Script ZHPFix FirewallRaz EmptyPrefetch EmptyTemp EmptyFlash O23 - Service: Tower Photograph (gemeloki) . (...) - C:\Program Files (x86)\a1b71c4a-010c-416c-afb9-bc13660e3ec81487878296\prota1b71c4a-010c-416c-afb9-bc13660e3ec8.tmpfs (.not file.) =>PUP.Optional.CrossRider O23 - Service: Grato Control (GratoCtlSrv) . (...) - C:\Program Files\LogOnNet\Grato\GratoCtlSrv.exe (.not file.) O23 - Service: Grato Engine Service (GratoEngineSrv) . (...) - C:\Program Files\LogOnNet\Grato\GratoEngineSrv.exe (.not file.) O23 - Service: Grato Update Service (gratoupdatesvc) . (...) - C:\Program Files\LogOnNet\Grato\GratoUpdaterService.exe (.not file.) O23 - Service: MSBuildSkype (MSBuildSkype) . (...) - C:\Program Files (x86)\Skype\MSBuildSkype.dll =>Adware.Suspect O23 - Service: Video Forename (nudokuny) . (...) - C:\Program Files (x86)\a1b71c4a-010c-416c-afb9-bc13660e3ec81487878296\kns3CEB.tmp (.not file.) =>PUP.Optional.CrossRider O23 - Service: QForlLgs0EYm Updater (QForlLgs0EYm Updater) . (...) - C:\Program Files (x86)\QForlLgs0EYm Updater\QForlLgs0EYm Updater.exe (.not file.) =>PUP.Optional.QForlLgs0EYmUpdater O23 - Service: (WinSAPSvc) . (.TODO: - TODO: .) - C:\Users\louis\AppData\Roaming\WinSAPSvc\WinSAP.dll =>PUP.Optional.Youndoo SR - Auto [16/01/2017] [ 317400] MSBuildSkype (MSBuildSkype) . (...) - C:\Program Files (x86)\Skype\MSBuildSkype.dll =>Adware.Suspect SR - Auto [16/01/2017] [ 317400] (WinSAPSvc) . (.TODO: .) - C:\Users\louis\AppData\Roaming\WinSAPSvc\WinSAP.dll =>PUP.Optional.Youndoo SR - Auto [16/01/2017] [ 317400] WinSnare (WinSnare) . (.InterSect Alliance Pty Ltd.) - C:\Users\louis\AppData\Roaming\WinSnare\WinSnare.dll =>.Superfluous.WinSnare [MD5.00000000000000000000000000000000] [APT] [AdobeAAMUpdater-1.0-MicrosoftAccount-bartheslouis@gmail.com] (...) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (.not file.) [317400] (.Activate.) [MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.) [317400] (.Activate.) [MD5.00000000000000000000000000000000] [APT] [Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864] (...) -- C:\Program Files\Bitdefender Agent\WatchDog.exe (.not file.) [317400] (.Activate.) [MD5.00000000000000000000000000000000] [APT] [Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8] (...) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe (.not file.) [317400] (.Activate.) [MD5.00000000000000000000000000000000] [APT] [VPNium] (...) -- C:\Program Files (x86)\VPNium\vpnium.exe (.not file.) [317400] (.Activate.) [MD5.00000000000000000000000000000000] [APT] [{025069E7-9AFC-4E7C-8905-9BFB36A8F408}] (...) -- C:\Users\louis\Downloads\i2pinstall_0.9.15_windows.exe (.not file.) [317400] (.Deactivate.) [MD5.00000000000000000000000000000000] [APT] [{08F2F745-17B8-4C70-AD9E-48204B82EE11}] (...) -- C:\Program Files (x86)\ChrisPC Free Anonymous Proxy\unins000.exe (.not file.) [317400] (.Deactivate.) [MD5.00000000000000000000000000000000] [APT] [{2B3E483C-6661-4E04-8FF4-C7FCE7D864AE}] (...) -- C:\Program Files (x86)\east-tec Eraser\etEraser.exe (.not file.) [317400] (.Deactivate.) [MD5.00000000000000000000000000000000] [APT] [{2B3E483C-6661-4E04-8FF4-C7FCE7D864BE}] (...) -- C:\Program Files (x86)\east-tec Eraser\etUpdateMonitor.exe (.not file.) [317400] (.Deactivate.) [MD5.00000000000000000000000000000000] [APT] [{40672FA9-3BBD-4A93-BC39-767DDDC6E3DF}] (...) -- C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe (.not file.) [317400] (.Deactivate.) =>.ASUSTeK O39 - APT: Milimili - (...) -- C:\WINDOWS\System32\Tasks\Milimili [317400] =>.Superfluous.Tencent O39 - APT: Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 - (...) -- C:\WINDOWS\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 [317400] (.Orphan.) =>.Superfluous.OrphanO39 - APT: Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 - (...) -- C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 [317400] (.Orphan.) =>.Superfluous.Orphan O39 - APT: QForlLgs0EYm - (...) -- C:\WINDOWS\System32\Tasks\QForlLgs0EYm [317400] (.Orphan.) =>.Superfluous.Orphan O39 - APT: VPNium - (...) -- C:\WINDOWS\System32\Tasks\VPNium [317400] (.Orphan.) =>.Superfluous.Orphan O39 - APT: {025069E7-9AFC-4E7C-8905-9BFB36A8F408} - (...) -- C:\WINDOWS\System32\Tasks\{025069E7-9AFC-4E7C-8905-9BFB36A8F408} [317400] (.Orphan.) =>.Superfluous.OrphanO4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe =>Adware.Suspect O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe =>Adware.Suspect O4 - HKLM\..