~ ZHPDiag v2016.5.29.100 By Nicolas Coolman (2016/05/29) ~ Run by Adrien (Administrator) (2016/06/02 02:25:29) ~ Web: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Adrien\Desktop\ZHPDiag.txt ~ Report: C:\Users\Adrien\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 8.1 Pro, 64-bit (Build 9600) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v50.0.2661.102 MFIE: Mozilla Firefox 44.0.2 (x86 fr) MSIE: Internet Explorer v11.0.9600.18321 ---\\ Windows Product Information (3) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (1) - 1s Windows Defender (Deactivate) ---\\ Information on the system (7) - 0s ~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8314.872 MB (82% free) System Restore: Activé (Enable) System drive C: has 135 GB () free of 953 GB Total RAM: 8314.872 MB (69% free) ---\\ Connection to the system mode (3) - 0s ~ Computer Name: GAMINGADRIEN ~ User Name: Adrien ~ Logged in as Administrator ---\\ Enumeration of the disk units (1) - 0s ~ Drive C: has 135 GB free of 953 GB (System) ---\\ State of the Windows Security Center (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (25) - 1s [MD5.B3541A5A20C6264781909B1B7FE54836] - 09/02/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2757616] =>.Microsoft Windows® [MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - 29/10/2014 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [54784] =>.Microsoft Corporation [MD5.EC302D06155F8E3C383750993FCB6B27] - 05/10/2015 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [146432] =>.Microsoft Corporation [MD5.6C4F624735E4BA0C4BE1707D9F34CEE3] - 22/04/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2596864] =>.Microsoft Corporation [MD5.B1102BBDDD9C87B3D609D6C08F7A3DBD] - 05/01/2016 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [570880] =>.Microsoft Corporation [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - 18/03/2014 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [447488] =>.Microsoft Corporation [MD5.A5675939CF0F99B20B5A3CFCC3C1B46A] - 29/10/2014 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [657920] =>.Microsoft Corporation [MD5.BD9C7A068C46053F8747CEA73B5930AB] - 29/10/2014 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [498688] =>.Microsoft Corporation [MD5.E37F897ED7B5AFF79B1398258DB96BD9] - 18/03/2014 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19456] =>.Microsoft Corporation [MD5.A460C3AF3755A2A79A3C8EFE72E147B5] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [559616] =>.Microsoft Corporation [MD5.74B14192CF79A72F7536B27CB8814FBD] - 22/08/2013 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [26464] =>.Microsoft Windows® [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - 22/08/2013 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [88576] =>.Microsoft Corporation [MD5.C6796EA22B513E3457514D92DCDB1A3D] - 22/08/2013 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [164352] =>.Microsoft Corporation [MD5.A03F362C5557E238CBFA914689C77248] - 20/10/2014 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [134144] =>.Microsoft Corporation [MD5.D4B7ED39C7900384D9E5C1283F1E7926] - 20/10/2014 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [76800] =>.Microsoft Corporation [MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - 04/11/2014 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [108544] =>.Microsoft Corporation [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - 18/03/2014 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [142848] =>.Microsoft Corporation [MD5.5DCD41F62F71519D2A46D41F60C69B0C] - 06/04/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [401920] =>.Microsoft Corporation [MD5.0217532E19A748F0E5D569307363D5FD] - 22/08/2013 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [282624] =>.Microsoft Corporation [MD5.9980B262DBE439AE6BDC91AA985F19EE] - 30/12/2015 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [2017624] =>.Microsoft Windows® [MD5.764B1121867B2D9B31C491668AC72B2B] - 22/08/2013 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [94208] =>.Microsoft Corporation [MD5.235624C147E3CB4C288D5D3D8E8D64A2] - 02/02/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [112640] =>.Microsoft Corporation [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - 18/03/2014 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [195584] =>.Microsoft Corporation [MD5.E0BD2D83875464FEEEB242CBA8B7E073] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [108032] =>.Microsoft Corporation [MD5.17F7B0F2298D97F4B6C7A69511033D3D] - 14/03/2016 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [316760] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (12) - 0s O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe =>.AMD O23 - Service: ACP User Service (amdacpusrsvc) . (.Advanced Micro Devices - AMD ACP Binaries.) - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe =>.Advanced Micro Devices O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Rapid Storage Technology® O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe =>.Cybelsoft® O23 - Service: Meghieb (Meghieb) . (...) - C:\Users\Adrien\AppData\Roaming\BummuvFalro\Wicvydh.exe (.not file.) O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - c:/postgreSQL/bin/pg_ctl.exe =>.PostgreSQL Global Development Group O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: Unsigned Themes (UnsignedThemes) . (.The Within Network, LLC - Unsigned themes service executable.) - C:\Windows\unsignedthemes.exe O23 - Service: YsLcckETGT (YsLcckETGT) . (...) - C:\ProgramData\BlFqGi\YsLcckETGT.exe (.not file.) =>PUP.Optional.Salus ---\\ Services not Microsoft (SR=Run, SS=Stop) (18) - 11s SR - Auto [23/12/2015] [ 246272] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe =>.AMD SR - Auto [23/12/2015] [ 121856] ACP User Service (amdacpusrsvc) . (.Advanced Micro Devices.) - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe =>.Advanced Micro Devices SS - Demand [26/02/2015] [ 1272592] Disc Soft Lite Bus Service (Disc Soft Lite Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe =>.Disc Soft Ltd® SS - Auto [21/05/2016] [ 154440] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [21/05/2016] [ 154440] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SR - Auto [04/12/2014] [ 19184] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Rapid Storage Technology® SS - Demand [13/05/2014] [ 887256] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service® SR - Auto [06/01/2015] [ 158496] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® SR - Auto [06/01/2015] [ 409376] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® SR - Auto [10/04/2015] [ 2823496] Ma-Config Agent (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe =>.Cybelsoft® SS - Demand [11/02/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SS - Demand [02/05/2016] [ 2120712] Origin Client Service (Origin Client Service) . (.Electronic Arts.) - C:\Program Files (x86)\Origin\OriginClientService.exe =>.Electronic Arts, Inc.® SS - Demand [19/05/2016] [ 1286896] Overwolf Updater Windows SCM (OverwolfUpdater) . (.Overwolf LTD.) - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe =>.Overwolf Ltd® SR - Auto [28/01/2011] [ 66048] postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) . (.PostgreSQL Global Development Group.) - c:/postgreSQL/bin/pg_ctl.exe =>.PostgreSQL Global Development Group SS - Auto [23/03/2016] [ 327808] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SS - Demand [30/04/2016] [ 835664] Steam Client Service (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe =>.Valve® SR - Auto [23/09/2013] [ 13824] Unsigned Themes (UnsignedThemes) . (.The Within Network, LLC.) - C:\Windows\unsignedthemes.exe ---\\ Task Planned Automatically (26) - 5s [MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.A75228DE9117A017BC7A3B44953B2648] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5529880] (.Activate.) =>.Piriform Ltd® [MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] (.Activate.) =>.Google Inc® [MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] (.Activate.) =>.Google Inc® [MD5.A4996BFA5C0C7D0F355D1DC8300EB014] [APT] [HP AR Program Upload - 3a463dcf767c4a97a563ae1be701371ac90c2bc0a116429cb660442b95748ae1] (.TODO: .) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPRewards.exe [3492896] (.Activate.) =>.Hewlett Packard® [MD5.A4996BFA5C0C7D0F355D1DC8300EB014] [APT] [HP AR Program Upload - 805027b8df2b49f2922619868040d0bf886b61a273204bb7956d2bd2acfd23e5] (.TODO: .) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPRewards.exe [3492896] (.Activate.) =>.Hewlett Packard® [MD5.A4996BFA5C0C7D0F355D1DC8300EB014] [APT] [HP AR Program Upload - 86e2cba60d4f403ab31853fe247f8d33ef04b49edd8e4309aaa9b902064c8af8] (.TODO: .) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPRewards.exe [3492896] (.Activate.) =>.Hewlett Packard® [MD5.A4996BFA5C0C7D0F355D1DC8300EB014] [APT] [HP AR Program Upload - b5461dea4fa74a6a9f0381c6eb70dacfffd2fe98a475487eb10a0061179ef4d7] (.TODO: .) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPRewards.exe [3492896] (.Activate.) =>.Hewlett Packard® [MD5.A4996BFA5C0C7D0F355D1DC8300EB014] [APT] [HP AR Program Upload - bbdee1ad6840450cae63ee2b9d0df756f6c7ea62c4c045cc82aef1cdbddfbeab] (.TODO: .) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPRewards.exe [3492896] (.Activate.) =>.Hewlett Packard® [MD5.CEC2EE3F2D7D9E14E1E1BAF0D740D860] [APT] [HPCustParticipation HP Deskjet 1510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5642272] (.Activate.) =>.Hewlett Packard® [MD5.705E5D37BDCB2236923E517D8338F587] [APT] [Overwolf Updater Task] (.Overwolf LTD.) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896] (.Activate.) =>.Overwolf Ltd® [MD5.00000000000000000000000000000000] [APT] [Wimrusm] (...) -- C:\PROGRA~1\SHOPPE~1\Jimpes.bat (.not file.) [0] (.Activate.) =>PUP.Optional.Shopper [MD5.00000000000000000000000000000000] [APT] [{418161AD-C789-4D5B-99AC-09C2C06ACAF1}] (...) -- C:\ProgramData\ZombieNews\uninstall.exe (.not file.) [0] (.Activate.) =>PUP.Optional.ZombieNews O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1098] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1102] =>.Google Inc® O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2800] =>.Piriform Ltd® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3838] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4074] =>.Google Inc® O39 - APT: HP AR Program Upload - 3a463dcf767c4a97a563ae1be701371ac90c2bc0a116429cb660442b95748ae1 - (.TODO: .) -- C:\Windows\System32\Tasks\HP AR Program Upload - 3a463dcf767c4a97a563ae1be701371ac90c2bc0a116429cb660442b95748ae1 [3556] =>.Hewlett Packard® O39 - APT: HP AR Program Upload - 805027b8df2b49f2922619868040d0bf886b61a273204bb7956d2bd2acfd23e5 - (.TODO: .) -- C:\Windows\System32\Tasks\HP AR Program Upload - 805027b8df2b49f2922619868040d0bf886b61a273204bb7956d2bd2acfd23e5 [3556] =>.Hewlett Packard® O39 - APT: HP AR Program Upload - 86e2cba60d4f403ab31853fe247f8d33ef04b49edd8e4309aaa9b902064c8af8 - (.TODO: .) -- C:\Windows\System32\Tasks\HP AR Program Upload - 86e2cba60d4f403ab31853fe247f8d33ef04b49edd8e4309aaa9b902064c8af8 [3556] =>.Hewlett Packard® O39 - APT: HP AR Program Upload - b5461dea4fa74a6a9f0381c6eb70dacfffd2fe98a475487eb10a0061179ef4d7 - (.TODO: .) -- C:\Windows\System32\Tasks\HP AR Program Upload - b5461dea4fa74a6a9f0381c6eb70dacfffd2fe98a475487eb10a0061179ef4d7 [3556] =>.Hewlett Packard® O39 - APT: HP AR Program Upload - bbdee1ad6840450cae63ee2b9d0df756f6c7ea62c4c045cc82aef1cdbddfbeab - (.TODO: .) -- C:\Windows\System32\Tasks\HP AR Program Upload - bbdee1ad6840450cae63ee2b9d0df756f6c7ea62c4c045cc82aef1cdbddfbeab [3556] =>.Hewlett Packard® O39 - APT: HPCustParticipation HP Deskjet 1510 series - (.Hewlett-Packard Co..) -- C:\Windows\System32\Tasks\HPCustParticipation HP Deskjet 1510 series [3626] =>.Hewlett Packard® O39 - APT: Overwolf Updater Task - (.Overwolf LTD.) -- C:\Windows\System32\Tasks\Overwolf Updater Task [3730] =>.Overwolf Ltd® O39 - APT: Wimrusm - (...) -- C:\Windows\System32\Tasks\Wimrusm [3340] (.Orphean.) =>PUP.Optional.Shopper ---\\ Process running (39) - 1s [MD5.E206E6D060C2A668282ED553E4FF6701] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [246272] [PID.912] =>.AMD [MD5.760CE443E09282AC4C0B67D67BA5E7FA] - (.The Within Network, LLC - Unsigned themes service executable.) -- C:\Windows\unsignedthemes.exe [13824] [PID.932] [MD5.E470D08F9CCCD36D7D3C40BB3FF32592] - (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856] [PID.1164] =>.Advanced Micro Devices [MD5.6DD50F7ABA4443A4032E3893D36A14C2] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [2823496] [PID.1316] =>.Cybelsoft® [MD5.9C0CFB556ABEA5DCF6978698BF12ED43] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [561152] [PID.1540] =>.AMD [MD5.2529DC83CB9B44930C6A161FD4EDEE5C] - (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) -- c:\postgreSQL\bin\pg_ctl.exe [66048] [PID.1816] =>.PostgreSQL Global Development Group [MD5.6B6CAC87B58D339F6C7A08CD9AE4B4BC] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- c:\postgreSQL\bin\postgres.exe [4538368] [PID.2004] =>.PostgreSQL Global Development Group [MD5.6B6CAC87B58D339F6C7A08CD9AE4B4BC] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- c:\postgreSQL\bin\postgres.exe [4538368] [PID.1060] =>.PostgreSQL Global Development Group [MD5.6B6CAC87B58D339F6C7A08CD9AE4B4BC] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- c:\postgreSQL\bin\postgres.exe [4538368] [PID.1952] =>.PostgreSQL Global Development Group [MD5.6B6CAC87B58D339F6C7A08CD9AE4B4BC] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- c:\postgreSQL\bin\postgres.exe [4538368] [PID.2020] =>.PostgreSQL Global Development Group [MD5.6B6CAC87B58D339F6C7A08CD9AE4B4BC] - (.PostgreSQL Global Development Group - PostgreSQL Server.) -- c:\postgreSQL\bin\postgres.exe [4538368] [PID.1884] =>.PostgreSQL Global Development Group [MD5.0FB69C93DB4A1EABCD53DB7346E5BD19] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8465112] [PID.3100] =>.Realtek Semiconductor Corp® [MD5.55A5249BC4737108A492B0DBE3CACCFD] - (.Advanced Micro Devices, Inc. - Radeon Settings: Host Application.) -- C:\Program Files\AMD\CNext\CNext\cnext.exe [4887752] [PID.3136] =>.Advanced Micro Devices, Inc.® [MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe [495616] [PID.3208] [MD5.9AC10DF42CC1E811BB8608A0B609A7D0] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552] [PID.3300] =>.Oracle America, Inc.® [MD5.126CD279A68CB82E53512B46B18F2B7C] - (.© 2011 - All authors - .) -- C:\Program Files\Rainmeter\Rainmeter.exe [36544] [PID.3364] =>.Open Source Developer, Rainmeter® [MD5.F679E30A5F7CE39F7FA134E61BD2D6D3] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe [7451928] [PID.3612] =>.Piriform Ltd® [MD5.B17B3A8C3A11D20F9D9C8F4D83DAF050] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312] [PID.3884] =>.Intel Corporation - Rapid Storage Technology® [MD5.7D6FFF60082AD63C5D8C67D7BDE7F034] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184] [PID.2520] =>.Intel Corporation - Rapid Storage Technology® [MD5.CA295D3E5032DDF8A3CBD1A256E646FA] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496] [PID.872] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® [MD5.DBA3BC9C377A867350099D693E8A3413] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [409376] [PID.2484] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® [MD5.0BF7AB806CA843EC2C9FD31CAC257974] - (.Oracle Corporation - Java Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [923184] [PID.2636] =>.Oracle America, Inc.® [MD5.4234E76A1B12C5F76B264C99540FD736] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [392136] [PID.1364] =>.Mozilla Corporation® [MD5.2D5C8C564EBE3BCAA7B8B10DCCE38799] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Adrien\AppData\Roaming\ZHP\ZHPDiag3.exe [2211840] [PID.6028] =>.Nicolas Coolman [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.1432] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.2984] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5420] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.1992] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5044] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5276] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.4324] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5492] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5104] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5712] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.4848] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5588] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.4820] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.5072] =>.Google Inc® [MD5.455927608C21945849E1A3E35E36671F] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [881304] [PID.2380] =>.Google Inc® ---\\ Google Chrome, Start,Search,Extensions (13) - 0s G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.fr G2 - GCE: Preference [User Data\Default] [aapbdbdomjkkjkaonfhkkikfgjllcleb] __MSG_8969005060131950570__ G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__ =>.AdblocPlus Plugin G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock G2 - GCE: Preference [User Data\Default] [kidhjpmgjfbkmcfpfakmdddddgfbhahj] RoboForm Lite Password Manager G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 0s P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation® P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla ---\\ Internet Explorer Extensions, Start, Search (19) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKEY_USERS\S-1-5-21-936815763-3737650582-318126129-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Proxy Management (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (29) ---\\ Browser Helper Object (BHO) (5) - 0s O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation® O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Orphean) O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean) ---\\ Auto loading programs from Registry and folders (21) - 1s O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe =>.Intel Corporation O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [AgentAntidote32] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 8\Programmes32\AgentAntidote.exe =>.Druide informatique inc. O4 - HKLM\..\Run: [AgentAntidote64] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 8\Programmes64\AgentAntidote.exe =>.Druide informatique inc. O4 - HKLM\..