cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.3.19.31 - Nicolas Coolman (19/03/2015)
~ Lancé par omaima (21/03/2015 21:12:19)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17498
MFIE: Mozilla Firefox 36.0.1 (Defaut)
GCIE: Google Chrome v41.0.2272.89

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : TF27K
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1 Single Language, 64-bit (Build 9600)

---\\ Logiciels de protection du système
Avast Free Antivirus v10.0.2208
Windows Defender W8 (Deactivate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4008 MB (26% free)
System Restore: Activé (Enable)
System drive C: has 153 GB (51%) free of 298 GB

---\\ Mode de connexion au système
~ Computer Name: OUMÉMA
~ User Name: omaima
~ All Users Names: omaima, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\omaima\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\omaima\AppData\Roaming\
~ %Desktop% : C:\Users\omaima\Desktop\
~ %Favorites% : C:\Users\omaima\Favorites\
~ %LocalAppData% : C:\Users\omaima\AppData\Local\
~ %StartMenu% : C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 153 Go of 298 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 92 Go of 156 Go)
F: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.ACDBE1ED38167C8B01B8F63161BB2CEA] - (.Microsoft Corporation - Explorateur Windows.) (.23/08/2014 - 07:48:28.) -- C:\Windows\Explorer.exe [2374784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 09:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.4AF089160FE082E5EA5C4AA72782DCA2] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/11/2014 - 01:28:21.) -- C:\Windows\System32\wininet.dll [2358272]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/02/2014 - 09:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 08:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.30/05/2014 - 03:03:03.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 12:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 11:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 08:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 09:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/07/2014 - 11:45:39.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 11:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 12:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.30/04/2014 - 06:41:46.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 11:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/07/2014 - 15:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 11:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 11:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.22/08/2013 - 19:12:11.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 13:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/06/2014 - 02:13:36.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/770
~ Mes musiques (My Musics) : 3/129
~ Mes Videos (My Videos) : 1/14
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/88
~ Mon Bureau (My Desktop) : 0/27
~ Menu demarrer (Programs) : 1/47
~ Hidden Files: Scanned in 00mn 04s



---\\ Processus lancés
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.4152]
[MD5.875CA84BD3FC1D701A98E34E64E2B0B9] - (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe [3211776] [PID.3208] =>PUP.ShopperPro
[MD5.D6E2ED7F1F7BE7CCB8676491BF950B57] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\omaima\AppData\Local\Akamai\netsession_win.exe [4673432] [PID.3820]
[MD5.9C1BDB837A2DA4FFC60CB61CEEA3E334] - (.TOSHIBA - readLM.) -- C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800] [PID.5520]
[MD5.5178A245B4C35A7C12AC4142AC5E8DC0] - (...) -- C:\Program Files (x86)\My Connection\BackgroundService\ModemListener.exe [126056] [PID.5956]
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5227112] [PID.5412]
[MD5.72333AF32604FD476996A17CA57DF597] - (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [111696] [PID.6028]
[MD5.887CAA31048EB8ED09A0CBD0E6F46F09] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776] [PID.5452]
[MD5.1C005F9EFA319039CAD54D90732645C4] - (.Autodesk Inc. - Autodesk Application Manager.) -- C:\Users\omaima\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe [488328] [PID.6504]
[MD5.663392E75FD426EA94C75CDBF1916251] - (.Aestan Software - Aestan Tray Menu.) -- C:\wamp\wampmanager.exe [1169920] [PID.6520]
[MD5.8FEDBE7A5D3E5F91FD4B96DAFA4DD197] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576] [PID.7524]
[MD5.9201E92771F3D536DA4A53FDCC4B976B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288] [PID.7344]
[MD5.6577E0208F612DAF5DE5AD4081BE7696] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8187904] [PID.1420]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\omaima\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Scanned in 00mn 06s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M0 - MFSP: prefs.js [omaima - kokxjd8r.default] http://www.msn.com
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30514.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\omaima\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: 4 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>PUP.Istart
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://istart.webssearches.com =>PUP.Istart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17496 (winblue_r5.141121-1500)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 16 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (25)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper [64Bits] - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} . (.Microsoft Corporation - Microsoft Web Test Recorder Helper.) -- C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: Bitdefender Wallet [64Bits] - {09F58E74-42B4-4D70-BA26-35FC954E7A17} Clé orpheline
O2 - BHO: cb53b500f3e90131a6091fb939dcadf40061915 [64Bits] - {11111111-1111-1111-1111-110611191115} . (...) -- C:\Program Files (x86)\Sense\Sense-bho.dll (.not file.)
O2 - BHO: eee1ef70083a013208d37190b1a6e5ef0063429 [64Bits] - {11111111-1111-1111-1111-110611341129} . (...) -- C:\Program Files (x86)\SavePass 1.1\SavePass 1.1-bho.dll (.not file.) =>PUP.CrossRider
O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} Clé orpheline
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (...) -- C:\ProgramData\ShopperPro\ShopperPro.dll (.not file.) =>PUP.ShopperPro
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: (no name) [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} Clé orpheline
~ BHO: 14 Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com =>PUP.Istart
O4 - GS\QuickLaunch [omaima]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com =>PUP.Istart
O4 - GS\QuickLaunch [omaima]: Internet Explorer.LNK . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.bahaty.com =>PUP.Bahaty
O4 - GS\QuickLaunch [omaima]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>PUP.Istart
O4 - GS\QuickLaunch [omaima]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\omaima\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [omaima]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com =>PUP.Istart
O4 - GS\TaskBar [omaima]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>PUP.Istart
O4 - GS\Program [omaima]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>PUP.Istart
O4 - GS\Desktop [omaima]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Desktop [omaima]: Softonic.lnk . (.Softonic - Softonic.) -- C:\Users\omaima\AppData\Local\Softonic\Softonic.exe =>Toolbar.Conduit
O4 - GS\Desktop [omaima]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\omaima\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 12 Scanned in 00mn 06s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [omaima]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TSSSrv] . (.TOSHIBA Corporation - TOSHIBA System Settings Service.) -- C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe
O4 - HKLM\..\Run: [TecoResident] . (.TOSHIBA Corporation - Resident module of eco Utility.) -- C:\Program Files\TOSHIBA\Teco\TecoResident.exe
O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.)
O4 - HKLM\..\Run: [TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Function Key Main Module.) -- C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
O4 - HKLM\..\Run: [InstallerLauncher] C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\omaima\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\omaima\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe =>PUP.ShopperPro
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\omaima\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [Softonic for Windows] . (.Softonic - Softonic.) -- C:\Users\omaima\AppData\Local\Softonic\Softonic.exe =>Toolbar.Conduit
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Wow6432Node\Run: [1.TPUReg] . (.TOSHIBA - readLM.) -- C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
O4 - HKLM\..\Wow6432Node\Run: [TSVU] . (.TOSHIBA - TOSHIBA Display Setup Launcher.) -- c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
O4 - HKLM\..\Wow6432Node\Run: [IAM Aegean ModemListener] . (...) -- C:\Program Files (x86)\My Connection\BackgroundService\ModemListener.exe
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [vmware-tray.exe] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe =>.VMware, Inc
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [ADSKAppManager] . (.Autodesk Inc. - Autodesk Application Manager.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [20150107] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\2c75167b-949c-42d4-9055-9bca2ca850d3.exe
O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (.not file.)
O4 - HKUS\.DEFAULT\..\Run: [Bitdefender Agent de l'application Wallet] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet Agent] C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Wallet] C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe (.not file.)
O4 - HKUS\S-1-5-18\..\Run: [Bitdefender Agent de l'application Wallet] C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe (.not file.)
O4 - HKUS\S-1-5-21-566901627-1005195444-2239428700-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\omaima\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-566901627-1005195444-2239428700-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\omaima\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-566901627-1005195444-2239428700-1001\..\Run: [SPDriver] . (.Pas de propriétaire - JsDriver.) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe =>PUP.ShopperPro
O4 - HKUS\S-1-5-21-566901627-1005195444-2239428700-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-566901627-1005195444-2239428700-1001\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\omaima\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-566901627-1005195444-2239428700-1001\..\Run: [Softonic for Windows] . (.Softonic - Softonic.) -- C:\Users\omaima\AppData\Local\Softonic\Softonic.exe =>Toolbar.Conduit
O4 - HKUS\S-1-5-21-566901627-1005195444-2239428700-1001\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
~ Application: Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Lync Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\lync.exe (.not file.)
