com.xpi =>.Test Pilot
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi =>PUP.Optional.YouTubeAdBlock
P2 - EXT: (.name:Quick Searcher - description:'Quick Searcher' extansion is used for.) -- C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\533yvpjo.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233 =>PUP.Optional.SuperFind
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll =>.Google Inc.
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll =>.Google Inc.
---\\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (21) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN80V5Qf4-sHUlvylceWGx8cDLZmWI4ZQarcjZbVdOwiHXDFJale-sgz3wUSpzpVw_pI7SgPJ15AhyoCoR9Pjp0lUn-c_l8PHs4YhQbtG9QPcc6o5Bn5Q1-TBOzS6IbxEdHv_p5Q_mnGgfNwBa-jF3gsLEQh19wHqxoXmRrOnLazcDDHEN40, =>.SUP.Linkury
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\\ INTERNET EXPLORER, Site de confiance et site sensible (2) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)
~ Microsoft Internet Explorer Restricted Site(s) EscDomains: 0(Good) / 0(Bad)
---\\ INTERNET EXPLORER,Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\\ INTERNET EXPLORER,IniFiles, Autoloading Programs (3) - 1s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ ÉTUDE DU FICHIER HOSTS (1) - 4s
~ Le fichier hôte est sain (The hosts file is clean) (2097169)
---\\ BROWSER HELPER OBJECT DE NAVIGATEUR (BHO) (2) - 1s
O2 - BHO: YoutubeAdBlock [64Bits] - {C0D38E5A-7CF8-4105-8FE8-31B81443A114} . (...) -- C:\Program Files (x86)\lJFUJMGEHIE\tFH1Gsq.dll =>PUP.Optional.YouTubeAdBlock
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.HP Inc. - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll =>.Hewlett-Packard Company®
---\\ RACCOURCIS GLOBAL STARTUP (90) - 41s
O4 - GS\Desktop [Administrateur]: Internet Download Manager.lnk . (...) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Desktop [Administrateur]: PandaViewer.lnk . (...) C:\Program Files (x86)\PandaViewer\PandaViewer.exe =>Hijacker.Browser
O4 - GS\Desktop [Administrateur]: PC COMPTA.lnk . (...) C:\Program Files (x86)\DLG\PCCOMPTA\PCCOMPTA.exe
O4 - GS\Desktop [Administrateur]: PCPAIE - Raccourci.lnk . (...) D:\partition D\DLG old\PCPAIE\PCPAIE.exe
O4 - GS\Desktop [Administrateur]: PCPAIE2014 - Raccourci.lnk . (...) C:\Program Files (x86)\DLG\PCPAIE2014\PCPAIE2014.exe
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Boss\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Quicklaunch [Administrateur]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\TaskBar [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe %SNF% =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrateur]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Startup [Administrateur]: rtugvirb.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Boss\AppData\Roaming\Microsoft\Windows\rtugvirb\urfwtcsb.exe" =>.Microsoft Corporation
O4 - GS\Programs [Administrateur]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Desktop [Boss]: Internet Download Manager.lnk . (...) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [Boss]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Desktop [Boss]: PandaViewer.lnk . (...) C:\Program Files (x86)\PandaViewer\PandaViewer.exe =>Hijacker.Browser
O4 - GS\Desktop [Boss]: PC COMPTA.lnk . (...) C:\Program Files (x86)\DLG\PCCOMPTA\PCCOMPTA.exe
O4 - GS\Desktop [Boss]: PCPAIE - Raccourci.lnk . (...) D:\partition D\DLG old\PCPAIE\PCPAIE.exe
O4 - GS\Desktop [Boss]: PCPAIE2014 - Raccourci.lnk . (...) C:\Program Files (x86)\DLG\PCPAIE2014\PCPAIE2014.exe
O4 - GS\Desktop [Boss]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Boss\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Boss]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Boss]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Quicklaunch [Boss]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\sendTo [Boss]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Boss]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Boss]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Boss]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\TaskBar [Boss]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\TaskBar [Boss]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe %SNF% =>.Mozilla Corporation®
O4 - GS\TaskBar [Boss]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Boss]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Startup [Boss]: rtugvirb.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Boss\AppData\Roaming\Microsoft\Windows\rtugvirb\urfwtcsb.exe" =>.Microsoft Corporation
O4 - GS\Programs [Boss]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Boss]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\CommonDesktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: DriversCloud.com - Démarrer la détection.lnk . (.CybelSoft - .) C:\Program Files (x86)\DriversCloud.com\MCDetection.exe =>.CybelSoft
O4 - GS\CommonDesktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Programs [Public]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\system32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut =>..Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Reader X.lnk . (...) C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico =>.Adobe Inc.
O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Security Client\msseces.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
---\\ MODIFICATION DOMAINE/ADRESSES (DNS) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.12.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{79BC4EF1-8EE7-40C1-B6F2-003C74ABCB1E}: NameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{2E4FE641-F2EB-47FE-A6D0-1BFAD1EA70AB}: DhcpNameServer = 192.168.12.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{6982C3E3-068E-456E-8331-B58652D0DEDF}: DhcpNameServer = 192.168.42.129 =>.Local IP Adress
---\\ PROTOCOLE ADDITIONNEL (23) - 4s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ REGISTRE AppInit_DLLs et Winlogon Notify (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Application d’ouverture de session Userinit.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
---\\ CLÉ DE REGISTRE D'EXTENSION IMAGE (7) - 1s
[HKEY_CLASSES_ROOT\.bmp]@="PandaViewer.bmp" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.gif]@="PandaViewer.gif" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.ico]@="PandaViewer.ico" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.jpe]@="PandaViewer.jpg" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.png]@="PandaViewer.png" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.tif]@="PandaViewer.tif" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.tiff]@="PandaViewer.tif" =>Hijacker.Browser
---\\ COMPOSANTS ACTIVESETUP INSTALLÉS (ASIC) (8) - 4s
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\Windows\System32\regsvr32.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\Installer\chrmstp.exe =>.Google Inc®
---\\ LOGICIELS INSTALLÉS (65) - 11s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Adobe Reader X (10.1.16) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: doPDF - (.Softland.) [HKLM][64Bits] -- {F0C22331-5394-41EB-9D8B-12335B36EEF0} =>.Softland
O42 - Logiciel: doPDF 8 - (.Softland.) [HKLM][64Bits] -- {c61b55b1-0524-4fc7-a4d2-6896ae2a2edb} =>.Softland S.R.L.®
O42 - Logiciel: DriversCloud.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {8A6F0F58-AE48-4F4C-A06F-C391AB17069C} =>.CybelSoft
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} =>.Hewlett-Packard Company
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {C9EF1AAF-B542-41C8-A537-1142DA5D4AEC} =>.Hewlett-Packard
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {79C54A05-F146-4EA0-8A70-D4EFE6181E52} =>.Hewlett-Packard Company
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {ED5CE45D-842B-4C18-A002-87E16EA39BB3} =>.Hewlett-Packard Company
O42 - Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent - (.Intel Corporation.) [HKLM][64Bits] -- {0EC7F9CC-4741-45AE-9F55-6E9343F726F5} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7} =>.Intel Corporation
O42 - Logiciel: Microsoft .NET Framework 4.5 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} =>.Microsoft Corporation
O42 - Logiciel: Microsoft .NET Framework 4.5 - (.Microsoft Corporation.) [HKLM][64Bits] -- {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0030-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- ENTERPRISE =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00BA-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {2AA3C13E-0531-41B8-AE48-AE28C940A809} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 - (.Microsoft Corporation.) [HKLM][64Bits] -- {e2803110-78b3-4664-a479-3611a381656a} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 - (.Microsoft Corporation.) [HKLM][64Bits] -- {69BCE4AC-9572-3271-A2FB-9423BDA36A43} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BBF2AC74-720C-3CB3-8291-5E34039232FA} =>.Microsoft Corporation
O42 - Logiciel: Mises à jour NVIDIA 10.11.15 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: Mozilla Firefox 60.0.2 (x64 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 60.0.2 (x64 fr) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: novaPDF 8 add-in for Microsoft Office (x64) - (.Softland.) [HKLM][64Bits] -- {9F3FFB12-258E-4BB1-8576-FB5F1F1E039E} =>.Softland
O42 - Logiciel: novaPDF 8 add-in for Microsoft Office (x86) - (.Softland.) [HKLM][64Bits] -- {7C972E62-BC1F-4D1C-BB95-FDB648EF6213} =>.Softland
O42 - Logiciel: novaPDF 8 Printer Driver - (.Softland.) [HKLM][64Bits] -- {69EF6EE5-3506-4E51-B51D-AFEBBC2EDC33} =>.Softland
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Optimus Update 10.11.15 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote graphique 332.21 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: PandaViewer - (..) [HKLM][64Bits] -- PandaViewer =>Hijacker.Browser
O42 - Logiciel: Panneau de configuration NVIDIA 332.21 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: PCCOMPTA Windows - (..) [HKLM][64Bits] -- PCCOMPTA Windows
O42 - Logiciel: PCPaie Windows - (..) [HKLM][64Bits] -- PCPaie Windows
O42 - Logiciel: Print to PDF - (.Free PDF Solutions.) [HKLM][64Bits] -- Print to PDF =>.Free PDF Solutions
O42 - Logiciel: RevServicesX - (.SystemaRev.) [HKLM][64Bits] -- {596F190F-D3C3-40F0-8013-E6E012476226} =>Trojan.Agent
O42 - Logiciel: Skype™ 7.40 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A.
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 5.40 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: YoutubeAdBlock - (.Company Inc..) [HKLM][64Bits] -- 1655C0CA-7AE7-4012-8502-970C8675E5F8 =>PUP.Optional.YouTubeAdBlock
---\\ CLÉ DE REGISTRE SOFTWARE HKCU & HKLM (104) - 11s
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com =>Toolbar.Ask
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com =>PUP.Optional.Legacy
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Caphyon =>.Caphyon
HKLM\SOFTWARE\EllionSoftware
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\LogMeInRescueCallingCard =>.LogMeIn Entreprise
HKLM\SOFTWARE\LogMeInRescueCallingCards =>.LogMeIn Entreprise
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\PandaViewer =>Hijacker.Browser
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\Caphyon =>.Caphyon
HKLM\SOFTWARE\WOW6432Node\EllionSoftware
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\WOW6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\LogMeInRescueCallingCard =>.LogMeIn Entreprise
HKLM\SOFTWARE\WOW6432Node\LogMeInRescueCallingCards =>.LogMeIn Entreprise
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\PandaViewer =>Hijacker.Browser
HKLM\SOFTWARE\WOW6432Node\Skype =>.Skype
HKLM\SOFTWARE\WOW6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\WOW6432Node\Wow6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\7-Zip =>.Igor Pavlov
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\BitTorrent =>.BitTorrent (P2P)
HKCU\SOFTWARE\Canon =>.Canon
HKCU\SOFTWARE\drpsu =>.Driver PackSolution
HKCU\SOFTWARE\FastDataX =>Adware.FastDataX
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\mtKipolam =>PUP.Optional.Salus
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\One System Care =>PUP.Optional.OneSystemCare
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\ProtectedStorage =>.Microsoft Corporation
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Rtp =>.RTP Software
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\skypeapp-6ffaaaea86e4 =>.Skype Technologies
HKCU\SOFTWARE\Softland =>.Softland
HKCU\SOFTWARE\System Healer =>.SUP.SystemHealer
HKCU\SOFTWARE\WidModule
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKU\.DEFAULT\SOFTWARE\Caphyon =>.Caphyon
HKU\.DEFAULT\SOFTWARE\Piriform =>.Piriform
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\7-Zip =>.Igor Pavlov
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Adobe =>.Adobe
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\BitTorrent =>.BitTorrent (P2P)
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Canon =>.Canon
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\drpsu =>.Driver PackSolution
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\FastDataX =>Adware.FastDataX
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Google =>.Google
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\IM Providers =>.IM Providers
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Intel =>.Intel
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Mozilla =>.Mozilla
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\mtKipolam =>PUP.Optional.Salus
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Netscape =>.Netscape
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\One System Care =>PUP.Optional.OneSystemCare
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Piriform =>.Piriform
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\ProtectedStorage =>.Microsoft Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Rtp =>.RTP Software
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Skype =>.Skype
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\skypeapp-6ffaaaea86e4 =>.Skype Technologies
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Softland =>.Softland
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\System Healer =>.SUP.SystemHealer
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\WidModule
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\WinRAR =>.WinRAR
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\ZHP =>.Nicolas Coolman
---\\ CONTENU DES DOSSIERS PROGRAMMES (387) - 34s
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\06UK5MMVGE =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\0CC1QIJSJR =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\0IP40NNURL =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\14P4OZRKBQ =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\23L6WSE3LA =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\2B1ZGSCKRL =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\45B9CW055O =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\4N2XTR691F =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\4QHNSKO4SB =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\4RJYZ4FLY1 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\51S1MQLHBR =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\59FTT6TX6N =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\7KV3ACDMTO =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\8DNWW3JFF1 =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\8RGCJQFNR7 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\8VEUIXN1JS =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\9GC25M9TIX =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\BCQQKEZTW6 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\C99D02G16Q =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\CXFWDCVC0N =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\CXHFGDRXAY =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\DKQ9ELO4CM =>Adware.Wizzcaster
O43 - CFD: 08/12/2015 - [] D -- C:\Program Files\DriversCloud.com =>.Cybelsoft
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\DS5T3AGQR6 =>Adware.Wizzcaster
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\DZVTM5DNXU =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\E97JWYQPWS =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\EF044BI1YY =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\EHDQ4SPSES =>Adware.Wizzcaster
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Program Files\Fichiers communs =>.Microsoft Corporation
O43 - CFD: 06/06/2018 - [] D -- C:\Program Files\Free PDF Solutions =>.Free PDF Solutions
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\FU4YJTB7LN =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\G4WLOFJRI0 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\H61S1G0VCJ =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\HHDVUWO3MW =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\HIVZM3HMW6 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\I36D8XOVVL =>Adware.Wizzcaster
O43 - CFD: 22/02/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\IY73DZJN1A =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\J1EOM5NN6Q =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\JF5F9TWOH8 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\JSTAJHCVC7 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\KYOP6JTQ2X =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\L44YZJEUTA =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\LAPLRC4S52 =>Adware.Wizzcaster
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Microsoft Security Client =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\MOUNR5U7CO =>Adware.Wizzcaster
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\N9TSKY2Y0Q =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\NCS9KETNVR =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\NT1O3SDMJG =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\NTXTULCS13 =>Adware.Wizzcaster
O43 - CFD: 29/01/2015 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\O8SRM406DJ =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\OUN3UTN243 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\PFHWAKCNX2 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\PZ77R66BSC =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Q8BSUMTKUH =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\QJTK9S03AG =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\QUH4P9I665 =>Adware.Wizzcaster
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\RIJN2Z22I4 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\RIO1WF5WR1 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\S5ZFI3L184 =>Adware.Wizzcaster
O43 - CFD: 14/06/2017 - [] D -- C:\Program Files\Softland =>.Softland S.R.L.®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Spot Arabic - Volume
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\SY8JAW81NY =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\SystemaRev =>Trojan.Agent
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\TTI498IUP7 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\UEP61973CJ =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\UKLSHLMZBX =>Adware.Wizzcaster
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\V2TI5WPWUS =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\VITRIQ0UIC =>Adware.Wizzcaster
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Wevice a Art Home Simulator
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Journal =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\XBZEUQP4OX =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\XOBDQ06VI9 =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\Y62LMJ6B01 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\YAJ04LFD3P =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Z2GOWJEWBY =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\ZAUCWF3FSP =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\ZCDV3PPRT8 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\ZGA9EUB06A =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\AAAZZZ
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files (x86)\DLG
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\EgDGbQEiU
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 08/12/2015 - [] D -- C:\Program Files (x86)\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\ijcQGTqqPStU2
O43 - CFD: 08/12/2015 - [0] D -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 22/02/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\iRmKFyAZyPUn
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\lJFUJMGEHIE
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\Microsoft Security Client =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Works =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 13/06/2018 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
O43 - CFD: 13/06/2018 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 29/01/2015 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\OneSystemCare =>PUP.Optional.OneSystemCare
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\OxoywZINBbQwrioRGrR
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\PandaViewer =>Hijacker.Browser
O43 - CFD: 06/06/2018 - [] D -- C:\Program Files (x86)\Print to PDF
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 27/12/2017 - [] RD -- C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 14/06/2017 - [] D -- C:\Program Files (x86)\Softland =>.Softland
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\wCCFxMJCsZmzC
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\WeatherInspect =>Adware.WeatherInspect
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 8
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com =>.Cybelsoft
O43 - CFD: 12/04/2011 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support =>.Hewlett-Packard
O43 - CFD: 22/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a =>Adware.Suspect
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\959924f715474eb48b64e9340ac14260 =>Adware.Suspect
O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\bcc7fe86-3d51-1 =>.SUP.Polluteware
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\bcc7fe86-65b3-0 =>.SUP.Polluteware
O43 - CFD: 22/01/2015 - [0] SHD -- C:\ProgramData\Bureau =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\DriversCloud.com =>.Cybelsoft
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5 =>Adware.Suspect
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\ellfService
O43 - CFD: 22/01/2015 - [0] SHD -- C:\ProgramData\Favoris =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 16/11/2017 - [] D -- C:\ProgramData\HP =>.Hewlett-Packard
O43 - CFD: 22/02/2017 - [] D -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\Kipolams =>PUP.Optional.Salus
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler
O43 - CFD: 22/01/2015 - [0] SHD -- C:\ProgramData\Menu Démarrer =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [0] SHD -- C:\ProgramData\Modèles =>.Microsoft Corporation
O43 - CFD: 02/02/2015 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 29/01/2015 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\PrefsSecure =>PUP.Optional.LogicHandler
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\regid.2008-09.org.wixtoolset
O43 - CFD: 27/12/2017 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\Softland =>.Softland
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\SystemaRev =>Trojan.Agent
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\XjOPTLXDzAynQaVB
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\yahoochrome_D
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\Common Files\Dripeco
O43 - CFD: 29/01/2015 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 22/02/2017 - [] D -- C:\Program Files (x86)\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 27/12/2017 - [] D -- C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\04aeuoajoun =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\1dwh4smffbu =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\1f13avwhh05 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\2223kxo4nxo =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\2qv0nhxhj2l
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\2ujednyxx02
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\314167cb8d0b4418a5cdad8e89a566ad
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\3oiiusgh5zi =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\42fc1tjzhvz
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4uobljvyp20 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4wbzgfrmjm0 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\5bqyzsnppie =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\5jqaxe4cvws =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k =>Heuristic.Wizzcaster
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\b5zczcwd5r1 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\bu4x2q1xvar =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\campugwkwrr =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g =>Heuristic.Wizzcaster
O43 - CFD: 31/12/2017 - [] D -- C:\Users\Boss\AppData\Roaming\dvdcss =>.VideoLan Team
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\dzccmget4xj =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\e4txmzljswu
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\f4u2nwwd10e =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\fygjhctaglt =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\g4lp2hox3br
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ghq200jfphj =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\gjxgeeozgjj
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Google =>.Google
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\h1x0jjgthyx =>Heuristic.Wizzcaster
O43 - CFD: 08/12/2015 - [] D -- C:\Users\Boss\AppData\Roaming\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\hkyqvziz52h =>Heuristic.Wizzcaster
O43 - CFD: 08/12/2015 - [] D -- C:\Users\Boss\AppData\Roaming\hpqLog =>.Hewlett-Packard
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\hthbwdvliem =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\hufopmim0n1 =>Heuristic.Wizzcaster
O43 - CFD: 22/01/2015 - [] D -- C:\Users\Boss\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\iesdjzopjee =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ikwuwroponc =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\jum1zmblfzl =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\kjpv0u3evzr
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\kmqvgrjqtcv =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri =>Heuristic.Wizzcaster
O43 - CFD: 12/04/2011 - [0] D -- C:\Users\Boss\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] SD -- C:\Users\Boss\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 20/11/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\ndj4uhgtdll
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\oa4akpueryt
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ojuozu0x55w =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\OneSystemCare =>PUP.Optional.OneSystemCare
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\orqxm1vp1i2 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\ozserobfu45
O43 - CFD: 19/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\ptnwrtotz2q
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\pwdrrt1gd4q
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\qjwp1325mta
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\qzxcr435qdn =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\rdrkuysirug =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\s4j33tkjzyi =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3 =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\Skype =>.Skype
O43 - CFD: 14/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Softland =>.Softland
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\somuag4lpqa
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\spofpkstogu =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\SystemaRev
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\SystemHealer =>.SUP.SystemHealer
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\tj1y4qjfl40 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\tjvhtoanwzq =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\u1e0ztuan3v =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\umxzcepm40l =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ut0azqixun3 =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\uTorrent
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\uvw23vzcrh2 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\veiqtizootd
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vncargfxseo =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vsfgt0n5o55 =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\w3nmtqzva4g =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\WidModule
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\x133d1xorzs =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\x411pezscl5 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\xxhnil03dam
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zef1bsflj1d =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ziio5fseiew =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2017 - [] D -- C:\Users\Boss\AppData\Local\Adobe =>.Adobe
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Boss\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/02/2017 - [] D -- C:\Users\Boss\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 22/02/2017 - [0] D -- C:\Users\Boss\AppData\Local\Deployment =>.Microsoft Corporation
O43 - CFD: 06/05/2018 - [0] D -- C:\Users\Boss\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 21/05/2018 - [] D -- C:\Users\Boss\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Local\FastDataX =>Adware.FastDataX
O43 - CFD: 22/02/2017 - [] D -- C:\Users\Boss\AppData\Local\Google =>.Google
O43 - CFD: 09/10/2017 - [] D -- C:\Users\Boss\AppData\Local\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Boss\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 17/04/2018 - [] D -- C:\Users\Boss\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 13/06/2017 - [] D -- C:\Users\Boss\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 08/03/2017 - [] D -- C:\Users\Boss\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 14/06/2017 - [] D -- C:\Users\Boss\AppData\Local\Startup =>.Microsoft Corporation
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Boss\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 13/06/2018 - [] D -- C:\Users\Boss\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Local\WhiteClick
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 08/03/2017 - [0] D -- C:\Users\Boss\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\LocalLow\agmSoNKAoyIez
O43 - CFD: 08/06/2017 - [] SHD -- C:\Users\Boss\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 06/06/2018 - [] D -- C:\Users\Boss\AppData\LocalLow\Temp =>.Microsoft Corporation
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\LocalLow\uTorrent
O43 - CFD: 11/06/2018 - [] D -- C:\Users\Boss\Desktop\01-2018
O43 - CFD: 08/05/2018 - [] D -- C:\Users\Boss\Desktop\03-2018
O43 - CFD: 30/05/2018 - [] D -- C:\Users\Boss\Desktop\04-2018