\Run: [StartCN] . (.Advanced Micro Devices, Inc. - Radeon Settings: Host Application.) -- C:\Program Files\AMD\CNext\CNext\cnext.exe =>.Advanced Micro Devices, Inc.® O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.Disc Soft Ltd® O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe O4 - HKCU\..\Run: [Overwolf] . (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Overwolf.exe =>.Overwolf Ltd® O4 - HKCU\..\Run: [Flvto YouTube Downloader] . (.Hotger - Flvto Youtube Downloader.) -- C:\Program Files (x86)\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe =>.Hotger O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKLM\..\Wow6432Node\Run: [Raptr] . (.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptrstub.exe =>.Raptr, Inc® O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Company® O4 - HKUS\S-1-5-21-936815763-3737650582-318126129-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\Steam.exe =>.Valve® O4 - HKUS\S-1-5-21-936815763-3737650582-318126129-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe =>.Disc Soft Ltd® O4 - HKUS\S-1-5-21-936815763-3737650582-318126129-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - HKUS\S-1-5-21-936815763-3737650582-318126129-1001\..\Run: [RocketDock] . (...) -- C:\Program Files (x86)\RocketDock\RocketDock.exe O4 - HKUS\S-1-5-21-936815763-3737650582-318126129-1001\..\Run: [Overwolf] . (.Overwolf LTD - Overwolf.) -- C:\Program Files (x86)\Overwolf\Overwolf.exe =>.Overwolf Ltd® O4 - HKUS\S-1-5-21-936815763-3737650582-318126129-1001\..\Run: [Flvto YouTube Downloader] . (.Hotger - Flvto Youtube Downloader.) -- C:\Program Files (x86)\Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe =>.Hotger O4 - HKUS\S-1-5-21-936815763-3737650582-318126129-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® ---\\ Global shortcuts Startup (43) - 2s O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Adrien\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrateur]: GeoGebra.lnk . (...) C:\Program Files (x86)\GeoGebra 5.0\GeoGebra.exe =>.International GeoGebra Institute® O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Administrateur]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\Adrien\AppData\Roaming\BitTorrent\BitTorrent.exe =>.BitTorrent Inc® O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrateur]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Administrateur]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [Administrateur]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [Administrateur]: Rainmeter.lnk . (.© 2011 - All authors - .) C:\Program Files\Rainmeter\Rainmeter.exe =>.Open Source Developer, Rainmeter® O4 - GS\Desktop [Adrien]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Adrien\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Adrien]: GeoGebra.lnk . (...) C:\Program Files (x86)\GeoGebra 5.0\GeoGebra.exe =>.International GeoGebra Institute® O4 - GS\Quicklaunch [Adrien]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Adrien]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [Adrien]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Adrien]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\Adrien\AppData\Roaming\BitTorrent\BitTorrent.exe =>.BitTorrent Inc® O4 - GS\TaskBar [Adrien]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Adrien]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Adrien]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Adrien]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [Adrien]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [Adrien]: Rainmeter.lnk . (.© 2011 - All authors - .) C:\Program Files\Rainmeter\Rainmeter.exe =>.Open Source Developer, Rainmeter® O4 - GS\Desktop [postgres]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Adrien\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [postgres]: GeoGebra.lnk . (...) C:\Program Files (x86)\GeoGebra 5.0\GeoGebra.exe =>.International GeoGebra Institute® O4 - GS\Quicklaunch [postgres]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [postgres]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [postgres]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [postgres]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\Adrien\AppData\Roaming\BitTorrent\BitTorrent.exe =>.BitTorrent Inc® O4 - GS\TaskBar [postgres]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [postgres]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [postgres]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [postgres]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH® O4 - GS\TaskBar [postgres]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [postgres]: Rainmeter.lnk . (.© 2011 - All authors - .) C:\Program Files\Rainmeter\Rainmeter.exe =>.Open Source Developer, Rainmeter® O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\CommonDesktop [Public]: Overwatch.lnk . (.Blizzard Entertainment - Overwatch Setup.) C:\Program Files (x86)\Overwatch\Overwatch Launcher.exe =>.Blizzard Entertainment, Inc.® O4 - GS\Programs [Public]: CNext.lnk . (.Advanced Micro Devices, Inc. - .) C:\Program Files (x86)\AMD\CNext\CNext\cnext.exe =>.Advanced Micro Devices, Inc. O4 - GS\Programs [Public]: Documents.lnk . (...) C:\Users\Adrien\Documents O4 - GS\Programs [Public]: Flvto YouTube Downloader.lnk . (...) C:\Users\Adrien\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe O4 - GS\Programs [Public]: Pictures.lnk . (...) C:\Users\Adrien\Pictures O4 - GS\Programs [Public]: Uninstall Flvto YouTube Downloader.lnk . (...) C:\Users\Adrien\AppData\Local\Flvto YouTube Downloader\UninstallFlvtoYoutubeDownloader.exe ---\\ Lop.com/Domain Hijackers (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{E41A01BB-905D-402A-82ED-1AC5775D8104}: DhcpNameServer = 192.168.1.1 192.168.1.1 ---\\ Extra protocols (23) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (106) - 9s O42 - Logiciel: Antidote 8 - (.Druide informatique inc..) [HKLM][64Bits] -- {09AAAB09-6DBA-4DD9-9865-54597D3FBCA8} =>.Druide informatique inc. O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net =>.Blizzard Entertainment, Inc.® O42 - Logiciel: BitTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- BitTorrent =>.BitTorrent Inc® O42 - Logiciel: Borderlands - Game of The Year Edition - (...) [HKLM][64Bits] -- Borderlands - Game of The Year Edition_is1 O42 - Logiciel: Borderlands GOTY Edition - (.Gearbox Software.) [HKLM][64Bits] -- {1CC0DD8C-EE82-4CC8-998E-4724D1588E71} =>.Gearbox Software O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: CPUID CPU-Z 1.72 - (...) [HKLM][64Bits] -- CPUID CPU-Z_is1 O42 - Logiciel: CPUID HWMonitor 1.27 - (...) [HKLM][64Bits] -- CPUID HWMonitor_is1 O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.Disc Soft Ltd® O42 - Logiciel: Diablo III - (.Blizzard Entertainment.) [HKLM][64Bits] -- Diablo III =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Diablo III Public Test - (.Blizzard Entertainment.) [HKLM][64Bits] -- Diablo III Public Test =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Étude pour l'amélioration du produit HP Deskjet 1510 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {CECC182D-3A3B-40CF-BA9F-12EC0A3F43C7} =>.Hewlett-Packard Co. O42 - Logiciel: Facture Devis Stocks (remove only) - (...) [HKLM][64Bits] -- LdfT O42 - Logiciel: FIFA 16 - (.Electronic Arts.) [HKLM][64Bits] -- {28FA2805-7992-4A28-844B-040C57204718} =>.Electronic Arts O42 - Logiciel: Flvto Youtube Downloader - (.Hotger.) [HKLM][64Bits] -- Flvto Youtube Downloader =>.Hotger O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory =>.Format Factory O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- {2AB6432C-5B78-42FE-A9B5-D42A4FE403BB} =>.Foxit Software Inc. O42 - Logiciel: GeoGebra 5 - (.International GeoGebra Institute.) [HKLM][64Bits] -- GeoGebra 5 =>.International GeoGebra Institute O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Grand Theft Auto V - (.Rockstar Games.) [HKLM][64Bits] -- {E01FA564-2094-4833-8F2F-1FFEC6AFCC46} =>.Rockstar Games O42 - Logiciel: Heroes of the Storm - (.Blizzard Entertainment.) [HKLM][64Bits] -- Heroes of the Storm =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Holdem Manager 2 - (...) [HKLM][64Bits] -- HoldemManager2 O42 - Logiciel: HP Deskjet 1510 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {00645C10-53C9-46DC-B7D0-6F7B006972E9} =>.Hewlett Packard O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM][64Bits] -- HP Photo Creations =>.Visan Industries® O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2} =>.Hewlett-Packard O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {9A431D9C-9FC9-454E-AC8D-15DBAA6ED0F7} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {3F94FE8B-BD63-4E8C-9F08-602BE1961E1D} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {E4E75758-4648-4802-87D3-29E3F874B260} =>.Intel Corporation O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {7A267678-A258-471B-9035-A51E068531C8} =>.Intel Corporation O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {456212A9-773C-406D-94A8-589A720841B7} =>.Intel Corporation O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {1B444AF9-1DBE-4884-8F35-969BEFCF69A8} =>.Intel Corporation O42 - Logiciel: Java 8 Update 25 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418025F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 60 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418060F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: Java SE Development Kit 8 Update 60 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180600} =>.Oracle Corporation O42 - Logiciel: K-Lite Mega Codec Pack 10.8.0 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Logiciel de base du périphérique HP Deskjet 1510 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {D82BB990-FD99-4557-AD57-CDF63810485E} =>.Hewlett-Packard Co. O42 - Logiciel: Logiciel pour périphérique à chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {5a6a5d15-d5af-417c-b08f-f7e5eb1f98af} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {7713B2C6-A0E1-47EA-BD3B-B22F22F7C010} =>.CybelSoft O42 - Logiciel: ManyCam 2.6.65 (remove only) - (.ManyCam LLC.) [HKLM][64Bits] -- ManyCam =>.ManyCam LLC O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-040C-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 Refresh - (.Microsoft Corporation.) [HKLM][64Bits] -- {D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F} =>.Microsoft Corporation O42 - Logiciel: Mini Metro - (.GOG.com.) [HKLM][64Bits] -- 1434554947_is1 =>.GOG Limited® O42 - Logiciel: Monopoly Deluxe - (.Zylom Games.) [HKLM][64Bits] -- Monopoly Deluxe =>.Zylom Games O42 - Logiciel: Mouse Recorder Pro 2.0.7.6 - (.Nemex Studios.) [HKLM][64Bits] -- {889E44CE-435C-4D37-B302-A7E43339E5FA}_is1 O42 - Logiciel: Mozilla Firefox 44.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 44.0.2 (x86 fr) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: Mumble 1.2.8 - (.Thorvald Natvig.) [HKLM][64Bits] -- {5D198290-6E7D-426C-9AF0-8DA34CC7E596} =>.Thorvald Natvig O42 - Logiciel: NetOn 2.1 - (.Rct-Net.de.) [HKLM][64Bits] -- NetOn 2_is1 O42 - Logiciel: OpenOffice 4.1.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {121727D5-FDF3-4723-BA57-EB383440ED72} =>.Apache Software Foundation O42 - Logiciel: Ori and the Blind Forest - (.Moon Studio.) [HKLM][64Bits] -- {56781D5B-FD93-4A72-958E-9F206619C421}_is1 O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM][64Bits] -- Origin =>.Electronic Arts, Inc. O42 - Logiciel: Outil de téléchargement USB/DVD Windows 7 - (.Microsoft Corporation.) [HKLM][64Bits] -- {5F8683B5-5056-411C-B808-B289E29E9BBB} =>.Microsoft Corporation O42 - Logiciel: Overwatch - (.Blizzard Entertainment.) [HKLM][64Bits] -- Overwatch =>.Blizzard Entertainment, Inc.® O42 - Logiciel: Overwolf - (.Overwolf Ltd..) [HKLM][64Bits] -- Overwolf =>.Overwolf Ltd® O42 - Logiciel: PhotoFiltre 7 - (...) [HKCU][64Bits] -- PhotoFiltre 7 O42 - Logiciel: PlanetSide 2 - (.Sony Online Entertainment.) [HKCU][64Bits] -- SOE-PlanetSide 2 =>.Sony Online Entertainment® O42 - Logiciel: PlanetSide 2 - (.Sony Online Entertainment.) [HKLM][64Bits] -- Steam App 218230 =>.Valve® O42 - Logiciel: Poker SwissKnife - (.GroupeMTT.) [HKCU][64Bits] -- 6e34e7ffa7e30ecb =>.GroupeMTT O42 - Logiciel: PokerStrategy.com Equilab - (.PokerStrategy.com.) [HKLM][64Bits] -- {86D09F48-CDAB-4B4C-8806-F6C16F17935A} =>.PokerStrategy.com O42 - Logiciel: PostgreSQL 8.4 - (.PostgreSQL Global Development Group.) [HKLM][64Bits] -- PostgreSQL 8.4 =>.PostgreSQL Global Development Group O42 - Logiciel: Project CARS - (.Slightly Mad Studios.) [HKLM][64Bits] -- Steam App 234630 =>.Valve® O42 - Logiciel: Rainmeter - (...) [HKLM][64Bits] -- Rainmeter O42 - Logiciel: Raptr - (...) [HKLM][64Bits] -- Raptr O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp® O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM][64Bits] -- RocketDock_is1 =>.Punk Software O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] -- Rockstar Games Social Club =>.Take-Two Interactive Software, Inc.® O42 - Logiciel: Security Update for Skype for Business 2015 (KB3114944) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3A452E83-222D-4C9E-A80A-CB5F306824DF} =>.Microsoft Corporation® O42 - Logiciel: Security Update for Skype for Business 2015 (KB3114944) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3A452E83-222D-4C9E-A80A-CB5F306824DF} =>.Microsoft Corporation® O42 - Logiciel: Security Update for Skype for Business 2015 (KB3114944) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{3A452E83-222D-4C9E-A80A-CB5F306824DF} =>.Microsoft Corporation® O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation O42 - Logiciel: Skype™ 7.22 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A. O42 - Logiciel: Stardew Valley - (.GOG.com.) [HKLM][64Bits] -- 1453375253_is1 =>.GOG Limited® O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam =>.Valve® O42 - Logiciel: System Requirements Lab Detection - (.Husdawg, LLC.) [HKLM][64Bits] -- {7AF84307-3B88-4547-B2A2-9DC81911C0C4} =>.Husdawg, LLC O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH O42 - Logiciel: TechPowerUp GPU-Z - (.TechPowerUp.) [HKLM][64Bits] -- TechPowerUp GPU-Z =>.TechPowerUp O42 - Logiciel: The Binding of Isaac Afterbirth version 1.0 - (.REVOLUTiONiT.) [HKLM][64Bits] -- {FD3E10FB-B2C9-483B-8ADD-DC552F753B5B}_is1 =>.REVOLUTiONiT O42 - Logiciel: The Sims 3 - (.Electronic Arts.) [HKLM][64Bits] -- {5F1F4CF1-05E7-4FCD-AE0C-7560A0F00699} =>.Electronic Arts O42 - Logiciel: Tree of Savior (English Ver.) - (.IMCGAMES Co.,Ltd..) [HKLM][64Bits] -- Steam App 372000 =>.Valve® O42 - Logiciel: Trivial - (...) [HKLM][64Bits] -- ST5UNST #1 O42 - Logiciel: Trivial Pursuit Genus Edition Deluxe - (.Zylom Games.) [HKCU][64Bits] -- Trivial Pursuit Genus Edition Deluxe =>.Zylom Games O42 - Logiciel: Update for Skype for Business 2015 (KB3039776) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{8B3A877E-1B73-464A-AD21-9F26A0682AC6} =>.Microsoft Corporation® O42 - Logiciel: Uplay - (.Ubisoft.) [HKLM][64Bits] -- Uplay =>.Ubisoft Entertainment Sweden AB® O42 - Logiciel: UxStyle - (.The Within Network, LLC.) [HKLM][64Bits] -- {05560347-3a9b-4644-a8ed-8b64cc947189} {1121A4D35C720E701B33E48D37935CBE4BD5} O42 - Logiciel: UxStyle - (.The Within Network, LLC.) [HKLM][64Bits] -- {86D24646-DAF6-4F5E-BCAD-CF7EF8E362E1} O42 - Logiciel: Visuel intégré - (.Druide informatique inc..) [HKLM][64Bits] -- {D6A48C7F-A0F8-46A5-A1ED-F45A62FE93BF} =>.Druide informatique inc. O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Winamax - (.Winamax.) [HKCU][64Bits] -- Winamax 3.8.1 =>.Winamax O42 - Logiciel: Winamax - (.Winamax.) [HKCU][64Bits] -- Winamax 4.2.3 =>.Winamax O42 - Logiciel: WinRAR 5.11 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® ---\\ HKCU & HKLM Software Keys (134) - 9s HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\ATI Technologies HKLM\SOFTWARE\Wow6432Node\AviSynth HKLM\SOFTWARE\Wow6432Node\Bethesda Softworks HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment HKLM\SOFTWARE\Wow6432Node\Caphyon HKLM\SOFTWARE\Wow6432Node\CDV Software Entertainment AG HKLM\SOFTWARE\Wow6432Node\Crytek HKLM\SOFTWARE\Wow6432Node\Cygwin HKLM\SOFTWARE\Wow6432Node\Druide informatique inc. HKLM\SOFTWARE\Wow6432Node\EA Games HKLM\SOFTWARE\Wow6432Node\EA Sports HKLM\SOFTWARE\Wow6432Node\EasyAntiCheat HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\Flvto Youtube Downloader HKLM\SOFTWARE\Wow6432Node\Foxit Software HKLM\SOFTWARE\Wow6432Node\Gearbox Software HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\GOG.com HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Infogrames HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\ManyCam HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OpenOffice HKLM\SOFTWARE\Wow6432Node\Origin HKLM\SOFTWARE\Wow6432Node\Origin Games HKLM\SOFTWARE\Wow6432Node\Overwolf HKLM\SOFTWARE\Wow6432Node\PostgreSQL HKLM\SOFTWARE\Wow6432Node\PostgreSQL Global Development Group HKLM\SOFTWARE\Wow6432Node\PowerPivot HKLM\SOFTWARE\Wow6432Node\Rainmeter HKLM\SOFTWARE\Wow6432Node\Raptr HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\RocketLife HKLM\SOFTWARE\Wow6432Node\Rockstar Games HKLM\SOFTWARE\Wow6432Node\Sims HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\TeamSpeak 3 Client HKLM\SOFTWARE\Wow6432Node\Ubisoft HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Visan HKLM\SOFTWARE\Wow6432Node\Visicom Media HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\3a6ad4c5-127f-4668-888b-e8e7a31031c2 =>PUP.Optional.CrossRider HKCU\SOFTWARE\AhnLab HKCU\SOFTWARE\AMD HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\ATI HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Blizzard Entertainment HKCU\SOFTWARE\Boneloaf HKCU\SOFTWARE\Clubic HKCU\SOFTWARE\Crytek HKCU\SOFTWARE\Cygwin HKCU\SOFTWARE\Dinosaur Polo Club HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\Druide informatique inc. HKCU\SOFTWARE\Electronic Arts HKCU\SOFTWARE\FlvtoConverter HKCU\SOFTWARE\Foxit Software HKCU\SOFTWARE\Freejam HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\Gaijin HKCU\SOFTWARE\GameSpy HKCU\SOFTWARE\GNU HKCU\SOFTWARE\GOG.com HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\hotger HKCU\SOFTWARE\HP HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\InstallPath HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\LeaderTech HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\ManyCam