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BF3C64A1-8E39-431F-A275-D79CB87E4397}: NameServer = 62.251.230.241 212.217.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC0D8C9B-707D-41EF-A090-8A413DCE1A94}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E01A88C2-AC4D-4BCC-84B9-4935185521A0}: DhcpNameServer = 192.168.168.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E01A88C2-AC4D-4BCC-84B9-4935185521A0}: DhcpDomain = ANCG02.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{BF3C64A1-8E39-431F-A275-D79CB87E4397}: NameServer = 62.251.230.241 212.217.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC0D8C9B-707D-41EF-A090-8A413DCE1A94}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E01A88C2-AC4D-4BCC-84B9-4935185521A0}: DhcpNameServer = 192.168.168.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E01A88C2-AC4D-4BCC-84B9-4935185521A0}: DhcpDomain = ANCG02.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) . (.Autodesk Inc. - Autodesk Application Manager.) - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: ArcGIS License Manager (ArcGIS License Manager) . (.Flexera Software LLC - Flexera Software LLC.) - C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Windows (R) Win 7 DDK provider - Windows Setup API.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Autodesk Content Service (Autodesk Content Service) . (.Autodesk, Inc. - AutoCAD component.) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) . (.Macrovision - Macrovision RTS Service.) - C:\Windows\SysWOW64\drivers\CDAC11BA.exe
O23 - Service: DTS APO Service (dts_apo_service) . (.Pas de propriétaire - dts_apo_service.) - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: GamesAppIntegrationService (GamesAppIntegrationService) . (.WildTangent - WildTangent Games App Integration Service.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GFNEX Service (GFNEXSrv) . (.Pas de propriétaire - GFNEXSrv.) - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.Pas de propriétaire - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: IAM Aegean Modem Device Helper (IAM Aegean Modem Device Helper) . (...) - C:\Program Files (x86)\My Connection\BackgroundService\ServiceManager.exe
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Internet Mobile. OUC (Internet Mobile. RunOuc) . (...) - C:\Program Files (x86)\Internet Mobile\UpdateDog\ouc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mobile Broadband HL Service (Mobile Broadband HL Service) . (...) - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - C:\Program Files (x86)\Modem HDM EC156\UpdateDog\ouc.exe
O23 - Service: postgresql-x64-9.3 - PostgreSQL Server 9.3 (postgresql-x64-9.3) . (.PostgreSQL Global Development Group - pg_ctl - starts/stops/restarts the PostgreS.) - C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
O23 - Service: C:\Windows\System32\stlang64.dll (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (.TOSHIBA Corporation - TDCSrv Application.) - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA eco Utility Service (TOSHIBA eco Utility Service) . (.Toshiba Corporation - TOSHIBA eco Utility Service.) - C:\Program Files\TOSHIBA\Teco\TecoService.exe =>.Toshiba Corporation
O23 - Service: Util AdvanceElite (Util AdvanceElite) . (...) - C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe (.not file.) =>PUP.AdvanceElite
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc
O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\SysWOW64\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\SysWOW64\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc
~ Services: 31 Scanned in 00mn 36s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x86) . (...) -- C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll (Not file) =>PUP.SystemK
O36 - AppCertDlls: (x64) . (...) -- C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll =>PUP.SystemK
~ Keys: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.7E7B9A6EBD99EC2F9B25AFB24CE9B4A4] [APT] [4d6ce82f-8643-42cf-b1bf-1167c872532a-2] (.Object Browser.) -- C:\Program Files (x86)\Sense\4d6ce82f-8643-42cf-b1bf-1167c872532a-2.exe [933280] =>PUP.ObjectBrowser
[MD5.3527F3CDE014C2DDC48B14D92006AAD8] [APT] [4d6ce82f-8643-42cf-b1bf-1167c872532a-5] (.Object Browser.) -- C:\Program Files (x86)\Sense\4d6ce82f-8643-42cf-b1bf-1167c872532a-5.exe [865184] =>PUP.ObjectBrowser
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001Core] (.Facebook Inc..) -- C:\Users\omaima\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001UA] (.Facebook Inc..) -- C:\Users\omaima\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608] =>PUP.GlobalUpdate
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608] =>PUP.GlobalUpdate
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.747FBBA2D1645D9A582994531577D370] [APT] [LaunchSignup] (.MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [1199728] =>PUP.MyPCBackup
[MD5.E2D2E33E42A9C2B91791C4CCEBFCFE9D] [APT] [Resolution+ Setting Task] (.TOSHIBA Corporation.) -- C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [88064]
[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files\MATLAB\R2010a\MATLAB R2010a.lnk -sd $documents\MATLAB -r "setenv('PATH'é ['C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\Syste (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [ShopperPro] (...) -- C:\Program Files (x86)\ShopperPro\ShopperPro.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [ShopperProJSUpd] (...) -- C:\Program Files (x86)\ShopperPro\updater.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.875CA84BD3FC1D701A98E34E64E2B0B9] [APT] [SPDriver] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe [3211776] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [YTDownloader] (...) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) [0] =>PUP.YTDownloader
[MD5.E4AD96AF09DCCF5778FDAA2CD58FD9C9] [APT] [{B6602A0C-B5C2-4CB6-AD9B-C139E169CF56}] (...) -- E:\devsetup32.exe [258048]
[MD5.C6B8CB65A3AACABB00F3DAA371C46A3E] [APT] [CommonNotifier] (.Toshiba Europe GmbH.) -- C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [471416]
[MD5.2B2C2D74BC62E22248787530A7AFC87F] [APT] [Service Station] (.TOSHIBA Corporation.) -- C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [655464]
O39 - APT: - (..) -- C:\Windows\Tasks\04f1a65a-a5ca-44b8-9620-6773bc870424.job [628]
O39 - APT: - (..) -- C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-1.job [3418] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-11.job [5504] =>PUP.CrossRider
O39 - APT: 4d6ce82f-8643-42cf-b1bf-1167c872532a-2 - (.Object Browser.) -- C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-2.job [2430] =>PUP.CrossRider
O39 - APT: 4d6ce82f-8643-42cf-b1bf-1167c872532a-2 - (.Object Browser.) -- C:\Windows\System32\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-2 [2430] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-3.job [3798] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-4.job [4478] =>PUP.CrossRider
O39 - APT: 4d6ce82f-8643-42cf-b1bf-1167c872532a-5 - (.Object Browser.) -- C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-5.job [2774] =>PUP.CrossRider
O39 - APT: 4d6ce82f-8643-42cf-b1bf-1167c872532a-5 - (.Object Browser.) -- C:\Windows\System32\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-5 [2774] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-5_user.job [2774] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-7.job [4142] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-11.job [5182] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-2.job [2108] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-4.job [4156] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-5.job [2444] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-5_user.job [2444] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-6.job [4156] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-11.job [5510] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-2.job [2436] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-4.job [4484] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-5.job [2780] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-5_user.job [2780] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-6.job [4484] =>PUP.CrossRider
O39 - APT: FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001Core.job [924]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001Core [924]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001UA.job [946]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-566901627-1005195444-2239428700-1001UA [946]
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [968] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [968] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [972] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [972] =>PUP.GlobalUpdate
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1086]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1086]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1090]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1090]
O39 - APT: - (..) -- C:\Windows\Tasks\LPHKLPNY.job [1704]
O39 - APT: - (..) -- C:\Windows\Tasks\MSVGA.job [1354]
~ Scheduled Task: 59 Scanned in 00mn 14s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 7 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (BAPIDRV) . (. - .) - C:\Windows\System32\DRIVERS\BAPIDRV64.sys (.not file.)
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: oem64.inf (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\system32\drivers\dtsoftbus01.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
O41 - Driver: ({6ccfd995-07be-49cf-8ad6-1422dc08761a}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{6ccfd995-07be-49cf-8ad6-1422dc08761a}w64.sys =>PUP.LinkiDoo
~ Drivers: 48 Scanned in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: AdvanceElite - (.AdvanceElite.) [HKLM][64Bits] -- AdvanceElite =>PUP.AdvanceElite
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU][64Bits] -- Akamai
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM][64Bits] -- AmUStor
O42 - Logiciel: Aloha TriPeaks - (.WildTangent.) [HKLM][64Bits] -- WTA-d592c384-c5a9-4821-9667-4f79969c908a =>.WildTangent
O42 - Logiciel: Applications recommandées Autodesk - (.Autodesk.) [HKLM][64Bits] -- {EDDEE94B-214D-4B07-9727-A3E46F3E379A}
O42 - Logiciel: ArcGIS 10.2.2 License Manager - (.Environmental Systems Research Institute, Inc..) [HKLM][64Bits] -- ArcGIS 10.2.2 License Manager
O42 - Logiciel: ArcGIS 10.2.2 License Manager - (.Environmental Systems Research Institute, Inc..) [HKLM][64Bits] -- {527DC263-3F5C-4333-A14B-5F88CD66AF6E}
O42 - Logiciel: ArcGIS 10.2.2 for Desktop - (.Environmental Systems Research Institute, Inc..) [HKLM][64Bits] -- ArcGIS 10.2.2 for Desktop
O42 - Logiciel: ArcGIS License Manager - (...) [HKLM][64Bits] -- ArcGIS License Manager
O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}
O42 - Logiciel: AutoCAD 2004 - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-0201-040C-0002-0060B0CE6BBA}
O42 - Logiciel: Autodesk App Manager - (.Autodesk.) [HKLM][64Bits] -- {C8125548-F2D5-4059-823F-1F3C5BBD9F19}
O42 - Logiciel: Autodesk Application Manager - (.Autodesk.) [HKLM][64Bits] -- Autodesk Application Manager
O42 - Logiciel: Autodesk AutoCAD Civil 3D 2015 - (.Autodesk.) [HKLM][64Bits] -- Autodesk AutoCAD Civil 3D 2015
O42 - Logiciel: Autodesk AutoCAD Civil 3D 2015 - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-E000-0000-0102-0060B0CE6BBA}
O42 - Logiciel: Autodesk AutoCAD Civil 3D 2015 32 Bit Object Enabler on Autodesk Storm and - (.Autodesk, Inc..) [HKLM][64Bits] -- {B25F71FE-E3FC-49A5-A784-1AC64BC0BB64}
O42 - Logiciel: Autodesk AutoCAD Civil 3D 2015 SP1 - (.Autodesk.) [HKLM][64Bits] -- Autodesk AutoCAD Civil 3D 2015 SP1