O43 - CFD: 11/06/2018 - [] D -- C:\Users\Boss\Desktop\05-2018
O43 - CFD: 13/11/2017 - [] D -- C:\Users\Boss\Desktop\09-2017
O43 - CFD: 13/11/2017 - [] D -- C:\Users\Boss\Desktop\10-2017
O43 - CFD: 28/12/2017 - [] D -- C:\Users\Boss\Desktop\11-2017
O43 - CFD: 25/04/2018 - [] D -- C:\Users\Boss\Desktop\ACAB
O43 - CFD: 10/04/2018 - [] D -- C:\Users\Boss\Desktop\COMPT 2017
O43 - CFD: 11/07/2017 - [] D -- C:\Users\Boss\Desktop\das cnas 2017
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\Desktop\DGE CRCC LTD
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\Desktop\div
O43 - CFD: 17/01/2018 - [] D -- C:\Users\Boss\Desktop\med
O43 - CFD: 08/05/2018 - [] D -- C:\Users\Boss\Desktop\musiq
O43 - CFD: 22/02/2017 - [] D -- C:\Users\Boss\Desktop\Programs =>.Microsoft Corporation
O43 - CFD: 30/05/2018 - [] D -- C:\Users\Boss\Desktop\SAID PARTAGE
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\Desktop\SALAIRES MN4
O43 - CFD: 22/02/2017 - [] AD -- C:\Users\Boss\Desktop\Windows Loader
O43 - CFD: 05/12/2017 - [] D -- C:\Users\Boss\Desktop\ZIP 11-2017
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [] RD -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCCOMPTA
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCPaie Windows
O43 - CFD: 06/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Print to PDF
O43 - CFD: 19/06/2018 - [] RD -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Default\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Default User\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 14/07/2009 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
---\\ DERNIERS FICHIERS CRÉÉS DANS WINDOWS Prefetcher (16) - 28s
O45 - LFCP:[MD5.15A66DEEDE098C34FA8A24CFEDEA9EF2] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.EXE-7D2D190F.pf =>Adware.FastDataX
O45 - LFCP:[MD5.244B948E4A802EB4F9A5537F8CD74E26] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.EXE-DEEE196E.pf =>Adware.FastDataX
O45 - LFCP:[MD5.E7FD38127017744BDDAC8B054CF01330] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.EXE-FF471559.pf =>Adware.FastDataX
O45 - LFCP:[MD5.760848F14C5A52004956ED7DF5B699D3] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.TMP-6817B8B7.pf =>Adware.FastDataX
O45 - LFCP:[MD5.56F0A4993E78D10A42891FCE3824FB71] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.TMP-9EB58A95.pf =>Adware.FastDataX
O45 - LFCP:[MD5.1637008E26442DB2BC600FFE600C6F1B] 18/06/2018 A -- C:\Windows\Prefetch\KIPOLAM.EXE-9BEC3F70.pf =>PUP.Optional.Salus
O45 - LFCP:[MD5.3BB64AEB9D61A3CB20E99F9E49E19E43] 18/06/2018 A -- C:\Windows\Prefetch\KMSPICO_11_FINAL_OFFICE_AND_W-2D5B9CBE.pf =>HackTool.KMSpico
O45 - LFCP:[MD5.7B7A1FD983AF69692FBA2A210BB55627] 18/06/2018 A -- C:\Windows\Prefetch\KMSPICO_11_FINAL_OFFICE_AND_W-D2E6AA36.pf =>HackTool.KMSpico
O45 - LFCP:[MD5.D792060A4BACF9E3E685484BFACCEC32] 18/06/2018 A -- C:\Windows\Prefetch\ONESYSTEMCARE.EXE-4F3801FB.pf =>PUP.Optional.OneSystemCare
O45 - LFCP:[MD5.E43B7B9B44800F0AED12EC823A62E05A] 18/06/2018 A -- C:\Windows\Prefetch\ONESYSTEMCARE.TMP-09513D4F.pf =>PUP.Optional.OneSystemCare
O45 - LFCP:[MD5.AC7C642DDEBCC12BB53ABEFCF3929129] 18/06/2018 A -- C:\Windows\Prefetch\ONESYSTEMCARE.TMP-D3A875F2.pf =>PUP.Optional.OneSystemCare
O45 - LFCP:[MD5.D9C396F046561809EDBDA10784071D8D] 18/06/2018 A -- C:\Windows\Prefetch\SAFEFINDER.EXE-F3546BAC.pf =>PUP.Optional.SmartBar
O45 - LFCP:[MD5.5DCC736EC2C0B6B46D8E487C516D7C82] 18/06/2018 A -- C:\Windows\Prefetch\SPEEDYCAR.EXE-20F7BE19.pf =>Adware.ICLoader
O45 - LFCP:[MD5.427B0B768592685B636B9E7B59045751] 18/06/2018 A -- C:\Windows\Prefetch\SPEEDYCAR.TMP-C0D9C5BE.pf =>Adware.ICLoader
O45 - LFCP:[MD5.1BE38DA4A70328494AF055BDBA393603] 18/06/2018 A -- C:\Windows\Prefetch\WEATHERINSPECT.EXE-B6C3320F.pf =>Adware.WeatherInspect
O45 - LFCP:[MD5.B26B2F5DF30BB50C78E4D492206853A5] 18/06/2018 A -- C:\Windows\Prefetch\WEATHERINSPECT.TMP-1B0D02DD.pf =>Adware.WeatherInspect
---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ RACCOURCIS DES MENUS CONCEPTUELS (SCMH) (34) - 1s
O108 - CMH1: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Porte-documents Windows.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- c:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation®
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH1: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH2: Compatibility [64Bits] - {1d27f844-3a1f-4410-85ac-14651078412d} . (.Microsoft Corporation - Bibliothèque d’extension de l’onglet Compat.) -- C:\Windows\System32\acppage.dll =>.Microsoft Corporation
O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\system32\nv3dappshext.dll =>.NVIDIA Corporation
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\system32\nv3dappshext.dll =>.NVIDIA Corporation
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH3: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- c:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH5: Gadgets [64Bits] - {6B9228DA-9C15-419e-856C-19E768A13BDC} . (.Microsoft Corporation - Zone de déposé du Volet Windows.) -- C:\Program Files\Windows Sidebar\sbdrop.dll =>.Microsoft Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\Windows\System32\nvshext.dll =>.NVIDIA Corporation
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH6: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Porte-documents Windows.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH6: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- c:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ ÉNUMÉRATION DES CLÉS StartupReg (1) - 1s
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] [64Bits] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
---\\ LISTE DES PILOTES DU SYSTÈME (50) - 16s
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2010/11/21 04:23:47 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2010/11/21 04:23:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2014/01/09 04:13:50 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athrx.sys [4043776] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2013/01/23 15:57:32 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [64624] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2010/11/21 04:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2010/11/21 04:23:47 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2013/08/24 12:42:48 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4155904] =>.Intel Corporation
O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2013/12/10 13:15:46 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [795632] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2013/12/19 21:33:31 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [12645664] =>.NVIDIA Corporation®
O58 - SDL:2013/12/19 21:33:31 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvpciflt.sys [32544] =>.NVIDIA Corporation®
O58 - SDL:2010/11/21 04:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2010/11/21 04:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2013/12/18 08:34:38 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [888536] =>.Realtek Semiconductor Corp®
O58 - SDL:2014/01/03 13:08:00 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsP2Stor.sys [291544] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Rovi Corporation
O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2017/02/22 15:15:28 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
---\\ DERNIERS FICHIERS MODIFIÉS OU CRÉÉS (Utilisateur) (122) - 182s
O61 - LFC: 2018/06/18 11:35:24 A . (..) -- C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a\HandlerExecution.exe [8192]
O61 - LFC: 2018/06/18 11:35:27 A . (..) -- C:\ProgramData\959924f715474eb48b64e9340ac14260\HandlerExecution.exe [8192]
O61 - LFC: 2018/06/18 11:35:25 A . (..) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\HandlerExecution.exe [8192]
O61 - LFC: 2018/06/18 12:47:21 A . (.Copyright.) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\QHOICKXWPX.exe [498688]
O61 - LFC: 2018/06/18 11:53:20 A . (..) -- C:\ProgramData\ellfService\ellfService.exe [1131728] {00BA10A33204664713A8690A55F0AD7176} =>PUP.Optional.Youndoo
O61 - LFC: 2018/06/18 11:08:59 A . (..) -- C:\ProgramData\Logic Cramble\set.exe [3780096]
O61 - LFC: 2018/06/18 12:07:04 A . (..) -- C:\ProgramData\PrefsSecure\Nettrans.exe [43520]
O61 - LFC: 2018/05/21 11:17:18 A . (.PandaViewer.) -- C:\ProgramData\yahoochrome_D\desktop186.exe [517432] =>Hijacker.Browser
O61 - LFC: 2018/06/18 11:26:44 A . (..) -- C:\Users\Boss\AppData\Local\HotPlus.exe [1810944]
O61 - LFC: 2018/06/18 12:45:56 A . (..) -- C:\Users\Boss\AppData\Local\Temp\0mbt13mvk4y\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 15:26:35 A . (..) -- C:\Users\Boss\AppData\Local\Temp\0ryrruh5zfe\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:10:40 A . (.BANANA SUMMER LIMITED.) -- C:\Users\Boss\AppData\Local\Temp\1529320211SEdtmpdown.exe [1537784] =>Hijacker.Browser
O61 - LFC: 2018/06/18 18:04:57 A . (.BANANA SUMMER LIMITED.) -- C:\Users\Boss\AppData\Local\Temp\1529341436SEdtmpdown.exe [1537784] =>Hijacker.Browser
O61 - LFC: 2018/06/18 18:03:56 A . (..) -- C:\Users\Boss\AppData\Local\Temp\1wvx0yrz0ux\bpma.exe [195896] =>Hijacker.Browser
O61 - LFC: 2018/06/18 12:10:11 A . (..) -- C:\Users\Boss\AppData\Local\Temp\24exud4y45c\bpma.exe [195896] =>Hijacker.Browser
O61 - LFC: 2018/06/18 14:58:10 A . (..) -- C:\Users\Boss\AppData\Local\Temp\2rntpivkock\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:51:49 A . (..) -- C:\Users\Boss\AppData\Local\Temp\4dryecph.pl3\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:08:22 A . (..) -- C:\Users\Boss\AppData\Local\Temp\4qe1dj5g.xzg\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:54:59 A . (..) -- C:\Users\Boss\AppData\Local\Temp\5iypip51.orr\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/19 10:08:58 A . (..) -- C:\Users\Boss\AppData\Local\Temp\auwj3tr3jpd\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:54:00 A . (..) -- C:\Users\Boss\AppData\Local\Temp\but-setup-9.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/19 10:08:52 A . (..) -- C:\Users\Boss\AppData\Local\Temp\bwaetixbo0o\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 18:05:06 A . (..) -- C:\Users\Boss\AppData\Local\Temp\c4t5kqobmri\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:28:59 A . (..) -- C:\Users\Boss\AppData\Local\Temp\fastdatax.exe [1549592] =>Adware.FastDataX
O61 - LFC: 2018/06/18 12:48:55 A . (..) -- C:\Users\Boss\AppData\Local\Temp\l1jue0ut.mln\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 15:26:32 A . (..) -- C:\Users\Boss\AppData\Local\Temp\nlrcvtp5lfp\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:07:28 A . (..) -- C:\Users\Boss\AppData\Local\Temp\rwlx2lgh.qlu\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:45:58 A . (..) -- C:\Users\Boss\AppData\Local\Temp\tlnd3xc23sq\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:52:53 A . (..) -- C:\Users\Boss\AppData\Local\Temp\vquhhqu4.fk1\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:07:20 A . (..) -- C:\Users\Boss\AppData\Local\Temp\wav23tlp.gsa\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:10:27 A . (..) -- C:\Users\Boss\AppData\Local\Temp\ws0vfoosmrz\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 17:34:11 A . (..) -- C:\Users\Boss\AppData\Local\Temp\ws5jik2ioa1\bpma.exe [195896] =>Hijacker.Browser
O61 - LFC: 2018/06/18 18:04:50 A . (..) -- C:\Users\Boss\AppData\Local\Temp\y2xfsjyikxa\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:10:36 A . (..) -- C:\Users\Boss\AppData\Local\Temp\zp1heo1434c\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 16:37:24 A . (..) -- C:\Users\Boss\AppData\Roaming\04aeuoajoun\v5pmrklxd2q.exe [649849]
O61 - LFC: 2018/06/18 15:03:30 A . (..) -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe [649849]
O61 - LFC: 2018/06/18 14:36:13 A . (..) -- C:\Users\Boss\AppData\Roaming\1dwh4smffbu\hcmkjywv1kt.exe [0]
O61 - LFC: 2018/06/18 16:27:53 A . (..) -- C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe [649849]
O61 - LFC: 2018/06/18 12:46:36 A . (..) -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe [649849]
O61 - LFC: 2018/06/18 17:36:25 A . (..) -- C:\Users\Boss\AppData\Roaming\2223kxo4nxo\p13sj1bgnsd.exe [649849]
O61 - LFC: 2018/06/18 11:35:29 A . (..) -- C:\Users\Boss\AppData\Roaming\314167cb8d0b4418a5cdad8e89a566ad\HandlerExecution.exe [8192]
O61 - LFC: 2018/06/18 11:45:54 A . (..) -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe [649849]
O61 - LFC: 2018/06/19 10:08:09 A . (..) -- C:\Users\Boss\AppData\Roaming\3oiiusgh5zi\mxq55nft3no.exe [503731]
O61 - LFC: 2018/06/18 11:46:15 A . (..) -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe [649849]
O61 - LFC: 2018/06/18 12:16:23 A . (..) -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe [649849]
O61 - LFC: 2018/06/18 17:35:31 A . (..) -- C:\Users\Boss\AppData\Roaming\4uobljvyp20\3svjlzre0lk.exe [649849]
O61 - LFC: 2018/06/18 14:35:41 A . (..) -- C:\Users\Boss\AppData\Roaming\4wbzgfrmjm0\30icqzgwj4v.exe [0]
O61 - LFC: 2018/06/18 12:15:08 A . (..) -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe [649849]
O61 - LFC: 2018/06/18 14:35:21 A . (..) -- C:\Users\Boss\AppData\Roaming\5bqyzsnppie\2ru0tdzpkbi.exe [0]
O61 - LFC: 2018/06/19 10:07:36 A . (..) -- C:\Users\Boss\AppData\Roaming\5jqaxe4cvws\pgtmsxmxa4t.exe [503731]
O61 - LFC: 2018/06/18 12:36:19 A . (..) -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe [649849]
O61 - LFC: 2018/06/18 13:23:42 A . (..) -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe [649849]
O61 - LFC: 2018/06/18 11:43:16 A . (..) -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe [649849]
O61 - LFC: 2018/06/18 14:35:26 A . (..) -- C:\Users\Boss\AppData\Roaming\b5zczcwd5r1\oozsrf2soko.exe [0]
O61 - LFC: 2018/06/18 18:04:55 A . (..) -- C:\Users\Boss\AppData\Roaming\bu4x2q1xvar\oc23htwzs54.exe [649849]
O61 - LFC: 2018/06/18 13:22:59 A . (..) -- C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe [649849]
O61 - LFC: 2018/06/18 12:09:15 A . (..) -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe [649849]
O61 - LFC: 2018/06/18 14:34:02 A . (..) -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe [649849]
O61 - LFC: 2018/06/18 13:00:15 A . (..) -- C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe [649849]
O61 - LFC: 2018/06/18 14:35:47 A . (..) -- C:\Users\Boss\AppData\Roaming\f4u2nwwd10e\mxxtve5tigy.exe [0]
O61 - LFC: 2018/06/18 12:09:24 A . (..) -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe [649849]
O61 - LFC: 2018/06/19 10:08:21 A . (..) -- C:\Users\Boss\AppData\Roaming\fygjhctaglt\eka0teczs0v.exe [503731]
O61 - LFC: 2018/06/18 14:56:44 A . (..) -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe [649849]
O61 - LFC: 2018/06/18 15:04:08 A . (..) -- C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe [649849]
O61 - LFC: 2018/06/18 13:24:04 A . (..) -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe [649849]
O61 - LFC: 2018/06/18 14:36:20 A . (..) -- C:\Users\Boss\AppData\Roaming\h1x0jjgthyx\mzvjh1q2ano.exe [0]
O61 - LFC: 2018/06/18 16:39:23 A . (..) -- C:\Users\Boss\AppData\Roaming\hkyqvziz52h\ly4jw3pesbz.exe [649849]
O61 - LFC: 2018/06/18 12:16:09 A . (..) -- C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe [649849]
O61 - LFC: 2018/06/18 13:24:03 A . (..) -- C:\Users\Boss\AppData\Roaming\hufopmim0n1\av0sqaq5hgu.exe [649849]
O61 - LFC: 2018/06/18 16:37:49 A . (..) -- C:\Users\Boss\AppData\Roaming\iesdjzopjee\hus24axk1n2.exe [649849]
O61 - LFC: 2018/06/18 14:35:15 A . (..) -- C:\Users\Boss\AppData\Roaming\ikwuwroponc\mbipioegc2z.exe [0]
O61 - LFC: 2018/06/18 15:04:20 A . (..) -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe [649849]
O61 - LFC: 2018/06/18 16:30:02 A . (..) -- C:\Users\Boss\AppData\Roaming\jum1zmblfzl\mu3ew1mrmma.exe [649849]
O61 - LFC: 2018/06/18 15:31:49 A . (..) -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe [649849]
O61 - LFC: 2018/06/18 14:36:03 A . (..) -- C:\Users\Boss\AppData\Roaming\kmqvgrjqtcv\3amwpavvvqv.exe [0]
O61 - LFC: 2018/06/18 14:34:07 A . (..) -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe [649849]
O61 - LFC: 2018/06/18 16:32:19 A . (..) -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe [649849]
O61 - LFC: 2018/06/18 13:23:20 A . (..) -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe [649849]
O61 - LFC: 2018/06/18 11:45:36 A . (..) -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe [649849]
O61 - LFC: 2018/06/18 16:31:43 A . (..) -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe [649849]
O61 - LFC: 2018/06/18 13:06:01 A . (..) -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe [649849]
O61 - LFC: 2018/06/19 10:08:18 A . (..) -- C:\Users\Boss\AppData\Roaming\ojuozu0x55w\hiedbulpww1.exe [503731]
O61 - LFC: 2018/06/18 17:35:28 A . (..) -- C:\Users\Boss\AppData\Roaming\orqxm1vp1i2\3ltipqff222.exe [649849]
O61 - LFC: 2018/06/18 13:23:43 A . (..) -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe [649849]
O61 - LFC: 2018/06/18 17:35:46 A . (..) -- C:\Users\Boss\AppData\Roaming\qzxcr435qdn\npgodgvyy2q.exe [649849]
O61 - LFC: 2018/06/19 10:08:02 A . (..) -- C:\Users\Boss\AppData\Roaming\rdrkuysirug\3bncm4l4241.exe [503731]
O61 - LFC: 2018/06/18 14:56:02 A . (..) -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe [649849]
O61 - LFC: 2018/06/18 16:37:43 A . (..) -- C:\Users\Boss\AppData\Roaming\s4j33tkjzyi\suoj5nacpt3.exe [649849]
O61 - LFC: 2018/06/18 13:02:45 A . (..) -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe [649849]
O61 - LFC: 2018/06/18 14:35:42 A . (..) -- C:\Users\Boss\AppData\Roaming\spofpkstogu\piwulaxn5fs.exe [0]
O61 - LFC: 2018/06/18 13:02:47 A . (..) -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe [649849]
O61 - LFC: 2018/06/16 22:00:37 A . (..) -- C:\Users\Boss\AppData\Roaming\SystemaRev\RevServicesX 4.0.10\install\2476226\app.exe [3822592]
O61 - LFC: 2018/06/17 01:57:59 A . (.SystemaRev.) -- C:\Users\Boss\AppData\Roaming\SystemaRev\RevServicesX 4.0.10\install\2476226\SystemUpdate64x.exe [593920] =>Trojan.Agent
O61 - LFC: 2018/06/18 12:46:35 A . (..) -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe [649849]
O61 - LFC: 2018/06/18 16:37:03 A . (..) -- C:\Users\Boss\AppData\Roaming\tj1y4qjfl40\kphgkwekwqi.exe [649849]
O61 - LFC: 2018/06/18 16:37:26 A . (..) -- C:\Users\Boss\AppData\Roaming\tjvhtoanwzq\jdd4jgzocpd.exe [649849]
O61 - LFC: 2018/06/18 15:25:59 A . (..) -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe [649849]
O61 - LFC: 2018/06/18 14:35:51 A . (..) -- C:\Users\Boss\AppData\Roaming\u1e0ztuan3v\b52zrg0lunw.exe [0]
O61 - LFC: 2018/06/18 14:56:54 A . (..) -- C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe [649849]
O61 - LFC: 2018/06/18 12:47:20 A . (..) -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe [649849]
O61 - LFC: 2018/06/18 13:05:59 A . (..) -- C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe [649849]
O61 - LFC: 2018/06/18 16:37:32 A . (..) -- C:\Users\Boss\AppData\Roaming\uvw23vzcrh2\xqoymku0iwj.exe [649849]
O61 - LFC: 2018/06/18 12:16:40 A . (..) -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe [649849]
O61 - LFC: 2018/06/18 13:23:07 A . (..) -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe [649849]
O61 - LFC: 2018/06/18 11:45:52 A . (..) -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe [649849]
O61 - LFC: 2018/06/18 16:36:12 A . (..) -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe [649849]
O61 - LFC: 2018/06/18 12:09:15 A . (..) -- C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe [649849]
O61 - LFC: 2018/06/18 14:36:19 A . (..) -- C:\Users\Boss\AppData\Roaming\vsfgt0n5o55\3jlkuavoeqr.exe [0]
O61 - LFC: 2018/06/19 10:08:03 A . (..) -- C:\Users\Boss\AppData\Roaming\w3nmtqzva4g\bxljdrbg3xg.exe [503731]
O61 - LFC: 2018/06/18 12:47:20 A . (..) -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe [649849]
O61 - LFC: 2018/06/18 12:36:29 A . (..) -- C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe [649849]
O61 - LFC: 2018/06/18 12:10:17 A . (..) -- C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe [649849]
O61 - LFC: 2018/06/18 12:46:35 A . (..) -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe [649849]
O61 - LFC: 2018/06/18 14:54:33 A . (..) -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe [649849]
O61 - LFC: 2018/06/18 13:02:45 A . (..) -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe [649849]
O61 - LFC: 2018/06/18 16:36:17 A . (..) -- C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5\421qmditfqu.exe [649849]
O61 - LFC: 2018/06/18 14:36:20 A . (..) -- C:\Users\Boss\AppData\Roaming\zef1bsflj1d\tg4swtmgqlo.exe [0]
O61 - LFC: 2018/06/18 17:34:49 A . (..) -- C:\Users\Boss\AppData\Roaming\ziio5fseiew\iefk2almc02.exe [649849]
O61 - LFC: 2018/06/18 12:36:19 A . (..) -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe [649849]
O61 - LFC: 2018/06/18 14:57:41 A . (..) -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe [649849]
O61 - LFC: 2018/06/18 15:27:05 A . (..) -- C:\Users\Boss\Downloads\MSEInstall.exe [0]
O61 - LFC: 2018/06/06 12:12:28 A . (.Setup Factory is a trademark of Indigo Rose Corporati.) -- C:\Users\Boss\Downloads\printtopdf_setup.exe [9052182]
---\\ ASSOCIATION Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %* =>.Default.Value
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (...) -- C:\Windows\System32\WScript.exe "%1" %* =>.Default.Value
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S =>.Default.Value
---\\ MENU DE DÉMARRAGE INTERNET (12) - 0s
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [64Bits][HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [64Bits][HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
---\\ RECHERCHE D'INFECTION SUR LES NAVIGATEURS (5) - 11s
O69 - SBI: prefs.js [Boss - 533yvpjo.default] user_pref("browser.newtab.url", "file:///C:/ProgramData/Kipolams/ff.NT"); =>PUP.Optional.Salus
O69 - SBI: prefs.js [Boss - 533yvpjo.default] user_pref("browser.startup.homepage", "file:///C:/ProgramData/Kipolams/ff.HP"); =>PUP.Optional.Salus
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] [64Bits]{ielnksrch} - (Search the web) - http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN80V5Qf4-sHUlvylceWGx8cDLZmWI4ZQarcjZbVdOwiHXDFJale-sgz3wUSpzpVw_pI7SgPJ15AhyoCoR9Pjp0lUk2iiNbXbaMIbVHdkgBIiOmCtlPUY1MvFs7EsVvDyXYj_oEssNqwV9GfoQUZ3-bq3VWGJkBKNKp5rWiPk-cJ1QvRxJuk,&q={searchTerms} =>.SUP.Linkury
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
---\\ ÉNUMÈRE LES SERVICES DÉMARRÉS PAR Svchost (33) - 4s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [853504] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [679424] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2477536] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation
---\\ LISTE DES EXCEPTIONS DU PAREFEU WINDOWS (7) - 7s
O87 - FAEL: "{936D01C2-7526-4E73-AC04-A08DADF254DE}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{7DC6BACE-D8DA-4FF1-B632-21054773133C}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{1939B550-F393-4BF5-8E0E-3DB7B6F26A2C}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{1CDAB913-462E-4FE7-9607-B504E5089AC3}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{1A5E34D3-36CC-4055-BB2A-E7E092A862D6}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{E7531BC6-AF32-4FF8-BD50-8DF6C26CEDC0}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{C8D25E3D-C8FC-4FA5-B91E-83D2B4038BC7}" [In-None-P17-TRUE] .(...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
---\\ CODES PRODUITS LOGICIELS (41) - 2s
O90 - PUC: "00002109030000000000000000F01FEC" [HKLM] . (.Microsoft Office Enterprise 2007.) =>.Microsoft Corporation
O90 - PUC: "000021091A00C0400000000000F01FEC" [HKLM] . (.Microsoft Office OneNote MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021094400C0400000000000F01FEC" [HKLM] . (.Microsoft Office InfoPath MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021095100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Access MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021096100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Excel MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021098100C0400000000000F01FEC" [HKLM] . (.Microsoft Office PowerPoint MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021099100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Publisher MUI (French) 2007.) =>.bl.org
O90 - PUC: "00002109A100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Outlook MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109A20000000100000000F01FEC" [HKLM] . (.Microsoft Office Office 64-bit Components 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109A200C0400100000000F01FEC" [HKLM] . (.Microsoft Office Shared 64-bit MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109AB00C0400000000000F01FEC" [HKLM] . (.Microsoft Office Groove MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109B100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Word MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109C200C0400000000000F01FEC" [HKLM] . (.Microsoft Office Proofing (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109E600C0400000000000F01FEC" [HKLM] . (.Microsoft Office Shared MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F10010400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (Arabic) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F10031400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (Dutch) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F10070400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (German) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F10090400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (English) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F100A0C00000000000F01FEC" [HKLM] . (.Microsoft Office Proof (Spanish) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "0D741DA1E0EBC6D3CA11466FCD14361F" [HKLM] . (.Microsoft .NET Framework 4.5.) =>.Microsoft Corporation
O90 - PUC: "13322C0F4935BE14D9B82133B563EE0F" [HKLM] . (.doPDF.) =>.Softland
O90 - PUC: "1926E8D15D0BCE53481466615F760A7F" [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: "1D5E3C0FEDA1E123187686FED06E995A" [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: "21BFF3F9E8521BB45867BFF5F1E130E9" [HKLM] . (.novaPDF 8 add-in for Microsoft Office (x64).) =>.Microsoft Corporation
O90 - PUC: "26E279C7F1CBC1D4BB59DF6B84FE2631" [HKLM] . (.novaPDF 8 add-in for Microsoft Office (x86).) =>.Microsoft Corporation
O90 - PUC: "47CA2FBBC0273BC32819E543302923AF" [HKLM] . (.Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215.) =>.Microsoft Corporation
O90 - PUC: "50A45C97641F0AE4A8074DFE6E81E125" [HKLM] . (.HP Support Assistant.) -- C:\Windows\Installer\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}\ARPPRODUCTICON.exe =>.Hewlett-Packard
O90 - PUC: "5EE6FE96605315E45BD1FABECBE2CD33" [HKLM] . (.novaPDF 8 Printer Driver.)
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" [HKLM] . (.Adobe Reader X (10.1.16) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico =>.Adobe Inc.
O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" [HKLM] . (.Hewlett-Packard ACLM.NET v1.2.2.3.) -- C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe =>.Microsoft Corporation
O90 - PUC: "71460E5BCA4A52243BE6E7439C61617E" [HKLM] . (.Intel® Trusted Connect Service Client.) =>.Intel Corporation
O90 - PUC: "85F0F6A884EAC4F40AF63C19BA7160C9" [HKLM] . (.DriversCloud.com (64 bits).) -- C:\Windows\Installer\{8A6F0F58-AE48-4F4C-A06F-C391AB17069C}\maconfico =>.Apple Inc.
O90 - PUC: "A089CE062ADB6BC44A720BA745894BAC" [HKLM] . (.Google Update Helper.) =>.Google Inc.
O90 - PUC: "A419E7B35D3992A429BBFAC8F3664C13" [HKLM] . (.Skype™ 7.40.) -- C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies
O90 - PUC: "CA4ECB96275917232ABF4932DB3AA634" [HKLM] . (.Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215.) =>.Microsoft Corporation
O90 - PUC: "CC9F7CE01474EA54F955E639347F625F" [HKLM] . (.Intel(R) Manageability Engine Firmware Recovery Agent.) -- C:\Windows\Installer\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}\AppIcon =>.Intel Corporation
O90 - PUC: "D54EC5DEB24881C40A20781EE63AB93B" [HKLM] . (.HP Support Solutions Framework.) -- C:\Windows\Installer\{ED5CE45D-842B-4C18-A002-87E16EA39BB3}\icon.ico =>.Hewlett-Packard
O90 - PUC: "E31C3AA213508B14EA84EA829C048A90" [HKLM] . (.Microsoft Security Client.) =>.Microsoft Corporation
O90 - PUC: "F091F6953C3D0F0408316E0E21742662" [HKLM] . (.RevServicesX.) =>Trojan.Agent
O90 - PUC: "FAA1FE9C245B8C145A731124ADD5A4CE" [HKLM] . (.HP Customer Experience Enhancements.) -- C:\Windows\Installer\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}\ARPPRODUCTICON.exe =>.Hewlett-Packard
---\\ PACKAGES WINDOWS INSTALLER (17) - 12s
[MD5.EE3C7D44B16E7959ABF7F5A603AD9883] [WIS][2017/02/22 15:15:29] (.Intel Corporation - Intel(R) Trusted Connect Service Client.) -- C:\Windows\Installer\153c78.msi [8753152] =>.Intel Corporation
[MD5.0F550F7B49CE9ED78F79EADFA8C00EDC] [WIS][2017/02/22 15:15:28] (.Intel Corporation - Intel(R) Manageability Engine Firmware Reco.) -- C:\Windows\Installer\153c7e.msi [19596800] =>.Intel Corporation
[MD5.0CF8A54784157D2E65A4860443B0432E] [WIS][2015/01/23 16:46:28] (.Softland - novaPDF 8 add-in for Microsoft Office (x86).) -- C:\Windows\Installer\194fba.msi [1830912] =>.Softland
[MD5.AD8A382E982AA5326DAB766C51B90032] [WIS][2015/01/23 16:46:30] (.Softland - novaPDF 8 add-in for Microsoft Office (x64).) -- C:\Windows\Installer\194fc0.msi [2011136] =>.Softland
[MD5.7B21FC4C93CD2F6C26908787E2BC38F3] [WIS][2015/01/23 16:47:50] (.Softland - Softland's novaPDF 8 Printer Driver Install.) -- C:\Windows\Installer\194fc6.msi [15921152] =>.Softland
[MD5.F69EAC25A056E66D9DB4B47BC3E6B515] [WIS][2015/01/23 16:48:04] (.Softland - novaPDF 8.) -- C:\Windows\Installer\194fcc.msi [5410816] =>.Softland
[MD5.FFEE31186501B937BAE18E510B42A456] [WIS][2015/12/08 15:49:35] (.Hewlett-Packard Company - HP Support Solutions Framework.) -- C:\Windows\Installer\43f51d.msi [12079104] =>.Hewlett-Packard Company
[MD5.AE876C737A5ED8E461E99BF58A84D0D6] [WIS][2013/08/08 13:03:14] (.Hewlett-Packard Company - InstallShield® 2011 - Premier Edition with .) -- C:\Windows\Installer\43f52a.msi [2859520] =>.Hewlett-Packard Company
[MD5.E9DCD28C68A54D0E6300C2E021FAAFC1] [WIS][2015/12/08 16:09:36] (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Windows\Installer\55b70f.msi [35532288] =>.Hewlett-Packard Company
[MD5.214D52101D0C9A53327769731AB0D15A] [WIS][2015/12/08 16:10:32] (.Hewlett-Packard - InstallShield® 2014 - Premier Edition with .) -- C:\Windows\Installer\55b716.msi [629760] =>.Hewlett-Packard
[MD5.E69858D048984D3D29B21BF7B70EC177] [WIS][2018/06/17 02:09:36] (.SystemaRev - RevServicesX.) -- C:\Windows\Installer\7a408f.msi [2283008] =>Trojan.Agent
[MD5.E53FA74C34A43723EBCCAAFFB7313247] [WIS][2017/12/27 14:43:53] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\ef52.msi [45522944] =>.Skype Technologies S.A.
[MD5.279472AFC3316213A3E9379F5012CF75] [WIS][2015/09/29 10:28:48] (.Cybelsoft - Hardware Detection DriversCloud.com.) -- C:\Windows\Installer\f0e39.msi [5713920] =>.Cybelsoft
[MD5.FCA1EEB4107FF4AA9DCB6FA2371A6837] [WIS][2011/06/06 21:52:05] (.Adobe Systems Incorporated - ADOBER~1.0Adobe Reader X (10.0.1).) -- C:\Windows\Installer\f7c70.msi [2332672] =>.Adobe Systems Incorporated
[MD5.50EA7A4D9481B12A97070942F474D918] [WIS][2018/05/20 09:48:25] (.Google Inc. - Google Update Helper.) -- C:\Windows\Installer\fa4dd.msi [40960] =>.Google Inc.