HKCU\SOFTWARE\ManyCam 2.4 HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Mumble HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Novell HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\OpenOffice HKCU\SOFTWARE\Overwolf HKCU\SOFTWARE\PASG HKCU\SOFTWARE\PhotoFiltre 7 HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\PopCap HKCU\SOFTWARE\Raptr HKCU\SOFTWARE\Razer HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\RocketDock HKCU\SOFTWARE\SecuROM HKCU\SOFTWARE\sj HKCU\SOFTWARE\Skype HKCU\SOFTWARE\TeamSpeak 3 Client HKCU\SOFTWARE\techPowerUp HKCU\SOFTWARE\THETA AnIn HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Ubisoft HKCU\SOFTWARE\Unity HKCU\SOFTWARE\Valve HKCU\SOFTWARE\Visan HKCU\SOFTWARE\Visicom Media HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\Zylom HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft ---\\ Contents of the Common Files folders (334) - 8s O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\AMD O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\ATI O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Common Files O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\CPUID =>.CPUID® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\DAEMON Tools Lite =>.Disc Soft Ltd® O43 - CFD: 24/04/2015 - [0] SHD -- C:\Program Files\Fichiers communs O43 - CFD: 30/09/2015 - [] D -- C:\Program Files\HP =>.Hewlett Packard® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Intel =>.Intel Corporation - Rapid Storage Technology® O43 - CFD: 15/05/2016 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 30/09/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\ma-config.com =>.Cybelsoft® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 13/01/2016 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Microsoft SQL Server O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 26/04/2015 - [] D -- C:\Program Files\MSBuild O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Rainmeter =>.Open Source Developer, Rainmeter® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics® O43 - CFD: 26/04/2015 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 07/04/2016 - [] D -- C:\Program Files\Rockstar Games =>.Take-Two Interactive Software, Inc.® O43 - CFD: 22/08/2013 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 09/11/2015 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation® O43 - CFD: 11/05/2016 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 09/11/2015 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 09/11/2015 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 27/04/2015 - [] D -- C:\Program Files\Windows Multimedia Platform O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Windows NT O43 - CFD: 09/11/2015 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 27/04/2015 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 22/08/2013 - [] SHD -- C:\Program Files\Windows Sidebar O43 - CFD: 31/05/2016 - [] HD -- C:\Program Files\WindowsApps O43 - CFD: 27/04/2015 - [] D -- C:\Program Files\WindowsPowerShell O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 02/05/2015 - [] D -- C:\Program Files (x86)\2K Games O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\AMD O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\AMD AVT O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\ATI Technologies O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Battle.net =>.Blizzard Entertainment, Inc.® O43 - CFD: 13/05/2015 - [] D -- C:\Program Files (x86)\Beat Hazard Ultra O43 - CFD: 26/04/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 03/05/2016 - [] D -- C:\Program Files (x86)\Diablo III =>.Blizzard Entertainment, Inc.® O43 - CFD: 03/05/2016 - [] D -- C:\Program Files (x86)\Diablo III Public Test =>.Blizzard Entertainment, Inc.® O43 - CFD: 25/01/2016 - [] D -- C:\Program Files (x86)\Druide O43 - CFD: 25/01/2016 - [0] D -- C:\Program Files (x86)\Electronic Arts O43 - CFD: 28/09/2015 - [] D -- C:\Program Files (x86)\FactDevStocks O43 - CFD: 13/05/2015 - [] D -- C:\Program Files (x86)\Flvto Youtube Downloader O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit Software Incorporated® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\FreeTime =>.chen jun hao® O43 - CFD: 05/02/2016 - [] D -- C:\Program Files (x86)\Gang.Beasts.v0.3.0 O43 - CFD: 13/09/2015 - [] D -- C:\Program Files (x86)\GeoGebra 5.0 =>.International GeoGebra Institute® O43 - CFD: 21/05/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\GPU-Z =>.TechPowerUp Ltd® O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Heroes of the Storm =>.Blizzard Entertainment, Inc.® O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Hewlett-Packard =>.Hewlett-Packard Company® O43 - CFD: 20/09/2015 - [] D -- C:\Program Files (x86)\Holdem Manager 2 O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\HP =>.Hewlett-Packard Company® O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\HP Photo Creations =>.Visan Industries® O43 - CFD: 06/02/2016 - [] D -- C:\Program Files (x86)\IGG-Move.or.Die.v1.0.9 O43 - CFD: 27/01/2016 - [] D -- C:\Program Files (x86)\Infogrames O43 - CFD: 27/01/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.Realtek Semiconductor Corp® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O43 - CFD: 15/05/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\ManyCam =>.Superfluous.VisicomMedia O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 13/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Microsoft XNA =>.Microsoft Corporation® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 25/02/2016 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 25/02/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 26/04/2015 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 28/04/2015 - [] D -- C:\Program Files (x86)\Mumble =>.mkrautz.dk® O43 - CFD: 19/01/2016 - [] D -- C:\Program Files (x86)\Nemex O43 - CFD: 30/04/2015 - [] D -- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\OpenOffice 4 O43 - CFD: 02/05/2016 - [] D -- C:\Program Files (x86)\Origin =>.Electronic Arts, Inc.® O43 - CFD: 26/04/2016 - [] D -- C:\Program Files (x86)\Origin Games =>.Electronic Arts® O43 - CFD: 23/05/2016 - [] D -- C:\Program Files (x86)\Overwatch =>.Blizzard Entertainment, Inc.® O43 - CFD: 31/05/2016 - [] D -- C:\Program Files (x86)\Overwolf =>.Overwolf Ltd® O43 - CFD: 30/03/2016 - [] D -- C:\Program Files (x86)\Peggle Deluxe O43 - CFD: 30/03/2016 - [] D -- C:\Program Files (x86)\Peggle Nights O43 - CFD: 08/08/2015 - [] D -- C:\Program Files (x86)\PhotoFiltre 7 O43 - CFD: 20/09/2015 - [] D -- C:\Program Files (x86)\PokerStrategy.com O43 - CFD: 27/01/2016 - [] D -- C:\Program Files (x86)\Prison Architect O43 - CFD: 10/01/2016 - [] D -- C:\Program Files (x86)\Raptr =>.Raptr, Inc® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek Semiconductor Corp® O43 - CFD: 26/04/2015 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\RocketDock O43 - CFD: 07/04/2016 - [] D -- C:\Program Files (x86)\Rockstar Games =>.Take-Two Interactive Software, Inc.® O43 - CFD: 28/05/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 12/05/2016 - [] D -- C:\Program Files (x86)\Steam =>.Valve® O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\SystemRequirementsLab O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\TeamSpeak 3 Client O43 - CFD: 24/04/2015 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\The Binding of Isaac Rebirth O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Ubisoft =>.Ubisoft Entertainment Sweden AB® O43 - CFD: 05/05/2015 - [] D -- C:\Program Files (x86)\Versus Evil O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 27/04/2015 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 27/04/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 22/08/2013 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 04/05/2015 - [] D -- C:\Program Files (x86)\Zylom Games O43 - CFD: 02/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games O43 - CFD: 27/04/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 27/04/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings O43 - CFD: 19/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antidote O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III O43 - CFD: 04/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test O43 - CFD: 29/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divine Divinity O43 - CFD: 04/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Démarrage O43 - CFD: 13/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flvto Youtube Downloader O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader O43 - CFD: 25/04/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 13/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 5 O43 - CFD: 03/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm O43 - CFD: 20/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Holdem Manager 2 O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 27/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infogrames O43 - CFD: 24/04/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com O43 - CFD: 25/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroGamer O43 - CFD: 22/08/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 