O42 - Logiciel: Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 - (.Autodesk.) [HKLM][64Bits] -- {85735431-6CD3-4B16-BEC8-95332034E53B}
O42 - Logiciel: Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit - (.Autodesk.) [HKLM][64Bits] -- {7B3A3142-5801-48F2-819B-515818EFE696}
O42 - Logiciel: Autodesk Content Service - (.Autodesk.) [HKLM][64Bits] -- Autodesk Content Service
O42 - Logiciel: Autodesk Content Service Language Pack - (.Autodesk.) [HKLM][64Bits] -- {A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}
O42 - Logiciel: Autodesk DWF Viewer - (.Autodesk, Inc..) [HKLM][64Bits] -- Autodesk DWF Viewer
O42 - Logiciel: Autodesk Material Library 2015 - (.Autodesk.) [HKLM][64Bits] -- {427F733F-4D6C-45BC-9324-EB743104C321}
O42 - Logiciel: Autodesk Material Library Base Resolution Image Library 2015 - (.Autodesk.) [HKLM][64Bits] -- {ABE2F70B-8D94-44E9-AA04-F0DB35063D62}
O42 - Logiciel: Autodesk ReCap - (.Autodesk.) [HKLM][64Bits] -- Autodesk ReCap
O42 - Logiciel: Autodesk Storm and Sanitary Analysis 2015 - (.Autodesk, Inc..) [HKLM][64Bits] -- {36A89146-A453-48A1-82C2-922CD6DBFD35}
O42 - Logiciel: Autodesk Storm and Sanitary Analysis 2015 x64 Plug-in - (.Autodesk, Inc..) [HKLM][64Bits] -- {70326DC6-6585-47FA-A08E-773D31B6EC08}
O42 - Logiciel: Autodesk Subassembly Composer on Autodesk AutoCAD Civil 3D 2015 - English - - (.Autodesk, Inc..) [HKLM][64Bits] -- {2FE2C178-075F-42CC-B816-F7D2F55723A7}
O42 - Logiciel: Autodesk Subassembly Composer on Autodesk AutoCAD Civil 3D 2015 - English - - (.Autodesk, Inc..) [HKLM][64Bits] -- {6AAF971C-FBB0-47F2-92FF-DF2B544CB1C8}
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-90459754-8e9e-465a-a79f-f45521b1e8cf =>.WildTangent
O42 - Logiciel: Bejeweled 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-bd5b6a51-3d34-4df2-986f-67eaa03bf64c =>.WildTangent
O42 - Logiciel: Blend for Visual Studio 2012 - (.Microsoft Corporation.) [HKLM][64Bits] -- {57F20F04-014D-453F-B6A3-AE9485C4DFAB}
O42 - Logiciel: Blend for Visual Studio 2012 FRA resources - (.Microsoft Corporation.) [HKLM][64Bits] -- {C0AD26D9-8705-42E7-BD41-BE7E95A7DC31}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-de798b08-7b35-4d66-9aa1-944876088233 =>.WildTangent
O42 - Logiciel: Composants requis pour SSDT - (.Microsoft Corporation.) [HKLM][64Bits] -- {ACFCFF42-CA92-499C-8549-CC7A05CBEC34}
O42 - Logiciel: Crystal Reports for Visual Studio - (.SAP.) [HKLM][64Bits] -- {AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: DTS Sound - (.DTS, Inc..) [HKLM][64Bits] -- {2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}
O42 - Logiciel: Dev-C++ - (.Bloodshed Software.) [HKLM][64Bits] -- Dev-C++
O42 - Logiciel: Dotfuscator Software Services - Community Edition - (.PreEmptive Solutions.) [HKLM][64Bits] -- {41B31ABE-5A6E-498A-8F28-3BA3B8779A41}
O42 - Logiciel: Dotfuscator and Analytics Community Edition - (.PreEmptive Solutions.) [HKLM][64Bits] -- {372D17F6-A54E-4A01-B264-1314890FFE61}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: EZDownloader - (.EZDownloader.) [HKLM][64Bits] -- {0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
O42 - Logiciel: Empress of the Deep - The Darkest Secret - (.WildTangent.) [HKLM][64Bits] -- WTA-78b6c646-3904-4906-bf0d-e5822d1d5bf5 =>.WildTangent
O42 - Logiciel: Entity Framework Designer pour Visual Studio 2012 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {7A1D7D34-8463-4261-8B97-425385649EF3}
O42 - Logiciel: Evernote - (.Evernote Launcher by Toshiba Europe GmbH.) [HKLM][64Bits] -- Evernote
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Ge-Force - (.iWebar.) [HKLM][64Bits] -- Ge-Force =>PUP.CrossRider
O42 - Logiciel: GeoServer 2.6.2 - (...) [HKLM][64Bits] -- GeoServer 2.6.2
O42 - Logiciel: GlassFish Server Open Source Edition 4.0 - (...) [HKLM][64Bits] -- nbi-glassfish-mod-4.0.0.89.0
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HDM Connection Manager - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- HDM Connection Manager
O42 - Logiciel: IDT Audio Driver - (.IDT.) [HKLM][64Bits] -- {588A747E-CFF6-46B3-9207-CD754F9473AF}
O42 - Logiciel: IIS 8.0 Express - (.Microsoft Corporation.) [HKLM][64Bits] -- {7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}
O42 - Logiciel: IIS Express Application Compatibility Database for x64 - (...) [HKLM][64Bits] -- {9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb
O42 - Logiciel: IIS Express Application Compatibility Database for x86 - (...) [HKLM][64Bits] -- {fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb
O42 - Logiciel: Importation de SketchUp - (.Autodesk.) [HKLM][64Bits] -- {C403E867-FCF1-432B-BCC1-8FFD40A10A6E}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {93F692D4-0C4D-4EED-9BFE-657C1D5959FE}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6}
O42 - Logiciel: Internet Explorer Toolbar 4.9 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E} =>PUP.SweetIM
O42 - Logiciel: Internet Mobile - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Internet Mobile
O42 - Logiciel: Island Tribe - (.WildTangent.) [HKLM][64Bits] -- WTA-1b6ac221-50a3-4812-8ff3-2fa3940f3597 =>.WildTangent
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0}
O42 - Logiciel: Java 8 Update 5 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218005FF}
O42 - Logiciel: Java SE Development Kit 8 Update 5 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180050}
O42 - Logiciel: Java SE Development Kit 8 Update 5 - (.Oracle Corporation.) [HKLM][64Bits] -- {32A3A4F4-B792-11D6-A78A-00B0D0180050}
O42 - Logiciel: Java(TM) 6 Update 12 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216012FF}
O42 - Logiciel: Java(TM) SE Development Kit 6 Update 12 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {32A3A4F4-B792-11D6-A78A-00B0D0160120}
O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent wildgames Master Uninstall =>.WildTangent
O42 - Logiciel: Jewel Quest Solitaire 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-248ac47a-7ba7-465b-8647-52c1f1ee882e =>.WildTangent
O42 - Logiciel: Linkey - (.Aztec Media Inc.) [HKCU][64Bits] -- Linkey =>PUP.LinkeySearch
O42 - Logiciel: LocalESPC - (.Microsoft Corporation.) [HKLM][64Bits] -- {BDBE5D2A-AAB7-77BD-7A0E-5006665CE7C6}
O42 - Logiciel: LocalESPCui for fr-fr - (.Microsoft.) [HKLM][64Bits] -- {19237788-1FD2-E24E-8B1F-AED171DC45D1}
O42 - Logiciel: MATLAB R2010a - (.The MathWorks, Inc..) [HKLM][64Bits] -- MatlabR2010a
O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM][64Bits] -- ShockwaveFlash
O42 - Logiciel: Magic Academy - (.WildTangent.) [HKLM][64Bits] -- WTA-4a613f8f-f012-451c-a8d6-3e0063b0cf3a =>.WildTangent
O42 - Logiciel: Microsoft FrontPage Express - (...) [HKLM][64Bits] -- FrontPageExpress
O42 - Logiciel: Microsoft LightSwitch for Visual Studio 2012 Core - (.Microsoft Corporation.) [HKLM][64Bits] -- {7437A4B9-314F-3B8F-827B-22909146E471}
O42 - Logiciel: Microsoft LightSwitch pour Visual Studio 2012 CoreRes - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {A0D887F7-79CA-39C7-9B12-346AF8CC4A89}
O42 - Logiciel: Microsoft NuGet - Visual Studio 2012 - (.Microsoft Corporation.) [HKLM][64Bits] -- {00EC8ABC-3C5A-40F8-A8CB-E7DCD5ABFA05}
O42 - Logiciel: Microsoft Portable Library Multi-Targeting Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {C4CAD994-6EA2-3121-8352-DA593150B322}
O42 - Logiciel: Microsoft Portable Library Multi-Targeting Pack Language Pack - fra - (.Microsoft Corporation.) [HKLM][64Bits] -- {1B65CF1B-3637-3A82-958C-EE0E4C2838BF}
O42 - Logiciel: Microsoft Report Viewer Add-On for Visual Studio 2012 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1DB43E5A-2F24-4F51-92B0-A2C0EBF5C742}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Silverlight 3 SDK - (.Microsoft Corporation.) [HKLM][64Bits] -- {2012098D-EEE9-4769-8DD3-B038050854D4}
O42 - Logiciel: Microsoft Silverlight 4 SDK - Français - (.Microsoft Corporation.) [HKLM][64Bits] -- {C7954680-C2B0-4DA7-B0D6-3E2F69D663D7}
O42 - Logiciel: Microsoft Silverlight 5 SDK - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {80125E8C-304D-4637-974A-2547049B0E24}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation
O42 - Logiciel: Microsoft Sync Framework Runtime v1.0 SP1 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8438EC02-B8A9-462D-AC72-1B521349C001}
O42 - Logiciel: Microsoft Sync Framework SDK v1.0 SP1 - (.Microsoft Corporation.) [HKLM][64Bits] -- {0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}
O42 - Logiciel: Microsoft Sync Framework Services v1.0 SP1 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {034106B5-54B7-467F-B477-5B7DBB492624}
O42 - Logiciel: Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}
O42 - Logiciel: Microsoft System CLR Types pour SQL Server 2012 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D83F1047-B5E4-49DE-B8CF-3AC6121B27C2}
O42 - Logiciel: Microsoft Team Foundation Server 2010 Object Model - ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Team Foundation Server 2010 Object Model - ENU
O42 - Logiciel: Microsoft Team Foundation Server 2010 Object Model - ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- {1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}
O42 - Logiciel: Microsoft Web Deploy dbSqlPackage Provider - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {C76D761C-FF45-442C-A3BA-601C4E1167FD}
O42 - Logiciel: Microsoft Web Developer Tools - Visual Studio 2012 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B96FCD4F-6EDD-4258-8A6D-0FCEA8445E3E}
O42 - Logiciel: Microsoft Web Developer Tools - Visual Studio 2012 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {BDDC6A0A-2DBF-482A-97E4-90B82708DED5}
O42 - Logiciel: Microsoft Web Platform Installer 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {E2B8249D-895C-4685-8C83-00F3B1A13028}
O42 - Logiciel: Mobile Broadband HL Service - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Mobile Broadband HL Service
O42 - Logiciel: Modem HDM EC156 - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Modem HDM EC156
O42 - Logiciel: Module Microsoft Report Viewer pour Visual Studio 2012 - (.Microsoft Corporation.) [HKLM][64Bits] -- {BAD4734F-5B17-49A5-AE47-DB474B0D224F}
O42 - Logiciel: Module linguistique de Dotfuscator and Analytics Community Edition - (.PreEmptive Solutions.) [HKLM][64Bits] -- {4B9F673F-EBCA-4E5B-ADD7-FB1138862C44}
O42 - Logiciel: Module linguistique de la visionneuse d'aide Microsoft 2.0 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- Module linguistique de la visionneuse d'aide Microsoft 2.0 - FRA
O42 - Logiciel: Module linguistique de la visionneuse d'aide Microsoft 2.0 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E2132F6-071A-3768-8691-B7D12FD7531D}
O42 - Logiciel: Mozilla Firefox 36.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 36.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: My Connection - (.IAM.) [HKLM][64Bits] -- IAM Aegean My Connection_is1
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: NetBeans IDE 8.0 - (.NetBeans.org.) [HKLM][64Bits] -- nbi-nb-base-8.0.0.0.201403101706
O42 - Logiciel: Nokia Connectivity Cable Driver - (...) [HKLM][64Bits] -- {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: Npgsql 2.0.14.3 - (.EnterpriseDB.) [HKLM][64Bits] -- Npgsql 2.0.14.3-1
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: PDF Report Writer (novaPDF 6.4 printer) - (.Softland.) [HKLM][64Bits] -- PDF Report Writer_is1
O42 - Logiciel: Peggle Nights - (.WildTangent.) [HKLM][64Bits] -- WTA-98cc7411-6f4d-4f26-b7bf-603020dffd06 =>.WildTangent
O42 - Logiciel: Philcarto5.01 - (...) [HKLM][64Bits] -- Philcarto
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-72b185e6-c177-4225-b69f-50165d22961e =>.WildTangent