[MD5.765E81508D7A084A970E249E22D754F3] [WIS][2015/10/13 05:18:03] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\18e3a.msp [20824064] =>.SUP.Obsolete.Adobe
[MD5.AB18327429D55F0F71E417150A66E726] [WIS][2011/09/05 22:51:04] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\f7c71.msp [13135872] =>.SUP.Obsolete.Adobe
---\\ FEATURE CONTROLE. (126) - 0s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL]:WindowsAnytimeUpgradeUI.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:msn6.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HPSFViewer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HPCF.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:winword.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:excel.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:powerpnt.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn6.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:ehExtHost.exe =>.Legitimate
---\\ SCAN ADDITIONNEL (439) - 36s
C:\Program Files (x86)\EiPdaxGyo.exe =>Heuristic.Suspect
C:\Program Files (x86)\IARIQN.exe =>Heuristic.Suspect
HKLM\SYSTEM\CurrentControlSet\Services\backlh =>PUP.Optional.LogicHandler
C:\ProgramData\Logic Cramble\set.exe =>PUP.Optional.LogicHandler
HKLM\SYSTEM\CurrentControlSet\Services\ellfService =>PUP.Optional.Youndoo
C:\ProgramData\ellfService\ellfService.exe =>PUP.Optional.Youndoo
HKLM\SYSTEM\CurrentControlSet\Services\Nettrans =>PUP.Optional.LogicHandler
C:\ProgramData\PrefsSecure\Nettrans.exe =>PUP.Optional.LogicHandler
HKLM\SYSTEM\CurrentControlSet\Services\saiyitechnology =>Hijacker.Browser
C:\ProgramData\yahoochrome_D\desktop186.exe =>Hijacker.Browser
HKLM\SYSTEM\CurrentControlSet\Services\SystemUpdate64 =>Trojan.Agent
C:\Program Files\SystemaRev\RevServicesX\SystemUpdate64x.exe =>Trojan.Agent
C:\Windows\System32\Tasks\Update_4.0.10 =>Trojan.Agent
C:\Users\Boss\AppData\Local\Temp\is-VN8AG.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-R95IK.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-GR2SV.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-B2J5P.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-J078D.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-SGPE7.tmp\up.exe =>Adware.Wizzcaster
C:\Program Files\4RJYZ4FLY1\4RJYZ4FLY.exe =>Adware.Wizzcaster
C:\Program Files\4N2XTR691F\4N2XTR691.exe =>Adware.Wizzcaster
C:\Program Files\IY73DZJN1A\2Q24L2L7U.exe =>Adware.Wizzcaster
C:\Program Files\UEP61973CJ\UEP61973C.exe =>Adware.Wizzcaster
C:\Program Files\DZVTM5DNXU\DZVTM5DNX.exe =>Adware.Wizzcaster
C:\Program Files\EF044BI1YY\EF044BI1Y.exe =>Adware.Wizzcaster
C:\Program Files\MOUNR5U7CO\MOUNR5U7C.exe =>Adware.Wizzcaster
C:\Program Files\DKQ9ELO4CM\7Y7G6PEN7.exe =>Adware.Wizzcaster
C:\Program Files\7KV3ACDMTO\7KV3ACDMT.exe =>Adware.Wizzcaster
C:\Program Files\23L6WSE3LA\23L6WSE3L.exe =>Adware.Wizzcaster
C:\Program Files\CXFWDCVC0N\CXFWDCVC0.exe =>Adware.Wizzcaster
C:\Program Files\0IP40NNURL\0IP40NNUR.exe =>Adware.Wizzcaster
C:\Program Files\BCQQKEZTW6\Y7MX72MBI.exe =>Adware.Wizzcaster
C:\Program Files\JF5F9TWOH8\JF5F9TWOH.exe =>Adware.Wizzcaster
C:\Program Files\O8SRM406DJ\O8SRM406D.exe =>Adware.Wizzcaster
C:\Program Files\XBZEUQP4OX\9K8FXDNO9.exe =>Adware.Wizzcaster
C:\Program Files\Q8BSUMTKUH\9K8FXDNO9.exe =>Adware.Wizzcaster
C:\Program Files\HHDVUWO3MW\H4MNFV2OE.exe =>Adware.Wizzcaster
C:\Program Files\RIO1WF5WR1\4FG87VWNF.exe =>Adware.Wizzcaster
C:\Program Files\UKLSHLMZBX\UKLSHLMZB.exe =>Adware.Wizzcaster
C:\Program Files\RIJN2Z22I4\RIJN2Z22I.exe =>Adware.Wizzcaster
C:\Program Files\QUH4P9I665\QUH4P9I66.exe =>Adware.Wizzcaster
C:\Program Files\LAPLRC4S52\AO2F7BHU4.exe =>Adware.Wizzcaster
C:\Program Files\ZGA9EUB06A\YJGF46W1D.exe =>Adware.Wizzcaster
C:\Program Files\OUN3UTN243\YJGF46W1D.exe =>Adware.Wizzcaster
C:\Program Files\51S1MQLHBR\YJGF46W1D.exe =>Adware.Wizzcaster
C:\Program Files\ZGA9EUB06A\B8NUC532C.exe =>Adware.Wizzcaster
C:\Program Files\PZ77R66BSC\PZ77R66BS.exe =>Adware.Wizzcaster
C:\Program Files\0CC1QIJSJR\I4DC6UF1U.exe =>Adware.Wizzcaster
C:\Program Files\E97JWYQPWS\E97JWYQPW.exe =>Adware.Wizzcaster
C:\Program Files\59FTT6TX6N\59FTT6TX6.exe =>Adware.Wizzcaster
C:\Program Files\NCS9KETNVR\NCS9KETNV.exe =>Adware.Wizzcaster
C:\Program Files\2B1ZGSCKRL\2B1ZGSCKR.exe =>Adware.Wizzcaster
C:\Program Files\JSTAJHCVC7\JSTAJHCVC.exe =>Adware.Wizzcaster
C:\Program Files\V2TI5WPWUS\V2TI5WPWU.exe =>Adware.Wizzcaster
C:\Program Files\8VEUIXN1JS\8VEUIXN1J.exe =>Adware.Wizzcaster
C:\Program Files\06UK5MMVGE\06UK5MMVG.exe =>Adware.Wizzcaster
C:\Program Files\J1EOM5NN6Q\J1EOM5NN6.exe =>Adware.Wizzcaster
C:\Program Files\9GC25M9TIX\9GC25M9TI.exe =>Adware.Wizzcaster
C:\Program Files\Z2GOWJEWBY\Z2GOWJEWB.exe =>Adware.Wizzcaster
C:\Program Files\KYOP6JTQ2X\KYOP6JTQ2.exe =>Adware.Wizzcaster
C:\Windows\Temp\g8E9D.tmp.exe =>Heuristic.Suspect
C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbdpajcdgknpendpmecafmopknefafha =>PUP.Optional.DefaultSearch
C:\Program Files (x86)\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi =>PUP.Optional.YouTubeAdBlock
C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\533yvpjo.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233 =>PUP.Optional.SuperFind
C:\Program Files (x86)\lJFUJMGEHIE\tFH1Gsq.dll =>PUP.Optional.YouTubeAdBlock
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} =>PUP.Optional.YouTubeAdBlock
HKLM\Software\WOW6432Node\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} =>PUP.Optional.YouTubeAdBlock
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} =>PUP.Optional.YouTubeAdBlock
[HKEY_USERS\S-1-5-18\Environment]:SNP =>PUP.Optional.Salus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{596F190F-D3C3-40F0-8013-E6E012476226} =>Trojan.Agent
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8 =>PUP.Optional.YouTubeAdBlock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8 =>PUP.Optional.YouTubeAdBlock
C:\Program Files\06UK5MMVGE\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\06UK5MMVGE =>Adware.Wizzcaster
C:\Program Files\0CC1QIJSJR\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\0CC1QIJSJR =>Adware.Wizzcaster
C:\Program Files\0IP40NNURL\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\0IP40NNURL =>Adware.Wizzcaster
C:\Program Files\14P4OZRKBQ\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\14P4OZRKBQ =>Adware.Wizzcaster
C:\Program Files\23L6WSE3LA\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\23L6WSE3LA =>Adware.Wizzcaster
C:\Program Files\2B1ZGSCKRL\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\2B1ZGSCKRL =>Adware.Wizzcaster
C:\Program Files\45B9CW055O\45B9CW055.exe =>Adware.Wizzcaster
C:\Program Files\45B9CW055O\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\45B9CW055O =>Adware.Wizzcaster
C:\Program Files\4N2XTR691F\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\4N2XTR691F =>Adware.Wizzcaster
C:\Program Files\4QHNSKO4SB\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\4QHNSKO4SB =>Adware.Wizzcaster
C:\Program Files\4RJYZ4FLY1\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\4RJYZ4FLY1 =>Adware.Wizzcaster
C:\Program Files\51S1MQLHBR\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\51S1MQLHBR =>Adware.Wizzcaster
C:\Program Files\59FTT6TX6N\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\59FTT6TX6N =>Adware.Wizzcaster
C:\Program Files\7KV3ACDMTO\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\7KV3ACDMTO =>Adware.Wizzcaster
C:\Program Files\8DNWW3JFF1\8DNWW3JFF.exe =>Adware.Wizzcaster
C:\Program Files\8DNWW3JFF1\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\8DNWW3JFF1 =>Adware.Wizzcaster
C:\Program Files\8RGCJQFNR7\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\8RGCJQFNR7 =>Adware.Wizzcaster
C:\Program Files\8VEUIXN1JS\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\8VEUIXN1JS =>Adware.Wizzcaster
C:\Program Files\9GC25M9TIX\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\9GC25M9TIX =>Adware.Wizzcaster
C:\Program Files\BCQQKEZTW6\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\BCQQKEZTW6 =>Adware.Wizzcaster
C:\Program Files\C99D02G16Q\C99D02G16.exe =>Adware.Wizzcaster
C:\Program Files\C99D02G16Q\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\C99D02G16Q =>Adware.Wizzcaster
C:\Program Files\CXFWDCVC0N\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\CXFWDCVC0N =>Adware.Wizzcaster
C:\Program Files\CXHFGDRXAY\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\CXHFGDRXAY =>Adware.Wizzcaster
C:\Program Files\DKQ9ELO4CM\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\DKQ9ELO4CM =>Adware.Wizzcaster
C:\Program Files\DS5T3AGQR6\DS5T3AGQR.exe =>Adware.Wizzcaster
C:\Program Files\DS5T3AGQR6 =>Adware.Wizzcaster
C:\Program Files\DZVTM5DNXU\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\DZVTM5DNXU =>Adware.Wizzcaster
C:\Program Files\E97JWYQPWS\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\E97JWYQPWS =>Adware.Wizzcaster
C:\Program Files\EF044BI1YY\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\EF044BI1YY =>Adware.Wizzcaster
C:\Program Files\EHDQ4SPSES\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\EHDQ4SPSES =>Adware.Wizzcaster
C:\Program Files\FU4YJTB7LN\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\FU4YJTB7LN =>Adware.Wizzcaster
C:\Program Files\G4WLOFJRI0\G4WLOFJRI.exe =>Adware.Wizzcaster
C:\Program Files\G4WLOFJRI0 =>Adware.Wizzcaster
C:\Program Files\H61S1G0VCJ\H61S1G0VC.exe =>Adware.Wizzcaster
C:\Program Files\H61S1G0VCJ\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\H61S1G0VCJ =>Adware.Wizzcaster
C:\Program Files\HHDVUWO3MW\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\HHDVUWO3MW =>Adware.Wizzcaster
C:\Program Files\HIVZM3HMW6\HIVZM3HMW.exe =>Adware.Wizzcaster
C:\Program Files\HIVZM3HMW6\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\HIVZM3HMW6 =>Adware.Wizzcaster
C:\Program Files\I36D8XOVVL\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\I36D8XOVVL =>Adware.Wizzcaster
C:\Program Files\IY73DZJN1A\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\IY73DZJN1A =>Adware.Wizzcaster
C:\Program Files\J1EOM5NN6Q\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\J1EOM5NN6Q =>Adware.Wizzcaster
C:\Program Files\JF5F9TWOH8\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\JF5F9TWOH8 =>Adware.Wizzcaster
C:\Program Files\JSTAJHCVC7\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\JSTAJHCVC7 =>Adware.Wizzcaster
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\Program Files\KYOP6JTQ2X\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\KYOP6JTQ2X =>Adware.Wizzcaster
C:\Program Files\L44YZJEUTA\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\L44YZJEUTA =>Adware.Wizzcaster
C:\Program Files\LAPLRC4S52\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\LAPLRC4S52 =>Adware.Wizzcaster
C:\Program Files\MOUNR5U7CO\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\MOUNR5U7CO =>Adware.Wizzcaster
C:\Program Files\N9TSKY2Y0Q\N9TSKY2Y0.exe =>Adware.Wizzcaster
C:\Program Files\N9TSKY2Y0Q\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\N9TSKY2Y0Q =>Adware.Wizzcaster
C:\Program Files\NCS9KETNVR\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\NCS9KETNVR =>Adware.Wizzcaster
C:\Program Files\NT1O3SDMJG\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\NT1O3SDMJG =>Adware.Wizzcaster
C:\Program Files\NTXTULCS13\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\NTXTULCS13 =>Adware.Wizzcaster
C:\Program Files\O8SRM406DJ\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\O8SRM406DJ =>Adware.Wizzcaster
C:\Program Files\OUN3UTN243\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\OUN3UTN243 =>Adware.Wizzcaster
C:\Program Files\PFHWAKCNX2\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\PFHWAKCNX2 =>Adware.Wizzcaster
C:\Program Files\PZ77R66BSC\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\PZ77R66BSC =>Adware.Wizzcaster
C:\Program Files\Q8BSUMTKUH\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\Q8BSUMTKUH =>Adware.Wizzcaster
C:\Program Files\QJTK9S03AG\QJTK9S03A.exe =>Adware.Wizzcaster
C:\Program Files\QJTK9S03AG =>Adware.Wizzcaster
C:\Program Files\QUH4P9I665\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\QUH4P9I665 =>Adware.Wizzcaster
C:\Program Files\RIJN2Z22I4\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\RIJN2Z22I4 =>Adware.Wizzcaster
C:\Program Files\RIO1WF5WR1\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\RIO1WF5WR1 =>Adware.Wizzcaster
C:\Program Files\S5ZFI3L184\S5ZFI3L18.exe =>Adware.Wizzcaster
C:\Program Files\S5ZFI3L184 =>Adware.Wizzcaster
C:\Program Files\SY8JAW81NY\SY8JAW81N.exe =>Adware.Wizzcaster
C:\Program Files\SY8JAW81NY\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\SY8JAW81NY =>Adware.Wizzcaster
C:\Program Files\SystemaRev =>Trojan.Agent
C:\Program Files\TTI498IUP7\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\TTI498IUP7 =>Adware.Wizzcaster
C:\Program Files\UEP61973CJ\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\UEP61973CJ =>Adware.Wizzcaster
C:\Program Files\UKLSHLMZBX\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\UKLSHLMZBX =>Adware.Wizzcaster
C:\Program Files\V2TI5WPWUS\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\V2TI5WPWUS =>Adware.Wizzcaster
C:\Program Files\VITRIQ0UIC\VITRIQ0UI.exe =>Adware.Wizzcaster
C:\Program Files\VITRIQ0UIC\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\VITRIQ0UIC =>Adware.Wizzcaster
C:\Program Files\XBZEUQP4OX\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\XBZEUQP4OX =>Adware.Wizzcaster
C:\Program Files\XOBDQ06VI9\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\XOBDQ06VI9 =>Adware.Wizzcaster
C:\Program Files\Y62LMJ6B01\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\Y62LMJ6B01 =>Adware.Wizzcaster
C:\Program Files\YAJ04LFD3P\YAJ04LFD3.exe =>Adware.Wizzcaster
C:\Program Files\YAJ04LFD3P\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\YAJ04LFD3P =>Adware.Wizzcaster
C:\Program Files\Z2GOWJEWBY\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\Z2GOWJEWBY =>Adware.Wizzcaster
C:\Program Files\ZAUCWF3FSP\ZAUCWF3FS.exe =>Adware.Wizzcaster
C:\Program Files\ZAUCWF3FSP\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\ZAUCWF3FSP =>Adware.Wizzcaster
C:\Program Files\ZCDV3PPRT8\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\ZCDV3PPRT8 =>Adware.Wizzcaster
C:\Program Files\ZGA9EUB06A\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\ZGA9EUB06A =>Adware.Wizzcaster
C:\Program Files (x86)\OneSystemCare =>PUP.Optional.OneSystemCare
C:\Program Files (x86)\WeatherInspect =>Adware.WeatherInspect
C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a =>Adware.Suspect
C:\ProgramData\959924f715474eb48b64e9340ac14260 =>Adware.Suspect
C:\ProgramData\bcc7fe86-3d51-1 =>.SUP.Polluteware
C:\ProgramData\bcc7fe86-65b3-0 =>.SUP.Polluteware
C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5 =>Adware.Suspect
C:\ProgramData\Kipolams =>PUP.Optional.Salus
C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler
C:\ProgramData\PrefsSecure =>PUP.Optional.LogicHandler
C:\ProgramData\SystemaRev =>Trojan.Agent
C:\Users\Boss\AppData\Roaming\04aeuoajoun\v5pmrklxd2q.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\04aeuoajoun =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\0njpmhg1baw =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1dwh4smffbu\hcmkjywv1kt.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1dwh4smffbu =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1f13avwhh05 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1vcgkimcszj =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\2223kxo4nxo\p13sj1bgnsd.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\2223kxo4nxo =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\3iuedhaxbrf =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\3oiiusgh5zi\mxq55nft3no.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\3oiiusgh5zi =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4ei42zyfjiy =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4fkqyihbtcs =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4uobljvyp20\3svjlzre0lk.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4uobljvyp20 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4wbzgfrmjm0\30icqzgwj4v.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4wbzgfrmjm0 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4zyiiordr1t =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\5bqyzsnppie\2ru0tdzpkbi.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\5bqyzsnppie =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\5jqaxe4cvws\pgtmsxmxa4t.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\5jqaxe4cvws =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\a3lozhxq13k =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ansv0loy3pq =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\b5zczcwd5r1\oozsrf2soko.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\b5zczcwd5r1 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\bu4x2q1xvar\oc23htwzs54.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\bu4x2q1xvar =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\campugwkwrr =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\cjytoix0t2u =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\dspg5yhdv1g =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\dzccmget4xj =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\f4u2nwwd10e\mxxtve5tigy.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\f4u2nwwd10e =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fsegsk4xxmu =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fygjhctaglt\eka0teczs0v.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fygjhctaglt =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fyhpl2l1k15 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ghq200jfphj =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\gpjkvky3xwu =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\h1x0jjgthyx\mzvjh1q2ano.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\h1x0jjgthyx =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hkyqvziz52h\ly4jw3pesbz.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hkyqvziz52h =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hthbwdvliem =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hufopmim0n1\av0sqaq5hgu.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hufopmim0n1 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\iesdjzopjee\hus24axk1n2.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\iesdjzopjee =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ikwuwroponc\mbipioegc2z.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ikwuwroponc =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ixkwmxjdirx =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\jum1zmblfzl\mu3ew1mrmma.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\jum1zmblfzl =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\kfy5tx1iwng =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\kmqvgrjqtcv\3amwpavvvqv.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\kmqvgrjqtcv =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\lbihu3dbgw5 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\lk1yurxlstt =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\maxfhrsmjri =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\mymz0dwunxe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\nt3ivlu25bk =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\nxp5kibzalj =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ojuozu0x55w\hiedbulpww1.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ojuozu0x55w =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\OneSystemCare =>PUP.Optional.OneSystemCare
C:\Users\Boss\AppData\Roaming\orqxm1vp1i2\3ltipqff222.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\orqxm1vp1i2 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\pxojaif2pi3 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\qzxcr435qdn\npgodgvyy2q.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\qzxcr435qdn =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\rdrkuysirug\3bncm4l4241.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\rdrkuysirug =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ry4pkgjcpma =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\s4j33tkjzyi\suoj5nacpt3.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\s4j33tkjzyi =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\simj5fjsrp3 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\spofpkstogu\piwulaxn5fs.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\spofpkstogu =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\sprv00ej4ii =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\SystemHealer =>.SUP.SystemHealer
C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tj1y4qjfl40\kphgkwekwqi.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tj1y4qjfl40 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tjvhtoanwzq\jdd4jgzocpd.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tjvhtoanwzq =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tx44ulb2zwo =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\u1e0ztuan3v\b52zrg0lunw.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\u1e0ztuan3v =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\umxzcepm40l =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ut0azqixun3 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\uvw23vzcrh2\xqoymku0iwj.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\uvw23vzcrh2 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\v2zltxz22aw =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vj20z1lapnz =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vncargfxseo =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vsfgt0n5o55\3jlkuavoeqr.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vsfgt0n5o55 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\w3nmtqzva4g\bxljdrbg3xg.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\w3nmtqzva4g =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\wzgymbkm3u0 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\x133d1xorzs =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\x411pezscl5 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ym43wcqa4ng =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zamvjzj2q4e =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5\421qmditfqu.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zef1bsflj1d\tg4swtmgqlo.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zef1bsflj1d =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ziio5fseiew\iefk2almc02.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ziio5fseiew =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zljq0qkhq3e =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zspmamfbrxi =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Local\FastDataX =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.EXE-7D2D190F.pf =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.EXE-DEEE196E.pf =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.EXE-FF471559.pf =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.TMP-6817B8B7.pf =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.TMP-9EB58A95.pf =>Adware.FastDataX
C:\Windows\Prefetch\KIPOLAM.EXE-9BEC3F70.pf =>PUP.Optional.Salus
C:\Windows\Prefetch\KMSPICO_11_FINAL_OFFICE_AND_W-2D5B9CBE.pf =>HackTool.KMSpico
C:\Windows\Prefetch\KMSPICO_11_FINAL_OFFICE_AND_W-D2E6AA36.pf =>HackTool.KMSpico
C:\Windows\Prefetch\ONESYSTEMCARE.EXE-4F3801FB.pf =>PUP.Optional.OneSystemCare
C:\Windows\Prefetch\ONESYSTEMCARE.TMP-09513D4F.pf =>PUP.Optional.OneSystemCare
C:\Windows\Prefetch\ONESYSTEMCARE.TMP-D3A875F2.pf =>PUP.Optional.OneSystemCare
C:\Windows\Prefetch\SAFEFINDER.EXE-F3546BAC.pf =>PUP.Optional.SmartBar
C:\Windows\Prefetch\SPEEDYCAR.EXE-20F7BE19.pf =>Adware.ICLoader
C:\Windows\Prefetch\SPEEDYCAR.TMP-C0D9C5BE.pf =>Adware.ICLoader
C:\Windows\Prefetch\WEATHERINSPECT.EXE-B6C3320F.pf =>Adware.WeatherInspect
C:\Windows\Prefetch\WEATHERINSPECT.TMP-1B0D02DD.pf =>Adware.WeatherInspect
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} =>.SUP.Orphan
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent =>BitTorrent (P2P)
C:\Users\Boss\AppData\Roaming\SystemaRev\RevServicesX 4.0.10\install\2476226\SystemUpdate64x.exe =>Trojan.Agent
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} =>.SUP.Linkury
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{DAC34259-D6FF-4C4B-A1B3-A98FAA393957} =>HackTool.KMSpico
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{53E7FF3C-80EA-4FFB-9F0E-978B698CA5E9} =>HackTool.KMSpico
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\F091F6953C3D0F0408316E0E21742662 =>Trojan.Agent
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\F091F6953C3D0F0408316E0E21742662 =>Trojan.Agent
C:\Windows\Installer\7a408f.msi =>Trojan.Agent
C:\Windows\Installer\18e3a.msp =>.SUP.Obsolete.Adobe
C:\Windows\Installer\f7c71.msp =>.SUP.Obsolete.Adobe
---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (29) - 0s
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/04/pup-optional-logichandler/ =>PUP.Optional.LogicHandler
https://nicolascoolman.eu/2017/03/11/superfluous-youndoo/ =>PUP.Optional.Youndoo
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.Agent
https://nicolascoolman.eu/2017/10/13/adware-tasksredirect/ =>Adware.TasksRedirect
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Adware.Wizzcaster
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DefaultSearch
https://nicolascoolman.eu/2017/10/05/sup-browserextension/ =>.SUP.BrowserExtension
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.YouTubeAdBlock
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.SuperFind
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>.SUP.Linkury
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Legacy
https://nicolascoolman.eu/2017/06/21/adware-fastdatax/ =>Adware.FastDataX
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.OneSystemCare
https://nicolascoolman.eu/2017/10/03/sup-systemhealer/ =>.SUP.SystemHealer
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/10/29/adware-weatherinspect/ =>Adware.WeatherInspect
https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Polluteware
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Heuristic.Wizzcaster
https://nicolascoolman.eu/2017/09/09/pup-optional-smartbar/ =>PUP.Optional.SmartBar
https://nicolascoolman.eu/2018/06/12/adware-icloader/ =>Adware.ICLoader
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2018/06/11/pup-optional-fassistant/ =>PUP.Optional.FAssistant
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe
~ Unselected Options: O82,
~ End of the scan, 9304 items in 13mn10s (2430)(0)
~ Démarré par Boss (Administrator) (2018/06/19 10:16:32)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Certificate ZHPDiag: Legal
~ Etat de la version: Version KO
~ Mode: Scanner
~ Rapport: C:\Users\Boss\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Boss\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation
---\\ NAVIGATEURS INTERNET (3) - 0s
~ GCIE: Google Chrome v67.0.3396.87
~ MFIE: Mozilla Firefox 60.0.2 (x64 fr)
~ MSIE: Internet Explorer v8.0.7601.17514
---\\ INFORMATIONS SUR LES PRODUITS WINDOWS (9) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, VOLUME_KMSCLIENT channel
~ Windows Partial Key : GPDD4
Windows License : OK
Expiration Licence Windows : 259080 minute(s) (179 jour(s))
~ Windows Remaining Initializations Number : 1
Windows Automatic Updates : OK
Windows Activation Technologies : KO
---\\ LOGICIELS DE PROTECTION (2) - 0s
Microsoft Security Essentials v4.10.209.0 (Protection)
Microsoft Security Client v4.10.0209.0 (Protection)
---\\ SURVEILLANCE LOGICIEL (1) - 0s
~ Adobe Reader X (Surveillance)
---\\ LOGICIELS D'OPTIMISATION (1) - 0s
~ CCleaner v5.43 (Optimisation)
---\\ LOGICIELS DE PARTAGE P2P (1) - 0s
~ µTorrent v3.5.0.43804 (P2P)
---\\ INFORMATIONS SUR LE SYSTÈME (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4083.996 MB (10% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 239 GB (86%) free of 276 GB : OK =>.Disk Space
---\\ MODE DE CONNEXION AU SYSTÈME (3) - 0s
~ Computer Name: SAID
~ User Name: Boss
~ Logged in as Administrator
---\\ ÉNUMÉRATION DES UNITÉS DE STOCKAGE (3) - 0s
~ Drive C: has 239 GB free of 276 GB (System)
~ Drive D: has 123 GB free of 199 GB
~ Drive G: has 0 GB free of 1 GB
---\\ ÉTAT DU CENTRE DE SÉCURITÉ WINDOWS (10) - 0s
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM64\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ RECHERCHE PARTICULIÈRE DE FICHIERS GÉNÉRIQUES (26) - 2s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 21/11/2010 - (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Application de démarrage de Windows.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - 21/11/2010 - (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 21/11/2010 - (.Microsoft Corporation - Application d’ouverture de session Windows.) -- C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Bibliothèque de licences.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 21/11/2010 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 21/11/2010 - (.Microsoft Corporation - DNS DLL de l’API Client.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - 12/04/2011 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] =>.Microsoft Corporation
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 21/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Corporation
[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - Pilote de port i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - 21/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation
[MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 21/11/2010 - (.Microsoft Corporation - Pilote du système de fichiers NT.) -- C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Corporation
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Pilote de port parallèle.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 21/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Corporation
---\\ LISTE DES SERVICES (Non désactivés) (57) - 9s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: C:\Windows\System32\audiosrv.dll (AudioEndpointBuilder) . (.Microsoft Corporation - Service Audio Windows.) - C:\Windows\System32\Audiosrv.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\audiosrv.dll (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) - C:\Windows\System32\Audiosrv.dll =>.Microsoft Corporation
O23 - Service: Background Logic Handler (backlh) . (. - ExtManager.) - C:\ProgramData\Logic Cramble\set.exe =>PUP.Optional.LogicHandler
O23 - Service: C:\Windows\System32\bfe.dll (BFE) . (.Microsoft Corporation - Moteur de filtrage de base.) - C:\Windows\System32\bfe.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\qmgr.dll (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) - C:\Windows\System32\qmgr.dll =>.Microsoft Corporation
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) . (.Microsoft Corporation - .NET Runtime Optimization Service.) - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe {6105573300010000006E} =>.Microsoft Corporation
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X64 (clr_optimization_v4.0.30319_64) . (.Microsoft Corporation - .NET Runtime Optimization Service.) - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe {6105573300010000006E} =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cryptsvc.dll (CryptSvc) . (.Microsoft Corporation - Services de chiffrement.) - C:\Windows\System32\cryptsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\cscsvc.dll (CscService) . (.Microsoft Corporation - DLL du service CSC.) - C:\Windows\System32\cscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dhcpcore.dll (Dhcp) . (.Microsoft Corporation - Service client DHCP.) - C:\Windows\System32\dhcpcore.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dnsapi.dll (Dnscache) . (.Microsoft Corporation - Service de résolution du cache DNS.) - C:\Windows\System32\dnsrslvr.dll =>.Microsoft Corporation
O23 - Service: ellfService (ellfService) . (...) - C:\ProgramData\ellfService\ellfService.exe {00BA10A33204664713A8690A55F0AD7176} =>PUP.Optional.Youndoo
O23 - Service: C:\Windows\System32\wevtsvc.dll (eventlog) . (.Microsoft Corporation - Processus hôte pour les services Windows.) - C:\Windows\System32\svchost.exe =>.Microsoft Corporation
O23 - Service: @comres.dll,-2450 (EventSystem) . (.Microsoft Corporation - COM+.) - C:\Windows\System32\es.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FntCache.dll (FontCache) . (.Microsoft Corporation - Service de cache de police Windows.) - C:\Windows\System32\FntCache.dll =>.Microsoft Corporation
O23 - Service: @gpapi.dll,-112 (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) - C:\Windows\System32\gpsvc.dll =>.Microsoft Corporation
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc. - HP Support Solutions Framework Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe =>.HP Inc.®
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation - Intel® Management Engine Firmware®
O23 - Service: C:\Windows\System32\iphlpsvc.dll (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) - C:\Windows\System32\iphlpsvc.dll =>.Microsoft Corporation
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
O23 - Service: C:\Windows\System32\srvsvc.dll (LanmanServer) . (.Microsoft Corporation - DLL du service Serveur.) - C:\Windows\System32\srvsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wkssvc.dll (LanmanWorkstation) . (.Microsoft Corporation - DLL du service Station de travail.) - C:\Windows\System32\wkssvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\lmhsvc.dll (lmhosts) . (.Microsoft Corporation - DLL des services de transport NetBIOS sur T.) - C:\Windows\System32\lmhsvc.dll =>.Microsoft Corporation