\Run: [GratoTray] C:\Program Files\LogOnNet\Grato\Grato.exe (.not file.) O4 - HKLM\..\Run: [GratoUpdate] C:\Program Files\LogOnNet\Grato\Grato.exe (.not file.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 82.163.143.157 82.163.142.159 =>Adware.DNSUnlocker O17 - HKLM\System\CCS\Services\Tcpip\..\{6baf34a8-dd77-4018-8ed8-eb6f08e93d87}: DhcpNameServer = 82.163.143.157 =>Adware.DNSUnlocker O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect O42 - Logiciel: SafeFinder - (.Linkury.) [HKLM][64Bits] -- {8D010205-DDA9-4577-8C5C-DCDB3EF06016} =>PUP.Optional.SmartBar O42 - Logiciel: Social2Search - (.Social2Search.) [HKLM][64Bits] -- c9ee1962233dcb42eddac13c8ac5302b =>PUP.Optional.Wajam HKLM\SOFTWARE\Wow6432Node\8D3F16CEA717D47B26F4E3A4FAB7084D =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\QForlLgs0EYm Updater =>PUP.Optional.QForlLgs0EYmUpdater HKLM\SOFTWARE\Wow6432Node\Socia2Sea Browser Enhancer =>PUP.Optional.Wajam HKLM\SOFTWARE\Wow6432Node\SoEasySvc =>.Superfluous.SoEasyHelper HKLM\SOFTWARE\Wow6432Node\Symantec =>.Symantec HKCU\SOFTWARE\Chromium =>.Chromium HKCU\SOFTWARE\MCAFEE =>.McAfee Inc. HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKLM\SOFTWARE\Wow6432Node\videos MediaPlay-Air-nv =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Bitdefender Agent =>.Bitdefender HKCU\SOFTWARE\8D3F16CEA717D47B26F4E3A4FAB7084D =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\videos MediaPlay-Air =>PUP.Optional.CrossRider O43 - CFD: 23/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sea Browser Enhancer =>PUP.Optional.Wajam O43 - CFD: 24/02/2017 - [] D -- C:\Users\louis\AppData\Roaming\WinSAPSvc =>PUP.Optional.Youndoo O43 - CFD: 24/02/2017 - [] -- C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\Tencent =>.Superfluous.Tencent O61 - LFC: 2017/02/23 21:20:18 A . (..) -- C:\Users\louis\AppData\Roaming\Lamtech.exe [981504] O61 - LFC: 2017/02/24 03:54:00 A . (.TODO: .) -- C:\Users\louis\AppData\Roaming\WinSAPSvc\WinSAP.dll [184832] =>PUP.Optional.Youndoo [MD5.] [WIS][2014/09/01 11:50:57] (.Boxore OU - Windows Installer XML (3.6.3303.0).) -- C:\WINDOWS\Installer\140dc94c.msi [317400] =>PUP.Optional.Boxore R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbfnyn5r-srtqr4zpsplbkdkh6ceujksxxzklp02dt5jgkpoysuoezj_i7ovsunnbsy4ypctfvkbjvxskqku4nzg6gg0htmuq1470z13g7rf1bf7kue78cwknb5q7ngqiiunu-cgecojuefud_dkpqwbqpqcrsjsfxd0swwetjhqtjqbpimmpv-0ps2&q={searchterms} =>.Superfluous.Linkury 3 - CFD: 23/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sea Browser Enhancer =>PUP.Optional.Wajam 3 - CFD: 24/02/2017 - [] D -- C:\Users\louis\AppData\Roaming\WinSAPSvc =>PUP.Optional.Youndoo HKLM\SYSTEM\CurrentControlSet\Services\gemeloki =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\MSBuildSkype =>Adware.Suspect C:\Program Files (x86)\Skype\MSBuildSkype.dll =>Adware.Suspect HKLM\SYSTEM\CurrentControlSet\Services\nudokuny =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\QForlLgs0EYm Updater =>PUP.Optional.QForlLgs0EYmUpdater HKLM\SYSTEM\CurrentControlSet\Services\WinSAPSvc =>PUP.Optional.Youndoo C:\Users\louis\AppData\Roaming\WinSAPSvc\WinSAP.dll =>PUP.Optional.Youndoo HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c9ee1962233dcb42eddac13c8ac5302b =>PUP.Optional.Wajam HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D010205-DDA9-4577-8C5C-DCDB3EF06016} =>PUP.Optional.SmartBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D010205-DDA9-4577-8C5C-DCDB3EF06016} =>PUP.Optional.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Socia2Sea Browser Enhancer =>PUP.Optional.Wajam C:\Users\louis\AppData\Roaming\WinSAPSvc =>PUP.Optional.Youndoo C:\WINDOWS\Installer\140dc94c.msi =>PUP.Optional.Boxore C:\Users\louis\AppData\Roaming\Lamtech.exe =>Heuristic.Suspect