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-cd73ed17-d15e-4dcb-8be5-12ea061ecbe0 =>.WildTangent
O42 - Logiciel: PostGIS 2.1.3, PgRouting 2.0 for PostgreSQL x64 9.3 (remove only) - (...) [HKLM][64Bits] -- PostGIS 2.1 bundle for PostgreSQL x64 9.3
O42 - Logiciel: PostgreSQL 9.3 - (.PostgreSQL Global Development Group.) [HKLM][64Bits] -- PostgreSQL 9.3
O42 - Logiciel: PreEmptive Analytics Client French Language Pack - (.PreEmptive Solutions.) [HKLM][64Bits] -- {A9514D8B-004D-4685-A1CF-ACFD30EBD238}
O42 - Logiciel: PreEmptive Analytics Visual Studio Components - (.PreEmptive Solutions.) [HKLM][64Bits] -- {2C76E3DA-BA76-4FAD-B1B1-72B46D639028}
O42 - Logiciel: Python 2.5 numpy-1.0.3 - (...) [HKLM][64Bits] -- Python 2.5 numpy-1.0.3
O42 - Logiciel: Python 2.5.1 - (...) [HKLM][64Bits] -- Python 2.5.1
O42 - Logiciel: QGIS Dufour 2.0.1 Dufour - (.QGIS Development Team.) [HKLM][64Bits] -- QGIS Dufour
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801}
O42 - Logiciel: Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Qualcomm Atheros Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Quantum GIS Wroclaw 1.7.4 Wroclaw - (.QGIS Development Team.) [HKLM][64Bits] -- Quantum GIS Wroclaw
O42 - Logiciel: RegTweaker - (.RegTweaker.) [HKLM][64Bits] -- RegTweaker
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: SPDS Extension for AutoCAD® 2015 - (.Autodesk, Inc..) [HKLM][64Bits] -- {0BC7E95D-9408-451E-9891-648B284A4875}
O42 - Logiciel: SafeCast Shared Components - (.Macrovision.) [HKLM][64Bits] -- CdaC13Ba
O42 - Logiciel: SavePass 1.1 - (.OB.) [HKLM][64Bits] -- SavePass 1.1 =>PUP.CrossRider
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense =>PUP.ObjectBrowser
O42 - Logiciel: Sentinel System Driver - (...) [HKLM][64Bits] -- Rainbow Sentinel Driver
O42 - Logiciel: Sentinel System Driver(64-bit) 7.2.2 - (.SafeNet, Inc..) [HKLM][64Bits] -- {97407E09-4EA8-49F0-A513-2C1776A6DEC0}
O42 - Logiciel: Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) - (.Microsoft Corporation.) [HKLM][64Bits] -- KB968369
O42 - Logiciel: Settings Manager - (.Aztec Media Inc.) [HKLM][64Bits] -- Settings Manager =>PUP.SystemK
O42 - Logiciel: Shopper-Pro - (...) [HKLM][64Bits] -- ShopperPro =>PUP.ShopperPro
O42 - Logiciel: Softonic for Windows - (.Softonic International S.L..) [HKCU][64Bits] -- Softonic for Windows =>Toolbar.Conduit
O42 - Logiciel: Spotify - (.Spotify AB.) [HKLM][64Bits] -- Spotify
O42 - Logiciel: Sql Server Customer Experience Improvement Program - (.Microsoft Corporation.) [HKLM][64Bits] -- {2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TOSHIBA Addendum - (.TOSHIBA.) [HKLM][64Bits] -- {C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}
O42 - Logiciel: TOSHIBA Desktop Assist - (.Toshiba Corporation.) [HKLM][64Bits] -- {95CCACF0-010D-45F0-82BF-858643D8BC02}
O42 - Logiciel: TOSHIBA Display Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- {5F6AC07E-50EF-422E-B56E-6521E5B35139}
O42 - Logiciel: TOSHIBA Function Key - (.Toshiba Corporation.) [HKLM][64Bits] -- {16562A90-71BC-41A0-B890-D91B0C267120}
O42 - Logiciel: TOSHIBA Manuals - (.TOSHIBA.) [HKLM][64Bits] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}
O42 - Logiciel: TOSHIBA PC Health Monitor - (.Toshiba Corporation.) [HKLM][64Bits] -- {9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
O42 - Logiciel: TOSHIBA Password Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}
O42 - Logiciel: TOSHIBA Recovery Media Creator - (.Toshiba Corporation.) [HKLM][64Bits] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
O42 - Logiciel: TOSHIBA Service Station - (.Toshiba Corporation.) [HKLM][64Bits] -- {FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Start Screen Option - (.Toshiba Corporation.) [HKLM][64Bits] -- {06B71035-F19F-4F76-9875-FFCCD4FC3F83}
O42 - Logiciel: TOSHIBA System Driver - (.Toshiba Corporation.) [HKLM][64Bits] -- {1E6A96A1-2BAB-43EF-8087-30437593C66C}
O42 - Logiciel: TOSHIBA System Settings - (.Toshiba Corporation.) [HKLM][64Bits] -- {05A55927-DB9B-4E26-BA44-828EBFF829F0}
O42 - Logiciel: TOSHIBA VIDEO PLAYER - (.Toshiba Corporation.) [HKLM][64Bits] -- {FF07604E-C860-40E9-A230-E37FA41F103A}
O42 - Logiciel: TOSHIBA eco Utility - (.Toshiba Corporation.) [HKLM][64Bits] -- {5944B9D4-3C2A-48DE-931E-26B31714A2F7} =>.Toshiba Corporation
O42 - Logiciel: Tools for .Net 3.5 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1690CE56-2231-4E59-9006-A0876D949EA8}
O42 - Logiciel: Tools for .Net 3.5 - FRA Lang Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {C37962EE-EE24-4E9F-8A41-514ACD79177C}
O42 - Logiciel: Toshiba TEMPRO - (.Toshiba Europe GmbH.) [HKLM][64Bits] -- {F76F5214-83A8-4030-80C9-1EF57391D72A} =>.Toshiba Corporation
O42 - Logiciel: Types CLR du système Microsoft pour SQL Server 2012 - (.Microsoft Corporation.) [HKLM][64Bits] -- {7927D9E5-963C-4AE1-8419-544D0D454435}
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App =>.WildTangent
O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM][64Bits] -- VMware_Workstation =>.VMware, Inc
O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM][64Bits] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6} =>.VMware, Inc
O42 - Logiciel: Virtual Villagers 4 - The Tree of Life - (.WildTangent.) [HKLM][64Bits] -- WTA-10619c76-32c6-4bb9-8161-9d8ee60c1b41 =>.WildTangent
O42 - Logiciel: Visual Studio 2010 Prerequisites - English - (.Microsoft Corporation.) [HKLM][64Bits] -- {662014D2-0450-37ED-ABAE-157C88127BEB}
O42 - Logiciel: Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU - (.Microsoft Corporation.) [HKLM][64Bits] -- {112C23F2-C036-4D40-BED4-0CB47BF5555C}
O42 - Logiciel: Visual Studio 2012 Prerequisites - (.Microsoft Corporation.) [HKLM][64Bits] -- {61862D7C-CDBC-48D5-8AE1-3B8BD1E23BC5}
O42 - Logiciel: Visual Studio 2012 Prerequisites - FRA Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {859877AC-0C89-30A7-B7FE-1709CA48855A}
O42 - Logiciel: Visual Studio Extensions for Windows Library for JavaScript - (.Microsoft Corporation.) [HKLM][64Bits] -- {89B4532E-19CE-4FA9-9692-10BFD5A38532}
O42 - Logiciel: WCF Data Services 5.0 (for OData v3) FRA Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {BF9DC8DC-0891-405A-9AFC-21F1D10FBDB0}
O42 - Logiciel: WCF Data Services 5.0 (for OData v3) Primary Components - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BCC836F-0B28-4090-B58A-64883BAA3B2F}
O42 - Logiciel: WCF Data Services Tools for Visual Studio 11 FRA Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {73105938-42A2-457F-9E9D-DB9514BE89E2}
O42 - Logiciel: WCF RIA Services V1.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {3A523AF9-D32F-4C85-8388-0335731F3405}
O42 - Logiciel: WampServer 2.5 - (.Hervé Leclerc (HeL).) [HKLM][64Bits] -- WampServer 2_is1
O42 - Logiciel: Web Deployment Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {0F37D969-1260-419E-B308-EF7D29ABDE20}
O42 - Logiciel: WildTangent Games App (Toshiba Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba =>.WildTangent
O42 - Logiciel: WinRAR 5.01 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Windows App Certification Kit Native Components - (.Microsoft Corporation.) [HKLM][64Bits] -- {3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}
O42 - Logiciel: Windows App Certification Kit x64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {02213A81-CB13-7262-5ABE-1FFA2C75559F}
O42 - Logiciel: Windows Runtime Intellisense Content - fr-fr - (.Microsoft Corporation.) [HKLM][64Bits] -- {BECE69E4-6664-3C4F-DDBF-A4E226B8957C}
O42 - Logiciel: Windows Software Development Kit - (.Microsoft Corporation.) [HKLM][64Bits] -- {60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}
O42 - Logiciel: Windows Software Development Kit DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {5FB4C443-6BD6-1514-2717-3827D65AE6FB}
O42 - Logiciel: Windows Software Development Kit DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {23176E97-26CB-C72A-19EB-BFB21AC1D15A}
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps - (.Microsoft Corporation.) [HKLM][64Bits] -- {D11F66FF-82B3-DDB8-1146-525370552BE1}
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {27EF252D-800C-ED42-9904-459FE0046225}
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {42F61556-29ED-8122-F39E-6F04EA5FF279}
O42 - Logiciel: WindowsMangerProtect20.0.0.1013 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect =>PUP.Fuyu
O42 - Logiciel: pgJDBC 9.3-1100 - (.EnterpriseDB.) [HKLM][64Bits] -- pgJDBC 9.3-1100-1
O42 - Logiciel: psqlODBC 09.03.0210 - (.EnterpriseDB.) [HKLM][64Bits] -- psqlODBC 09.03.0210-3
O42 - Logiciel: snipsmart - (.snipsmart.) [HKLM][64Bits] -- snipsmart =>PUP.SnipSmart
O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM][64Bits] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249}
O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM][64Bits] -- {D102611A-6466-4101-A51D-51069303AC65}
O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM][64Bits] -- {197597A7-AD33-4898-9D8E-73066818B464}
O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM][64Bits] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}
O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM][64Bits] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}
O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM][64Bits] -- {FFD9383C-01D5-4897-A954-43AF599AED30}
O42 - Logiciel: webssearches uninstall - (.webssearches.) [HKLM][64Bits] -- webssearches uninstall =>Hijacker.WebsSearches
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
~ Logic: 117 Scanned in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AVAST Software]
[HKCU\Software\AdvanceElite] =>PUP.AdvanceElite
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Ge-Force] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\SavePass 1.1] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Sense]
[HKCU\Software\AppDataLow\Software\SmartBar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\ThinPrint]
[HKCU\Software\AppDataLow]
[HKCU\Software\Autodesk]
[HKCU\Software\BitTorrent] =>P2P.BitTorrent
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Disc Soft]
[HKCU\Software\ERDAS]
[HKCU\Software\ESRI]
[HKCU\Software\Facebook]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Macromedia]
[HKCU\Software\MathWorks]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\OB]
[HKCU\Software\ODBC]
[HKCU\Software\Perfect Software]
[HKCU\Software\Policies]
[HKCU\Software\PopCap]
[HKCU\Software\PostgreSQL]
[HKCU\Software\QGIS]
[HKCU\Software\QuantumGIS]
[HKCU\Software\RegTweaker]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\ShopperPro] =>PUP.ShopperPro
[HKCU\Software\SkypeRS]
[HKCU\Software\SmdmF] =>PUP.SystemK
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Synaptics]
[HKCU\Software\Toshiba]
[HKCU\Software\Trolltech]
[HKCU\Software\UpdateStar] =>Adware.Boxore
[HKCU\Software\VMware, Inc.]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKCU\Software\WildTangent]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate
[HKCU\Software\ooVoo]
[HKCU\Software\pgAdmin III]
[HKCU\Software\skype]
[HKCU\Software\snipsmart] =>PUP.SnipSmart
[HKLM\Software\Atheros]
[HKLM\Software\Autodesk]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\EnterpriseDB]
[HKLM\Software\Ge-Force-nv] =>PUP.CrossRider
[HKLM\Software\Google]
[HKLM\Software\Huawei technologies]
[HKLM\Software\IDT]
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\InstalledOptions]
[HKLM\Software\IntelVolatile]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\Linkey] =>PUP.LinkeySearch
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\MathWorks]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\PostGIS]
[HKLM\Software\PostgreSQL Global Development Group]
[HKLM\Software\PostgreSQL]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safe Software Inc.]