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
O23 - Service: C:\Windows\System32\mmcss.dll (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) - C:\Windows\System32\mmcss.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\FirewallAPI.dll (MpsSvc) . (.Microsoft Corporation - Service de protection Microsoft.) - C:\Windows\System32\mpssvc.dll =>.Microsoft Corporation
O23 - Service: Microsoft Antimalware Service (MsMpSvc) . (.Microsoft Corporation - Antimalware Service Executable.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe =>.Microsoft Corporation®
O23 - Service: Prefs Secure (Nettrans) . (. - Network Packet Monitor.) - C:\ProgramData\PrefsSecure\Nettrans.exe =>PUP.Optional.LogicHandler
O23 - Service: C:\Windows\System32\nlasvc.dll (NlaSvc) . (.Microsoft Corporation - Connaissance des emplacements réseau 2.) - C:\Windows\System32\nlasvc.dll =>.Microsoft Corporation
O23 - Service: novaPDF Server (NovaPdfServer) . (.Microsoft - novaPDF Server.) - C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe =>.Softland S.R.L.®
O23 - Service: C:\Windows\System32\nsisvc.dll (nsi) . (.Microsoft Corporation - Serveur RPC de l’interface du magasin résea.) - C:\Windows\System32\nsisvc.dll =>.Microsoft Corporation
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 332.2.) - C:\Windows\system32\nvvsvc.exe =>.NVIDIA Corporation
O23 - Service: C:\Windows\System32\pcasvc.dll (PcaSvc) . (.Microsoft Corporation - Service de l’Assistant Compatibilité des pr.) - C:\Windows\System32\pcasvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\umpnpmgr.dll (PlugPlay) . (.Microsoft Corporation - Service mode utilisateur de Plug-and-Play.) - C:\Windows\System32\umpnpmgr.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\umpo.dll (Power) . (.Microsoft Corporation - Service d’alimentation en mode utilisateur.) - C:\Windows\System32\umpo.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\profsvc.dll (ProfSvc) . (.Microsoft Corporation - ProfSvc.) - C:\Windows\System32\profsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\system32\RpcEpMap.dll (RpcEptMapper) . (.Microsoft Corporation - Mappeur de point de terminaison RPC.) - C:\Windows\System32\RpcEpMap.dll =>.Microsoft Corporation
O23 - Service: @oleres.dll,-5010 (RpcSs) . (.Microsoft Corporation - Distributed COM Services.) - C:\Windows\System32\rpcss.dll =>.Microsoft Corporation
O23 - Service: saiyi technology limit (saiyitechnology) . (.PandaViewer - .) - C:\ProgramData\yahoochrome_D\desktop186.exe =>Hijacker.Browser
O23 - Service: C:\Windows\System32\schedsvc.dll (Schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) - C:\Windows\System32\schedsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\Sens.dll (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) - C:\Windows\System32\Sens.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\shsvcs.dll (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) - C:\Windows\System32\shsvcs.dll =>.Microsoft Corporation
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: C:\Windows\System32\spoolsv.exe,-1 (Spooler) . (.Microsoft Corporation - Application sous-système spouleur.) - C:\Windows\System32\spoolsv.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sppsvc.exe,-101 (sppsvc) . (.Microsoft Corporation - Service de la plateforme de protection logi.) - C:\Windows\System32\sppsvc.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wiaservc.dll (stisvc) . (.Microsoft Corporation - Service de périphériques d’images fixes.) - C:\Windows\System32\wiaservc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\sysmain.dll (SysMain) . (.Microsoft Corporation - Hôte de service Superfetch.) - C:\Windows\System32\sysmain.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\themeservice.dll (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) - C:\Windows\System32\themeservice.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\dwm.exe,-2000 (UxSms) . (.Microsoft Corporation - Microsoft User Experience Session Managemen.) - C:\Windows\System32\uxsms.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wbem\wmisvc.dll (Winmgmt) . (.Microsoft Corporation - WMI.) - C:\Windows\System32\wbem\WMIsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wlansvc.dll (Wlansvc) . (.Microsoft Corporation - DLL du service de configuration automatique.) - C:\Windows\System32\wlansvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wscsvc.dll (wscsvc) . (.Microsoft Corporation - Service Centre de sécurité de Windows.) - C:\Windows\System32\wscsvc.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\SearchIndexer.exe,-103 (WSearch) . (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - C:\Windows\System32\SearchIndexer.exe =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) - C:\Windows\System32\wuaueng.dll =>.Microsoft Corporation
O23 - Service: C:\Windows\System32\wudfsvc.dll (wudfsvc) . (.Microsoft Corporation - Windows Driver Foundation - Service d’infra.) - C:\Windows\System32\WUDFSvc.dll =>.Microsoft Corporation
---\\ SERVICES NON MICROSOFT (SR=Démarré,SS=Stoppé) (17) - 22s
SR - Auto [24/09/2015] [ 81088] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SR - Auto [18/06/2018] [ 3780096] Background Logic Handler (backlh) . (...) - C:\ProgramData\Logic Cramble\set.exe =>PUP.Optional.LogicHandler
SS - Demand [24/08/2013] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - Software and Firmware Products®
SR - Auto [18/06/2018] [ 1131728] ellfService (ellfService) . (...) - C:\ProgramData\ellfService\ellfService.exe {00BA10A33204664713A8690A55F0AD7176} =>PUP.Optional.Youndoo
SS - Demand [28/04/2015] [ 1102472] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe =>.Hewlett-Packard Company®
SR - Auto [02/05/2018] [ 332656] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.HP Inc..) - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe =>.HP Inc.®
SR - Auto [27/08/2013] [ 747520] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
SS - Demand [27/08/2013] [ 828376] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service®
SR - Auto [22/02/2017] [ 131544] Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe =>.Intel Corporation - Intel® Management Engine Firmware®
SR - Auto [22/02/2017] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
SR - Auto [22/02/2017] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
SS - Demand [12/06/2018] [ 194512] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [18/06/2018] [ 43520] Prefs Secure (Nettrans) . (...) - C:\ProgramData\PrefsSecure\Nettrans.exe =>PUP.Optional.LogicHandler
SS - Auto [19/12/2013] [ 922912] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe =>.NVIDIA Corporation®
SS - Auto [21/05/2018] [ 517432] saiyi technology limit (saiyitechnology) . (.PandaViewer.) - C:\ProgramData\yahoochrome_D\desktop186.exe =>Hijacker.Browser =>Hijacker.Browser
SS - Auto [18/07/2017] [ 317408] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SS - Demand [17/06/2018] [ 593920] SystemUpdate64 (SystemUpdate64) . (.SystemaRev.) - C:\Program Files\SystemaRev\RevServicesX\SystemUpdate64x.exe =>Trojan.Agent
---\\ TÂCHES PLANIFIÉES EN AUTOMATIQUE (Registre) (42) - 78s
O38 - TASK: {12EFB363-688B-4620-8351-B8E803D2274D} [64Bits][\Update_4.0.10] - (.SystemaRev - SystemUpdate64x 4.0.10.) -- C:\Program Files\SystemaRev\RevServicesX\SystemUpdate64x.exe [593920] =>Trojan.Agent
O38 - TASK: {3249588A-B062-459F-A8FC-95F863DD9C76} [64Bits][\{49CBE634-3501-6F0E-F0EA-60B592492738}] - (.Microsoft Corporation - Windows® installer.) -- C:\Program Files (x86)\EiPdaxGyo.exe [73216] [/q /i http://freshrefreshnerer186.info/2292R6wNZSl] =>Adware.TasksRedirect
O38 - TASK: {34F5F74C-C238-4365-939C-67FC81E6B969} [64Bits][\GoogleUpdateSecurityTaskMachine_SY] - (. - HandlerExecution.) -- C:\Users\Boss\AppData\Roaming\314167cb8d0b4418a5cdad8e89a566ad\HandlerExecution.exe [8192]
O38 - TASK: {462DC1A6-FB38-4BDB-B438-AD7DEE0AED59} [64Bits][\doPDF Update] - (. - UpdateApplication.) -- C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [654336]
O38 - TASK: {4A60A05F-8AF0-4275-BD8D-5C944A9A2A45} [64Bits][\GoogleUpdateSecurityTaskMachine_SV] - (. - HandlerExecution.) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\HandlerExecution.exe [8192]
O38 - TASK: {52F15CDA-6F44-4546-B981-6F7549B35665} [64Bits][\GoogleUpdateSecurityTaskMachine_TN] - (. - HandlerExecution.) -- C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a\HandlerExecution.exe [8192]
O38 - TASK: {57DDF491-BE97-44C8-8A15-795F908AB4EC} [64Bits][\{32D00B6F-F2C5-35DA-740F-AD649242F953}] - (.Microsoft Corporation - Windows® installer.) -- C:\Windows\ojaGor.exe [73216] [/q /i http://freshrefreshnerer186.info/Qg8NZ6e9.gA] =>Adware.TasksRedirect
O38 - TASK: {5F8D016F-B007-4988-9559-F2BCAE69A798} [64Bits][\CCleaner Update] - (.Piriform Ltd - CCleaner emergency updater.) -- C:\Program Files\CCleaner\CCUpdate.exe [532176] =>.Piriform Ltd
O38 - TASK: {733915A8-9DBF-43FE-A69C-0F17C3749CAC} [64Bits][\KnPQHVchzdGfrlHaz2] - (...) -- C:\Program Files (x86)\OxoywZINBbQwrioRGrR\watktxG.dll [3574227]
O38 - TASK: {73581B9A-255B-4F03-8935-BBF999BCAE97} [64Bits][\Wevice a Art Home Simulator] - (...) -- C:\Program Files\Wevice a Art Home Simulator\Wevice a Art Home Simulator.dll [3631104]
O38 - TASK: {79E22353-397E-41B0-8E95-C44446F00A68} [64Bits][\RestoreRevTask] - (...) -- C:\Program Files\Common Files\restore_rev.bat [164]
O38 - TASK: {8D2BCDE2-D092-4742-9208-8F79E93D25ED} [64Bits][\TdqeVjasHzsikvrWtEm2] - (...) -- C:\Program Files (x86)\wCCFxMJCsZmzC\OJrsGfq.dll [3552211]
O38 - TASK: {B2107CB5-4304-4224-A241-04B20E9A7B7B} [64Bits][\rArHIXNWKfbeRtR2] - (...) -- C:\Program Files (x86)\EgDGbQEiU\AXcnbL.dll [256000]
O38 - TASK: {B3EBE08D-1493-42AA-A418-9676BCEF51BB} [64Bits][\{0D490574-3B8F-3092-DC71-0E0377C96287}] - (.Microsoft Corporation - Windows® installer.) -- C:\Users\Boss\AppData\Roaming\RBlEuqIya.exe [73216] [/q /i http://freshrefreshnerer186rb.info/hLn0nw1V3] =>Adware.TasksRedirect
O38 - TASK: {BC321EDD-13A2-423F-8095-B29C75457D2B} [64Bits][\XLqsfoKFUKuTqG] - (...) -- C:\Program Files (x86)\ijcQGTqqPStU2\wAkXacrnBbCLm.dll [3528147]
O38 - TASK: {BE5A360C-EBDD-451F-99D9-BB60B9738986} [64Bits][\GoogleUpdateSecurityTaskMachine_YK] - (. - HandlerExecution.) -- C:\Users\Boss\AppData\Local\Temp\307e73b0368d4bf298e925b8bfc972dd\HandlerExecution.exe [8192]
O38 - TASK: {BEBD40E2-A582-4455-AC3B-35746A94B06A} [64Bits][\CCleanerSkipUAC] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [13643880] =>.Piriform Ltd
O38 - TASK: {DB4ACD2E-0F70-49A2-85C5-4C2B8AF453C1} [64Bits][\{51AD4E75-D4F3-9F0A-A118-A9DEF52AA51E}] - (.Microsoft Corporation - Windows® installer.) -- C:\Windows\goYMyUt.exe [73216] [/q /i http://freshrefreshnerer186rb.info/73aJ8AhyQ] =>Adware.TasksRedirect
O38 - TASK: {DFD0F018-D71F-4214-9FE4-14E55D2CAC49} [64Bits][\Spot Arabic - Volume] - (...) -- C:\Program Files\Spot Arabic - Volume\Spot Arabic - Volume.dll [4614144]
O38 - TASK: {E38C2E31-F5AA-43BA-A058-EE4C4B9DAFE0} [64Bits][\GoogleUpdateSecurityTaskMachine_FR] - (. - HandlerExecution.) -- C:\ProgramData\959924f715474eb48b64e9340ac14260\HandlerExecution.exe [8192]
O38 - TASK: {F8BDBC6D-27F8-481B-85D0-59C65AF509EB} [64Bits][\Opera scheduled Autoupdate 4086469641] - (...) -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\rtugvirb\urfwtcsb.exe [149504]
C:\Windows\System32\Tasks\Update_4.0.10 - (.SystemaRev.) -- C:\Program Files\SystemaRev\RevServicesX\SystemUpdate64x.exe [/silentall -nofreqcheck -nogui./silentall] =>Trojan.Agent
C:\Windows\System32\Tasks\{49CBE634-3501-6F0E-F0EA-60B592492738} - (.Microsoft Corporation.) -- C:\Program Files (x86)\EiPdaxGyo.exe [/q /i http://freshrefreshnerer186.info/2292R6wNZSl] [/q /i http://freshrefreshnerer186.info/2292R6wNZSl] =>Adware.TasksRedirect
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_SY - (..) -- C:\Users\Boss\AppData\Roaming\314167cb8d0b4418a5cdad8e89a566ad\HandlerExecution.exe [AiLPXENn+0O9fxaif/E1z/+t8PzNdT1l80bvG9HhjMh46rwaDx]
C:\Windows\System32\Tasks\doPDF Update - (..) -- C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [/oem=doPdf8_Softland ./oem=doPdf8_Softland]
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_SV - (..) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\HandlerExecution.exe [bIIwiMKpZJ/l/YFwO0KErsZ7rJlKLxUxk/7hwDg/c/6ZSe6Alj]
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_TN - (..) -- C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a\HandlerExecution.exe [AiLPXENn+0O9fxaif/E1z/+t8PzNdT1l80bvG9HhjMh46rwaDx]
C:\Windows\System32\Tasks\{32D00B6F-F2C5-35DA-740F-AD649242F953} - (.Microsoft Corporation.) -- C:\Windows\ojaGor.exe [/q /i http://freshrefreshnerer186.info/Qg8NZ6e9.gA] [/q /i http://freshrefreshnerer186.info/Qg8NZ6e9.gA] =>Adware.TasksRedirect
C:\Windows\System32\Tasks\CCleaner Update - (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCUpdate.exe [] =>.Piriform Ltd
C:\Windows\System32\Tasks\KnPQHVchzdGfrlHaz2 - (...) -- C:\Program Files (x86)\OxoywZINBbQwrioRGrR\watktxG.dll [C:\Program Files (x86)\OxoywZINBbQwrioRGrR\watktxG.dll]
C:\Windows\System32\Tasks\Wevice a Art Home Simulator - (...) -- C:\Program Files\Wevice a Art Home Simulator\Wevice a Art Home Simulator.dll [C:\Program Files\Wevice a Art Home Simulator\Wevice a Art Home Simulator.dll]
C:\Windows\System32\Tasks\RestoreRevTask - (...) -- C:\Program Files\Common Files\restore_rev.bat []
C:\Windows\System32\Tasks\TdqeVjasHzsikvrWtEm2 - (...) -- C:\Program Files (x86)\wCCFxMJCsZmzC\OJrsGfq.dll [C:\Program Files (x86)\wCCFxMJCsZmzC\OJrsGfq.dll]
C:\Windows\System32\Tasks\rArHIXNWKfbeRtR2 - (...) -- C:\Program Files (x86)\EgDGbQEiU\AXcnbL.dll [C:\Program Files (x86)\EgDGbQEiU\AXcnbL.dll]
C:\Windows\System32\Tasks\{0D490574-3B8F-3092-DC71-0E0377C96287} - (.Microsoft Corporation.) -- C:\Users\Boss\AppData\Roaming\RBlEuqIya.exe [/q /i http://freshrefreshnerer186rb.info/hLn0nw1V3] [/q /i http://freshrefreshnerer186rb.info/hLn0nw1V3] =>Adware.TasksRedirect
C:\Windows\System32\Tasks\XLqsfoKFUKuTqG - (...) -- C:\Program Files (x86)\ijcQGTqqPStU2\wAkXacrnBbCLm.dll [C:\Program Files (x86)\ijcQGTqqPStU2\wAkXacrnBbCLm.dll]
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_YK - (..) -- C:\Users\Boss\AppData\Local\Temp\307e73b0368d4bf298e925b8bfc972dd\HandlerExecution.exe [pQUkSdAdDReSWNiKVt4wlzMriNt8lZYPybe1DD2AiyGZSe6Alj]
C:\Windows\System32\Tasks\CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [$(Arg0)] =>.Piriform Ltd
C:\Windows\System32\Tasks\{51AD4E75-D4F3-9F0A-A118-A9DEF52AA51E} - (.Microsoft Corporation.) -- C:\Windows\goYMyUt.exe [/q /i http://freshrefreshnerer186rb.info/73aJ8AhyQ] [/q /i http://freshrefreshnerer186rb.info/73aJ8AhyQ] =>Adware.TasksRedirect
C:\Windows\System32\Tasks\Spot Arabic - Volume - (...) -- C:\Program Files\Spot Arabic - Volume\Spot Arabic - Volume.dll [C:\Program Files\Spot Arabic - Volume\Spot Arabic - Volume.dll]
C:\Windows\System32\Tasks\GoogleUpdateSecurityTaskMachine_FR - (..) -- C:\ProgramData\959924f715474eb48b64e9340ac14260\HandlerExecution.exe [bIIwiMKpZJ/l/YFwO0KErsZ7rJlKLxUxk/7hwDg/c/6ZSe6Alj]
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 4086469641 - (...) -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\rtugvirb\urfwtcsb.exe []
---\\ APPLICATIONS LANCÉES AU DÉMARRAGE DU SYSTÈME (218) - 56s
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe =>.Intel Corporation
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe =>.Intel Corporation
O4 - HKLM\..\Run: [rundll32] . (...) -- C:\Program Files\Wevice a Art Home Simulator\Wevice a Art Home Simulator.dll
O4 - HKLM\..\Run: [JServicesManager] . (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation®
O4 - HKLM\..\RunOnce: [tp2brwavj0y] . (. - SanOo.) -- C:\Program Files (x86)\AAAZZZ\190880.exe
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_V3SB9] . (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-VN8AG.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_V7YIZ] . (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-R95IK.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_1CJW2] . (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-GR2SV.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_0WMHX] . (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-B2J5P.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_I7RD8] . (.ROFN - ROFNT.) -- C:\Users\Boss\AppData\Local\Temp\is-J078D.tmp\up.exe =>Adware.Wizzcaster
O4 - HKLM\..\RunOnce: [OMEWPRODUCT_WLFZO] . (.TFIRB - TFIRB.) -- C:\Users\Boss\AppData\Local\Temp\is-SGPE7.tmp\up.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKCU\..\Run: [PrintToPDF] . (. - Print_To_PDF_Config.) -- C:\Program Files\Free PDF Solutions\Print To PDF\Print_To_PDF_Config.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - HKCU\..\Run: [LPuosp1TlR.exe] . (. - PackageProvider.) -- C:\Program Files\Windows Sidebar\XMBRK641UQYN03LLSNI0V0QWFA\LPuosp1TlR.exe
O4 - HKCU\..\Run: [I8CWS1SWYRJCYCZ] . (.%ZZ46XN1 - .) -- C:\Program Files\4RJYZ4FLY1\4RJYZ4FLY.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [6125488] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe
O4 - HKCU\..\Run: [255931] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe
O4 - HKCU\..\Run: [YKR3C4PD4QVV2GR] . (.%ZZ46XN1 - .) -- C:\Program Files\4N2XTR691F\4N2XTR691.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [1066770] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe
O4 - HKCU\..\Run: [6636207] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe
O4 - HKCU\..\Run: [5BT2E1G7PK0BWU0] . (.%ZZ46XN1 - .) -- C:\Program Files\IY73DZJN1A\2Q24L2L7U.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [OD6NT1AY47SI489] . (.%ZZ46XN1 - .) -- C:\Program Files\UEP61973CJ\UEP61973C.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [535399] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe
O4 - HKCU\..\Run: [4747377] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe
O4 - HKCU\..\Run: [8912136] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe
O4 - HKCU\..\Run: [4576838] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe
O4 - HKCU\..\Run: [5OAZQI2LSKM3FOL] . (. - LJZ.) -- C:\Program Files\DZVTM5DNXU\DZVTM5DNX.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [7RZYXA9EBBO7CJ7] . (. - LJZ.) -- C:\Program Files\EF044BI1YY\EF044BI1Y.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [5099347] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe
O4 - HKCU\..\Run: [XDM6OAX8AIFB0FI] . (. - LJZ.) -- C:\Program Files\MOUNR5U7CO\MOUNR5U7C.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [2894337] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe
O4 - HKCU\..\Run: [MY2XVUXT7WCW2FR] . (. - LJZ.) -- C:\Program Files\DKQ9ELO4CM\7Y7G6PEN7.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [3869858] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe
O4 - HKCU\..\Run: [6420086] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe
O4 - HKCU\..\Run: [3922761] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe
O4 - HKCU\..\Run: [HUZ6DFTQLQKAJ1J] . (. - LJZ.) -- C:\Program Files\7KV3ACDMTO\7KV3ACDMT.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [DTDPTXH3K46HEG5] . (. - LJZ.) -- C:\Program Files\23L6WSE3LA\23L6WSE3L.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [9284153] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe
O4 - HKCU\..\Run: [715067] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe
O4 - HKCU\..\Run: [5AL51DAELQ61ZZ2] . (. - LJZ.) -- C:\Program Files\CXFWDCVC0N\CXFWDCVC0.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [931793] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe
O4 - HKCU\..\Run: [OLE8OV9N0NTN5OB] . (. - LJZ.) -- C:\Program Files\0IP40NNURL\0IP40NNUR.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [5386803] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe
O4 - HKCU\..\Run: [8813188] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe
O4 - HKCU\..\Run: [6387857] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe
O4 - HKCU\..\Run: [DEYCUNSBVJN5RG6] . (. - LJZ.) -- C:\Program Files\BCQQKEZTW6\Y7MX72MBI.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [JKHRSL0Z996SOXF] . (. - LJZ.) -- C:\Program Files\JF5F9TWOH8\JF5F9TWOH.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [5138180] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe
O4 - HKCU\..\Run: [QHOICKXWPX.exe] . (.Copyright - .) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\QHOICKXWPX.exe
O4 - HKCU\..\Run: [6503659] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe
O4 - HKCU\..\Run: [ZT67JV2BUQE6GBO] . (. - LJZ.) -- C:\Program Files\O8SRM406DJ\O8SRM406D.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [3639185] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe
O4 - HKCU\..\Run: [100125] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe
O4 - HKCU\..\Run: [HAL8FI3TN32MH62] . (. - LJZ.) -- C:\Program Files\XBZEUQP4OX\9K8FXDNO9.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [POL5E9WTLMR8RIT] . (. - LJZ.) -- C:\Program Files\Q8BSUMTKUH\9K8FXDNO9.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [4570198] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe
O4 - HKCU\..\Run: [5745109] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe
O4 - HKCU\..\Run: [5798024] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe
O4 - HKCU\..\Run: [7402951] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe
O4 - HKCU\..\Run: [3392918] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe
O4 - HKCU\..\Run: [M6MVJTTYDEGTSL0] . (.ROFN - ROFNT.) -- C:\Program Files\HHDVUWO3MW\H4MNFV2OE.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [QRBXZYX4Z2P7FIS] . (.ROFN - ROFNT.) -- C:\Program Files\RIO1WF5WR1\4FG87VWNF.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [6274540] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe
O4 - HKCU\..\Run: [852997] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe
O4 - HKCU\..\Run: [1ETYASYW3V00VZS] . (.ROFN - ROFNT.) -- C:\Program Files\UKLSHLMZBX\UKLSHLMZB.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [4328810] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe
O4 - HKCU\..\Run: [3544482] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe
O4 - HKCU\..\Run: [SWKB4HOYYSQLZX7] . (.ROFN - ROFNT.) -- C:\Program Files\RIJN2Z22I4\RIJN2Z22I.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [AOLMKTK78BOD83E] . (.ROFN - ROFNT.) -- C:\Program Files\QUH4P9I665\QUH4P9I66.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [TFVTCYEE60N1MR5] . (.ROFN - ROFNT.) -- C:\Program Files\LAPLRC4S52\AO2F7BHU4.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [8818952] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hufopmim0n1\av0sqaq5hgu.exe
O4 - HKCU\..\Run: [5061173] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe
O4 - HKCU\..\Run: [PND44T8JYN58KKY] . (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [4554055] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe
O4 - HKCU\..\Run: [7960684] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe
O4 - HKCU\..\Run: [C661RFPISDMZS55] . (.XKSTV - XKSTVF.) -- C:\Program Files\OUN3UTN243\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [3OWEM3ELNADKW4L] . (.XKSTV - XKSTVF.) -- C:\Program Files\51S1MQLHBR\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [7HCOZSQ57WB22KD] . (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\B8NUC532C.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [JServicesManager] . (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
O4 - HKCU\..\Run: [417731] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe
O4 - HKCU\..\Run: [2VVWM0M1FTGTKK9] . (.XKSTV - XKSTVF.) -- C:\Program Files\PZ77R66BSC\PZ77R66BS.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [2109060] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe
O4 - HKCU\..\Run: [KH30Y7FKGLFAZ5T] . (.XKSTV - XKSTVF.) -- C:\Program Files\0CC1QIJSJR\I4DC6UF1U.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [AN1XHBOO1RP9EGL] . (.XKSTV - XKSTVF.) -- C:\Program Files\E97JWYQPWS\E97JWYQPW.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [49Q7U243LKVWKDI] . (.XKSTV - XKSTVF.) -- C:\Program Files\59FTT6TX6N\59FTT6TX6.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [1952070] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe
O4 - HKCU\..\Run: [GRIJJEE4HA58F1K] . (.XKSTV - XKSTVF.) -- C:\Program Files\NCS9KETNVR\NCS9KETNV.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [1230171] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe
O4 - HKCU\..\Run: [BA5B9VZEKZNJSO9] . (.XKSTV - XKSTVF.) -- C:\Program Files\2B1ZGSCKRL\2B1ZGSCKR.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [9619388] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe
O4 - HKCU\..\Run: [5574024] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe
O4 - HKCU\..\Run: [3267384] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe
O4 - HKCU\..\Run: [6139207] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe
O4 - HKCU\..\Run: [YMSBA3XYC35F3IA] . (.XKSTV - XKSTVF.) -- C:\Program Files\JSTAJHCVC7\JSTAJHCVC.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [LNRX3QQU436PTYH] . (.XKSTV - XKSTVF.) -- C:\Program Files\V2TI5WPWUS\V2TI5WPWU.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [PFFM6POMVKEBA04] . (.TFIRB - TFIRB.) -- C:\Program Files\8VEUIXN1JS\8VEUIXN1J.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [5371368] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe
O4 - HKCU\..\Run: [7262951] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe
O4 - HKCU\..\Run: [XGBJ7LVNVJSBHW6] . (.TFIRB - TFIRB.) -- C:\Program Files\06UK5MMVGE\06UK5MMVG.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKCU\..\Run: [MOF41FKWWP9BDLI] . (. - 5HG%FNMO.) -- C:\Program Files\J1EOM5NN6Q\J1EOM5NN6.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [6334670] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe
O4 - HKCU\..\Run: [ZDJK6LEPTF75ZTD] . (. - 5HG%FNMO.) -- C:\Program Files\9GC25M9TIX\9GC25M9TI.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [6697299] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\jum1zmblfzl\mu3ew1mrmma.exe
O4 - HKCU\..\Run: [4644125] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe
O4 - HKCU\..\Run: [032KD2756E2NBUQ] . (. - 5HG%FNMO.) -- C:\Program Files\Z2GOWJEWBY\Z2GOWJEWB.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [7614726] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe
O4 - HKCU\..\Run: [A6IU6GNDYMAOQPS] . (. - 5HG%FNMO.) -- C:\Program Files\KYOP6JTQ2X\KYOP6JTQ2.exe =>Adware.Wizzcaster
O4 - HKCU\..\Run: [3193692] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe
O4 - HKCU\..\Run: [259792] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5\421qmditfqu.exe
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation®
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [JServicesManager] . (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
O4 - HKLM\..\Wow6432Node\Run: [chrome] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [PrintToPDF] . (. - Print_To_PDF_Config.) -- C:\Program Files\Free PDF Solutions\Print To PDF\Print_To_PDF_Config.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [LPuosp1TlR.exe] . (. - PackageProvider.) -- C:\Program Files\Windows Sidebar\XMBRK641UQYN03LLSNI0V0QWFA\LPuosp1TlR.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [I8CWS1SWYRJCYCZ] . (.%ZZ46XN1 - .) -- C:\Program Files\4RJYZ4FLY1\4RJYZ4FLY.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6125488] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [255931] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [YKR3C4PD4QVV2GR] . (.%ZZ46XN1 - .) -- C:\Program Files\4N2XTR691F\4N2XTR691.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [1066770] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6636207] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5BT2E1G7PK0BWU0] . (.%ZZ46XN1 - .) -- C:\Program Files\IY73DZJN1A\2Q24L2L7U.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [OD6NT1AY47SI489] . (.%ZZ46XN1 - .) -- C:\Program Files\UEP61973CJ\UEP61973C.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [535399] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4747377] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [8912136] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4576838] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5OAZQI2LSKM3FOL] . (. - LJZ.) -- C:\Program Files\DZVTM5DNXU\DZVTM5DNX.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7RZYXA9EBBO7CJ7] . (. - LJZ.) -- C:\Program Files\EF044BI1YY\EF044BI1Y.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5099347] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [XDM6OAX8AIFB0FI] . (. - LJZ.) -- C:\Program Files\MOUNR5U7CO\MOUNR5U7C.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [2894337] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [MY2XVUXT7WCW2FR] . (. - LJZ.) -- C:\Program Files\DKQ9ELO4CM\7Y7G6PEN7.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3869858] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6420086] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3922761] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [HUZ6DFTQLQKAJ1J] . (. - LJZ.) -- C:\Program Files\7KV3ACDMTO\7KV3ACDMT.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [DTDPTXH3K46HEG5] . (. - LJZ.) -- C:\Program Files\23L6WSE3LA\23L6WSE3L.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [9284153] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [715067] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5AL51DAELQ61ZZ2] . (. - LJZ.) -- C:\Program Files\CXFWDCVC0N\CXFWDCVC0.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [931793] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [OLE8OV9N0NTN5OB] . (. - LJZ.) -- C:\Program Files\0IP40NNURL\0IP40NNUR.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5386803] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [8813188] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6387857] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [DEYCUNSBVJN5RG6] . (. - LJZ.) -- C:\Program Files\BCQQKEZTW6\Y7MX72MBI.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [JKHRSL0Z996SOXF] . (. - LJZ.) -- C:\Program Files\JF5F9TWOH8\JF5F9TWOH.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5138180] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [QHOICKXWPX.exe] . (.Copyright - .) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\QHOICKXWPX.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6503659] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [ZT67JV2BUQE6GBO] . (. - LJZ.) -- C:\Program Files\O8SRM406DJ\O8SRM406D.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3639185] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [100125] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [HAL8FI3TN32MH62] . (. - LJZ.) -- C:\Program Files\XBZEUQP4OX\9K8FXDNO9.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [POL5E9WTLMR8RIT] . (. - LJZ.) -- C:\Program Files\Q8BSUMTKUH\9K8FXDNO9.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4570198] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5745109] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5798024] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7402951] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3392918] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [M6MVJTTYDEGTSL0] . (.ROFN - ROFNT.) -- C:\Program Files\HHDVUWO3MW\H4MNFV2OE.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [QRBXZYX4Z2P7FIS] . (.ROFN - ROFNT.) -- C:\Program Files\RIO1WF5WR1\4FG87VWNF.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6274540] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [852997] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [1ETYASYW3V00VZS] . (.ROFN - ROFNT.) -- C:\Program Files\UKLSHLMZBX\UKLSHLMZB.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4328810] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3544482] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [SWKB4HOYYSQLZX7] . (.ROFN - ROFNT.) -- C:\Program Files\RIJN2Z22I4\RIJN2Z22I.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [AOLMKTK78BOD83E] . (.ROFN - ROFNT.) -- C:\Program Files\QUH4P9I665\QUH4P9I66.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [TFVTCYEE60N1MR5] . (.ROFN - ROFNT.) -- C:\Program Files\LAPLRC4S52\AO2F7BHU4.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [8818952] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hufopmim0n1\av0sqaq5hgu.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5061173] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [PND44T8JYN58KKY] . (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4554055] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7960684] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [C661RFPISDMZS55] . (.XKSTV - XKSTVF.) -- C:\Program Files\OUN3UTN243\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3OWEM3ELNADKW4L] . (.XKSTV - XKSTVF.) -- C:\Program Files\51S1MQLHBR\YJGF46W1D.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7HCOZSQ57WB22KD] . (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\B8NUC532C.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [JServicesManager] . (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [417731] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [2VVWM0M1FTGTKK9] . (.XKSTV - XKSTVF.) -- C:\Program Files\PZ77R66BSC\PZ77R66BS.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [2109060] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [KH30Y7FKGLFAZ5T] . (.XKSTV - XKSTVF.) -- C:\Program Files\0CC1QIJSJR\I4DC6UF1U.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [AN1XHBOO1RP9EGL] . (.XKSTV - XKSTVF.) -- C:\Program Files\E97JWYQPWS\E97JWYQPW.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [49Q7U243LKVWKDI] . (.XKSTV - XKSTVF.) -- C:\Program Files\59FTT6TX6N\59FTT6TX6.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [1952070] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [GRIJJEE4HA58F1K] . (.XKSTV - XKSTVF.) -- C:\Program Files\NCS9KETNVR\NCS9KETNV.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [1230171] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [BA5B9VZEKZNJSO9] . (.XKSTV - XKSTVF.) -- C:\Program Files\2B1ZGSCKRL\2B1ZGSCKR.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [9619388] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5574024] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3267384] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6139207] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [YMSBA3XYC35F3IA] . (.XKSTV - XKSTVF.) -- C:\Program Files\JSTAJHCVC7\JSTAJHCVC.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [LNRX3QQU436PTYH] . (.XKSTV - XKSTVF.) -- C:\Program Files\V2TI5WPWUS\V2TI5WPWU.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [PFFM6POMVKEBA04] . (.TFIRB - TFIRB.) -- C:\Program Files\8VEUIXN1JS\8VEUIXN1J.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [5371368] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7262951] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [XGBJ7LVNVJSBHW6] . (.TFIRB - TFIRB.) -- C:\Program Files\06UK5MMVGE\06UK5MMVG.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [MOF41FKWWP9BDLI] . (. - 5HG%FNMO.) -- C:\Program Files\J1EOM5NN6Q\J1EOM5NN6.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6334670] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [ZDJK6LEPTF75ZTD] . (. - 5HG%FNMO.) -- C:\Program Files\9GC25M9TIX\9GC25M9TI.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [6697299] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\jum1zmblfzl\mu3ew1mrmma.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [4644125] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [032KD2756E2NBUQ] . (. - 5HG%FNMO.) -- C:\Program Files\Z2GOWJEWBY\Z2GOWJEWB.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [7614726] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [A6IU6GNDYMAOQPS] . (. - 5HG%FNMO.) -- C:\Program Files\KYOP6JTQ2X\KYOP6JTQ2.exe =>Adware.Wizzcaster