19/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mephisto O43 - CFD: 11/05/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 O43 - CFD: 13/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mini Metro [GOG.com] O43 - CFD: 19/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Recorder Pro 2 O43 - CFD: 28/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble O43 - CFD: 25/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetOn 2 O43 - CFD: 30/09/2015 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 O43 - CFD: 03/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch O43 - CFD: 08/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 O43 - CFD: 20/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com O43 - CFD: 20/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.4 O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock O43 - CFD: 08/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 17/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardew Valley [GOG.com] O43 - CFD: 22/08/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 27/04/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 18/03/2014 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Binding of Isaac Rebirth O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 04/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom Games O43 - CFD: 25/01/2016 - [] D -- C:\ProgramData\19a87fa1ec024bbcbb41931263354405 =>Adware.Suspect O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\AMD O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 17/02/2016 - [] D -- C:\ProgramData\Battle.net O43 - CFD: 03/01/2016 - [] D -- C:\ProgramData\Blizzard Entertainment O43 - CFD: 24/04/2015 - [0] SHD -- C:\ProgramData\Bureau O43 - CFD: 26/04/2015 - [] D -- C:\ProgramData\Caphyon O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 26/04/2016 - [] D -- C:\ProgramData\Electronic Arts O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\HP O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\HP Photo Creations O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Intel O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\ma-config.com O43 - CFD: 24/04/2015 - [0] SHD -- C:\ProgramData\Menu Démarrer O43 - CFD: 23/08/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 11/05/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 24/04/2015 - [0] SHD -- C:\ProgramData\Modèles O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 23/05/2016 - [] D -- C:\ProgramData\Origin O43 - CFD: 29/04/2015 - [] D -- C:\ProgramData\Overwolf O43 - CFD: 26/04/2016 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 30/03/2016 - [] D -- C:\ProgramData\PopCap Games O43 - CFD: 27/04/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 25/01/2016 - [] D -- C:\ProgramData\Service1104 =>Heuristic.Graftor O43 - CFD: 24/04/2016 - [] D -- C:\ProgramData\Skype O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 02/05/2015 - [] D -- C:\ProgramData\Steam O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Sun O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\Visan O43 - CFD: 29/05/2015 - [] D -- C:\ProgramData\WindSolutions O43 - CFD: 20/09/2015 - [] D -- C:\ProgramData\XHEO INC O43 - CFD: 04/05/2015 - [] D -- C:\ProgramData\Zylom O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 26/04/2016 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 24/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Overwolf O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\Common Files\PostureAgent O43 - CFD: 22/08/2013 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 24/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 09/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 27/04/2015 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 01/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\.minecraft O43 - CFD: 27/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\.mono O43 - CFD: 16/09/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Adobe O43 - CFD: 29/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\AMD O43 - CFD: 25/01/2016 - [0] D -- C:\Users\Adrien\AppData\Roaming\Atari O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\ATI O43 - CFD: 17/02/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\Battle.net O43 - CFD: 13/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Beat Hazard O43 - CFD: 31/05/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\BitTorrent O43 - CFD: 16/09/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\com.winamax.chat O43 - CFD: 01/05/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Druide O43 - CFD: 24/11/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\dvdcss O43 - CFD: 13/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\FlvtoConverter O43 - CFD: 05/09/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Foxit Software O43 - CFD: 20/09/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\HEM Data O43 - CFD: 13/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Hive Cluster O43 - CFD: 08/10/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\HoldemManager O43 - CFD: 13/12/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\HpUpdate O43 - CFD: 04/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Identities O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Intel Corporation O43 - CFD: 29/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\java O43 - CFD: 24/07/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Leadertech O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\library_dir O43 - CFD: 06/02/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\LOVE O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Macromedia O43 - CFD: 10/04/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\ManyCam =>.Superfluous.VisicomMedia O43 - CFD: 25/02/2016 - [] SD -- C:\Users\Adrien\AppData\Roaming\Microsoft O43 - CFD: 19/01/2016 - [0] D -- C:\Users\Adrien\AppData\Roaming\Mouse Recorder Pro O43 - CFD: 23/08/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Mozilla O43 - CFD: 01/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Mumble O43 - CFD: 30/09/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\OpenOffice O43 - CFD: 02/05/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\Origin O43 - CFD: 08/08/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\PhotoFiltre 7 O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Rainmeter O43 - CFD: 15/02/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\Raptr O43 - CFD: 01/05/2015 - [] RHD -- C:\Users\Adrien\AppData\Roaming\SecuROM O43 - CFD: 15/05/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\Skype O43 - CFD: 18/04/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\StardewValley O43 - CFD: 30/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Steam O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Sun O43 - CFD: 05/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\TheBannerSaga O43 - CFD: 26/05/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\TS3Client O43 - CFD: 02/06/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\vlc O43 - CFD: 05/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1 O43 - CFD: 29/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\WindSolutions O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\WinRAR O43 - CFD: 29/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Yacht Club Games O43 - CFD: 02/06/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\ZHP O43 - CFD: 04/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Zylom O43 - CFD: 28/09/2015 - [] D -- C:\Users\Adrien\AppData\Local\AaLgcFre O43 - CFD: 27/01/2016 - [] D -- C:\Users\Adrien\AppData\Local\AMD O43 - CFD: 24/04/2015 - [0] SHD -- C:\Users\Adrien\AppData\Local\Application Data O43 - CFD: 25/02/2016 - [] D -- C:\Users\Adrien\AppData\Local\Apps O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Local\ATI O43 - CFD: 26/05/2016 - [] D -- C:\Users\Adrien\AppData\Local\Battle.net O43 - CFD: 25/10/2015 - [] D -- C:\Users\Adrien\AppData\Local\BigHugeEngine O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Local\Blizzard Entertainment O43 - CFD: 26/07/2015 - [] D -- C:\Users\Adrien\AppData\Local\CEF O43 - CFD: 26/01/2016 - [0] D -- C:\Users\Adrien\AppData\Local\Deployment O43 - CFD: 12/04/2016 - [0] D -- C:\Users\Adrien\AppData\Local\Diagnostics O43 - CFD: 20/09/2015 - [] D -- C:\Users\Adrien\AppData\Local\Downloaded Installations O43 - CFD: 29/09/2015 - [0] D -- C:\Users\Adrien\AppData\Local\ElevatedDiagnostics O43 - CFD: 14/08/2015 - [0] SHD -- C:\Users\Adrien\AppData\Local\EmieSiteList O43 - CFD: 14/08/2015 - [0] SHD -- C:\Users\Adrien\AppData\Local\EmieUserList O43 - CFD: 25/10/2015 - [] D -- C:\Users\Adrien\AppData\Local\Equilab O43 - CFD: 13/05/2015 - [] D -- C:\Users\Adrien\AppData\Local\Flvto YouTube Downloader O43 - CFD: 21/05/2016 - [] D -- C:\Users\Adrien\AppData\Local\Google O43 - CFD: 13/06/2015 - [] D -- C:\Users\Adrien\AppData\Local\GWX O43 - CFD: 24/04/2015 - [0] SHD -- C:\Users\Adrien\AppData\Local\Historique O43 - CFD: 20/09/2015 - [] D -- C:\Users\Adrien\AppData\Local\Hold'em_Manager O43 - CFD: 13/05/2015 - [] D -- C:\Users\Adrien\AppData\Local\Hotger O43 - CFD: 