[HKLM\Software\SavePass 1.1-nv] =>PUP.CrossRider
[HKLM\Software\Sense-nv] =>PUP.CrossRider
[HKLM\Software\Softland]
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Synaptics]
[HKLM\Software\ToshibaBlobDelivery]
[HKLM\Software\Toshiba]
[HKLM\Software\VMware, Inc.]
[HKLM\Software\Wow6432Node\2c56e34a-3392-4f09-824a-1aa08ebb85aa] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\74465e3f-8133-4ae5-a14b-97187b0d085c] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\7c967b10-0159-467c-bad4-80bf485eccc4] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\907379b8-c49f-4a4c-bc33-25b81ecba339] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\9ef4a773-47d6-4e0c-bde5-7b3b6fcfb2e3] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\AdvanceElite] =>PUP.AdvanceElite
[HKLM\Software\Wow6432Node\Aegean]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Autodesk]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\DTS, Inc.]
[HKLM\Software\Wow6432Node\DTS]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\ESRI]
[HKLM\Software\Wow6432Node\EnterpriseDB]
[HKLM\Software\Wow6432Node\FLEXlm License Manager]
[HKLM\Software\Wow6432Node\Ge-Force-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\GeoServer]
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Huawei technologies]
[HKLM\Software\Wow6432Node\IAM Aegean Modem Service]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Internet Download Manager]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Linkey] =>PUP.LinkeySearch
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NuGet]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PostgreSQL Global Development Group]
[HKLM\Software\Wow6432Node\PostgreSQL]
[HKLM\Software\Wow6432Node\PreEmptive Solutions]
[HKLM\Software\Wow6432Node\Python]
[HKLM\Software\Wow6432Node\Qualcomm Atheros Inc.]
[HKLM\Software\Wow6432Node\Qualcomm Atheros]
[HKLM\Software\Wow6432Node\RAINBOW TECHNOLOGIES]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SRS Labs]
[HKLM\Software\Wow6432Node\Safenet Sentinel]
[HKLM\Software\Wow6432Node\SavePass 1.1-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Sense-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SmdmF] =>PUP.SystemK
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\TOSHIBA]
[HKLM\Software\Wow6432Node\ThinPrint]
[HKLM\Software\Wow6432Node\Toshiba Corporation]
[HKLM\Software\Wow6432Node\VMware, Inc.]
[HKLM\Software\Wow6432Node\Vantage Software Technologies]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WexTech Systems]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\WinRAR]
[HKLM\Software\Wow6432Node\bb1b8b3d-46ab-4dd9-8d90-8c89563be8b5] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\sMedio]
[HKLM\Software\Wow6432Node\snipsmart] =>PUP.SnipSmart
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
[HKLM\Software\Wow6432Node\webssearchesSoftware] =>Hijacker.WebsSearches
[HKLM\Software\Wow6432Node]
[HKLM\Software\YTDownloader] =>PUP.YTDownloader
~ Key Software: 520 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/10/2014 - 22:58:07 - [0] ----D C:\Program Files (x86)\360
O43 - CFD: 26/10/2014 - 16:32:46 - [] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 15/10/2014 - 19:13:11 - [] ----D C:\Program Files (x86)\AdvanceElite =>PUP.AdvanceElite
O43 - CFD: 16/01/2014 - 00:49:35 - [] ----D C:\Program Files (x86)\AmIcoSingLun
O43 - CFD: 26/10/2014 - 22:45:29 - [] ----D C:\Program Files (x86)\AnswerWorks 4.0
O43 - CFD: 21/03/2015 - 12:00:01 - [] ----D C:\Program Files (x86)\Application Verifier
O43 - CFD: 21/03/2015 - 13:02:52 - [] ----D C:\Program Files (x86)\ArcGIS
O43 - CFD: 16/01/2014 - 00:48:18 - [] ----D C:\Program Files (x86)\Atheros
O43 - CFD: 26/10/2014 - 22:46:11 - [] ----D C:\Program Files (x86)\AutoCAD 2004
O43 - CFD: 26/10/2014 - 23:13:21 - [] ----D C:\Program Files (x86)\AutoCAD 2007
O43 - CFD: 13/01/2015 - 16:37:35 - [] ----D C:\Program Files (x86)\AutoCAD 2015
O43 - CFD: 13/01/2015 - 17:09:45 - [] ----D C:\Program Files (x86)\Autodesk
O43 - CFD: 16/01/2014 - 00:48:47 - [] ----D C:\Program Files (x86)\Bluetooth Suite
O43 - CFD: 21/03/2015 - 12:30:01 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 15/10/2014 - 14:30:28 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 14/05/2014 - 15:23:07 - [] ----D C:\Program Files (x86)\Dev-Cpp
O43 - CFD: 16/01/2014 - 00:43:16 - [] ----D C:\Program Files (x86)\DTS, Inc
O43 - CFD: 16/01/2014 - 01:43:50 - [] ----D C:\Program Files (x86)\eBay =>Toolbar.eBay
O43 - CFD: 10/04/2014 - 20:51:12 - [] ----D C:\Program Files (x86)\ESRI
O43 - CFD: 10/04/2014 - 19:22:22 - [] ----D C:\Program Files (x86)\Evernote_TLauncher
O43 - CFD: 19/04/2014 - 17:50:37 - [] ----D C:\Program Files (x86)\EZDownloader
O43 - CFD: 15/10/2014 - 19:13:12 - [] ----D C:\Program Files (x86)\Ge-Force =>PUP.CrossRider
O43 - CFD: 16/03/2015 - 09:25:12 - [] ----D C:\Program Files (x86)\GeoServer 2.6.2
O43 - CFD: 06/10/2014 - 15:33:53 - [] ----D C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 15/04/2014 - 00:47:21 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 15/05/2014 - 17:54:58 - [] ----D C:\Program Files (x86)\HDM Connection Manager
O43 - CFD: 31/10/2014 - 13:56:44 - [] ----D C:\Program Files (x86)\HTML Help Workshop
O43 - CFD: 31/10/2014 - 14:13:11 - [] ----D C:\Program Files (x86)\IIS
O43 - CFD: 21/03/2015 - 11:50:35 - [] ----D C:\Program Files (x86)\IIS Express
O43 - CFD: 16/01/2014 - 01:44:45 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/01/2014 - 00:38:53 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/12/2014 - 13:56:09 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 26/05/2014 - 10:18:28 - [] ----D C:\Program Files (x86)\Internet Mobile
O43 - CFD: 04/01/2015 - 22:23:42 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 15/06/2014 - 11:55:31 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 21/03/2015 - 11:54:55 - [] ----D C:\Program Files (x86)\Microsoft ASP.NET
O43 - CFD: 31/10/2014 - 14:00:51 - [] ----D C:\Program Files (x86)\Microsoft F#
O43 - CFD: 12/12/2014 - 12:53:01 - [] ----D C:\Program Files (x86)\Microsoft FrontPage Express
O43 - CFD: 21/03/2015 - 11:27:13 - [] ----D C:\Program Files (x86)\Microsoft Help Viewer
O43 - CFD: 26/10/2014 - 22:45:27 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 21/03/2015 - 12:06:09 - [] ----D C:\Program Files (x86)\Microsoft SDKs
O43 - CFD: 23/07/2014 - 22:20:09 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 24/04/2014 - 21:21:27 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 21/03/2015 - 11:21:30 - [] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 21/03/2015 - 12:01:38 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 15/06/2014 - 11:58:19 - [] ----D C:\Program Files (x86)\Microsoft Sync Framework
O43 - CFD: 15/06/2014 - 11:58:55 - [] ----D C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 31/10/2014 - 14:20:42 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 10.0
O43 - CFD: 21/03/2015 - 12:12:59 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 11.0
O43 - CFD: 15/06/2014 - 11:56:29 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 31/10/2014 - 13:36:44 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 9.0
O43 - CFD: 21/03/2015 - 11:48:05 - [] ----D C:\Program Files (x86)\Microsoft WCF Data Services
O43 - CFD: 21/03/2015 - 11:52:20 - [] ----D C:\Program Files (x86)\Microsoft Web Tools
O43 - CFD: 31/10/2014 - 14:31:41 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 21/04/2014 - 17:01:26 - [] ----D C:\Program Files (x86)\Modem HDM EC156
O43 - CFD: 06/03/2015 - 16:10:30 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 06/03/2015 - 16:10:27 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 21/03/2015 - 13:06:19 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 10/04/2014 - 15:09:01 - [] ----D C:\Program Files (x86)\My Connection
O43 - CFD: 27/11/2014 - 21:27:37 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 06/03/2015 - 16:10:29 - [] ----D C:\Program Files (x86)\Notepad++
O43 - CFD: 21/03/2015 - 11:48:28 - [] ----D C:\Program Files (x86)\NuGet
O43 - CFD: 24/04/2014 - 18:39:38 - [] ----D C:\Program Files (x86)\Philcarto
O43 - CFD: 14/11/2014 - 20:46:08 - [] ----D C:\Program Files (x86)\PostgreSQL
O43 - CFD: 28/11/2014 - 11:46:32 - [] ----D C:\Program Files (x86)\Quantum GIS Wroclaw
O43 - CFD: 28/08/2013 - 22:21:55 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 21/01/2015 - 15:09:54 - [] ----D C:\Program Files (x86)\RegTweaker
O43 - CFD: 13/12/2014 - 18:26:08 - [] ----D C:\Program Files (x86)\SavePass 1.1 =>PUP.CrossRider
O43 - CFD: 18/10/2014 - 21:13:03 - [] ----D C:\Program Files (x86)\Sense
O43 - CFD: 15/10/2014 - 14:27:22 - [] ----D C:\Program Files (x86)\Settings Manager =>PUP.SystemK
O43 - CFD: 15/10/2014 - 19:13:15 - [] ----D C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro
O43 - CFD: 18/10/2014 - 21:13:03 - [] ----D C:\Program Files (x86)\snipsmart =>PUP.SnipSmart
O43 - CFD: 08/12/2013 - 17:22:03 - [] ----D C:\Program Files (x86)\Spotify
O43 - CFD: 13/12/2014 - 18:26:27 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 19/04/2014 - 16:18:13 - [] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 15/10/2014 - 12:34:25 - [0] ----D C:\Program Files (x86)\sweetpacks bundle uninstaller =>PUP.SweetIM
O43 - CFD: 16/01/2014 - 01:44:45 - [] ----D C:\Program Files (x86)\TOSHIBA
O43 - CFD: 16/01/2014 - 01:43:09 - [] ----D C:\Program Files (x86)\TOSHIBA Games
O43 - CFD: 16/01/2014 - 01:08:33 - [] ----D C:\Program Files (x86)\Toshiba TEMPRO =>.Toshiba Corporation
O43 - CFD: 30/10/2014 - 18:09:02 - [] ----D C:\Program Files (x86)\VMware
O43 - CFD: 20/04/2014 - 16:30:36 - [] ----D C:\Program Files (x86)\VS Revo Group
O43 - CFD: 16/01/2014 - 01:41:34 - [] ----D C:\Program Files (x86)\WildGames
O43 - CFD: 18/10/2014 - 21:04:39 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 13/11/2014 - 01:13:24 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 21/03/2015 - 11:45:06 - [] ----D C:\Program Files (x86)\Windows Kits
O43 - CFD: 16/04/2014 - 01:18:29 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 26/04/2014 - 22:30:02 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/04/2014 - 22:30:03 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - 15:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 16/04/2014 - 01:18:29 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/04/2014 - 22:30:02 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 22/08/2013 - 15:36:30 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/08/2013 - 15:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 12/12/2014 - 12:53:04 - [] ----D C:\Program Files (x86)\WindowsUpdate