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [3193692] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe
O4 - HKUS\S-1-5-21-2242996540-1159303440-1848485385-1000\..\Run: [259792] . (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5\421qmditfqu.exe
---\\ PROCESSUS LANCÉS (223) - 186s
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1728] =>.Adobe Systems, Incorporated®
[MD5.E633D69DA35942B1206815A42F094205] - (. - ExtManager.) -- C:\ProgramData\Logic Cramble\set.exe [3780096] [PID.1752]
[MD5.80DACE127AD4CC01FA67DD1F1EB4FAE6] - (...) -- C:\ProgramData\ellfService\ellfService.exe [1131728] [PID.1820] {00BA10A33204664713A8690A55F0AD7176} =>PUP.Optional.Youndoo
[MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.2012] =>.Intel(R) Corporation
[MD5.339C65128A0A4687022F25A19F66D7D0] - (. - Network Packet Monitor.) -- C:\ProgramData\PrefsSecure\Nettrans.exe [43520] [PID.2040]
[MD5.4077277CEBDD7BDFDD638A375EABBF59] - (.Microsoft - novaPDF Server.) -- C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616] [PID.1328] =>.Softland S.R.L.®
[MD5.4EE3E5E13794A040B98A7D111B695464] - (...) -- C:\Windows\Temp\g8E9D.tmp.exe [972288] [PID.2868] =>Heuristic.Suspect
[MD5.B1510CA072444F6DDE81ECCB3FE6E6C9] - (. - SanOo.) -- C:\Program Files (x86)\AAAZZZ\190880.exe [670720] [PID.3892]
[MD5.2B9AB2EE347F56A023DD7B93C3B2AFD8] - (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-VN8AG.tmp\up.exe [52224] [PID.4016]
[MD5.2B9AB2EE347F56A023DD7B93C3B2AFD8] - (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-R95IK.tmp\up.exe [52224] [PID.3256]
[MD5.2B9AB2EE347F56A023DD7B93C3B2AFD8] - (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-GR2SV.tmp\up.exe [52224] [PID.3412]
[MD5.2B9AB2EE347F56A023DD7B93C3B2AFD8] - (. - LJZ.) -- C:\Users\Boss\AppData\Local\Temp\is-B2J5P.tmp\up.exe [52224] [PID.2992]
[MD5.1B109720ED21E87191F6387869B13E92] - (.ROFN - ROFNT.) -- C:\Users\Boss\AppData\Local\Temp\is-J078D.tmp\up.exe [52224] [PID.3616] =>Adware.Wizzcaster
[MD5.AA1EB36E966EE0AE8BD99E4A5CEFDB0C] - (.TFIRB - TFIRB.) -- C:\Users\Boss\AppData\Local\Temp\is-SGPE7.tmp\up.exe [52224] [PID.3884] =>Adware.Wizzcaster
[MD5.7CF0F9D2179C977E7ABFCE37A390B134] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [166384] [PID.4984] =>.Intel Corporation
[MD5.50435B03298F1A3F952C36A391F1123B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [408560] [PID.4992] =>.Intel Corporation
[MD5.CAFBEC4F6353DEAC22E61719D94C89F7] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [444400] [PID.5000] =>.Intel Corporation
[MD5.21D4E0623F176AB3133B9FF6820E4622] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [530928] [PID.5048] =>.Intel Corporation
[MD5.0904BD6E1A504908BB7F567A3393C54E] - (...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe [3822592] [PID.5056]
[MD5.F3701202DE3B0BD688AF3AF2BAD37CCD] - (. - Print_To_PDF_Config.) -- C:\Program Files\Free PDF Solutions\Print To PDF\Print_To_PDF_Config.exe [8704] [PID.4276]
[MD5.91AA54AF8C8D828918DF1863EFCD304E] - (. - PackageProvider.) -- C:\Program Files\Windows Sidebar\XMBRK641UQYN03LLSNI0V0QWFA\LPuosp1TlR.exe [642560] [PID.4336]
[MD5.60AA76A9A4FFF5936E050EEAE6961268] - (.%ZZ46XN1 - .) -- C:\Program Files\4RJYZ4FLY1\4RJYZ4FLY.exe [666624] [PID.4768] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe [649849] [PID.4848]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe [649849] [PID.3012]
[MD5.60AA76A9A4FFF5936E050EEAE6961268] - (.%ZZ46XN1 - .) -- C:\Program Files\4N2XTR691F\4N2XTR691.exe [666624] [PID.4944] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe [649849] [PID.4924]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe [649849] [PID.5132]
[MD5.60AA76A9A4FFF5936E050EEAE6961268] - (.%ZZ46XN1 - .) -- C:\Program Files\IY73DZJN1A\2Q24L2L7U.exe [666624] [PID.5184] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-T06DL.tmp\ueqx01fsjtb.tmp [824320] [PID.5248]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-G9A2E.tmp\ht3gp3agdld.tmp [824320] [PID.5264]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-N2RKB.tmp\a0rt0t0nxc1.tmp [824320] [PID.5284]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-0CV6K.tmp\fy2yomyxlt1.tmp [824320] [PID.5312]
[MD5.60AA76A9A4FFF5936E050EEAE6961268] - (.%ZZ46XN1 - .) -- C:\Program Files\UEP61973CJ\UEP61973C.exe [666624] [PID.5456] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe [649849] [PID.5464]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe [649849] [PID.5484]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe [649849] [PID.5500]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8N59V.tmp\rshnzkefq3a.tmp [824320] [PID.5508]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe [649849] [PID.5524]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\DZVTM5DNXU\DZVTM5DNX.exe [666624] [PID.5548] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-JNQKT.tmp\o4uultgnwco.tmp [824320] [PID.5600]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\EF044BI1YY\EF044BI1Y.exe [666624] [PID.5608] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe [649849] [PID.5636]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-I4ASG.tmp\ecp3klz3jro.tmp [824320] [PID.5644]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-LODTP.tmp\wqqyyp0wiij.tmp [824320] [PID.5656]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\MOUNR5U7CO\MOUNR5U7C.exe [666624] [PID.5668] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2CJ14.tmp\nii52ndrv14.tmp [824320] [PID.5684]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe [649849] [PID.5736]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\DKQ9ELO4CM\7Y7G6PEN7.exe [666624] [PID.5800] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe [649849] [PID.5824]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-R32NO.tmp\lbvouvxtkxm.tmp [824320] [PID.5904]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe [649849] [PID.5960]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\5jqaxe4cvws\pgtmsxmxa4t.exe [503731] [PID.6040]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-680AN.tmp\21q0oe2sxld.tmp [824320] [PID.6092]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe [649849] [PID.6124]
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-84BBJ.tmp\pgtmsxmxa4t.tmp [709632] [PID.2892]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\7KV3ACDMTO\7KV3ACDMT.exe [666624] [PID.1416] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2B8QA.tmp\tkphzgeruqu.tmp [824320] [PID.5520]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\23L6WSE3LA\23L6WSE3L.exe [666624] [PID.1996] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe [649849] [PID.3924]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2CPQF.tmp\vx3sywuyswv.tmp [824320] [PID.3808]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe [649849] [PID.3828]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\CXFWDCVC0N\CXFWDCVC0.exe [666624] [PID.6248] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe [649849] [PID.6352]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-MTBVR.tmp\juppnhlt4oj.tmp [824320] [PID.6416]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3OGJ3.tmp\ck3ckm4gaqi.tmp [824320] [PID.6452]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\0IP40NNURL\0IP40NNUR.exe [666624] [PID.6548] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe [649849] [PID.6636]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe [649849] [PID.6696]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-RES1F.tmp\vlbw0dm50qs.tmp [824320] [PID.6724]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe [649849] [PID.6760]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-6OEKD.tmp\tobuxtu40h5.tmp [824320] [PID.6868]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-VIRQM.tmp\yo5yy5fzqcc.tmp [824320] [PID.6888]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\BCQQKEZTW6\Y7MX72MBI.exe [666624] [PID.6896] =>Adware.Wizzcaster
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\JF5F9TWOH8\JF5F9TWOH.exe [666624] [PID.6920] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2QVJM.tmp\0wqk4wmokfr.tmp [824320] [PID.6992]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe [649849] [PID.7100]
[MD5.9515FCC13560CC7EA6967E766D96F7F6] - (.Copyright - .) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\QHOICKXWPX.exe [498688] [PID.7152]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe [649849] [PID.2432]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\O8SRM406DJ\O8SRM406D.exe [666624] [PID.3048] =>Adware.Wizzcaster
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\rdrkuysirug\3bncm4l4241.exe [503731] [PID.1260]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\w3nmtqzva4g\bxljdrbg3xg.exe [503731] [PID.2316]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe [649849] [PID.3176]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\3oiiusgh5zi\mxq55nft3no.exe [503731] [PID.468]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-OPVPI.tmp\itngklpavv4.tmp [824320] [PID.2112]
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-MH5K8.tmp\3bncm4l4241.tmp [709632] [PID.3780]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe [649849] [PID.3108]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\ojuozu0x55w\hiedbulpww1.exe [503731] [PID.7688]
[MD5.42E804D10A5FDB18990C98A41F3EBBED] - (. - Milieu Setup.) -- C:\Users\Boss\AppData\Roaming\fygjhctaglt\eka0teczs0v.exe [503731] [PID.7736]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-CUKC7.tmp\kkq2ykcfc1m.tmp [824320] [PID.7768]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\XBZEUQP4OX\9K8FXDNO9.exe [666624] [PID.7792] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-FQF99.tmp\rqahpbschqw.tmp [824320] [PID.8028]
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-QLVO3.tmp\hiedbulpww1.tmp [709632] [PID.8036]
[MD5.70C7504C56208F4D57AA0833B0DE803D] - (. - LJZ.) -- C:\Program Files\Q8BSUMTKUH\9K8FXDNO9.exe [666624] [PID.8044] =>Adware.Wizzcaster
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8IMPE.tmp\bxljdrbg3xg.tmp [709632] [PID.8136]
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-4KE8S.tmp\mxq55nft3no.tmp [709632] [PID.8148]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3UBGR.tmp\cte00yfqysm.tmp [824320] [PID.7732]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe [649849] [PID.7480]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe [649849] [PID.5176]
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\FU4YJTB7LN\6QNMQZ9C8.exe [666624] [PID.4440]
[MD5.8EE3C2F98E987B4BACFB1EC31CFB5D6B] - (.HP Inc. - HP Support Solutions Framework Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656] [PID.4724] =>.HP Inc.®
[MD5.13D1F82492B283316344EA70DC6C7934] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-5MRSC.tmp\eka0teczs0v.tmp [709632] [PID.5588]
[MD5.57739E742ABC085C2A4340D4404B4A8B] - (.Intel Corporation - Intel(R) ME Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544] [PID.4804] =>.Intel Corporation - Intel® Management Engine Firmware®
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.5808] =>.Intel Corporation - Intel® Management Engine Firmware®
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\ZCDV3PPRT8\6Z43YGEU9.exe [666624] [PID.4728]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe [649849] [PID.6112]
[MD5.3DE66F47365AA8CEB18B1EE272F4FEBA] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.4224] =>.Intel Corporation - Software and Firmware Products®
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-DAQUN.tmp\yeazwo2ie21.tmp [824320] [PID.6772]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe [649849] [PID.3572]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8SUP2.tmp\hqyejghdurc.tmp [824320] [PID.7120]
[MD5.0BC1B6E2B5C7B5731580B1C7FEC02946] - (.HP Inc. - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1459056] [PID.2624] =>.HP Inc.®
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\Y62LMJ6B01\EHDQ4SPSE.exe [666624] [PID.3136]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe [649849] [PID.2544]
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\HHDVUWO3MW\H4MNFV2OE.exe [666624] [PID.7760] =>Adware.Wizzcaster
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\RIO1WF5WR1\4FG87VWNF.exe [666624] [PID.8172] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-9JF3P.tmp\dtltwtzgl5m.tmp [824320] [PID.6600]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe [649849] [PID.3032]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe [649849] [PID.5196]
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\UKLSHLMZBX\UKLSHLMZB.exe [666624] [PID.6288] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe [649849] [PID.4152]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-CDRH2.tmp\dekwhl5vgam.tmp [824320] [PID.1984]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe [649849] [PID.6172]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3QLS8.tmp\yllru3pflga.tmp [824320] [PID.8104]
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\RIJN2Z22I4\RIJN2Z22I.exe [666624] [PID.6972] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-08ETE.tmp\yqe0tcfjxt5.tmp [824320] [PID.6336]
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\QUH4P9I665\QUH4P9I66.exe [666624] [PID.6592] =>Adware.Wizzcaster
[MD5.54BA6A8C0D4BB05D80FEB46BD5FD75B9] - (.ROFN - ROFNT.) -- C:\Program Files\LAPLRC4S52\AO2F7BHU4.exe [666624] [PID.3532] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe [649849] [PID.1136]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\YJGF46W1D.exe [666624] [PID.6832] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe [649849] [PID.8260]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe [649849] [PID.8296]
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\8RGCJQFNR7\6QNMQZ9C8.exe [666624] [PID.8304]
[MD5.94966CD890FE1F4AAD6A503943972053] - (.%YV - .) -- C:\Program Files\XOBDQ06VI9\4SZZP32FC.exe [666624] [PID.8412]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\OUN3UTN243\YJGF46W1D.exe [666624] [PID.8420] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-E6ILU.tmp\ogn1tdeg1us.tmp [824320] [PID.8428]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\51S1MQLHBR\YJGF46W1D.exe [666624] [PID.8500] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-CVDP1.tmp\p1fmt11huoa.tmp [824320] [PID.8512]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-OO8NQ.tmp\attdckaw0zq.tmp [824320] [PID.8528]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\ZGA9EUB06A\B8NUC532C.exe [666624] [PID.8536] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe [649849] [PID.8632]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-D5BR1.tmp\nc3qoabjofh.tmp [824320] [PID.8664]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8JG67.tmp\1p2vimdsxsu.tmp [824320] [PID.8676]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\PZ77R66BSC\PZ77R66BS.exe [666624] [PID.8740] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-BFIDF.tmp\1inuwq4kulf.tmp [824320] [PID.8764]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe [649849] [PID.8772]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\0CC1QIJSJR\I4DC6UF1U.exe [666624] [PID.8804] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-VDPLR.tmp\av0sqaq5hgu.tmp [824320] [PID.8844]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\E97JWYQPWS\E97JWYQPW.exe [666624] [PID.8852] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3C8VN.tmp\xhohom1t3at.tmp [824320] [PID.8864]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\59FTT6TX6N\59FTT6TX6.exe [666624] [PID.8928] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe [649849] [PID.9084]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\NCS9KETNVR\NCS9KETNV.exe [666624] [PID.9112] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe [649849] [PID.8204]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\2B1ZGSCKRL\2B1ZGSCKR.exe [666624] [PID.3788] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe [649849] [PID.6428]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe [649849] [PID.7984]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe [649849] [PID.4384]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe [649849] [PID.1652]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-5JKL9.tmp\dixuqdtid4e.tmp [824320] [PID.2064]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\JSTAJHCVC7\JSTAJHCVC.exe [666624] [PID.1308] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-UR915.tmp\cgqzyhi5cxo.tmp [824320] [PID.1940]
[MD5.4F628C9DA0183F8E853514CA55867019] - (.XKSTV - XKSTVF.) -- C:\Program Files\V2TI5WPWUS\V2TI5WPWU.exe [666624] [PID.8956] =>Adware.Wizzcaster
[MD5.D6AD42FC5F5A7AE097C066AF941E50A4] - (.TFIRB - TFIRB.) -- C:\Program Files\8VEUIXN1JS\8VEUIXN1J.exe [666624] [PID.9184] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-F7IKE.tmp\anw1bms3a5u.tmp [824320] [PID.4716]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe [649849] [PID.9124]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-PAK5L.tmp\bcbontrqplm.tmp [824320] [PID.8180]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe [649849] [PID.8556]
[MD5.D6AD42FC5F5A7AE097C066AF941E50A4] - (.TFIRB - TFIRB.) -- C:\Program Files\06UK5MMVGE\06UK5MMVG.exe [666624] [PID.7644] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-TVQJL.tmp\wosv1yqsgtq.tmp [824320] [PID.3868]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2M8O2.tmp\1nkcuqih1lx.tmp [824320] [PID.7368]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-IKBDD.tmp\eux052aj2af.tmp [824320] [PID.4624]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\J1EOM5NN6Q\J1EOM5NN6.exe [666624] [PID.7256] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe [649849] [PID.7272]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\9GC25M9TIX\9GC25M9TI.exe [666624] [PID.7424] =>Adware.Wizzcaster
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-2SJI0.tmp\v3q3t3kent3.tmp [824320] [PID.3380]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe [649849] [PID.7316]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\Z2GOWJEWBY\Z2GOWJEWB.exe [666624] [PID.4356] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe [649849] [PID.2028]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-HL93T.tmp\jeoqe2kbshm.tmp [824320] [PID.904]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\KYOP6JTQ2X\KYOP6JTQ2.exe [666624] [PID.3292] =>Adware.Wizzcaster
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe [649849] [PID.7012]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-KNEQT.tmp\ol3ykb11yz0.tmp [824320] [PID.9000]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\tj1y4qjfl40\kphgkwekwqi.exe [649849] [PID.7136]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-DHE4H.tmp\eppo3rjjpkl.tmp [824320] [PID.7116]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-FMR77.tmp\14zlxlvo42z.tmp [824320] [PID.5044]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\04aeuoajoun\v5pmrklxd2q.exe [649849] [PID.1204]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-DTP00.tmp\kphgkwekwqi.tmp [824320] [PID.5584]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-QTGJM.tmp\v5pmrklxd2q.tmp [824320] [PID.7564]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\s4j33tkjzyi\suoj5nacpt3.exe [649849] [PID.8732]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\45B9CW055O\45B9CW055.exe [666624] [PID.5556]
[MD5.009DCC9D6C5D3A7AE9233D312CC10D2F] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe [18364648] [PID.3404] =>.Piriform Ltd®
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8V1EQ.tmp\421qmditfqu.tmp [824320] [PID.8940]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-DRQD5.tmp\mu3ew1mrmma.tmp [824320] [PID.5976]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\HIVZM3HMW6\HIVZM3HMW.exe [666624] [PID.1928]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-U9RPU.tmp\2cwdbdvmen1.tmp [824320] [PID.2980]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\8DNWW3JFF1\8DNWW3JFF.exe [666624] [PID.6440]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-8F9GN.tmp\suoj5nacpt3.tmp [824320] [PID.8836]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\C99D02G16Q\C99D02G16.exe [666624] [PID.412]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-9Q4PV.tmp\hus24axk1n2.tmp [824320] [PID.4092]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\H61S1G0VCJ\H61S1G0VC.exe [666624] [PID.8244]
[MD5.ADCBA33F648B4F1C2EE6BA64AA64823B] - (. - 5HG%FNMO.) -- C:\Program Files\ZAUCWF3FSP\ZAUCWF3FS.exe [666624] [PID.8688]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\hkyqvziz52h\ly4jw3pesbz.exe [649849] [PID.4756]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-5K0FB.tmp\xqoymku0iwj.tmp [824320] [PID.6496]
[MD5.EE6BD1B477931DBE536AFCD340AC964D] - (.P - PYOLKB.) -- C:\Program Files\SY8JAW81NY\SY8JAW81N.exe [666624] [PID.4080]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-IOB3F.tmp\jdd4jgzocpd.tmp [824320] [PID.6120]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\ziio5fseiew\iefk2almc02.exe [649849] [PID.8356]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\orqxm1vp1i2\3ltipqff222.exe [649849] [PID.6060]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\4uobljvyp20\3svjlzre0lk.exe [649849] [PID.5852]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\qzxcr435qdn\npgodgvyy2q.exe [649849] [PID.8400]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-9EA1J.tmp\3svjlzre0lk.tmp [824320] [PID.1100]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\2223kxo4nxo\p13sj1bgnsd.exe [649849] [PID.216]
[MD5.EE6BD1B477931DBE536AFCD340AC964D] - (.P - PYOLKB.) -- C:\Program Files\EHDQ4SPSES\YA8RCURC7.exe [666624] [PID.2712]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-3SAV9.tmp\3ltipqff222.tmp [824320] [PID.4868]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-NCI32.tmp\ly4jw3pesbz.tmp [824320] [PID.7292]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-5N500.tmp\iefk2almc02.tmp [824320] [PID.8288]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-BJN49.tmp\p13sj1bgnsd.tmp [824320] [PID.6100]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-35FI7.tmp\npgodgvyy2q.tmp [824320] [PID.1300]
[MD5.EE6BD1B477931DBE536AFCD340AC964D] - (.P - PYOLKB.) -- C:\Program Files\4QHNSKO4SB\OICO0NQOM.exe [666624] [PID.5028]
[MD5.EE6BD1B477931DBE536AFCD340AC964D] - (.P - PYOLKB.) -- C:\Program Files\VITRIQ0UIC\VITRIQ0UI.exe [666624] [PID.9436]
[MD5.32669A0F828CAF797704F2B35407D028] - (. - Taxi Setup.) -- C:\Users\Boss\AppData\Roaming\bu4x2q1xvar\oc23htwzs54.exe [649849] [PID.9624]
[MD5.2347EFD7C40BCC857B208D4F20DE9729] - (. - Setup/Uninstall.) -- C:\Users\Boss\AppData\Local\Temp\is-F27MN.tmp\oc23htwzs54.tmp [824320] [PID.10964]
[MD5.3E04F1E482357B1FC8B088197C3D9FF8] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152] [PID.8276] =>.Adobe Systems, Incorporated®
[MD5.7B0E6628A721F35124B4B89227862465] - (...) -- C:\Program Files (x86)\lJFUJMGEHIE\IbMsfckEkU.exe [797696] [PID.3704]
[MD5.E3A5B4DAE2B5FCF5923C7B47382279CE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Boss\Desktop\ZHPDiag3.exe [3136384] [PID.10828] =>.Nicolas Coolman
---\\ CHROME, Démarrage, Recherche, Extensions (13) - 4s
G2 - GCE: Preference [Boss][User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] =>.Google Inc. {Slides}
G2 - GCE: Preference [Boss][User Data\Default] [aohghmighlieiainnegkcijnfilokake] =>.Google Inc. {Docs}
G2 - GCE: Preference [Boss][User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] http://drive.google.com/ =>.Google Inc. {Drive}
G2 - GCE: Preference [Boss][User Data\Default] [bbfneagfdkkcpjojiigmahjplnbppkff] =>.profiappsplus {Deadpool}
G2 - GCE: Preference [Boss][User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] http://www.youtube.com =>.Youtube {Youtube}
G2 - GCE: Preference [Boss][User Data\Default] [cbjeefngifhocofohcienokjdgeejaga]
G2 - GCE: Preference [Boss][User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] =>.Google Inc. {Sheets}
G2 - GCE: Preference [Boss][User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] =>.Google Inc. {Docs hors connexion}
G2 - GCE: Preference [Boss][User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] =>.Google Inc. {Wallet}
G2 - GCE: Preference [Boss][User Data\Default] [pbdpajcdgknpendpmecafmopknefafha] browser_action:{default_icon:{18:images/icon-18.pn =>PUP.Optional.DefaultSearch
G2 - GCE: Preference [Boss][User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] http://mail.google.com/ =>.Google Inc. {Gmail}
G2 - GCE: Preference [Boss][User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.
C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\SystemTable =>.SUP.BrowserExtension
---\\ FIREFOX, Plugins,Démarrage,Recherche,Extensions (13) - 19s
P2 - EXT FILE: (.Test Pilot - Help make Firefox better by running us.) -- C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\533yvpjo.default\extensions\testpilot@labs.mozilla.com.xpi =>.Test Pilot
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\activity-stream@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\followonsearch@mozilla.com.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\formautofill@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\onboarding@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\screenshots@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi =>.Mozilla Corporation
P2 - EXT FILE: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi =>PUP.Optional.YouTubeAdBlock
P2 - EXT: (.name:Quick Searcher - description:'Quick Searcher' extansion is used for.) -- C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\533yvpjo.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233 =>PUP.Optional.SuperFind
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll =>.Google Inc.
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll =>.Google Inc.
---\\ INTERNET EXPLORER,Démarrage,Recherche,URLSearchHook (21) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN80V5Qf4-sHUlvylceWGx8cDLZmWI4ZQarcjZbVdOwiHXDFJale-sgz3wUSpzpVw_pI7SgPJ15AhyoCoR9Pjp0lUn-c_l8PHs4YhQbtG9QPcc6o5Bn5Q1-TBOzS6IbxEdHv_p5Q_mnGgfNwBa-jF3gsLEQh19wHqxoXmRrOnLazcDDHEN40, =>.SUP.Linkury
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKEY_USERS\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbhn80v5qf4-shulvylcewgx8cdlzmwi4zqarcjzbvdowihxdfjale-sgz3wuspzpvw_pi7sgpj15ahyocor9pjp0luk2iinbxbamibvhdkgbiiomctlpuy1mvfs7esvvdyxyj_oessnqwv9gfoquz3-bq3vwgjkbknkp5rwipk-cj1qvrxjuk,&q={searchterms} =>.SUP.Linkury
R3 - URLSearchHook: (no name)[HKCU] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll =>.Microsoft Corporation
---\\ INTERNET EXPLORER, Site de confiance et site sensible (2) - 0s
~ Microsoft Internet Explorer Restricted Site(s) Domains: 0(Good) / 0(Bad)
~ Microsoft Internet Explorer Restricted Site(s) EscDomains: 0(Good) / 0(Bad)
---\\ INTERNET EXPLORER,Proxy Management (5) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 =>.Default.Value
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies [] =>.Microsoft
---\\ INTERNET EXPLORER,IniFiles, Autoloading Programs (3) - 1s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ ÉTUDE DU FICHIER HOSTS (1) - 4s
~ Le fichier hôte est sain (The hosts file is clean) (2097169)
---\\ BROWSER HELPER OBJECT DE NAVIGATEUR (BHO) (2) - 1s
O2 - BHO: YoutubeAdBlock [64Bits] - {C0D38E5A-7CF8-4105-8FE8-31B81443A114} . (...) -- C:\Program Files (x86)\lJFUJMGEHIE\tFH1Gsq.dll =>PUP.Optional.YouTubeAdBlock
O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.HP Inc. - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll =>.Hewlett-Packard Company®
---\\ RACCOURCIS GLOBAL STARTUP (90) - 41s
O4 - GS\Desktop [Administrateur]: Internet Download Manager.lnk . (...) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Desktop [Administrateur]: PandaViewer.lnk . (...) C:\Program Files (x86)\PandaViewer\PandaViewer.exe =>Hijacker.Browser
O4 - GS\Desktop [Administrateur]: PC COMPTA.lnk . (...) C:\Program Files (x86)\DLG\PCCOMPTA\PCCOMPTA.exe
O4 - GS\Desktop [Administrateur]: PCPAIE - Raccourci.lnk . (...) D:\partition D\DLG old\PCPAIE\PCPAIE.exe
O4 - GS\Desktop [Administrateur]: PCPAIE2014 - Raccourci.lnk . (...) C:\Program Files (x86)\DLG\PCPAIE2014\PCPAIE2014.exe
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Boss\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Quicklaunch [Administrateur]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\sendTo [Administrateur]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Administrateur]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\TaskBar [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe %SNF% =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrateur]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Administrateur]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Startup [Administrateur]: rtugvirb.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Boss\AppData\Roaming\Microsoft\Windows\rtugvirb\urfwtcsb.exe" =>.Microsoft Corporation
O4 - GS\Programs [Administrateur]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrateur]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Desktop [Boss]: Internet Download Manager.lnk . (...) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [Boss]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Desktop [Boss]: PandaViewer.lnk . (...) C:\Program Files (x86)\PandaViewer\PandaViewer.exe =>Hijacker.Browser
O4 - GS\Desktop [Boss]: PC COMPTA.lnk . (...) C:\Program Files (x86)\DLG\PCCOMPTA\PCCOMPTA.exe
O4 - GS\Desktop [Boss]: PCPAIE - Raccourci.lnk . (...) D:\partition D\DLG old\PCPAIE\PCPAIE.exe
O4 - GS\Desktop [Boss]: PCPAIE2014 - Raccourci.lnk . (...) C:\Program Files (x86)\DLG\PCPAIE2014\PCPAIE2014.exe
O4 - GS\Desktop [Boss]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Boss\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Boss]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Boss]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Quicklaunch [Boss]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\sendTo [Boss]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Boss]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\sendTo [Boss]: Transfert de fichiers Bluetooth.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Boss]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\TaskBar [Boss]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\TaskBar [Boss]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe %SNF% =>.Mozilla Corporation®
O4 - GS\TaskBar [Boss]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [Boss]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Startup [Boss]: rtugvirb.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\System32\cmd.exe /c start "" "C:\Users\Boss\AppData\Roaming\Microsoft\Windows\rtugvirb\urfwtcsb.exe" =>.Microsoft Corporation
O4 - GS\Programs [Boss]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Boss]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\CommonDesktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: DriversCloud.com - Démarrer la détection.lnk . (.CybelSoft - .) C:\Program Files (x86)\DriversCloud.com\MCDetection.exe =>.CybelSoft
O4 - GS\CommonDesktop [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Programs [Public]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Accessoire du panneau de saisie mathématiqu.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\system32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut =>..Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Reader X.lnk . (...) C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico =>.Adobe Inc.
