start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart CHR StartupUrls: Profile 1 -> "hxxp://www.mystartsearch.com/?type=hp&ts=1419436407&from=amt&uid=SAMSUNGXHM641JI_S26XJ9EB301728" 2016-05-09 21:11 - 2016-01-20 18:40 - 00000000 ____D C:\WINDOWS\AutoKMS C:\WINDOWS\system32\Drivers\ri?kvm_AC437937.sys Task: {2DCFE4F1-F596-4A4F-B1D7-1D4401E33EB8} - \AutoKMS -> Pas de fichier <==== ATTENTION EmptyTemp: end