30/09/2015 - [] D -- C:\Users\Adrien\AppData\Local\HP O43 - CFD: 10/12/2015 - [] D -- C:\Users\Adrien\AppData\Local\Introversion O43 - CFD: 20/09/2015 - [] D -- C:\Users\Adrien\AppData\Local\IsolatedStorage O43 - CFD: 10/04/2016 - [] D -- C:\Users\Adrien\AppData\Local\ManyCam =>.Superfluous.VisicomMedia O43 - CFD: 18/10/2015 - [] D -- C:\Users\Adrien\AppData\Local\Microsoft O43 - CFD: 06/01/2016 - [] D -- C:\Users\Adrien\AppData\Local\Microsoft Help O43 - CFD: 23/08/2015 - [] D -- C:\Users\Adrien\AppData\Local\Mozilla O43 - CFD: 19/01/2016 - [] D -- C:\Users\Adrien\AppData\Local\Nemex O43 - CFD: 29/04/2015 - [0] D -- C:\Users\Adrien\AppData\Local\NFS Underground 2 O43 - CFD: 19/11/2015 - [] D -- C:\Users\Adrien\AppData\Local\Ori and the Blind Forest O43 - CFD: 26/04/2016 - [] D -- C:\Users\Adrien\AppData\Local\Origin O43 - CFD: 26/05/2016 - [] D -- C:\Users\Adrien\AppData\Local\Overwolf O43 - CFD: 01/05/2016 - [] D -- C:\Users\Adrien\AppData\Local\Packages O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Local\Programs O43 - CFD: 28/05/2016 - [] D -- C:\Users\Adrien\AppData\Local\Purplizer O43 - CFD: 08/06/2015 - [] D -- C:\Users\Adrien\AppData\Local\Rockstar Games O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Local\SCE O43 - CFD: 25/10/2015 - [] D -- C:\Users\Adrien\AppData\Local\SKIDROW O43 - CFD: 23/12/2015 - [0] D -- C:\Users\Adrien\AppData\Local\Skype O43 - CFD: 17/03/2016 - [0] D -- C:\Users\Adrien\AppData\Local\StardewValley O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Local\Steam O43 - CFD: 02/06/2016 - [] D -- C:\Users\Adrien\AppData\Local\Temp O43 - CFD: 25/01/2016 - [0] D -- C:\Users\Adrien\AppData\Local\Tempfolder O43 - CFD: 24/04/2015 - [0] SHD -- C:\Users\Adrien\AppData\Local\Temporary Internet Files O43 - CFD: 28/09/2015 - [] D -- C:\Users\Adrien\AppData\Local\Ubisoft Game Launcher O43 - CFD: 26/07/2015 - [] D -- C:\Users\Adrien\AppData\Local\VirtualStore O43 - CFD: 04/05/2015 - [] D -- C:\Users\Adrien\AppData\Local\Zylom Games O43 - CFD: 24/04/2015 - [0] D -- C:\Users\Adrien\AppData\Local\Programs\Common O43 - CFD: 20/10/2014 - [] RD -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 22/08/2013 - [] RD -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17/04/2016 - [] RD -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 13/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beat Hazard Ultra O43 - CFD: 29/04/2015 - [0] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Divine Divinity O43 - CFD: 04/05/2015 - [0] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Démarrage O43 - CFD: 28/09/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FactDevStocks O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 20/09/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GroupeMTT O43 - CFD: 22/08/2013 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 25/02/2016 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outil de téléchargement USB DVD Windows 7 O43 - CFD: 29/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf O43 - CFD: 08/08/2015 - [0] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7 O43 - CFD: 17/04/2016 - [] RD -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 20/10/2014 - [] RD -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft O43 - CFD: 24/04/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamax O43 - CFD: 04/05/2015 - [] D -- C:\Users\Adrien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zylom Games O43 - CFD: 0 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Apps O43 - CFD: 29/04/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft O43 - CFD: 0 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Packages ---\\ Latest files created in Prefetcher (2) - 4s O45 - LFCP:[MD5.802940588C1560740199428C6C86603E] 25/01/2016 A -- C:\Windows\Prefetch\BROWSERAIR.EXE-A11C191A.pf =>PUP.Optional.BrowserAir O45 - LFCP:[MD5.24CEC7346560087A449DB3A070FD6BAB] 10/04/2016 A -- C:\Windows\Prefetch\MANYCAM.EXE-0A8FEC38.pf =>.Superfluous.VisicomMedia ---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 1s O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation® ---\\ System Drivers List (48) - 1s O58 - SDL:2013/08/22 14:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176] =>.Microsoft Windows® O58 - SDL:2015/12/23 18:26:00 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\drivers\amdacpksd.sys [296648] =>.Advanced Micro Devices, Inc.® O58 - SDL:2014/12/21 05:38:02 A . (.Windows (R) Win 7 DDK provider - KSL Kernel-Mode Dll.) -- C:\Windows\System32\drivers\amdacpksl.sys [143360] =>.Windows (R) Win 7 DDK provider O58 - SDL:2012/09/23 01:17:24 A . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmafd.sys [21160] =>.Advanced Micro Devices, Inc.® O58 - SDL:2014/10/28 01:46:14 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmpfd.sys [62152] =>.Advanced Micro Devices, Inc.® O58 - SDL:2013/08/22 14:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016] =>.Microsoft Windows® O58 - SDL:2015/07/15 12:20:38 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdWB6.sys [102912] =>.Advanced Micro Devices O58 - SDL:2015/12/23 18:22:32 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [23973888] =>.Advanced Micro Devices, Inc. O58 - SDL:2015/12/23 17:26:38 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [672256] =>.Advanced Micro Devices, Inc. O58 - SDL:2013/08/13 01:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] =>.Broadcom Corporation® O58 - SDL:2013/08/22 14:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows® O58 - SDL:2015/04/24 14:46:24 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) -- C:\Windows\System32\drivers\dtlitescsibus.sys [30352] =>.Disc Soft Ltd® O58 - SDL:2013/08/22 14:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows® O58 - SDL:2013/07/30 20:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2013/07/25 21:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] =>.Intel Corporation - Software and Firmware Products® O58 - SDL:2014/12/04 20:22:16 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\Windows\System32\drivers\iaStorA.sys [1399536] =>.Intel Corporation - Rapid Storage Technology® O58 - SDL:2013/08/10 02:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2013/08/22 14:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows® O58 - SDL:2008/03/13 09:46:00 A . (.ManyCam LLC. - ManyCam Virtual Webcam, WDM Video Capture D.) -- C:\Windows\System32\drivers\ManyCam_x64.sys [27136] =>.Superfluous.VisicomMedia O58 - SDL:2009/11/18 07:12:00 A . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\Windows\System32\drivers\MBfilt64.sys [32344] =>.Creative Labs Inc® O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288] =>.Microsoft Windows® O58 - SDL:2015/01/15 08:42:42 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [881368] =>.Realtek Semiconductor Corp® O58 - SDL:2015/04/14 19:38:14 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4664792] =>.Realtek Semiconductor Corp® O58 - SDL:2013/08/22 17:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2013/08/22 14:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows® O58 - SDL:2015/12/08 05:00:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [122160] =>.DEVGURU CO LTD® O58 - SDL:2015/12/08 05:00:58 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [214832] =>.DEVGURU CO LTD® O58 - SDL:2015/12/08 05:01:06 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (M.) -- C:\Windows\System32\drivers\ssudserd.sys [214832] =>.DEVGURU CO LTD® O58 - SDL:2013/08/22 14:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows® O58 - SDL:2015/01/06 15:40:34 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [129312] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2013/09/23 04:19:04 A . (.The Within Network, LLC - UxStyle Kernel Driver.) -- C:\Windows\System32\drivers\uxstyle.sys [31440] {1121A4D35C720E701B33E48D37935CBE4BD5} O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800] =>.Microsoft Windows® O58 - SDL:2013/08/22 14:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows® ---\\ Last modified or created user files (1) - 3s O61 - LFC: 2016/05/28 20:01:22 A . (..) -- C:\Users\Adrien\AppData\Local\Purplizer\certificates\x509\tls_peers\xmpp2.overwolf.com [1209] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ---\\ Search Browser Infection (6) - 2s O69 - SBI: prefs.js [Adrien - 9ytirlvo.default] user_pref("browser.search.searchengine.alias", "istartpageing"); =>PUP.Optional.IstartPageing O69 - SBI: prefs.js [Adrien - 9ytirlvo.default] user_pref("browser.search.searchengine.iconURL", "http://istartpageing.com/favicon.ico"); =>PUP.Optional.IstartPageing O69 - SBI: prefs.js [Adrien - 9ytirlvo.default] user_pref("browser.search.searchengine.name", "istartpageing"); =>PUP.Optional.IstartPageing O69 - SBI: prefs.js [Adrien - 9ytirlvo.default] user_pref("browser.search.searchengine.url", "http://istartpageing.com/web?type=ds&ts=1453756819&z=a38ea5abed2aff7c4bd6019g6zdw2cf[...] =>PUP.Optional.IstartPageing O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Crack & Keygen Files (2) - 3s O82 - LFC: 2016/02/09 15:28:38 A . (...) -- C:\Users\Adrien\Documents\Torrent\Tri\The Binding of Isaac Afterbirth Update 9 Cracked-3DM\isaac-ng.exe [0] =>.Crack,Keygen O82 - LFC: 2016/02/09 15:28:56 A . (...) -- C:\Users\Adrien\Documents\Torrent\Tri\The Binding of Isaac Afterbirth Update 9 Cracked-3DM\steam_api.dll [0] =>.Crack,Keygen ---\\ Search Svchost Services (36) - 0s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [214528] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [156160] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [156160] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [329216] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1360896] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1083904] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [926208] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [31744] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [110080] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [151040] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [110592] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1265152] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [230400] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [71168] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [135168] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [228864] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [339968] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84992] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [101376] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [348672] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [522240] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1639424] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [59392] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [206848] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [166400] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [102912] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [542208] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [226816] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [73728] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [452608] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [313344] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3708416] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [933376] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [640000] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [187904] =>.Microsoft Corporation O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [92992] =>.Microsoft Windows® ---\\ Firewall Active Exception List (33) - 3s O87 - FAEL: "{B1BED030-9BF0-4137-9DBB-32BDBF1E3ABA}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "{9F642E74-F43E-4632-B60B-F7CACD5E454E}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe (.not file.) =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{F8B4A17D-403F-4077-887A-AD38A501DB08}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe =>.Steam SteamApps Games O87 - FAEL: "UDP Query User{279D7614-C451-4D88-A83D-CB0D864DC710}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe =>.Steam SteamApps Games O87 - FAEL: "TCP Query User{66F7B0A8-5902-42D6-9FC9-84A80C1C2FF0}C:\users\adrien\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe" [In-None-P6-TRUE] .(...) -- C:\users\adrien\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) O87 - FAEL: "UDP Query User{F8D209DE-443B-49C3-B1C0-D0166F1BDB34}C:\users\adrien\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe" [In-None-P17-TRUE] .(...) -- C:\users\adrien\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) O87 - FAEL: "TCP Query User{16294950-1EF7-4216-92E3-79349E4B6A9F}C:\users\adrien\documents\jeux\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" [In-None-P6-TRUE] .(...) -- C:\users\adrien\documents\jeux\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) O87 - FAEL: "UDP Query User{75CB2EEE-6EDC-401F-8D64-A94F2084D9D7}C:\users\adrien\documents\jeux\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe" [In-None-P17-TRUE] .(...) -- C:\users\adrien\documents\jeux\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe (.not file.) O87 - FAEL: "TCP Query User{5FA0DBEB-B5E1-4AE9-83C1-F1BC7380677E}C:\program files (x86)\beat hazard ultra\beathazard.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\beat hazard ultra\beathazard.exe O87 - FAEL: "UDP Query User{BEBB9B4F-5AFC-4371-A6C1-373F003FA18B}C:\program files (x86)\beat hazard ultra\beathazard.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\beat hazard ultra\beathazard.exe O87 - FAEL: "{07C901CC-36AB-45EC-B956-A3248FE3CEC2}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe (.not file.) O87 - FAEL: "{2A2687E3-BC0E-45CB-91C0-6FA2B2B55314}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe (.not file.) O87 - FAEL: "TCP Query User{00784381-5C6B-4DD1-80C4-257C82E92FF7}C:\program files (x86)\kingdoms of amalur reckoning\reckoning.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\kingdoms of amalur reckoning\reckoning.exe (.not file.) O87 - FAEL: "UDP Query User{AC9300A5-D2C5-4984-B3F6-2BF363F738EE}C:\program files (x86)\kingdoms of amalur reckoning\reckoning.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\kingdoms of amalur reckoning\reckoning.exe (.not file.) O87 - FAEL: "TCP Query User{1F0DA3D1-FF41-4A92-B887-3879CE14E928}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "UDP Query User{73CB2F8F-9E96-4A30-8929-00A872666FEC}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "TCP Query User{DC19D2A7-26D9-44C6-A4D2-788FDD1C29F9}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "UDP Query User{12A57C1A-ACFF-4853-AE38-6A8869F4D31A}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "{C660776B-B565-46FA-ABFB-E5C3833B6B77}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Max Driver Updater\maxdu.exe (.not file.) =>.Superfluous.MaxDriverUpdater O87 - FAEL: "{FFC7D267-24B2-47F8-B0E0-F129B979955B}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe (.not file.) =>PUP.Optional.SimpleFiles O87 - FAEL: "{70A7D473-C15B-4023-A7EF-47CA0DD82347}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe (.not file.) =>PUP.Optional.SimpleFiles O87 - FAEL: "{3818F1EB-145B-47FE-B35C-E3887B93A0C3}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\SimpleFiles\downloader.exe (.not file.) =>PUP.Optional.SimpleFiles O87 - FAEL: "{0ACA4464-BF28-45AB-8DB8-E385B28D6A89}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\SimpleFiles\downloader.exe (.not file.) =>PUP.Optional.SimpleFiles O87 - FAEL: "TCP Query User{0C797064-5090-46F4-B917-634DFE84F8A6}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "UDP Query User{91B23226-8189-41E0-8C85-EE5C628C7798}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "TCP Query User{ECF948F2-D016-45E8-BE44-27731FA7C4CA}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "UDP Query User{3362E486-4DB9-4318-8868-BBEF972C12A4}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "TCP Query User{4CEE2C78-2DFF-4040-8713-D2E46292BE1C}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "UDP Query User{A2A58C99-9279-4011-B56A-78D915C6020A}C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "TCP Query User{06329410-B6B9-471E-B7BA-8FE008DB39FE}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "UDP Query User{C2C684CD-2C92-4D6E-886C-2F18BA7EB059}C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "TCP Query User{CA7D3961-9954-4EE4-B830-DF2E9277831C}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe (.not file.) O87 - FAEL: "UDP Query User{9FF24D63-DB50-4498-B64F-F629CF4BA94D}C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe (.not file.) ---\\ Additional Scan (O88) (11) - 0s HKLM\SYSTEM\CurrentControlSet\Services\YsLcckETGT =>PUP.Optional.Salus C:\Windows\System32\Tasks\Wimrusm =>PUP.Optional.Shopper HKCU\SOFTWARE\3a6ad4c5-127f-4668-888b-e8e7a31031c2 =>PUP.Optional.CrossRider C:\Program Files (x86)\ManyCam =>.Superfluous.VisicomMedia C:\ProgramData\19a87fa1ec024bbcbb41931263354405 =>Adware.Suspect C:\ProgramData\Service1104 =>Heuristic.Graftor C:\Users\Adrien\AppData\Roaming\ManyCam =>.Superfluous.VisicomMedia C:\Users\Adrien\AppData\Local\ManyCam =>.Superfluous.VisicomMedia C:\Windows\Prefetch\BROWSERAIR.EXE-A11C191A.pf =>PUP.Optional.BrowserAir C:\Windows\Prefetch\MANYCAM.EXE-0A8FEC38.pf =>.Superfluous.VisicomMedia C:\Windows\System32\drivers\ManyCam_x64.sys =>.Superfluous.VisicomMedia ---\\ Summary of the elements found (11) - 0s http://www.nicolascoolman.info/2016/05/02/pup-optional-shopper/ =>PUP.Optional.Shopper http://www.nicolascoolman.info/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.info/2016/05/01/definition-dun-logiciel-pup-lpi/ =>Adware.Suspect http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.VisicomMedia http://www.nicolascoolman.fr/pup-optional-browserair/ =>PUP.Optional.BrowserAir http://www.nicolascoolman.fr/pup-optional-istartpageing/ =>PUP.Optional.IstartPageing http://www.nicolascoolman.fr/pup-optional-simplefiles/ =>PUP.Optional.SimpleFiles http://www.nicolascoolman.fr/pup-salus/ =>PUP.Optional.Salus http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.ZombieNews http://www.nicolascoolman.fr/?p=4664 =>Heuristic.Graftor http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.MaxDriverUpdater ~ End of the scan, 80243 items in 00h01mn16s (1072)(4)