O4 - GS\ProgramsCommon [Public]: Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe https://feed.helperbar.com =>PUP.Optional.Salus
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\Microsoft Security Client\msseces.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Gadgets du Bureau Windows.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
---\\ MODIFICATION DOMAINE/ADRESSES (DNS) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.12.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{79BC4EF1-8EE7-40C1-B6F2-003C74ABCB1E}: NameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{2E4FE641-F2EB-47FE-A6D0-1BFAD1EA70AB}: DhcpNameServer = 192.168.12.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{6982C3E3-068E-456E-8331-B58652D0DEDF}: DhcpNameServer = 192.168.42.129 =>.Local IP Adress
---\\ PROTOCOLE ADDITIONNEL (23) - 4s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ REGISTRE AppInit_DLLs et Winlogon Notify (1) - 0s
O20 - Winlogon : UserInit . (.Microsoft Corporation - Application d’ouverture de session Userinit.) - C:\Windows\system32\userinit.exe =>.Microsoft Corporation
---\\ CLÉ DE REGISTRE D'EXTENSION IMAGE (7) - 1s
[HKEY_CLASSES_ROOT\.bmp]@="PandaViewer.bmp" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.gif]@="PandaViewer.gif" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.ico]@="PandaViewer.ico" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.jpe]@="PandaViewer.jpg" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.png]@="PandaViewer.png" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.tif]@="PandaViewer.tif" =>Hijacker.Browser
[HKEY_CLASSES_ROOT\.tiff]@="PandaViewer.tif" =>Hijacker.Browser
---\\ COMPOSANTS ACTIVESETUP INSTALLÉS (ASIC) (8) - 4s
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Microsoft(C) Register Server.) -- C:\Windows\System32\regsvr32.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Utilitaire d’installation du Lecteur Window.) -- C:\Windows\System32\unregmp2.exe =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Expl.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll =>.Microsoft Corporation®
O40 - ASIC: Google Chrome [64Bits] - {8A69D345-D564-463c-AFF1-A69D9E530F96} . (.Google Inc. - Google Chrome Installer.) -- C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\Installer\chrmstp.exe =>.Google Inc®
---\\ LOGICIELS INSTALLÉS (65) - 11s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Adobe Reader X (10.1.16) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: doPDF - (.Softland.) [HKLM][64Bits] -- {F0C22331-5394-41EB-9D8B-12335B36EEF0} =>.Softland
O42 - Logiciel: doPDF 8 - (.Softland.) [HKLM][64Bits] -- {c61b55b1-0524-4fc7-a4d2-6896ae2a2edb} =>.Softland S.R.L.®
O42 - Logiciel: DriversCloud.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {8A6F0F58-AE48-4F4C-A06F-C391AB17069C} =>.CybelSoft
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.2.2.3 - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} =>.Hewlett-Packard Company
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {C9EF1AAF-B542-41C8-A537-1142DA5D4AEC} =>.Hewlett-Packard
O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {79C54A05-F146-4EA0-8A70-D4EFE6181E52} =>.Hewlett-Packard Company
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {ED5CE45D-842B-4C18-A002-87E16EA39BB3} =>.Hewlett-Packard Company
O42 - Logiciel: Intel(R) Manageability Engine Firmware Recovery Agent - (.Intel Corporation.) [HKLM][64Bits] -- {0EC7F9CC-4741-45AE-9F55-6E9343F726F5} =>.Intel Corporation
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7} =>.Intel Corporation
O42 - Logiciel: Microsoft .NET Framework 4.5 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1} =>.Microsoft Corporation
O42 - Logiciel: Microsoft .NET Framework 4.5 - (.Microsoft Corporation.) [HKLM][64Bits] -- {92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0015-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0030-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- ENTERPRISE =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00BA-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0044-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001A-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0019-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {2AA3C13E-0531-41B8-AE48-AE28C940A809} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 - (.Microsoft Corporation.) [HKLM][64Bits] -- {e2803110-78b3-4664-a479-3611a381656a} =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 - (.Microsoft Corporation.) [HKLM][64Bits] -- {69BCE4AC-9572-3271-A2FB-9423BDA36A43} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BBF2AC74-720C-3CB3-8291-5E34039232FA} =>.Microsoft Corporation
O42 - Logiciel: Mises à jour NVIDIA 10.11.15 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: Mozilla Firefox 60.0.2 (x64 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 60.0.2 (x64 fr) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: novaPDF 8 add-in for Microsoft Office (x64) - (.Softland.) [HKLM][64Bits] -- {9F3FFB12-258E-4BB1-8576-FB5F1F1E039E} =>.Softland
O42 - Logiciel: novaPDF 8 add-in for Microsoft Office (x86) - (.Softland.) [HKLM][64Bits] -- {7C972E62-BC1F-4D1C-BB95-FDB648EF6213} =>.Softland
O42 - Logiciel: novaPDF 8 Printer Driver - (.Softland.) [HKLM][64Bits] -- {69EF6EE5-3506-4E51-B51D-AFEBBC2EDC33} =>.Softland
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Optimus Update 10.11.15 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Pilote graphique 332.21 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: PandaViewer - (..) [HKLM][64Bits] -- PandaViewer =>Hijacker.Browser
O42 - Logiciel: Panneau de configuration NVIDIA 332.21 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
O42 - Logiciel: PCCOMPTA Windows - (..) [HKLM][64Bits] -- PCCOMPTA Windows
O42 - Logiciel: PCPaie Windows - (..) [HKLM][64Bits] -- PCPaie Windows
O42 - Logiciel: Print to PDF - (.Free PDF Solutions.) [HKLM][64Bits] -- Print to PDF =>.Free PDF Solutions
O42 - Logiciel: RevServicesX - (.SystemaRev.) [HKLM][64Bits] -- {596F190F-D3C3-40F0-8013-E6E012476226} =>Trojan.Agent
O42 - Logiciel: Skype™ 7.40 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {3B7E914A-93D5-4A29-92BB-AF8C3F66C431} =>.Skype Technologies S.A.
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 5.40 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: YoutubeAdBlock - (.Company Inc..) [HKLM][64Bits] -- 1655C0CA-7AE7-4012-8502-970C8675E5F8 =>PUP.Optional.YouTubeAdBlock
---\\ CLÉ DE REGISTRE SOFTWARE HKCU & HKLM (104) - 11s
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com =>Toolbar.Ask
HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com =>PUP.Optional.Legacy
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Caphyon =>.Caphyon
HKLM\SOFTWARE\EllionSoftware
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Khronos =>.Khronos
HKLM\SOFTWARE\LogMeInRescueCallingCard =>.LogMeIn Entreprise
HKLM\SOFTWARE\LogMeInRescueCallingCards =>.LogMeIn Entreprise
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\PandaViewer =>Hijacker.Browser
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\Adobe =>.Adobe
HKLM\SOFTWARE\WOW6432Node\Caphyon =>.Caphyon
HKLM\SOFTWARE\WOW6432Node\EllionSoftware
HKLM\SOFTWARE\WOW6432Node\Google =>.Google
HKLM\SOFTWARE\WOW6432Node\Hewlett-Packard =>.Hewlett-Packard
HKLM\SOFTWARE\WOW6432Node\IM Providers =>.IM Providers
HKLM\SOFTWARE\WOW6432Node\Intel =>.Intel
HKLM\SOFTWARE\WOW6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\WOW6432Node\LogMeInRescueCallingCard =>.LogMeIn Entreprise
HKLM\SOFTWARE\WOW6432Node\LogMeInRescueCallingCards =>.LogMeIn Entreprise
HKLM\SOFTWARE\WOW6432Node\Mozilla =>.Mozilla
HKLM\SOFTWARE\WOW6432Node\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\WOW6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\WOW6432Node\NVIDIA Corporation =>.nVidia Corporation
HKLM\SOFTWARE\WOW6432Node\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\WOW6432Node\PandaViewer =>Hijacker.Browser
HKLM\SOFTWARE\WOW6432Node\Skype =>.Skype
HKLM\SOFTWARE\WOW6432Node\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\WOW6432Node\Wow6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\WOW6432Node\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\7-Zip =>.Igor Pavlov
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\BitTorrent =>.BitTorrent (P2P)
HKCU\SOFTWARE\Canon =>.Canon
HKCU\SOFTWARE\drpsu =>.Driver PackSolution
HKCU\SOFTWARE\FastDataX =>Adware.FastDataX
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\mtKipolam =>PUP.Optional.Salus
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\One System Care =>PUP.Optional.OneSystemCare
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\ProtectedStorage =>.Microsoft Corporation
HKCU\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKCU\SOFTWARE\Rtp =>.RTP Software
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\skypeapp-6ffaaaea86e4 =>.Skype Technologies
HKCU\SOFTWARE\Softland =>.Softland
HKCU\SOFTWARE\System Healer =>.SUP.SystemHealer
HKCU\SOFTWARE\WidModule
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKU\.DEFAULT\SOFTWARE\Caphyon =>.Caphyon
HKU\.DEFAULT\SOFTWARE\Piriform =>.Piriform
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\7-Zip =>.Igor Pavlov
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Adobe =>.Adobe
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\BitTorrent =>.BitTorrent (P2P)
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Canon =>.Canon
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\drpsu =>.Driver PackSolution
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\FastDataX =>Adware.FastDataX
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Google =>.Google
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Hewlett-Packard =>.Hewlett-Packard
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\IM Providers =>.IM Providers
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Intel =>.Intel
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Mozilla =>.Mozilla
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\mtKipolam =>PUP.Optional.Salus
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Netscape =>.Netscape
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\NVIDIA Corporation =>.nVidia Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\One System Care =>PUP.Optional.OneSystemCare
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Piriform =>.Piriform
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\ProtectedStorage =>.Microsoft Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Rtp =>.RTP Software
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Skype =>.Skype
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\skypeapp-6ffaaaea86e4 =>.Skype Technologies
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Softland =>.Softland
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\System Healer =>.SUP.SystemHealer
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\WidModule
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\WinRAR =>.WinRAR
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\WinRAR SFX =>.RarLab
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKU\S-1-5-21-2242996540-1159303440-1848485385-1000\SOFTWARE\ZHP =>.Nicolas Coolman
---\\ CONTENU DES DOSSIERS PROGRAMMES (387) - 34s
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\06UK5MMVGE =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\0CC1QIJSJR =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\0IP40NNURL =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\14P4OZRKBQ =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\23L6WSE3LA =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\2B1ZGSCKRL =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\45B9CW055O =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\4N2XTR691F =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\4QHNSKO4SB =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\4RJYZ4FLY1 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\51S1MQLHBR =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\59FTT6TX6N =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\7KV3ACDMTO =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\8DNWW3JFF1 =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\8RGCJQFNR7 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\8VEUIXN1JS =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\9GC25M9TIX =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\BCQQKEZTW6 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\C99D02G16Q =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\CXFWDCVC0N =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\CXHFGDRXAY =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\DKQ9ELO4CM =>Adware.Wizzcaster
O43 - CFD: 08/12/2015 - [] D -- C:\Program Files\DriversCloud.com =>.Cybelsoft
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\DS5T3AGQR6 =>Adware.Wizzcaster
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\DZVTM5DNXU =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\E97JWYQPWS =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\EF044BI1YY =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\EHDQ4SPSES =>Adware.Wizzcaster
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Program Files\Fichiers communs =>.Microsoft Corporation
O43 - CFD: 06/06/2018 - [] D -- C:\Program Files\Free PDF Solutions =>.Free PDF Solutions
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\FU4YJTB7LN =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\G4WLOFJRI0 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\H61S1G0VCJ =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\HHDVUWO3MW =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\HIVZM3HMW6 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\I36D8XOVVL =>Adware.Wizzcaster
O43 - CFD: 22/02/2017 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\IY73DZJN1A =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\J1EOM5NN6Q =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\JF5F9TWOH8 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\JSTAJHCVC7 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\KYOP6JTQ2X =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\L44YZJEUTA =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\LAPLRC4S52 =>Adware.Wizzcaster
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Microsoft Security Client =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\MOUNR5U7CO =>Adware.Wizzcaster
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\N9TSKY2Y0Q =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\NCS9KETNVR =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\NT1O3SDMJG =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\NTXTULCS13 =>Adware.Wizzcaster
O43 - CFD: 29/01/2015 - [] D -- C:\Program Files\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\O8SRM406DJ =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\OUN3UTN243 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\PFHWAKCNX2 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\PZ77R66BSC =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Q8BSUMTKUH =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\QJTK9S03AG =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\QUH4P9I665 =>Adware.Wizzcaster
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\RIJN2Z22I4 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\RIO1WF5WR1 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\S5ZFI3L184 =>Adware.Wizzcaster
O43 - CFD: 14/06/2017 - [] D -- C:\Program Files\Softland =>.Softland S.R.L.®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Spot Arabic - Volume
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\SY8JAW81NY =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\SystemaRev =>Trojan.Agent
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\TTI498IUP7 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\UEP61973CJ =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\UKLSHLMZBX =>Adware.Wizzcaster
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\V2TI5WPWUS =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\VITRIQ0UIC =>Adware.Wizzcaster
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Wevice a Art Home Simulator
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Journal =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\XBZEUQP4OX =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\XOBDQ06VI9 =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\Y62LMJ6B01 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\YAJ04LFD3P =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\Z2GOWJEWBY =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\ZAUCWF3FSP =>Adware.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Program Files\ZCDV3PPRT8 =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files\ZGA9EUB06A =>Adware.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\AAAZZZ
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\Common Files =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files (x86)\DLG
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\EgDGbQEiU
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 08/12/2015 - [] D -- C:\Program Files (x86)\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\ijcQGTqqPStU2
O43 - CFD: 08/12/2015 - [0] D -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield
O43 - CFD: 22/02/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\iRmKFyAZyPUn
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\lJFUJMGEHIE
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\Microsoft Security Client =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft Works =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 13/06/2018 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
O43 - CFD: 13/06/2018 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
O43 - CFD: 29/01/2015 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\OneSystemCare =>PUP.Optional.OneSystemCare
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\OxoywZINBbQwrioRGrR
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\PandaViewer =>Hijacker.Browser
O43 - CFD: 06/06/2018 - [] D -- C:\Program Files (x86)\Print to PDF
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 27/12/2017 - [] RD -- C:\Program Files (x86)\Skype =>.Skype
O43 - CFD: 14/06/2017 - [] D -- C:\Program Files (x86)\Softland =>.Softland
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files (x86)\VideoLAN =>.VideoLan Team
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\wCCFxMJCsZmzC
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\WeatherInspect =>Adware.WeatherInspect
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [] D -- C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 8
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com =>.Cybelsoft
O43 - CFD: 12/04/2011 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support =>.Hewlett-Packard
O43 - CFD: 22/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 12/04/2011 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a =>Adware.Suspect
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\959924f715474eb48b64e9340ac14260 =>Adware.Suspect
O43 - CFD: 08/06/2017 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\bcc7fe86-3d51-1 =>.SUP.Polluteware
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\bcc7fe86-65b3-0 =>.SUP.Polluteware
O43 - CFD: 22/01/2015 - [0] SHD -- C:\ProgramData\Bureau =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\DriversCloud.com =>.Cybelsoft
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5 =>Adware.Suspect
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\ellfService
O43 - CFD: 22/01/2015 - [0] SHD -- C:\ProgramData\Favoris =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 16/11/2017 - [] D -- C:\ProgramData\HP =>.Hewlett-Packard
O43 - CFD: 22/02/2017 - [] D -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\Kipolams =>PUP.Optional.Salus
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler
O43 - CFD: 22/01/2015 - [0] SHD -- C:\ProgramData\Menu Démarrer =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [0] SHD -- C:\ProgramData\Modèles =>.Microsoft Corporation
O43 - CFD: 02/02/2015 - [] D -- C:\ProgramData\NVIDIA =>.nVidia Corporation
O43 - CFD: 29/01/2015 - [] D -- C:\ProgramData\NVIDIA Corporation =>.nVidia Corporation
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\PrefsSecure =>PUP.Optional.LogicHandler
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\regid.2008-09.org.wixtoolset
O43 - CFD: 27/12/2017 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 14/06/2017 - [] D -- C:\ProgramData\Softland =>.Softland
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\SystemaRev =>Trojan.Agent
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\XjOPTLXDzAynQaVB
O43 - CFD: 18/06/2018 - [] D -- C:\ProgramData\yahoochrome_D
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
O43 - CFD: 08/06/2017 - [] D -- C:\Program Files (x86)\Common Files\Adobe =>.Adobe
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
O43 - CFD: 18/06/2018 - [] D -- C:\Program Files (x86)\Common Files\Dripeco
O43 - CFD: 29/01/2015 - [] D -- C:\Program Files (x86)\Common Files\Intel =>.Intel Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 22/02/2017 - [] D -- C:\Program Files (x86)\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 27/12/2017 - [] D -- C:\Program Files (x86)\Common Files\Skype =>.Skype
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\04aeuoajoun =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\1dwh4smffbu =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\1f13avwhh05 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\2223kxo4nxo =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\2qv0nhxhj2l
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\2ujednyxx02
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\314167cb8d0b4418a5cdad8e89a566ad
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\3oiiusgh5zi =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\42fc1tjzhvz
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4uobljvyp20 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4wbzgfrmjm0 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\5bqyzsnppie =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\5jqaxe4cvws =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k =>Heuristic.Wizzcaster
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\b5zczcwd5r1 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\bu4x2q1xvar =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\campugwkwrr =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g =>Heuristic.Wizzcaster
O43 - CFD: 31/12/2017 - [] D -- C:\Users\Boss\AppData\Roaming\dvdcss =>.VideoLan Team
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\dzccmget4xj =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\e4txmzljswu
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\f4u2nwwd10e =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\fygjhctaglt =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\g4lp2hox3br
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ghq200jfphj =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\gjxgeeozgjj
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Google =>.Google
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\h1x0jjgthyx =>Heuristic.Wizzcaster
O43 - CFD: 08/12/2015 - [] D -- C:\Users\Boss\AppData\Roaming\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\hkyqvziz52h =>Heuristic.Wizzcaster
O43 - CFD: 08/12/2015 - [] D -- C:\Users\Boss\AppData\Roaming\hpqLog =>.Hewlett-Packard
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\hthbwdvliem =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\hufopmim0n1 =>Heuristic.Wizzcaster
O43 - CFD: 22/01/2015 - [] D -- C:\Users\Boss\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\iesdjzopjee =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ikwuwroponc =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\jum1zmblfzl =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\kjpv0u3evzr
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\kmqvgrjqtcv =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri =>Heuristic.Wizzcaster
O43 - CFD: 12/04/2011 - [0] D -- C:\Users\Boss\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] SD -- C:\Users\Boss\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 20/11/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\ndj4uhgtdll
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\oa4akpueryt
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ojuozu0x55w =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\OneSystemCare =>PUP.Optional.OneSystemCare
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\orqxm1vp1i2 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\ozserobfu45
O43 - CFD: 19/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\ptnwrtotz2q
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\pwdrrt1gd4q
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\qjwp1325mta
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\qzxcr435qdn =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\rdrkuysirug =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\s4j33tkjzyi =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3 =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\Skype =>.Skype
O43 - CFD: 14/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Softland =>.Softland
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\somuag4lpqa
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\spofpkstogu =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\SystemaRev
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\SystemHealer =>.SUP.SystemHealer
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\tj1y4qjfl40 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\tjvhtoanwzq =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\u1e0ztuan3v =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\umxzcepm40l =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ut0azqixun3 =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\uTorrent
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\uvw23vzcrh2 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\veiqtizootd
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vlc =>.VideoLan Team
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vncargfxseo =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\vsfgt0n5o55 =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\w3nmtqzva4g =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\WidModule
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\x133d1xorzs =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\x411pezscl5 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [0] D -- C:\Users\Boss\AppData\Roaming\xxhnil03dam
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5 =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zef1bsflj1d =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\ziio5fseiew =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e =>Heuristic.Wizzcaster
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi =>Heuristic.Wizzcaster
O43 - CFD: 19/06/2017 - [] D -- C:\Users\Boss\AppData\Local\Adobe =>.Adobe
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Boss\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/02/2017 - [] D -- C:\Users\Boss\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 22/02/2017 - [0] D -- C:\Users\Boss\AppData\Local\Deployment =>.Microsoft Corporation
O43 - CFD: 06/05/2018 - [0] D -- C:\Users\Boss\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 21/05/2018 - [] D -- C:\Users\Boss\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Local\FastDataX =>Adware.FastDataX
O43 - CFD: 22/02/2017 - [] D -- C:\Users\Boss\AppData\Local\Google =>.Google
O43 - CFD: 09/10/2017 - [] D -- C:\Users\Boss\AppData\Local\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Boss\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 17/04/2018 - [] D -- C:\Users\Boss\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 13/06/2017 - [] D -- C:\Users\Boss\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 08/03/2017 - [] D -- C:\Users\Boss\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 14/06/2017 - [] D -- C:\Users\Boss\AppData\Local\Startup =>.Microsoft Corporation
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Boss\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 13/06/2018 - [] D -- C:\Users\Boss\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Local\WhiteClick
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\Local\ZHP =>.Nicolas Coolman
O43 - CFD: 08/03/2017 - [0] D -- C:\Users\Boss\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\LocalLow\Adobe =>.Adobe
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\LocalLow\agmSoNKAoyIez
O43 - CFD: 08/06/2017 - [] SHD -- C:\Users\Boss\AppData\LocalLow\Microsoft =>.Microsoft Corporation
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\AppData\LocalLow\Mozilla =>.Mozilla Corporation
O43 - CFD: 06/06/2018 - [] D -- C:\Users\Boss\AppData\LocalLow\Temp =>.Microsoft Corporation
O43 - CFD: 19/06/2018 - [] D -- C:\Users\Boss\AppData\LocalLow\uTorrent
O43 - CFD: 11/06/2018 - [] D -- C:\Users\Boss\Desktop\01-2018
O43 - CFD: 08/05/2018 - [] D -- C:\Users\Boss\Desktop\03-2018
O43 - CFD: 30/05/2018 - [] D -- C:\Users\Boss\Desktop\04-2018
O43 - CFD: 11/06/2018 - [] D -- C:\Users\Boss\Desktop\05-2018
O43 - CFD: 13/11/2017 - [] D -- C:\Users\Boss\Desktop\09-2017
O43 - CFD: 13/11/2017 - [] D -- C:\Users\Boss\Desktop\10-2017
O43 - CFD: 28/12/2017 - [] D -- C:\Users\Boss\Desktop\11-2017
O43 - CFD: 25/04/2018 - [] D -- C:\Users\Boss\Desktop\ACAB
O43 - CFD: 10/04/2018 - [] D -- C:\Users\Boss\Desktop\COMPT 2017
O43 - CFD: 11/07/2017 - [] D -- C:\Users\Boss\Desktop\das cnas 2017
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\Desktop\DGE CRCC LTD
O43 - CFD: 18/06/2018 - [] D -- C:\Users\Boss\Desktop\div
O43 - CFD: 17/01/2018 - [] D -- C:\Users\Boss\Desktop\med
O43 - CFD: 08/05/2018 - [] D -- C:\Users\Boss\Desktop\musiq
O43 - CFD: 22/02/2017 - [] D -- C:\Users\Boss\Desktop\Programs =>.Microsoft Corporation
O43 - CFD: 30/05/2018 - [] D -- C:\Users\Boss\Desktop\SAID PARTAGE
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\Desktop\SALAIRES MN4
O43 - CFD: 22/02/2017 - [] AD -- C:\Users\Boss\Desktop\Windows Loader
O43 - CFD: 05/12/2017 - [] D -- C:\Users\Boss\Desktop\ZIP 11-2017
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [] RD -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCCOMPTA
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PCPaie Windows
O43 - CFD: 06/06/2018 - [] D -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Print to PDF
O43 - CFD: 19/06/2018 - [] RD -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 08/06/2017 - [] D -- C:\Users\Boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Default\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 22/01/2015 - [0] SHD -- C:\Users\Default User\AppData\Local\Historique =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 08/12/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Hewlett-Packard =>.Hewlett-Packard
O43 - CFD: 14/07/2009 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
---\\ DERNIERS FICHIERS CRÉÉS DANS WINDOWS Prefetcher (16) - 28s
O45 - LFCP:[MD5.15A66DEEDE098C34FA8A24CFEDEA9EF2] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.EXE-7D2D190F.pf =>Adware.FastDataX
O45 - LFCP:[MD5.244B948E4A802EB4F9A5537F8CD74E26] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.EXE-DEEE196E.pf =>Adware.FastDataX
O45 - LFCP:[MD5.E7FD38127017744BDDAC8B054CF01330] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.EXE-FF471559.pf =>Adware.FastDataX
O45 - LFCP:[MD5.760848F14C5A52004956ED7DF5B699D3] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.TMP-6817B8B7.pf =>Adware.FastDataX
O45 - LFCP:[MD5.56F0A4993E78D10A42891FCE3824FB71] 18/06/2018 A -- C:\Windows\Prefetch\FASTDATAX.TMP-9EB58A95.pf =>Adware.FastDataX
O45 - LFCP:[MD5.1637008E26442DB2BC600FFE600C6F1B] 18/06/2018 A -- C:\Windows\Prefetch\KIPOLAM.EXE-9BEC3F70.pf =>PUP.Optional.Salus
O45 - LFCP:[MD5.3BB64AEB9D61A3CB20E99F9E49E19E43] 18/06/2018 A -- C:\Windows\Prefetch\KMSPICO_11_FINAL_OFFICE_AND_W-2D5B9CBE.pf =>HackTool.KMSpico
O45 - LFCP:[MD5.7B7A1FD983AF69692FBA2A210BB55627] 18/06/2018 A -- C:\Windows\Prefetch\KMSPICO_11_FINAL_OFFICE_AND_W-D2E6AA36.pf =>HackTool.KMSpico
O45 - LFCP:[MD5.D792060A4BACF9E3E685484BFACCEC32] 18/06/2018 A -- C:\Windows\Prefetch\ONESYSTEMCARE.EXE-4F3801FB.pf =>PUP.Optional.OneSystemCare
O45 - LFCP:[MD5.E43B7B9B44800F0AED12EC823A62E05A] 18/06/2018 A -- C:\Windows\Prefetch\ONESYSTEMCARE.TMP-09513D4F.pf =>PUP.Optional.OneSystemCare
O45 - LFCP:[MD5.AC7C642DDEBCC12BB53ABEFCF3929129] 18/06/2018 A -- C:\Windows\Prefetch\ONESYSTEMCARE.TMP-D3A875F2.pf =>PUP.Optional.OneSystemCare
O45 - LFCP:[MD5.D9C396F046561809EDBDA10784071D8D] 18/06/2018 A -- C:\Windows\Prefetch\SAFEFINDER.EXE-F3546BAC.pf =>PUP.Optional.SmartBar
O45 - LFCP:[MD5.5DCC736EC2C0B6B46D8E487C516D7C82] 18/06/2018 A -- C:\Windows\Prefetch\SPEEDYCAR.EXE-20F7BE19.pf =>Adware.ICLoader
O45 - LFCP:[MD5.427B0B768592685B636B9E7B59045751] 18/06/2018 A -- C:\Windows\Prefetch\SPEEDYCAR.TMP-C0D9C5BE.pf =>Adware.ICLoader
O45 - LFCP:[MD5.1BE38DA4A70328494AF055BDBA393603] 18/06/2018 A -- C:\Windows\Prefetch\WEATHERINSPECT.EXE-B6C3320F.pf =>Adware.WeatherInspect
O45 - LFCP:[MD5.B26B2F5DF30BB50C78E4D492206853A5] 18/06/2018 A -- C:\Windows\Prefetch\WEATHERINSPECT.TMP-1B0D02DD.pf =>Adware.WeatherInspect
---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ RACCOURCIS DES MENUS CONCEPTUELS (SCMH) (34) - 1s
O108 - CMH1: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Porte-documents Windows.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH1: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- c:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation®
O108 - CMH1: Open With [64Bits] - {09799AFB-AD67-11d1-ABCD-00C04FC30936} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH1: Open With EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH1: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH1: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH1: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH2: Compatibility [64Bits] - {1d27f844-3a1f-4410-85ac-14651078412d} . (.Microsoft Corporation - Bibliothèque d’extension de l’onglet Compat.) -- C:\Windows\System32\acppage.dll =>.Microsoft Corporation
O108 - CMH2: NvAppShExt [64Bits] - {A929C4CE-FD36-4270-B4F5-34ECAC5BD63C} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\system32\nv3dappshext.dll =>.NVIDIA Corporation
O108 - CMH2: OpenContainingFolderMenu [64Bits] - {37ea3a21-7493-4208-a011-7f9ea79ce9f5} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH2: OpenGLShExt [64Bits] - {E97DEC16-A50D-49bb-AE24-CF682282E08D} . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\system32\nv3dappshext.dll =>.NVIDIA Corporation
O108 - CMH3: CopyAsPathMenu [64Bits] - {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH3: SendTo [64Bits] - {7BA4C740-9E81-11CF-99D3-00AA004AE837} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH3: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH4: EncryptionMenu [64Bits] - {A470F8CF-A1E8-4f65-8335-227475AA5C46} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH4: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- c:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation®
O108 - CMH4: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH4: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH4: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH5: Gadgets [64Bits] - {6B9228DA-9C15-419e-856C-19E768A13BDC} . (.Microsoft Corporation - Zone de déposé du Volet Windows.) -- C:\Program Files\Windows Sidebar\sbdrop.dll =>.Microsoft Corporation
O108 - CMH5: New [64Bits] - {D969A300-E7FF-11d0-A93B-00A0C90F2719} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH5: NvCplDesktopContext [64Bits] - {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\Windows\System32\nvshext.dll =>.NVIDIA Corporation
O108 - CMH5: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
O108 - CMH5: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH6: BriefcaseMenu [64Bits] - {85BBD920-42A0-1069-A2E4-08002B30309D} . (.Microsoft Corporation - Porte-documents Windows.) -- C:\Windows\System32\syncui.dll =>.Microsoft Corporation
O108 - CMH6: Library Location [64Bits] - {3dad6c5d-2167-4cae-9914-f99e41c12cfa} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O108 - CMH6: Offline Files [64Bits] - {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} . (.Microsoft Corporation - IU de cache côté client.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O108 - CMH6: WinRAR [64Bits] - {B41DB860-64E4-11D2-9906-E49FADC173CA} . (.Alexander Roshal - WinRAR shell extension.) -- C:\Program Files\WinRAR\RarExt.dll =>.win.rar GmbH®
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH6: XXX Groove GFS Context Menu Handler XXX [64Bits] - {6C467336-8281-4E60-8204-430CED96822D} . (.Orphan.)