O43 - CFD: 19/04/2014 - 16:17:19 - [] ----D C:\Program Files (x86)\WinRAR
O43 - CFD: 21/03/2015 - 21:06:06 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 21/03/2015 - 12:30:03 - [] ----D C:\Program Files (x86)\Common Files\AnswerWorks 4.0
O43 - CFD: 21/03/2015 - 12:34:54 - [] ----D C:\Program Files (x86)\Common Files\ArcGIS
O43 - CFD: 16/01/2014 - 00:48:47 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 13/01/2015 - 17:10:20 - [] ----D C:\Program Files (x86)\Common Files\Autodesk Shared
O43 - CFD: 21/03/2015 - 12:26:42 - [] ----D C:\Program Files (x86)\Common Files\Data Dynamics
O43 - CFD: 26/10/2014 - 22:45:27 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 21/03/2015 - 10:53:01 - [] ----D C:\Program Files (x86)\Common Files\ESRI
O43 - CFD: 16/01/2014 - 00:38:36 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 04/01/2015 - 22:25:39 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 21/03/2015 - 12:55:41 - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 21/03/2015 - 11:16:39 - [] ----D C:\Program Files (x86)\Common Files\Merge Modules
O43 - CFD: 21/03/2015 - 11:57:38 - [] ----D C:\Program Files (x86)\Common Files\Microsoft
O43 - CFD: 21/03/2015 - 11:47:01 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 16/01/2014 - 00:35:05 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 22/08/2013 - 15:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 20/06/2014 - 10:40:57 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 21/03/2015 - 12:25:40 - [] ----D C:\Program Files (x86)\Common Files\Tom Sawyer Software
O43 - CFD: 16/01/2014 - 01:00:37 - [] ----D C:\Program Files (x86)\Common Files\Toshiba Shared
O43 - CFD: 30/10/2014 - 18:09:02 - [] ----D C:\Program Files (x86)\Common Files\VMware
O43 - CFD: 18/10/2014 - 21:16:13 - [] -SH-D C:\ProgramData\360Quarant
O43 - CFD: 16/01/2014 - 00:49:35 - [] ----D C:\ProgramData\AmUStor
O43 - CFD: 22/08/2013 - 14:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 13/01/2015 - 17:37:15 - [] ----D C:\ProgramData\Autodesk
O43 - CFD: 15/10/2014 - 11:56:58 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 10/04/2014 - 06:32:52 - [] ----D C:\ProgramData\BDLogging
O43 - CFD: 28/05/2014 - 10:37:09 - [] ----D C:\ProgramData\Bitdefender
O43 - CFD: 18/10/2014 - 20:59:07 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 15/10/2014 - 14:31:33 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 26/05/2014 - 10:19:52 - [] ----D C:\ProgramData\DatacardService
O43 - CFD: 22/08/2013 - 14:45:52 - [] -S--D C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - 14:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 13/01/2015 - 17:23:44 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 01/02/2015 - 12:22:04 - [0] ----D C:\ProgramData\IDM
O43 - CFD: 26/10/2014 - 16:32:31 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 19/04/2014 - 17:41:11 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 16/01/2014 - 00:41:27 - [] ----D C:\ProgramData\Intel
O43 - CFD: 26/05/2014 - 10:18:28 - [] ----D C:\ProgramData\Internet Mobile
O43 - CFD: 10/04/2014 - 21:03:30 - [] ----D C:\ProgramData\Macrovision
O43 - CFD: 10/04/2014 - 06:26:59 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 21/03/2015 - 13:17:39 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 21/02/2015 - 15:00:42 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 24/04/2014 - 21:21:17 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 03/03/2015 - 18:48:09 - [] ----D C:\ProgramData\Microsoft Visual Studio
O43 - CFD: 12/04/2014 - 21:16:20 - [] ----D C:\ProgramData\MobileBrServ
O43 - CFD: 21/04/2014 - 17:01:26 - [] ----D C:\ProgramData\Modem HDM EC156
O43 - CFD: 06/03/2015 - 16:10:27 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 04/01/2015 - 22:23:58 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 21/03/2015 - 11:07:18 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 07/05/2014 - 14:43:53 - [] ----D C:\ProgramData\PopCap Games
O43 - CFD: 31/10/2014 - 14:20:43 - [] ----D C:\ProgramData\PreEmptive Solutions
O43 - CFD: 16/01/2014 - 00:47:57 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 21/03/2015 - 11:03:45 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 15/10/2014 - 19:13:16 - [] ----D C:\ProgramData\ShopperPro =>PUP.ShopperPro
O43 - CFD: 15/03/2015 - 23:22:21 - [] ----D C:\ProgramData\Skype
O43 - CFD: 15/10/2014 - 21:35:06 - [] ----D C:\ProgramData\smdmf =>PUP.SystemK
O43 - CFD: 16/01/2014 - 00:43:16 - [] ----D C:\ProgramData\SRS Labs
O43 - CFD: 22/08/2013 - 14:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 25/06/2014 - 14:35:14 - [] ----D C:\ProgramData\Sun
O43 - CFD: 22/08/2013 - 14:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 06/10/2014 - 15:29:49 - [] ----D C:\ProgramData\Thunder Network
O43 - CFD: 10/04/2014 - 05:18:48 - [] ----D C:\ProgramData\Toshiba
O43 - CFD: 10/04/2014 - 15:14:44 - [] ----D C:\ProgramData\ToshibaEurope
O43 - CFD: 15/03/2015 - 23:28:01 - [] ----D C:\ProgramData\VMware
O43 - CFD: 20/04/2014 - 16:29:10 - [] ----D C:\ProgramData\Wild Tangent
O43 - CFD: 18/10/2014 - 21:03:41 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 21/03/2015 - 11:59:53 - [] ----D C:\ProgramData\Windows App Certification Kit
O43 - CFD: 14/03/2015 - 23:24:10 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 06/10/2014 - 15:30:32 - [] ----D C:\ProgramData\Xunlei
O43 - CFD: 06/10/2014 - 15:52:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 22/08/2013 - 15:36:33 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - 19:12:21 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 26/04/2014 - 22:30:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/03/2015 - 13:06:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcGIS
O43 - CFD: 13/01/2015 - 17:11:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
O43 - CFD: 13/01/2015 - 16:57:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk AutoCAD Civil 3D 2015
O43 - CFD: 13/01/2015 - 17:05:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
O43 - CFD: 10/12/2014 - 23:27:43 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 12/05/2014 - 22:25:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloodshed Dev-C++
O43 - CFD: 15/10/2014 - 14:30:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 16/01/2014 - 00:43:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS, Inc
O43 - CFD: 19/04/2014 - 17:50:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
O43 - CFD: 18/10/2014 - 21:05:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 15/04/2014 - 00:47:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 15/05/2014 - 17:53:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDM Connection Manager
O43 - CFD: 26/05/2014 - 10:18:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Mobile
O43 - CFD: 25/06/2014 - 14:34:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 25/06/2014 - 14:33:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 22/08/2013 - 15:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 03/03/2015 - 16:14:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
O43 - CFD: 15/06/2014 - 12:00:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 24/04/2014 - 21:17:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 23/07/2014 - 22:21:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 31/10/2014 - 14:17:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 3 SDK
O43 - CFD: 21/03/2015 - 12:04:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK - Français
O43 - CFD: 21/03/2015 - 12:05:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK - Français
O43 - CFD: 31/10/2014 - 14:33:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
O43 - CFD: 31/10/2014 - 14:23:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Sync Framework
O43 - CFD: 01/11/2014 - 15:58:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
O43 - CFD: 21/03/2015 - 12:14:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
O43 - CFD: 21/04/2014 - 17:01:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem HDM EC156
O43 - CFD: 10/04/2014 - 15:09:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Connection
O43 - CFD: 27/06/2014 - 23:08:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
O43 - CFD: 06/03/2015 - 16:10:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 24/04/2014 - 18:39:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Philcarto
O43 - CFD: 14/11/2014 - 20:47:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostGIS 2.1 bundle for PostgreSQL x64 9.3
O43 - CFD: 14/11/2014 - 20:46:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Postgres Plus Add-ons
O43 - CFD: 14/11/2014 - 16:26:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3
O43 - CFD: 10/04/2014 - 20:51:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.5
O43 - CFD: 06/01/2015 - 22:59:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGIS Dufour
O43 - CFD: 28/11/2014 - 11:46:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quantum GIS Wroclaw
O43 - CFD: 21/01/2015 - 15:09:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegTweaker
O43 - CFD: 15/06/2014 - 12:00:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 16/01/2014 - 01:52:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 26/04/2014 - 22:30:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 22/08/2013 - 19:12:21 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 16/01/2014 - 01:44:25 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
O43 - CFD: 30/10/2014 - 18:11:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 15/03/2015 - 21:46:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
O43 - CFD: 21/03/2015 - 11:59:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
O43 - CFD: 19/04/2014 - 16:17:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 21/03/2015 - 21:06:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 10/04/2014 - 05:15:47 - [] ----D C:\Users\omaima\AppData\Roaming\Adobe
O43 - CFD: 13/01/2015 - 17:37:15 - [] ----D C:\Users\omaima\AppData\Roaming\Autodesk
O43 - CFD: 15/10/2014 - 12:05:38 - [] ----D C:\Users\omaima\AppData\Roaming\AVAST Software