O108 - CMH7: EnhancedStorageShell [64Bits] - {2854F705-3548-414C-A113-93E27C808C85} . (.Microsoft Corporation - DLL d’extension d’environnement de stockage.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O108 - CMH7: EPP [64Bits] - {09A47860-11B0-4DA5-AFA5-26D86198A780} . (.Microsoft Corporation - Microsoft Security Client Shell Extension.) -- c:\Program Files\Microsoft Security Client\shellext.dll =>.Microsoft Corporation®
O108 - CMH7: Sharing [64Bits] - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} . (.Microsoft Corporation - Extensions de l’interpréteur de commandes p.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ ÉNUMÉRATION DES CLÉS StartupReg (1) - 1s
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] [64Bits] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
---\\ LISTE DES PILOTES DU SYSTÈME (50) - 16s
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2010/11/21 04:23:47 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2010/11/21 04:23:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2014/01/09 04:13:50 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athrx.sys [4043776] =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2009/06/10 21:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 21:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 02:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 21:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 21:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2009/06/10 21:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2009/06/10 21:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2013/01/23 15:57:32 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [64624] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2010/11/21 04:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2010/11/21 04:23:47 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2013/08/24 12:42:48 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4155904] =>.Intel Corporation
O58 - SDL:2009/07/14 02:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2013/12/10 13:15:46 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [795632] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2013/12/19 21:33:31 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [12645664] =>.NVIDIA Corporation®
O58 - SDL:2013/12/19 21:33:31 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvpciflt.sys [32544] =>.NVIDIA Corporation®
O58 - SDL:2010/11/21 04:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2010/11/21 04:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2013/12/18 08:34:38 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [888536] =>.Realtek Semiconductor Corp®
O58 - SDL:2014/01/03 13:08:00 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsP2Stor.sys [291544] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/06/10 21:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Rovi Corporation
O58 - SDL:2009/07/14 02:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2017/02/22 15:15:28 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
---\\ DERNIERS FICHIERS MODIFIÉS OU CRÉÉS (Utilisateur) (122) - 182s
O61 - LFC: 2018/06/18 11:35:24 A . (..) -- C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a\HandlerExecution.exe [8192]
O61 - LFC: 2018/06/18 11:35:27 A . (..) -- C:\ProgramData\959924f715474eb48b64e9340ac14260\HandlerExecution.exe [8192]
O61 - LFC: 2018/06/18 11:35:25 A . (..) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\HandlerExecution.exe [8192]
O61 - LFC: 2018/06/18 12:47:21 A . (.Copyright.) -- C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5\QHOICKXWPX.exe [498688]
O61 - LFC: 2018/06/18 11:53:20 A . (..) -- C:\ProgramData\ellfService\ellfService.exe [1131728] {00BA10A33204664713A8690A55F0AD7176} =>PUP.Optional.Youndoo
O61 - LFC: 2018/06/18 11:08:59 A . (..) -- C:\ProgramData\Logic Cramble\set.exe [3780096]
O61 - LFC: 2018/06/18 12:07:04 A . (..) -- C:\ProgramData\PrefsSecure\Nettrans.exe [43520]
O61 - LFC: 2018/05/21 11:17:18 A . (.PandaViewer.) -- C:\ProgramData\yahoochrome_D\desktop186.exe [517432] =>Hijacker.Browser
O61 - LFC: 2018/06/18 11:26:44 A . (..) -- C:\Users\Boss\AppData\Local\HotPlus.exe [1810944]
O61 - LFC: 2018/06/18 12:45:56 A . (..) -- C:\Users\Boss\AppData\Local\Temp\0mbt13mvk4y\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 15:26:35 A . (..) -- C:\Users\Boss\AppData\Local\Temp\0ryrruh5zfe\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:10:40 A . (.BANANA SUMMER LIMITED.) -- C:\Users\Boss\AppData\Local\Temp\1529320211SEdtmpdown.exe [1537784] =>Hijacker.Browser
O61 - LFC: 2018/06/18 18:04:57 A . (.BANANA SUMMER LIMITED.) -- C:\Users\Boss\AppData\Local\Temp\1529341436SEdtmpdown.exe [1537784] =>Hijacker.Browser
O61 - LFC: 2018/06/18 18:03:56 A . (..) -- C:\Users\Boss\AppData\Local\Temp\1wvx0yrz0ux\bpma.exe [195896] =>Hijacker.Browser
O61 - LFC: 2018/06/18 12:10:11 A . (..) -- C:\Users\Boss\AppData\Local\Temp\24exud4y45c\bpma.exe [195896] =>Hijacker.Browser
O61 - LFC: 2018/06/18 14:58:10 A . (..) -- C:\Users\Boss\AppData\Local\Temp\2rntpivkock\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:51:49 A . (..) -- C:\Users\Boss\AppData\Local\Temp\4dryecph.pl3\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:08:22 A . (..) -- C:\Users\Boss\AppData\Local\Temp\4qe1dj5g.xzg\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:54:59 A . (..) -- C:\Users\Boss\AppData\Local\Temp\5iypip51.orr\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/19 10:08:58 A . (..) -- C:\Users\Boss\AppData\Local\Temp\auwj3tr3jpd\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:54:00 A . (..) -- C:\Users\Boss\AppData\Local\Temp\but-setup-9.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/19 10:08:52 A . (..) -- C:\Users\Boss\AppData\Local\Temp\bwaetixbo0o\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 18:05:06 A . (..) -- C:\Users\Boss\AppData\Local\Temp\c4t5kqobmri\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:28:59 A . (..) -- C:\Users\Boss\AppData\Local\Temp\fastdatax.exe [1549592] =>Adware.FastDataX
O61 - LFC: 2018/06/18 12:48:55 A . (..) -- C:\Users\Boss\AppData\Local\Temp\l1jue0ut.mln\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 15:26:32 A . (..) -- C:\Users\Boss\AppData\Local\Temp\nlrcvtp5lfp\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:07:28 A . (..) -- C:\Users\Boss\AppData\Local\Temp\rwlx2lgh.qlu\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:45:58 A . (..) -- C:\Users\Boss\AppData\Local\Temp\tlnd3xc23sq\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 11:52:53 A . (..) -- C:\Users\Boss\AppData\Local\Temp\vquhhqu4.fk1\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:07:20 A . (..) -- C:\Users\Boss\AppData\Local\Temp\wav23tlp.gsa\fas-setup-16.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:10:27 A . (..) -- C:\Users\Boss\AppData\Local\Temp\ws0vfoosmrz\fas-setup-4.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 17:34:11 A . (..) -- C:\Users\Boss\AppData\Local\Temp\ws5jik2ioa1\bpma.exe [195896] =>Hijacker.Browser
O61 - LFC: 2018/06/18 18:04:50 A . (..) -- C:\Users\Boss\AppData\Local\Temp\y2xfsjyikxa\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 12:10:36 A . (..) -- C:\Users\Boss\AppData\Local\Temp\zp1heo1434c\fas-setup-7.exe [1240992] =>PUP.Optional.FAssistant
O61 - LFC: 2018/06/18 16:37:24 A . (..) -- C:\Users\Boss\AppData\Roaming\04aeuoajoun\v5pmrklxd2q.exe [649849]
O61 - LFC: 2018/06/18 15:03:30 A . (..) -- C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe [649849]
O61 - LFC: 2018/06/18 14:36:13 A . (..) -- C:\Users\Boss\AppData\Roaming\1dwh4smffbu\hcmkjywv1kt.exe [0]
O61 - LFC: 2018/06/18 16:27:53 A . (..) -- C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe [649849]
O61 - LFC: 2018/06/18 12:46:36 A . (..) -- C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe [649849]
O61 - LFC: 2018/06/18 17:36:25 A . (..) -- C:\Users\Boss\AppData\Roaming\2223kxo4nxo\p13sj1bgnsd.exe [649849]
O61 - LFC: 2018/06/18 11:35:29 A . (..) -- C:\Users\Boss\AppData\Roaming\314167cb8d0b4418a5cdad8e89a566ad\HandlerExecution.exe [8192]
O61 - LFC: 2018/06/18 11:45:54 A . (..) -- C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe [649849]
O61 - LFC: 2018/06/19 10:08:09 A . (..) -- C:\Users\Boss\AppData\Roaming\3oiiusgh5zi\mxq55nft3no.exe [503731]
O61 - LFC: 2018/06/18 11:46:15 A . (..) -- C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe [649849]
O61 - LFC: 2018/06/18 12:16:23 A . (..) -- C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe [649849]
O61 - LFC: 2018/06/18 17:35:31 A . (..) -- C:\Users\Boss\AppData\Roaming\4uobljvyp20\3svjlzre0lk.exe [649849]
O61 - LFC: 2018/06/18 14:35:41 A . (..) -- C:\Users\Boss\AppData\Roaming\4wbzgfrmjm0\30icqzgwj4v.exe [0]
O61 - LFC: 2018/06/18 12:15:08 A . (..) -- C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe [649849]
O61 - LFC: 2018/06/18 14:35:21 A . (..) -- C:\Users\Boss\AppData\Roaming\5bqyzsnppie\2ru0tdzpkbi.exe [0]
O61 - LFC: 2018/06/19 10:07:36 A . (..) -- C:\Users\Boss\AppData\Roaming\5jqaxe4cvws\pgtmsxmxa4t.exe [503731]
O61 - LFC: 2018/06/18 12:36:19 A . (..) -- C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe [649849]
O61 - LFC: 2018/06/18 13:23:42 A . (..) -- C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe [649849]
O61 - LFC: 2018/06/18 11:43:16 A . (..) -- C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe [649849]
O61 - LFC: 2018/06/18 14:35:26 A . (..) -- C:\Users\Boss\AppData\Roaming\b5zczcwd5r1\oozsrf2soko.exe [0]
O61 - LFC: 2018/06/18 18:04:55 A . (..) -- C:\Users\Boss\AppData\Roaming\bu4x2q1xvar\oc23htwzs54.exe [649849]
O61 - LFC: 2018/06/18 13:22:59 A . (..) -- C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe [649849]
O61 - LFC: 2018/06/18 12:09:15 A . (..) -- C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe [649849]
O61 - LFC: 2018/06/18 14:34:02 A . (..) -- C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe [649849]
O61 - LFC: 2018/06/18 13:00:15 A . (..) -- C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe [649849]
O61 - LFC: 2018/06/18 14:35:47 A . (..) -- C:\Users\Boss\AppData\Roaming\f4u2nwwd10e\mxxtve5tigy.exe [0]
O61 - LFC: 2018/06/18 12:09:24 A . (..) -- C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe [649849]
O61 - LFC: 2018/06/19 10:08:21 A . (..) -- C:\Users\Boss\AppData\Roaming\fygjhctaglt\eka0teczs0v.exe [503731]
O61 - LFC: 2018/06/18 14:56:44 A . (..) -- C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe [649849]
O61 - LFC: 2018/06/18 15:04:08 A . (..) -- C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe [649849]
O61 - LFC: 2018/06/18 13:24:04 A . (..) -- C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe [649849]
O61 - LFC: 2018/06/18 14:36:20 A . (..) -- C:\Users\Boss\AppData\Roaming\h1x0jjgthyx\mzvjh1q2ano.exe [0]
O61 - LFC: 2018/06/18 16:39:23 A . (..) -- C:\Users\Boss\AppData\Roaming\hkyqvziz52h\ly4jw3pesbz.exe [649849]
O61 - LFC: 2018/06/18 12:16:09 A . (..) -- C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe [649849]
O61 - LFC: 2018/06/18 13:24:03 A . (..) -- C:\Users\Boss\AppData\Roaming\hufopmim0n1\av0sqaq5hgu.exe [649849]
O61 - LFC: 2018/06/18 16:37:49 A . (..) -- C:\Users\Boss\AppData\Roaming\iesdjzopjee\hus24axk1n2.exe [649849]
O61 - LFC: 2018/06/18 14:35:15 A . (..) -- C:\Users\Boss\AppData\Roaming\ikwuwroponc\mbipioegc2z.exe [0]
O61 - LFC: 2018/06/18 15:04:20 A . (..) -- C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe [649849]
O61 - LFC: 2018/06/18 16:30:02 A . (..) -- C:\Users\Boss\AppData\Roaming\jum1zmblfzl\mu3ew1mrmma.exe [649849]
O61 - LFC: 2018/06/18 15:31:49 A . (..) -- C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe [649849]
O61 - LFC: 2018/06/18 14:36:03 A . (..) -- C:\Users\Boss\AppData\Roaming\kmqvgrjqtcv\3amwpavvvqv.exe [0]
O61 - LFC: 2018/06/18 14:34:07 A . (..) -- C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe [649849]
O61 - LFC: 2018/06/18 16:32:19 A . (..) -- C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe [649849]
O61 - LFC: 2018/06/18 13:23:20 A . (..) -- C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe [649849]
O61 - LFC: 2018/06/18 11:45:36 A . (..) -- C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe [649849]
O61 - LFC: 2018/06/18 16:31:43 A . (..) -- C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe [649849]
O61 - LFC: 2018/06/18 13:06:01 A . (..) -- C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe [649849]
O61 - LFC: 2018/06/19 10:08:18 A . (..) -- C:\Users\Boss\AppData\Roaming\ojuozu0x55w\hiedbulpww1.exe [503731]
O61 - LFC: 2018/06/18 17:35:28 A . (..) -- C:\Users\Boss\AppData\Roaming\orqxm1vp1i2\3ltipqff222.exe [649849]
O61 - LFC: 2018/06/18 13:23:43 A . (..) -- C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe [649849]
O61 - LFC: 2018/06/18 17:35:46 A . (..) -- C:\Users\Boss\AppData\Roaming\qzxcr435qdn\npgodgvyy2q.exe [649849]
O61 - LFC: 2018/06/19 10:08:02 A . (..) -- C:\Users\Boss\AppData\Roaming\rdrkuysirug\3bncm4l4241.exe [503731]
O61 - LFC: 2018/06/18 14:56:02 A . (..) -- C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe [649849]
O61 - LFC: 2018/06/18 16:37:43 A . (..) -- C:\Users\Boss\AppData\Roaming\s4j33tkjzyi\suoj5nacpt3.exe [649849]
O61 - LFC: 2018/06/18 13:02:45 A . (..) -- C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe [649849]
O61 - LFC: 2018/06/18 14:35:42 A . (..) -- C:\Users\Boss\AppData\Roaming\spofpkstogu\piwulaxn5fs.exe [0]
O61 - LFC: 2018/06/18 13:02:47 A . (..) -- C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe [649849]
O61 - LFC: 2018/06/16 22:00:37 A . (..) -- C:\Users\Boss\AppData\Roaming\SystemaRev\RevServicesX 4.0.10\install\2476226\app.exe [3822592]
O61 - LFC: 2018/06/17 01:57:59 A . (.SystemaRev.) -- C:\Users\Boss\AppData\Roaming\SystemaRev\RevServicesX 4.0.10\install\2476226\SystemUpdate64x.exe [593920] =>Trojan.Agent
O61 - LFC: 2018/06/18 12:46:35 A . (..) -- C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe [649849]
O61 - LFC: 2018/06/18 16:37:03 A . (..) -- C:\Users\Boss\AppData\Roaming\tj1y4qjfl40\kphgkwekwqi.exe [649849]
O61 - LFC: 2018/06/18 16:37:26 A . (..) -- C:\Users\Boss\AppData\Roaming\tjvhtoanwzq\jdd4jgzocpd.exe [649849]
O61 - LFC: 2018/06/18 15:25:59 A . (..) -- C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe [649849]
O61 - LFC: 2018/06/18 14:35:51 A . (..) -- C:\Users\Boss\AppData\Roaming\u1e0ztuan3v\b52zrg0lunw.exe [0]
O61 - LFC: 2018/06/18 14:56:54 A . (..) -- C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe [649849]
O61 - LFC: 2018/06/18 12:47:20 A . (..) -- C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe [649849]
O61 - LFC: 2018/06/18 13:05:59 A . (..) -- C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe [649849]
O61 - LFC: 2018/06/18 16:37:32 A . (..) -- C:\Users\Boss\AppData\Roaming\uvw23vzcrh2\xqoymku0iwj.exe [649849]
O61 - LFC: 2018/06/18 12:16:40 A . (..) -- C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe [649849]
O61 - LFC: 2018/06/18 13:23:07 A . (..) -- C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe [649849]
O61 - LFC: 2018/06/18 11:45:52 A . (..) -- C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe [649849]
O61 - LFC: 2018/06/18 16:36:12 A . (..) -- C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe [649849]
O61 - LFC: 2018/06/18 12:09:15 A . (..) -- C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe [649849]
O61 - LFC: 2018/06/18 14:36:19 A . (..) -- C:\Users\Boss\AppData\Roaming\vsfgt0n5o55\3jlkuavoeqr.exe [0]
O61 - LFC: 2018/06/19 10:08:03 A . (..) -- C:\Users\Boss\AppData\Roaming\w3nmtqzva4g\bxljdrbg3xg.exe [503731]
O61 - LFC: 2018/06/18 12:47:20 A . (..) -- C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe [649849]
O61 - LFC: 2018/06/18 12:36:29 A . (..) -- C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe [649849]
O61 - LFC: 2018/06/18 12:10:17 A . (..) -- C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe [649849]
O61 - LFC: 2018/06/18 12:46:35 A . (..) -- C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe [649849]
O61 - LFC: 2018/06/18 14:54:33 A . (..) -- C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe [649849]
O61 - LFC: 2018/06/18 13:02:45 A . (..) -- C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe [649849]
O61 - LFC: 2018/06/18 16:36:17 A . (..) -- C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5\421qmditfqu.exe [649849]
O61 - LFC: 2018/06/18 14:36:20 A . (..) -- C:\Users\Boss\AppData\Roaming\zef1bsflj1d\tg4swtmgqlo.exe [0]
O61 - LFC: 2018/06/18 17:34:49 A . (..) -- C:\Users\Boss\AppData\Roaming\ziio5fseiew\iefk2almc02.exe [649849]
O61 - LFC: 2018/06/18 12:36:19 A . (..) -- C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe [649849]
O61 - LFC: 2018/06/18 14:57:41 A . (..) -- C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe [649849]
O61 - LFC: 2018/06/18 15:27:05 A . (..) -- C:\Users\Boss\Downloads\MSEInstall.exe [0]
O61 - LFC: 2018/06/06 12:12:28 A . (.Setup Factory is a trademark of Indigo Rose Corporati.) -- C:\Users\Boss\Downloads\printtopdf_setup.exe [9052182]
---\\ ASSOCIATION Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
---\\ MENU DE DÉMARRAGE INTERNET (12) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ RECHERCHE D'INFECTION SUR LES NAVIGATEURS (5) - 11s
O69 - SBI: prefs.js [Boss - 533yvpjo.default] user_pref("browser.newtab.url", "file:///C:/ProgramData/Kipolams/ff.NT"); =>PUP.Optional.Salus
O69 - SBI: prefs.js [Boss - 533yvpjo.default] user_pref("browser.startup.homepage", "file:///C:/ProgramData/Kipolams/ff.HP"); =>PUP.Optional.Salus
O69 - SBI: SearchScopes [HKCU] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] [64Bits]{ielnksrch} - (Search the web) - http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBHN80V5Qf4-sHUlvylceWGx8cDLZmWI4ZQarcjZbVdOwiHXDFJale-sgz3wUSpzpVw_pI7SgPJ15AhyoCoR9Pjp0lUk2iiNbXbaMIbVHdkgBIiOmCtlPUY1MvFs7EsVvDyXYj_oEssNqwV9GfoQUZ3-bq3VWGJkBKNKp5rWiPk-cJ1QvRxJuk,&q={searchTerms} =>.SUP.Linkury
O69 - SBI: SearchScopes [HKLM] [64Bits]{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
---\\ ÉNUMÈRE LES SERVICES DÉMARRÉS PAR Svchost (33) - 4s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [853504] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [679424] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2477536] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation
---\\ LISTE DES EXCEPTIONS DU PAREFEU WINDOWS (7) - 7s
O87 - FAEL: "{936D01C2-7526-4E73-AC04-A08DADF254DE}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{7DC6BACE-D8DA-4FF1-B632-21054773133C}" [Out-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{1939B550-F393-4BF5-8E0E-3DB7B6F26A2C}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{1CDAB913-462E-4FE7-9607-B504E5089AC3}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{1A5E34D3-36CC-4055-BB2A-E7E092A862D6}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{E7531BC6-AF32-4FF8-BD50-8DF6C26CEDC0}" [Out-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O87 - FAEL: "{C8D25E3D-C8FC-4FA5-B91E-83D2B4038BC7}" [In-None-P17-TRUE] .(...) -- C:\Program Files\SystemaRev\RevServicesX\app.exe
---\\ CODES PRODUITS LOGICIELS (41) - 2s
O90 - PUC: "00002109030000000000000000F01FEC" [HKLM] . (.Microsoft Office Enterprise 2007.) =>.Microsoft Corporation
O90 - PUC: "000021091A00C0400000000000F01FEC" [HKLM] . (.Microsoft Office OneNote MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021094400C0400000000000F01FEC" [HKLM] . (.Microsoft Office InfoPath MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021095100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Access MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021096100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Excel MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021098100C0400000000000F01FEC" [HKLM] . (.Microsoft Office PowerPoint MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "000021099100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Publisher MUI (French) 2007.) =>.bl.org
O90 - PUC: "00002109A100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Outlook MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109A20000000100000000F01FEC" [HKLM] . (.Microsoft Office Office 64-bit Components 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109A200C0400100000000F01FEC" [HKLM] . (.Microsoft Office Shared 64-bit MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109AB00C0400000000000F01FEC" [HKLM] . (.Microsoft Office Groove MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109B100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Word MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109C200C0400000000000F01FEC" [HKLM] . (.Microsoft Office Proofing (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109E600C0400000000000F01FEC" [HKLM] . (.Microsoft Office Shared MUI (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F10010400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (Arabic) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F10031400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (Dutch) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F10070400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (German) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F10090400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (English) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F100A0C00000000000F01FEC" [HKLM] . (.Microsoft Office Proof (Spanish) 2007.) =>.Microsoft Corporation
O90 - PUC: "00002109F100C0400000000000F01FEC" [HKLM] . (.Microsoft Office Proof (French) 2007.) =>.Microsoft Corporation
O90 - PUC: "0D741DA1E0EBC6D3CA11466FCD14361F" [HKLM] . (.Microsoft .NET Framework 4.5.) =>.Microsoft Corporation
O90 - PUC: "13322C0F4935BE14D9B82133B563EE0F" [HKLM] . (.doPDF.) =>.Softland
O90 - PUC: "1926E8D15D0BCE53481466615F760A7F" [HKLM] . (.Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: "1D5E3C0FEDA1E123187686FED06E995A" [HKLM] . (.Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219.) =>.bl.org
O90 - PUC: "21BFF3F9E8521BB45867BFF5F1E130E9" [HKLM] . (.novaPDF 8 add-in for Microsoft Office (x64).) =>.Microsoft Corporation
O90 - PUC: "26E279C7F1CBC1D4BB59DF6B84FE2631" [HKLM] . (.novaPDF 8 add-in for Microsoft Office (x86).) =>.Microsoft Corporation
O90 - PUC: "47CA2FBBC0273BC32819E543302923AF" [HKLM] . (.Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215.) =>.Microsoft Corporation
O90 - PUC: "50A45C97641F0AE4A8074DFE6E81E125" [HKLM] . (.HP Support Assistant.) -- C:\Windows\Installer\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}\ARPPRODUCTICON.exe =>.Hewlett-Packard
O90 - PUC: "5EE6FE96605315E45BD1FABECBE2CD33" [HKLM] . (.novaPDF 8 Printer Driver.)
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" [HKLM] . (.Adobe Reader X (10.1.16) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico =>.Adobe Inc.
O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" [HKLM] . (.Hewlett-Packard ACLM.NET v1.2.2.3.) -- C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe =>.Microsoft Corporation
O90 - PUC: "71460E5BCA4A52243BE6E7439C61617E" [HKLM] . (.Intel® Trusted Connect Service Client.) =>.Intel Corporation
O90 - PUC: "85F0F6A884EAC4F40AF63C19BA7160C9" [HKLM] . (.DriversCloud.com (64 bits).) -- C:\Windows\Installer\{8A6F0F58-AE48-4F4C-A06F-C391AB17069C}\maconfico =>.Apple Inc.
O90 - PUC: "A089CE062ADB6BC44A720BA745894BAC" [HKLM] . (.Google Update Helper.) =>.Google Inc.
O90 - PUC: "A419E7B35D3992A429BBFAC8F3664C13" [HKLM] . (.Skype™ 7.40.) -- C:\Windows\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe =>.Skype Technologies
O90 - PUC: "CA4ECB96275917232ABF4932DB3AA634" [HKLM] . (.Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215.) =>.Microsoft Corporation
O90 - PUC: "CC9F7CE01474EA54F955E639347F625F" [HKLM] . (.Intel(R) Manageability Engine Firmware Recovery Agent.) -- C:\Windows\Installer\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}\AppIcon =>.Intel Corporation
O90 - PUC: "D54EC5DEB24881C40A20781EE63AB93B" [HKLM] . (.HP Support Solutions Framework.) -- C:\Windows\Installer\{ED5CE45D-842B-4C18-A002-87E16EA39BB3}\icon.ico =>.Hewlett-Packard
O90 - PUC: "E31C3AA213508B14EA84EA829C048A90" [HKLM] . (.Microsoft Security Client.) =>.Microsoft Corporation
O90 - PUC: "F091F6953C3D0F0408316E0E21742662" [HKLM] . (.RevServicesX.) =>Trojan.Agent
O90 - PUC: "FAA1FE9C245B8C145A731124ADD5A4CE" [HKLM] . (.HP Customer Experience Enhancements.) -- C:\Windows\Installer\{C9EF1AAF-B542-41C8-A537-1142DA5D4AEC}\ARPPRODUCTICON.exe =>.Hewlett-Packard
---\\ PACKAGES WINDOWS INSTALLER (17) - 12s
[MD5.EE3C7D44B16E7959ABF7F5A603AD9883] [WIS][2017/02/22 15:15:29] (.Intel Corporation - Intel(R) Trusted Connect Service Client.) -- C:\Windows\Installer\153c78.msi [8753152] =>.Intel Corporation
[MD5.0F550F7B49CE9ED78F79EADFA8C00EDC] [WIS][2017/02/22 15:15:28] (.Intel Corporation - Intel(R) Manageability Engine Firmware Reco.) -- C:\Windows\Installer\153c7e.msi [19596800] =>.Intel Corporation
[MD5.0CF8A54784157D2E65A4860443B0432E] [WIS][2015/01/23 16:46:28] (.Softland - novaPDF 8 add-in for Microsoft Office (x86).) -- C:\Windows\Installer\194fba.msi [1830912] =>.Softland
[MD5.AD8A382E982AA5326DAB766C51B90032] [WIS][2015/01/23 16:46:30] (.Softland - novaPDF 8 add-in for Microsoft Office (x64).) -- C:\Windows\Installer\194fc0.msi [2011136] =>.Softland
[MD5.7B21FC4C93CD2F6C26908787E2BC38F3] [WIS][2015/01/23 16:47:50] (.Softland - Softland's novaPDF 8 Printer Driver Install.) -- C:\Windows\Installer\194fc6.msi [15921152] =>.Softland
[MD5.F69EAC25A056E66D9DB4B47BC3E6B515] [WIS][2015/01/23 16:48:04] (.Softland - novaPDF 8.) -- C:\Windows\Installer\194fcc.msi [5410816] =>.Softland
[MD5.FFEE31186501B937BAE18E510B42A456] [WIS][2015/12/08 15:49:35] (.Hewlett-Packard Company - HP Support Solutions Framework.) -- C:\Windows\Installer\43f51d.msi [12079104] =>.Hewlett-Packard Company
[MD5.AE876C737A5ED8E461E99BF58A84D0D6] [WIS][2013/08/08 13:03:14] (.Hewlett-Packard Company - InstallShield® 2011 - Premier Edition with .) -- C:\Windows\Installer\43f52a.msi [2859520] =>.Hewlett-Packard Company
[MD5.E9DCD28C68A54D0E6300C2E021FAAFC1] [WIS][2015/12/08 16:09:36] (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Windows\Installer\55b70f.msi [35532288] =>.Hewlett-Packard Company
[MD5.214D52101D0C9A53327769731AB0D15A] [WIS][2015/12/08 16:10:32] (.Hewlett-Packard - InstallShield® 2014 - Premier Edition with .) -- C:\Windows\Installer\55b716.msi [629760] =>.Hewlett-Packard
[MD5.E69858D048984D3D29B21BF7B70EC177] [WIS][2018/06/17 02:09:36] (.SystemaRev - RevServicesX.) -- C:\Windows\Installer\7a408f.msi [2283008] =>Trojan.Agent
[MD5.E53FA74C34A43723EBCCAAFFB7313247] [WIS][2017/12/27 14:43:53] (.Skype Technologies S.A. - Skype.) -- C:\Windows\Installer\ef52.msi [45522944] =>.Skype Technologies S.A.
[MD5.279472AFC3316213A3E9379F5012CF75] [WIS][2015/09/29 10:28:48] (.Cybelsoft - Hardware Detection DriversCloud.com.) -- C:\Windows\Installer\f0e39.msi [5713920] =>.Cybelsoft
[MD5.FCA1EEB4107FF4AA9DCB6FA2371A6837] [WIS][2011/06/06 21:52:05] (.Adobe Systems Incorporated - ADOBER~1.0Adobe Reader X (10.0.1).) -- C:\Windows\Installer\f7c70.msi [2332672] =>.Adobe Systems Incorporated
[MD5.50EA7A4D9481B12A97070942F474D918] [WIS][2018/05/20 09:48:25] (.Google Inc. - Google Update Helper.) -- C:\Windows\Installer\fa4dd.msi [40960] =>.Google Inc.
[MD5.765E81508D7A084A970E249E22D754F3] [WIS][2015/10/13 05:18:03] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\18e3a.msp [20824064] =>.SUP.Obsolete.Adobe
[MD5.AB18327429D55F0F71E417150A66E726] [WIS][2011/09/05 22:51:04] (.Adobe Systems, Incorporated.) -- C:\Windows\Installer\f7c71.msp [13135872] =>.SUP.Obsolete.Adobe
---\\ FEATURE CONTROLE. (126) - 0s
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL]:WindowsAnytimeUpgradeUI.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:msn6.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HPSFViewer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]:HPCF.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_ISO_2022_JP_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPfewgsrv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGuiIT.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPGUI.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLgPad.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:SAPLOGON.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:Scale_for_R3.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:ieuser.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]:YahooMusicEngine.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:devenv.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:dexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]:msfeedssync.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HIGH_CONTRAST_BACKGROUND_IMAGES]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]:msiexec.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:wm.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:cs.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]:waol.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]:helppane.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]:wlmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:mshta.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]:sidebar.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]:communicator.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:winmail.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:msimn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]:outlook.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:infopath.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:winword.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:excel.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]:powerpnt.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]:ehExtHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn6.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]:msn.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:explorer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:iexplore.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:prevhost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:PresentationHost.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:wmplayer.exe =>.Legitimate
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]:ehExtHost.exe =>.Legitimate
---\\ SCAN ADDITIONNEL (439) - 36s
C:\Program Files (x86)\EiPdaxGyo.exe =>Heuristic.Suspect
C:\Program Files (x86)\IARIQN.exe =>Heuristic.Suspect
HKLM\SYSTEM\CurrentControlSet\Services\backlh =>PUP.Optional.LogicHandler
C:\ProgramData\Logic Cramble\set.exe =>PUP.Optional.LogicHandler
HKLM\SYSTEM\CurrentControlSet\Services\ellfService =>PUP.Optional.Youndoo
C:\ProgramData\ellfService\ellfService.exe =>PUP.Optional.Youndoo
HKLM\SYSTEM\CurrentControlSet\Services\Nettrans =>PUP.Optional.LogicHandler
C:\ProgramData\PrefsSecure\Nettrans.exe =>PUP.Optional.LogicHandler
HKLM\SYSTEM\CurrentControlSet\Services\saiyitechnology =>Hijacker.Browser
C:\ProgramData\yahoochrome_D\desktop186.exe =>Hijacker.Browser
HKLM\SYSTEM\CurrentControlSet\Services\SystemUpdate64 =>Trojan.Agent
C:\Program Files\SystemaRev\RevServicesX\SystemUpdate64x.exe =>Trojan.Agent
C:\Windows\System32\Tasks\Update_4.0.10 =>Trojan.Agent
C:\Users\Boss\AppData\Local\Temp\is-VN8AG.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-R95IK.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-GR2SV.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-B2J5P.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-J078D.tmp\up.exe =>Adware.Wizzcaster
C:\Users\Boss\AppData\Local\Temp\is-SGPE7.tmp\up.exe =>Adware.Wizzcaster
C:\Program Files\4RJYZ4FLY1\4RJYZ4FLY.exe =>Adware.Wizzcaster
C:\Program Files\4N2XTR691F\4N2XTR691.exe =>Adware.Wizzcaster
C:\Program Files\IY73DZJN1A\2Q24L2L7U.exe =>Adware.Wizzcaster
C:\Program Files\UEP61973CJ\UEP61973C.exe =>Adware.Wizzcaster
C:\Program Files\DZVTM5DNXU\DZVTM5DNX.exe =>Adware.Wizzcaster
C:\Program Files\EF044BI1YY\EF044BI1Y.exe =>Adware.Wizzcaster
C:\Program Files\MOUNR5U7CO\MOUNR5U7C.exe =>Adware.Wizzcaster
C:\Program Files\DKQ9ELO4CM\7Y7G6PEN7.exe =>Adware.Wizzcaster
C:\Program Files\7KV3ACDMTO\7KV3ACDMT.exe =>Adware.Wizzcaster
C:\Program Files\23L6WSE3LA\23L6WSE3L.exe =>Adware.Wizzcaster
C:\Program Files\CXFWDCVC0N\CXFWDCVC0.exe =>Adware.Wizzcaster
C:\Program Files\0IP40NNURL\0IP40NNUR.exe =>Adware.Wizzcaster
C:\Program Files\BCQQKEZTW6\Y7MX72MBI.exe =>Adware.Wizzcaster
C:\Program Files\JF5F9TWOH8\JF5F9TWOH.exe =>Adware.Wizzcaster
C:\Program Files\O8SRM406DJ\O8SRM406D.exe =>Adware.Wizzcaster
C:\Program Files\XBZEUQP4OX\9K8FXDNO9.exe =>Adware.Wizzcaster
C:\Program Files\Q8BSUMTKUH\9K8FXDNO9.exe =>Adware.Wizzcaster
C:\Program Files\HHDVUWO3MW\H4MNFV2OE.exe =>Adware.Wizzcaster
C:\Program Files\RIO1WF5WR1\4FG87VWNF.exe =>Adware.Wizzcaster
C:\Program Files\UKLSHLMZBX\UKLSHLMZB.exe =>Adware.Wizzcaster
C:\Program Files\RIJN2Z22I4\RIJN2Z22I.exe =>Adware.Wizzcaster
C:\Program Files\QUH4P9I665\QUH4P9I66.exe =>Adware.Wizzcaster
C:\Program Files\LAPLRC4S52\AO2F7BHU4.exe =>Adware.Wizzcaster
C:\Program Files\ZGA9EUB06A\YJGF46W1D.exe =>Adware.Wizzcaster
C:\Program Files\OUN3UTN243\YJGF46W1D.exe =>Adware.Wizzcaster
C:\Program Files\51S1MQLHBR\YJGF46W1D.exe =>Adware.Wizzcaster
C:\Program Files\ZGA9EUB06A\B8NUC532C.exe =>Adware.Wizzcaster
C:\Program Files\PZ77R66BSC\PZ77R66BS.exe =>Adware.Wizzcaster
C:\Program Files\0CC1QIJSJR\I4DC6UF1U.exe =>Adware.Wizzcaster
C:\Program Files\E97JWYQPWS\E97JWYQPW.exe =>Adware.Wizzcaster
C:\Program Files\59FTT6TX6N\59FTT6TX6.exe =>Adware.Wizzcaster
C:\Program Files\NCS9KETNVR\NCS9KETNV.exe =>Adware.Wizzcaster
C:\Program Files\2B1ZGSCKRL\2B1ZGSCKR.exe =>Adware.Wizzcaster
C:\Program Files\JSTAJHCVC7\JSTAJHCVC.exe =>Adware.Wizzcaster
C:\Program Files\V2TI5WPWUS\V2TI5WPWU.exe =>Adware.Wizzcaster
C:\Program Files\8VEUIXN1JS\8VEUIXN1J.exe =>Adware.Wizzcaster
C:\Program Files\06UK5MMVGE\06UK5MMVG.exe =>Adware.Wizzcaster
C:\Program Files\J1EOM5NN6Q\J1EOM5NN6.exe =>Adware.Wizzcaster
C:\Program Files\9GC25M9TIX\9GC25M9TI.exe =>Adware.Wizzcaster
C:\Program Files\Z2GOWJEWBY\Z2GOWJEWB.exe =>Adware.Wizzcaster
C:\Program Files\KYOP6JTQ2X\KYOP6JTQ2.exe =>Adware.Wizzcaster
C:\Windows\Temp\g8E9D.tmp.exe =>Heuristic.Suspect
C:\Users\Boss\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbdpajcdgknpendpmecafmopknefafha =>PUP.Optional.DefaultSearch
C:\Program Files (x86)\Mozilla Firefox\browser\features\{A5FD4672-4D73-4F90-A1C0-2ABD39DB2565}.xpi =>PUP.Optional.YouTubeAdBlock
C:\Users\Boss\AppData\Roaming\Mozilla\Firefox\Profiles\533yvpjo.default\extensions\mefhakmgclhhfbdadeojlkbllmecialg@chrome-store-foxified-1132576233 =>PUP.Optional.SuperFind
C:\Program Files (x86)\lJFUJMGEHIE\tFH1Gsq.dll =>PUP.Optional.YouTubeAdBlock
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} =>PUP.Optional.YouTubeAdBlock
HKLM\Software\WOW6432Node\Classes\CLSID\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} =>PUP.Optional.YouTubeAdBlock
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0D38E5A-7CF8-4105-8FE8-31B81443A114} =>PUP.Optional.YouTubeAdBlock
[HKEY_USERS\S-1-5-18\Environment]:SNP =>PUP.Optional.Salus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{596F190F-D3C3-40F0-8013-E6E012476226} =>Trojan.Agent
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8 =>PUP.Optional.YouTubeAdBlock
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1655C0CA-7AE7-4012-8502-970C8675E5F8 =>PUP.Optional.YouTubeAdBlock
C:\Program Files\06UK5MMVGE\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\06UK5MMVGE =>Adware.Wizzcaster
C:\Program Files\0CC1QIJSJR\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\0CC1QIJSJR =>Adware.Wizzcaster
C:\Program Files\0IP40NNURL\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\0IP40NNURL =>Adware.Wizzcaster
C:\Program Files\14P4OZRKBQ\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\14P4OZRKBQ =>Adware.Wizzcaster
C:\Program Files\23L6WSE3LA\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\23L6WSE3LA =>Adware.Wizzcaster
C:\Program Files\2B1ZGSCKRL\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\2B1ZGSCKRL =>Adware.Wizzcaster
C:\Program Files\45B9CW055O\45B9CW055.exe =>Adware.Wizzcaster
C:\Program Files\45B9CW055O\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\45B9CW055O =>Adware.Wizzcaster
C:\Program Files\4N2XTR691F\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\4N2XTR691F =>Adware.Wizzcaster
C:\Program Files\4QHNSKO4SB\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\4QHNSKO4SB =>Adware.Wizzcaster
C:\Program Files\4RJYZ4FLY1\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\4RJYZ4FLY1 =>Adware.Wizzcaster
C:\Program Files\51S1MQLHBR\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\51S1MQLHBR =>Adware.Wizzcaster
C:\Program Files\59FTT6TX6N\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\59FTT6TX6N =>Adware.Wizzcaster
C:\Program Files\7KV3ACDMTO\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\7KV3ACDMTO =>Adware.Wizzcaster
C:\Program Files\8DNWW3JFF1\8DNWW3JFF.exe =>Adware.Wizzcaster
C:\Program Files\8DNWW3JFF1\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\8DNWW3JFF1 =>Adware.Wizzcaster
C:\Program Files\8RGCJQFNR7\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\8RGCJQFNR7 =>Adware.Wizzcaster
C:\Program Files\8VEUIXN1JS\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\8VEUIXN1JS =>Adware.Wizzcaster
C:\Program Files\9GC25M9TIX\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\9GC25M9TIX =>Adware.Wizzcaster
C:\Program Files\BCQQKEZTW6\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\BCQQKEZTW6 =>Adware.Wizzcaster
C:\Program Files\C99D02G16Q\C99D02G16.exe =>Adware.Wizzcaster
C:\Program Files\C99D02G16Q\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\C99D02G16Q =>Adware.Wizzcaster
C:\Program Files\CXFWDCVC0N\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\CXFWDCVC0N =>Adware.Wizzcaster
C:\Program Files\CXHFGDRXAY\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\CXHFGDRXAY =>Adware.Wizzcaster
C:\Program Files\DKQ9ELO4CM\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\DKQ9ELO4CM =>Adware.Wizzcaster
C:\Program Files\DS5T3AGQR6\DS5T3AGQR.exe =>Adware.Wizzcaster
C:\Program Files\DS5T3AGQR6 =>Adware.Wizzcaster
C:\Program Files\DZVTM5DNXU\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\DZVTM5DNXU =>Adware.Wizzcaster
C:\Program Files\E97JWYQPWS\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\E97JWYQPWS =>Adware.Wizzcaster
C:\Program Files\EF044BI1YY\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\EF044BI1YY =>Adware.Wizzcaster
C:\Program Files\EHDQ4SPSES\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\EHDQ4SPSES =>Adware.Wizzcaster
C:\Program Files\FU4YJTB7LN\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\FU4YJTB7LN =>Adware.Wizzcaster
C:\Program Files\G4WLOFJRI0\G4WLOFJRI.exe =>Adware.Wizzcaster
C:\Program Files\G4WLOFJRI0 =>Adware.Wizzcaster
C:\Program Files\H61S1G0VCJ\H61S1G0VC.exe =>Adware.Wizzcaster
C:\Program Files\H61S1G0VCJ\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\H61S1G0VCJ =>Adware.Wizzcaster
C:\Program Files\HHDVUWO3MW\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\HHDVUWO3MW =>Adware.Wizzcaster
C:\Program Files\HIVZM3HMW6\HIVZM3HMW.exe =>Adware.Wizzcaster
C:\Program Files\HIVZM3HMW6\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\HIVZM3HMW6 =>Adware.Wizzcaster
C:\Program Files\I36D8XOVVL\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\I36D8XOVVL =>Adware.Wizzcaster
C:\Program Files\IY73DZJN1A\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\IY73DZJN1A =>Adware.Wizzcaster
C:\Program Files\J1EOM5NN6Q\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\J1EOM5NN6Q =>Adware.Wizzcaster
C:\Program Files\JF5F9TWOH8\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\JF5F9TWOH8 =>Adware.Wizzcaster
C:\Program Files\JSTAJHCVC7\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\JSTAJHCVC7 =>Adware.Wizzcaster
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\Program Files\KYOP6JTQ2X\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\KYOP6JTQ2X =>Adware.Wizzcaster
C:\Program Files\L44YZJEUTA\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\L44YZJEUTA =>Adware.Wizzcaster
C:\Program Files\LAPLRC4S52\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\LAPLRC4S52 =>Adware.Wizzcaster
C:\Program Files\MOUNR5U7CO\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\MOUNR5U7CO =>Adware.Wizzcaster
C:\Program Files\N9TSKY2Y0Q\N9TSKY2Y0.exe =>Adware.Wizzcaster
C:\Program Files\N9TSKY2Y0Q\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\N9TSKY2Y0Q =>Adware.Wizzcaster
C:\Program Files\NCS9KETNVR\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\NCS9KETNVR =>Adware.Wizzcaster
C:\Program Files\NT1O3SDMJG\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\NT1O3SDMJG =>Adware.Wizzcaster
C:\Program Files\NTXTULCS13\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\NTXTULCS13 =>Adware.Wizzcaster
C:\Program Files\O8SRM406DJ\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\O8SRM406DJ =>Adware.Wizzcaster
C:\Program Files\OUN3UTN243\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\OUN3UTN243 =>Adware.Wizzcaster
C:\Program Files\PFHWAKCNX2\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\PFHWAKCNX2 =>Adware.Wizzcaster
C:\Program Files\PZ77R66BSC\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\PZ77R66BSC =>Adware.Wizzcaster
C:\Program Files\Q8BSUMTKUH\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\Q8BSUMTKUH =>Adware.Wizzcaster
C:\Program Files\QJTK9S03AG\QJTK9S03A.exe =>Adware.Wizzcaster
C:\Program Files\QJTK9S03AG =>Adware.Wizzcaster
C:\Program Files\QUH4P9I665\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\QUH4P9I665 =>Adware.Wizzcaster
C:\Program Files\RIJN2Z22I4\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\RIJN2Z22I4 =>Adware.Wizzcaster
C:\Program Files\RIO1WF5WR1\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\RIO1WF5WR1 =>Adware.Wizzcaster
C:\Program Files\S5ZFI3L184\S5ZFI3L18.exe =>Adware.Wizzcaster
C:\Program Files\S5ZFI3L184 =>Adware.Wizzcaster
C:\Program Files\SY8JAW81NY\SY8JAW81N.exe =>Adware.Wizzcaster
C:\Program Files\SY8JAW81NY\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\SY8JAW81NY =>Adware.Wizzcaster
C:\Program Files\SystemaRev =>Trojan.Agent
C:\Program Files\TTI498IUP7\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\TTI498IUP7 =>Adware.Wizzcaster
C:\Program Files\UEP61973CJ\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\UEP61973CJ =>Adware.Wizzcaster
C:\Program Files\UKLSHLMZBX\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\UKLSHLMZBX =>Adware.Wizzcaster
C:\Program Files\V2TI5WPWUS\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\V2TI5WPWUS =>Adware.Wizzcaster
C:\Program Files\VITRIQ0UIC\VITRIQ0UI.exe =>Adware.Wizzcaster
C:\Program Files\VITRIQ0UIC\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\VITRIQ0UIC =>Adware.Wizzcaster
C:\Program Files\XBZEUQP4OX\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\XBZEUQP4OX =>Adware.Wizzcaster
C:\Program Files\XOBDQ06VI9\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\XOBDQ06VI9 =>Adware.Wizzcaster
C:\Program Files\Y62LMJ6B01\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\Y62LMJ6B01 =>Adware.Wizzcaster
C:\Program Files\YAJ04LFD3P\YAJ04LFD3.exe =>Adware.Wizzcaster
C:\Program Files\YAJ04LFD3P\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\YAJ04LFD3P =>Adware.Wizzcaster
C:\Program Files\Z2GOWJEWBY\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\Z2GOWJEWBY =>Adware.Wizzcaster
C:\Program Files\ZAUCWF3FSP\ZAUCWF3FS.exe =>Adware.Wizzcaster
C:\Program Files\ZAUCWF3FSP\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\ZAUCWF3FSP =>Adware.Wizzcaster
C:\Program Files\ZCDV3PPRT8\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\ZCDV3PPRT8 =>Adware.Wizzcaster
C:\Program Files\ZGA9EUB06A\uninstaller.exe =>Adware.Wizzcaster
C:\Program Files\ZGA9EUB06A =>Adware.Wizzcaster
C:\Program Files (x86)\OneSystemCare =>PUP.Optional.OneSystemCare
C:\Program Files (x86)\WeatherInspect =>Adware.WeatherInspect
C:\ProgramData\7c11d2ab4ad54047b2dc77a2e9f9e78a =>Adware.Suspect
C:\ProgramData\959924f715474eb48b64e9340ac14260 =>Adware.Suspect
C:\ProgramData\bcc7fe86-3d51-1 =>.SUP.Polluteware
C:\ProgramData\bcc7fe86-65b3-0 =>.SUP.Polluteware
C:\ProgramData\ea563cd91a294ec6ac8fcf83f3452ce5 =>Adware.Suspect
C:\ProgramData\Kipolams =>PUP.Optional.Salus
C:\ProgramData\Logic Cramble =>PUP.Optional.LogicHandler
C:\ProgramData\PrefsSecure =>PUP.Optional.LogicHandler
C:\ProgramData\SystemaRev =>Trojan.Agent
C:\Users\Boss\AppData\Roaming\04aeuoajoun\v5pmrklxd2q.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\04aeuoajoun =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\0njpmhg1baw\v3q3t3kent3.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\0njpmhg1baw =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1dwh4smffbu\hcmkjywv1kt.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1dwh4smffbu =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1f13avwhh05\jeoqe2kbshm.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1f13avwhh05 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1vcgkimcszj\tobuxtu40h5.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\1vcgkimcszj =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\2223kxo4nxo\p13sj1bgnsd.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\2223kxo4nxo =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\3iuedhaxbrf\fy2yomyxlt1.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\3iuedhaxbrf =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\3oiiusgh5zi\mxq55nft3no.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\3oiiusgh5zi =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4ei42zyfjiy\rshnzkefq3a.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4ei42zyfjiy =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4fkqyihbtcs\tkphzgeruqu.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4fkqyihbtcs =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4uobljvyp20\3svjlzre0lk.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4uobljvyp20 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4wbzgfrmjm0\30icqzgwj4v.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4wbzgfrmjm0 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4zyiiordr1t\lbvouvxtkxm.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\4zyiiordr1t =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\5bqyzsnppie\2ru0tdzpkbi.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\5bqyzsnppie =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\5jqaxe4cvws\pgtmsxmxa4t.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\5jqaxe4cvws =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\a3lozhxq13k\juppnhlt4oj.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\a3lozhxq13k =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ansv0loy3pq\yllru3pflga.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ansv0loy3pq =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq\ueqx01fsjtb.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\b2rjd3dtwcq =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\b5zczcwd5r1\oozsrf2soko.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\b5zczcwd5r1 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\bu4x2q1xvar\oc23htwzs54.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\bu4x2q1xvar =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\campugwkwrr\dekwhl5vgam.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\campugwkwrr =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\cjytoix0t2u\ecp3klz3jro.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\cjytoix0t2u =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\dspg5yhdv1g\nc3qoabjofh.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\dspg5yhdv1g =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\dzccmget4xj\cte00yfqysm.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\dzccmget4xj =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\f4u2nwwd10e\mxxtve5tigy.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\f4u2nwwd10e =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fsegsk4xxmu\wqqyyp0wiij.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fsegsk4xxmu =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fygjhctaglt\eka0teczs0v.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fygjhctaglt =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fyhpl2l1k15\bcbontrqplm.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\fyhpl2l1k15 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ghq200jfphj\anw1bms3a5u.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ghq200jfphj =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\gpjkvky3xwu\p1fmt11huoa.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\gpjkvky3xwu =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\h1x0jjgthyx\mzvjh1q2ano.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\h1x0jjgthyx =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hkyqvziz52h\ly4jw3pesbz.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hkyqvziz52h =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hthbwdvliem\21q0oe2sxld.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hthbwdvliem =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hufopmim0n1\av0sqaq5hgu.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\hufopmim0n1 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\iesdjzopjee\hus24axk1n2.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\iesdjzopjee =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ikwuwroponc\mbipioegc2z.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ikwuwroponc =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ixkwmxjdirx\cgqzyhi5cxo.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ixkwmxjdirx =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\jum1zmblfzl\mu3ew1mrmma.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\jum1zmblfzl =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\kfy5tx1iwng\ol3ykb11yz0.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\kfy5tx1iwng =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\kmqvgrjqtcv\3amwpavvvqv.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\kmqvgrjqtcv =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\lbihu3dbgw5\xhohom1t3at.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\lbihu3dbgw5 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\lk1yurxlstt\2cwdbdvmen1.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\lk1yurxlstt =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\maxfhrsmjri\ogn1tdeg1us.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\maxfhrsmjri =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\mymz0dwunxe\a0rt0t0nxc1.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\mymz0dwunxe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\nt3ivlu25bk\eppo3rjjpkl.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\nt3ivlu25bk =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\nxp5kibzalj\yeazwo2ie21.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\nxp5kibzalj =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ojuozu0x55w\hiedbulpww1.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ojuozu0x55w =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\OneSystemCare =>PUP.Optional.OneSystemCare
C:\Users\Boss\AppData\Roaming\orqxm1vp1i2\3ltipqff222.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\orqxm1vp1i2 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\pxojaif2pi3\1p2vimdsxsu.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\pxojaif2pi3 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\qzxcr435qdn\npgodgvyy2q.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\qzxcr435qdn =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\rdrkuysirug\3bncm4l4241.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\rdrkuysirug =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ry4pkgjcpma\dixuqdtid4e.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ry4pkgjcpma =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\s4j33tkjzyi\suoj5nacpt3.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\s4j33tkjzyi =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\simj5fjsrp3\dtltwtzgl5m.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\simj5fjsrp3 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\spofpkstogu\piwulaxn5fs.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\spofpkstogu =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\sprv00ej4ii\kkq2ykcfc1m.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\sprv00ej4ii =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\SystemHealer =>.SUP.SystemHealer
C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck\0wqk4wmokfr.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\t5pjsm2q3ck =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tj1y4qjfl40\kphgkwekwqi.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tj1y4qjfl40 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tjvhtoanwzq\jdd4jgzocpd.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tjvhtoanwzq =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tx44ulb2zwo\wosv1yqsgtq.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\tx44ulb2zwo =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\u1e0ztuan3v\b52zrg0lunw.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\u1e0ztuan3v =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\umxzcepm40l\1nkcuqih1lx.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\umxzcepm40l =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb\itngklpavv4.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\uqdwqzyb3yb =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ut0azqixun3\yqe0tcfjxt5.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ut0azqixun3 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\uvw23vzcrh2\xqoymku0iwj.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\uvw23vzcrh2 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\v2zltxz22aw\vx3sywuyswv.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\v2zltxz22aw =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vj20z1lapnz\attdckaw0zq.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vj20z1lapnz =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl\ht3gp3agdld.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vjsvwqhnbcl =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo\14zlxlvo42z.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vkrmqwi2ejo =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vncargfxseo\o4uultgnwco.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vncargfxseo =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vsfgt0n5o55\3jlkuavoeqr.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\vsfgt0n5o55 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\w3nmtqzva4g\bxljdrbg3xg.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\w3nmtqzva4g =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\wzgymbkm3u0\rqahpbschqw.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\wzgymbkm3u0 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\x133d1xorzs\vlbw0dm50qs.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\x133d1xorzs =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\x411pezscl5\nii52ndrv14.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\x411pezscl5 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u\yo5yy5fzqcc.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ydfi4gy5g1u =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ym43wcqa4ng\1inuwq4kulf.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ym43wcqa4ng =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zamvjzj2q4e\hqyejghdurc.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zamvjzj2q4e =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5\421qmditfqu.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zc5fu4zgxa5 =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zef1bsflj1d\tg4swtmgqlo.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zef1bsflj1d =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ziio5fseiew\iefk2almc02.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\ziio5fseiew =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zljq0qkhq3e\ck3ckm4gaqi.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zljq0qkhq3e =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zspmamfbrxi\eux052aj2af.exe =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Roaming\zspmamfbrxi =>Heuristic.Wizzcaster
C:\Users\Boss\AppData\Local\FastDataX =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.EXE-7D2D190F.pf =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.EXE-DEEE196E.pf =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.EXE-FF471559.pf =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.TMP-6817B8B7.pf =>Adware.FastDataX
C:\Windows\Prefetch\FASTDATAX.TMP-9EB58A95.pf =>Adware.FastDataX
C:\Windows\Prefetch\KIPOLAM.EXE-9BEC3F70.pf =>PUP.Optional.Salus
C:\Windows\Prefetch\KMSPICO_11_FINAL_OFFICE_AND_W-2D5B9CBE.pf =>HackTool.KMSpico
C:\Windows\Prefetch\KMSPICO_11_FINAL_OFFICE_AND_W-D2E6AA36.pf =>HackTool.KMSpico
C:\Windows\Prefetch\ONESYSTEMCARE.EXE-4F3801FB.pf =>PUP.Optional.OneSystemCare
C:\Windows\Prefetch\ONESYSTEMCARE.TMP-09513D4F.pf =>PUP.Optional.OneSystemCare
C:\Windows\Prefetch\ONESYSTEMCARE.TMP-D3A875F2.pf =>PUP.Optional.OneSystemCare
C:\Windows\Prefetch\SAFEFINDER.EXE-F3546BAC.pf =>PUP.Optional.SmartBar
C:\Windows\Prefetch\SPEEDYCAR.EXE-20F7BE19.pf =>Adware.ICLoader
C:\Windows\Prefetch\SPEEDYCAR.TMP-C0D9C5BE.pf =>Adware.ICLoader
C:\Windows\Prefetch\WEATHERINSPECT.EXE-B6C3320F.pf =>Adware.WeatherInspect
C:\Windows\Prefetch\WEATHERINSPECT.TMP-1B0D02DD.pf =>Adware.WeatherInspect
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>.SUP.Orphan
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} =>.SUP.Orphan
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 =>.SUP.Orphan
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX =>.SUP.Orphan
C:\Users\Boss\AppData\Roaming\uTorrent\uTorrent.exe =>BitTorrent (P2P)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent =>BitTorrent (P2P)
C:\Users\Boss\AppData\Roaming\SystemaRev\RevServicesX 4.0.10\install\2476226\SystemUpdate64x.exe =>Trojan.Agent
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch} =>.SUP.Linkury
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{DAC34259-D6FF-4C4B-A1B3-A98FAA393957} =>HackTool.KMSpico
[HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{53E7FF3C-80EA-4FFB-9F0E-978B698CA5E9} =>HackTool.KMSpico
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\F091F6953C3D0F0408316E0E21742662 =>Trojan.Agent
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\F091F6953C3D0F0408316E0E21742662 =>Trojan.Agent
C:\Windows\Installer\7a408f.msi =>Trojan.Agent
C:\Windows\Installer\18e3a.msp =>.SUP.Obsolete.Adobe
C:\Windows\Installer\f7c71.msp =>.SUP.Obsolete.Adobe
---\\ RÉCAPITULATIF DES ÉLÉMENTS TROUVÉS SUR VOTRE STATION (29) - 0s
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/04/pup-optional-logichandler/ =>PUP.Optional.LogicHandler
https://nicolascoolman.eu/2017/03/11/superfluous-youndoo/ =>PUP.Optional.Youndoo
https://nicolascoolman.eu/2017/11/10/hijacker-browser-3/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Trojan.Agent
https://nicolascoolman.eu/2017/10/13/adware-tasksredirect/ =>Adware.TasksRedirect
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Adware.Wizzcaster
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.DefaultSearch
https://nicolascoolman.eu/2017/10/05/sup-browserextension/ =>.SUP.BrowserExtension
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.YouTubeAdBlock
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.SuperFind
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>.SUP.Linkury
https://nicolascoolman.eu/2017/09/07/pup-optional-salus/ =>PUP.Optional.Salus
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>BitTorrent (P2P)
https://nicolascoolman.eu/2017/02/28/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.Legacy
https://nicolascoolman.eu/2017/06/21/adware-fastdatax/ =>Adware.FastDataX
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.OneSystemCare
https://nicolascoolman.eu/2017/10/03/sup-systemhealer/ =>.SUP.SystemHealer
https://nicolascoolman.eu/2017/02/16/hacktool-kmspico/ =>HackTool.KMSpico
https://nicolascoolman.eu/2017/10/29/adware-weatherinspect/ =>Adware.WeatherInspect
https://nicolascoolman.eu/2017/03/02/adware-suspect/ =>Adware.Suspect
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Polluteware
https://nicolascoolman.eu/2017/09/15/adware-wizzcaster/ =>Heuristic.Wizzcaster
https://nicolascoolman.eu/2017/09/09/pup-optional-smartbar/ =>PUP.Optional.SmartBar
https://nicolascoolman.eu/2018/06/12/adware-icloader/ =>Adware.ICLoader
https://nicolascoolman.eu/2017/09/12/origine-lignes-orphelines/ =>.SUP.Orphan
https://nicolascoolman.eu/2018/06/11/pup-optional-fassistant/ =>PUP.Optional.FAssistant
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.SUP.Obsolete.Adobe
~ Unselected Options: O82,
~ End of the scan, 9304 items in 13mn10s (2430)(0)