O43 - CFD: 15/10/2014 - 14:31:30 - [] ----D C:\Users\omaima\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 14/05/2014 - 15:28:18 - [] ----D C:\Users\omaima\AppData\Roaming\Dev-Cpp
O43 - CFD: 06/03/2015 - 15:16:14 - [0] ----D C:\Users\omaima\AppData\Roaming\DMCache
O43 - CFD: 20/10/2014 - 09:26:27 - [] ----D C:\Users\omaima\AppData\Roaming\Dropbox
O43 - CFD: 15/10/2014 - 14:11:56 - [] ----D C:\Users\omaima\AppData\Roaming\DropboxMaster
O43 - CFD: 21/04/2014 - 19:43:08 - [] ----D C:\Users\omaima\AppData\Roaming\ESRI
O43 - CFD: 14/04/2014 - 20:25:50 - [] ----D C:\Users\omaima\AppData\Roaming\Islands
O43 - CFD: 10/04/2014 - 06:15:42 - [] ----D C:\Users\omaima\AppData\Roaming\Macromedia
O43 - CFD: 25/06/2014 - 12:40:39 - [] ----D C:\Users\omaima\AppData\Roaming\MathWorks
O43 - CFD: 13/01/2015 - 16:24:35 - [] -S--D C:\Users\omaima\AppData\Roaming\Microsoft
O43 - CFD: 06/03/2015 - 16:10:45 - [] ----D C:\Users\omaima\AppData\Roaming\Mozilla
O43 - CFD: 27/06/2014 - 23:36:48 - [] ----D C:\Users\omaima\AppData\Roaming\NetBeans
O43 - CFD: 06/03/2015 - 16:10:43 - [] ----D C:\Users\omaima\AppData\Roaming\Notepad++
O43 - CFD: 19/04/2014 - 17:29:11 - [] ----D C:\Users\omaima\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 05/12/2014 - 16:39:46 - [] ----D C:\Users\omaima\AppData\Roaming\postgresql
O43 - CFD: 10/04/2014 - 06:30:57 - [0] ----D C:\Users\omaima\AppData\Roaming\QuickScan
O43 - CFD: 15/03/2015 - 23:21:56 - [] ----D C:\Users\omaima\AppData\Roaming\Skype
O43 - CFD: 25/04/2014 - 15:36:27 - [] ----D C:\Users\omaima\AppData\Roaming\sMedio
O43 - CFD: 16/03/2015 - 17:32:51 - [] ----D C:\Users\omaima\AppData\Roaming\Spotify
O43 - CFD: 16/03/2015 - 09:18:39 - [] ----D C:\Users\omaima\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 22/01/2015 - 13:07:06 - [] ----D C:\Users\omaima\AppData\Roaming\VMware
O43 - CFD: 26/10/2014 - 16:31:21 - [] ----D C:\Users\omaima\AppData\Roaming\webssearches =>Hijacker.WebsSearches
O43 - CFD: 18/10/2014 - 20:57:53 - [] ----D C:\Users\omaima\AppData\Roaming\WildTangent
O43 - CFD: 19/04/2014 - 16:33:27 - [] ----D C:\Users\omaima\AppData\Roaming\WinRAR
O43 - CFD: 21/03/2015 - 21:13:46 - [] ----D C:\Users\omaima\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 24/12/2014 - 22:08:05 - [] ----D C:\Users\omaima\AppData\Local\Akamai
O43 - CFD: 10/04/2014 - 05:15:26 - [] -SH-D C:\Users\omaima\AppData\Local\Application Data
O43 - CFD: 15/04/2014 - 00:39:36 - [] ----D C:\Users\omaima\AppData\Local\Apps
O43 - CFD: 03/01/2015 - 20:17:21 - [] ----D C:\Users\omaima\AppData\Local\assembly
O43 - CFD: 13/01/2015 - 17:24:13 - [] ----D C:\Users\omaima\AppData\Local\Autodesk
O43 - CFD: 06/10/2014 - 15:36:32 - [] ----D C:\Users\omaima\AppData\Local\CrashRpt
O43 - CFD: 19/04/2014 - 17:29:59 - [] ----D C:\Users\omaima\AppData\Local\CRE
O43 - CFD: 15/04/2014 - 00:40:10 - [0] ----D C:\Users\omaima\AppData\Local\Deployment
O43 - CFD: 25/06/2014 - 21:48:35 - [] ----D C:\Users\omaima\AppData\Local\Eclipse
O43 - CFD: 19/06/2014 - 12:20:33 - [0] ----D C:\Users\omaima\AppData\Local\ElevatedDiagnostics
O43 - CFD: 18/12/2014 - 00:54:12 - [] -SH-D C:\Users\omaima\AppData\Local\EmieBrowserModeList
O43 - CFD: 05/05/2014 - 12:56:40 - [] -SH-D C:\Users\omaima\AppData\Local\EmieSiteList
O43 - CFD: 05/05/2014 - 12:56:40 - [] -SH-D C:\Users\omaima\AppData\Local\EmieUserList
O43 - CFD: 19/10/2014 - 00:18:25 - [] ----D C:\Users\omaima\AppData\Local\ESRI
O43 - CFD: 21/04/2014 - 22:30:19 - [] ----D C:\Users\omaima\AppData\Local\Facebook
O43 - CFD: 06/10/2014 - 15:33:53 - [] ----D C:\Users\omaima\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 15/04/2014 - 00:47:43 - [] ----D C:\Users\omaima\AppData\Local\Google
O43 - CFD: 10/04/2014 - 05:15:26 - [] -SH-D C:\Users\omaima\AppData\Local\Historique
O43 - CFD: 15/10/2014 - 19:13:16 - [] ----D C:\Users\omaima\AppData\Local\Linkey =>PUP.LinkeySearch
O43 - CFD: 21/03/2015 - 13:26:23 - [] ----D C:\Users\omaima\AppData\Local\Microsoft
O43 - CFD: 30/12/2014 - 15:18:20 - [] ----D C:\Users\omaima\AppData\Local\Microsoft Help
O43 - CFD: 06/03/2015 - 16:10:47 - [] ----D C:\Users\omaima\AppData\Local\Mozilla
O43 - CFD: 19/04/2014 - 17:29:59 - [] ----D C:\Users\omaima\AppData\Local\NativeMessaging
O43 - CFD: 27/06/2014 - 23:36:43 - [] ----D C:\Users\omaima\AppData\Local\NetBeans
O43 - CFD: 15/06/2014 - 10:44:51 - [] ----D C:\Users\omaima\AppData\Local\Packages
O43 - CFD: 19/04/2014 - 17:50:36 - [] ----D C:\Users\omaima\AppData\Local\Programs
O43 - CFD: 06/02/2015 - 23:33:01 - [] ----D C:\Users\omaima\AppData\Local\Skype
O43 - CFD: 03/02/2015 - 01:12:28 - [] ----D C:\Users\omaima\AppData\Local\Softonic =>Toolbar.Conduit
O43 - CFD: 16/03/2015 - 17:32:26 - [] ----D C:\Users\omaima\AppData\Local\Spotify
O43 - CFD: 19/04/2014 - 17:29:57 - [] ----D C:\Users\omaima\AppData\Local\tbccint =>Toolbar.Conduit
O43 - CFD: 21/03/2015 - 21:13:01 - [] ----D C:\Users\omaima\AppData\Local\Temp
O43 - CFD: 10/04/2014 - 05:15:26 - [] -SH-D C:\Users\omaima\AppData\Local\Temporary Internet Files
O43 - CFD: 13/04/2014 - 18:26:30 - [] ----D C:\Users\omaima\AppData\Local\TOSHIBA
O43 - CFD: 30/05/2014 - 10:05:58 - [] ----D C:\Users\omaima\AppData\Local\VirtualStore
O43 - CFD: 22/01/2015 - 13:07:10 - [] ----D C:\Users\omaima\AppData\Local\VMware
O43 - CFD: 07/05/2014 - 14:58:38 - [] ----D C:\Users\omaima\AppData\Local\Wild Tangent
O43 - CFD: 22/08/2013 - 15:36:32 - [] R---D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 12/12/2014 - 12:53:03 - [] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessoires
O43 - CFD: 22/08/2013 - 15:36:32 - [] R---D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 10/04/2014 - 05:15:58 - [] R---D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 15/10/2014 - 14:11:24 - [] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 16/03/2015 - 09:25:12 - [] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GeoServer 2.6.2
O43 - CFD: 22/08/2013 - 15:36:32 - [] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/10/2014 - 14:28:33 - [] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 06/03/2015 - 16:10:23 - [0] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 20/04/2014 - 16:30:39 - [] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 02/02/2015 - 23:56:14 - [] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic =>Toolbar.Conduit
O43 - CFD: 15/10/2014 - 14:28:33 - [] R---D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 22/08/2013 - 15:36:32 - [] R---D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 19/04/2014 - 16:17:19 - [] ----D C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 295 Scanned in 00mn 04s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.7175E023D44BBE1EAC6FD0D8A83DF953] - 14/03/2015 - 23:23:16 ---A- . (...) -- C:\Windows\PFRO.log [112682]
O44 - LFC:[MD5.9ED62B37D3BA99B5178C09F2C9718145] - 14/03/2015 - 23:55:55 ---A- . (...) -- C:\Windows\System32\2015-03-14-23-27-18.054-AvastVBoxSVC.exe-3716.log [197]
O44 - LFC:[MD5.8087693AD537D3238257ADE37D666972] - 15/03/2015 - 22:33:48 ---A- . (...) -- C:\Windows\System32\2015-03-15-22-33-47.061-AvastVBoxSVC.exe-2720.log [0]
O44 - LFC:[MD5.6A9E301B6788063BCF1CCA052D635752] - 15/03/2015 - 22:41:43 ---A- . (...) -- C:\Windows\System32\2015-03-15-22-33-50.025-aswFe.exe-5060.log [247]
O44 - LFC:[MD5.E64A89D89268F623E2554F94B38EAC56] - 15/03/2015 - 22:41:59 ---A- . (...) -- C:\Windows\System32\2015-03-15-22-41-56.070-aswFe.exe-1616.log [247]
O44 - LFC:[MD5.135D637238ED7AD21541FC9C7019F440] - 15/03/2015 - 23:32:05 ---A- . (...) -- C:\Windows\System32\2015-03-15-23-30-21.003-AvastVBoxSVC.exe-3408.log [197]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/03/2015 - 11:09:20 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_SensorsSimulatorDriver_01_11_00.Wdf [0]
O44 - LFC:[MD5.5B14FB881768D0A63C0E2AD4539A1DAE] - 21/03/2015 - 15:26:43 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.D842D2BBEEE0BA31E76DEF242F4ABA3B] - 21/03/2015 - 18:26:54 ---A- . (...) -- C:\Windows\setupact.log [35253]
O44 - LFC:[MD5.B2B4DBC97D3AEB3B272AD810FAE57CE5] - 21/03/2015 - 18:30:00 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [2123536]
O44 - LFC:[MD5.22F471893E19A8F0C58A63797334558D] - 21/03/2015 - 18:30:00 ---A- . (...) -- C:\Windows\System32\perfc009.dat [174966]
O44 - LFC:[MD5.EC25ACB521E632ECC1B8BB0DE8C9EB71] - 21/03/2015 - 18:30:00 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [202408]
O44 - LFC:[MD5.EA173D85F88E1321DBE076E08A45F3BF] - 21/03/2015 - 18:30:00 ---A- . (...) -- C:\Windows\System32\perfh009.dat [825350]
O44 - LFC:[MD5.8D97767F362F55B141AA279945C6DA2E] - 21/03/2015 - 18:30:00 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [920130]
O44 - LFC:[MD5.EE6891F851AFB9A12ADEDE884328B0EE] - 21/03/2015 - 20:47:14 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1789687]
~ Files: 15 Scanned in 01mn 04s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.3019141D08A04EBC244BC08A995C5072] - 15/03/2015 - 22:10:16 ---A- - C:\Windows\Prefetch\MYPC BACKUP.EXE-D2D9F9B9.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.C1884294F18DD58B5996A9B35CFAE3B4] - 01/03/2015 - 15:29:02 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.7F0CDB604F7371524BA8E5C597162A8C] - 18/10/2014 - 20:53:49 ---A- - C:\Windows\Prefetch\SNIPSMART.BOAS.EXE-A3DA89C5.pf =>PUP.SnipSmart
O45 - LFCP:[MD5.5806BC8A36A36E026EA06E5E39F7D3F4] - 18/10/2014 - 20:53:46 ---A- - C:\Windows\Prefetch\SNIPSMART.BOASPRT.EXE-1CA073EB.pf =>PUP.SnipSmart
O45 - LFCP:[MD5.A0BA61F1B4B5F2B247D4BC3D49F05857] - 18/10/2014 - 20:57:11 ---A- - C:\Windows\Prefetch\SNIPSMART.PURBROWSE64.EXE-0E79745B.pf =>PUP.SnipSmart
O45 - LFCP:[MD5.B53021A7E0A718B65A7ED3B448D71393] - 01/02/2015 - 12:19:57 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_INTER-7393A700.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.3E2927846FB1C0BB5AA0A882EE9A43C0] - 14/12/2014 - 22:54:15 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_WAMPS-0FE75D76.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.2DE32FE1E0DA5233BE914C33344D4C92] - 14/12/2014 - 23:17:34 ---A- - C:\Windows\Prefetch\SOFTONIC_FR_1-5-11_FR-PRODUCT-404CEEA6.pf =>Toolbar.Conduit
~ Prefetcher: 8 Scanned in 00mn 02s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
~ LSA: 3 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{0837017b-c079-11e3-8260-28e347087e9f}\AutoRun\command. (...) -- E:\autorun.exe (.not file.)
O51 - MPSK:{08df39bd-dc64-11e3-8273-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{08df3a36-dc64-11e3-8273-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{08df4168-dc64-11e3-8273-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{0b35a23d-d0c7-11e3-826f-001e101f3ad5}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{0b35bf51-d0c7-11e3-826f-001e101f3ad5}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{1e141f88-c433-11e3-8267-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{1e141fad-c433-11e3-8267-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{1e141fed-c433-11e3-8267-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{25acdf3e-f7a7-11e3-827c-582c80139263}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{25ace056-f7a7-11e3-827c-582c80139263}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{77b30016-ebd8-11e3-8279-28e347087e9f}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)
O51 - MPSK:{7bf5b47f-c275-11e3-8265-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{7bf5b56e-c275-11e3-8265-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{9ab939bd-c504-11e3-8269-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{9d41bdad-b9e5-11e4-82c2-28e347087e9f}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{bc099a3a-c872-11e3-826d-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{bc099ac5-c872-11e3-826d-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{bc09a8b5-c872-11e3-826d-001e101f2269}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{c6451284-efcf-11e3-827a-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
O51 - MPSK:{d03ffbbb-6060-11e4-829b-28e347087e9f}\AutoRun\command. (...) -- E:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 4 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:22/08/2013 - 12:43:41 ----- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896]
O58 - SDL:22/08/2013 - 12:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176]
O58 - SDL:20/06/2011 - 16:00:48 ---A- . (.TCT International Mobile Inc. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\AlcatelOTUsbnet.sys [138752]
O58 - SDL:22/08/2013 - 12:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200]
O58 - SDL:22/08/2013 - 12:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424]
O58 - SDL:22/08/2013 - 12:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952]
O58 - SDL:25/06/2013 - 02:34:22 ----- . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\System32\Drivers\AmUStor.sys [109336]
O58 - SDL:22/08/2013 - 12:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016]
O58 - SDL:15/11/2014 - 00:26:31 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] =>.ALWIL Software
O58 - SDL:15/11/2014 - 00:26:31 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [83280]
O58 - SDL:15/11/2014 - 00:26:29 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93568]
O58 - SDL:15/11/2014 - 00:26:31 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] =>.ALWIL Software
O58 - SDL:27/11/2014 - 00:26:57 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [1050432]
O58 - SDL:15/11/2014 - 00:26:31 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [436624]
O58 - SDL:15/11/2014 - 00:26:32 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [116728]
O58 - SDL:15/11/2014 - 00:26:31 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [267632] =>.ALWIL Software
O58 - SDL:24/10/2013 - 08:03:40 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athwbx.sys [3858944]
O58 - SDL:12/08/2013 - 23:25:46 ----- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:01/10/2013 - 10:49:18 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [594632]
O58 - SDL:22/08/2013 - 12:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296]
O58 - SDL:17/08/2011 - 08:58:20 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\ccdcmbox64.sys [27136]
O58 - SDL:17/08/2011 - 08:58:16 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\ccdcmbx64.sys [19968]
O58 - SDL:15/10/2014 - 14:30:28 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283064]
O58 - SDL:22/08/2013 - 12:43:45 ----- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [32768]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ewusbmdm.sys [225920]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\ewusbwwan.sys [450048]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\Drivers\ew_hwupgrade.sys [22016]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\Drivers\ew_jubusenum.sys [90112]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\Drivers\ew_jucdcacm.sys [104448]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_jucdcecm.sys [76800]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\Drivers\ew_juextctrl.sys [30720]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_juwwanecm.sys [238080]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\Drivers\ew_usbenumfilter.sys [13952]
O58 - SDL:09/10/2013 - 08:04:06 ---A- . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\Drivers\hcmon.sys [53816]
O58 - SDL:22/08/2013 - 12:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352]
O58 - SDL:30/07/2013 - 18:47:35 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:25/07/2013 - 19:05:39 ----- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:07/08/2013 - 22:23:46 ----- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [644968]
O58 - SDL:10/08/2013 - 00:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248]
O58 - SDL:22/08/2013 - 12:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000]
O58 - SDL:16/09/2013 - 16:17:28 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [4177920]
O58 - SDL:16/09/2013 - 16:21:52 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [449528]
O58 - SDL:22/08/2013 - 22:51:12 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [39320]
O58 - SDL:22/08/2013 - 22:51:12 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [26008]
O58 - SDL:20/06/2011 - 16:00:48 ---A- . (.TCT International Mobile Ltd - USB/Serial Device Driver.) -- C:\Windows\System32\Drivers\jrdusbser.sys [120832]
O58 - SDL:18/07/2013 - 05:55:44 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys [130248]
O58 - SDL:22/08/2013 - 12:43:44 ----- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408]
O58 - SDL:22/08/2013 - 12:43:45 ----- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536]
O58 - SDL:22/08/2013 - 12:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760]
O58 - SDL:22/08/2013 - 12:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784]
O58 - SDL:22/08/2013 - 12:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672]
O58 - SDL:22/08/2013 - 12:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840]
O58 - SDL:10/09/2012 - 03:32:44 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [1001472]
O58 - SDL:22/08/2013 - 12:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840]
O58 - SDL:22/08/2013 - 12:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368]
O58 - SDL:22/08/2013 - 12:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288]
O58 - SDL:24/04/2013 - 16:17:38 ---A- . (.Qualcomm Inc. - USB/Serial Device Driver.) -- C:\Windows\System32\Drivers\qcusbser.sys [242688]
O58 - SDL:31/07/2013 - 18:25:43 ---A- . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\Drivers\rtwlane.sys [1936088]
O58 - SDL:22/08/2013 - 15:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:20/04/2006 - 14:22:00 ----- . (.SafeNet, Inc. - Sentinel System Driver (64-bit Parallel driver).) -- C:\Windows\System32\Drivers\Sentinel64.sys [141888]
O58 - SDL:22/08/2013 - 12:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896]
O58 - SDL:22/08/2013 - 12:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760]
O58 - SDL:06/08/2014 - 09:14:10 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [34544]
O58 - SDL:22/01/2014 - 07:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [108800]
O58 - SDL:22/01/2014 - 07:52:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [206080]
O58 - SDL:22/08/2013 - 12:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:16/08/2013 - 13:21:10 ---A- . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\Drivers\stwrt64.sys [551936]
O58 - SDL:06/08/2014 - 09:14:34 ---A- . (.Synaptics Incorporated - Synaptics Touchpad 64-bit Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [528112]
O58 - SDL:25/07/2012 - 00:54:00 ----- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\System32\Drivers\tdcmdpst.sys [31184]
O58 - SDL:04/09/2013 - 00:52:14 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\TeeDriverx64.sys [99288]
O58 - SDL:19/08/2013 - 20:32:10 ---A- . (.Windows (R) Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\Windows\System32\Drivers\Thotkey.sys [32624]
O58 - SDL:01/11/2013 - 10:22:28 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\Drivers\tosrfec.sys [27032]
O58 - SDL:18/06/2012 - 18:30:56 ---A- . (.TOSHIBA Corporation - tos_sps64.) -- C:\Windows\System32\Drivers\tos_sps64.sys [499096]
O58 - SDL:21/07/2012 - 23:59:02 ---A- . (.TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver.) -- C:\Windows\System32\Drivers\TVALZFL.sys [16768]
O58 - SDL:15/08/2013 - 09:13:32 ----- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS [32832]
O58 - SDL:17/08/2011 - 08:58:26 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\usbser_lowerfltjx64.sys [9216]
O58 - SDL:17/08/2011 - 08:58:22 ---A- . (.Nokia - Filter Driver for Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\usbser_lowerfltx64.sys [9216]
O58 - SDL:22/08/2013 - 12:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808]
O58 - SDL:08/10/2013 - 18:21:06 ---A- . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\Drivers\vmci.sys [85584]
O58 - SDL:18/10/2013 - 12:44:58 ---A- . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\Windows\System32\Drivers\vmnet.sys [24656]
O58 - SDL:18/10/2013 - 12:44:58 ---A- . (.VMware, Inc. - VMware virtual network adapter driver (64-bit).) -- C:\Windows\System32\Drivers\vmnetadapter.sys [20560]
O58 - SDL:18/10/2013 - 12:44:58 ---A- . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\Windows\System32\Drivers\vmnetbridge.sys [46160]
O58 - SDL:18/10/2013 - 12:45:12 ---A- . (.VMware, Inc. - VMware network application interface driver (64-bit).) -- C:\Windows\System32\Drivers\vmnetuserif.sys [30800]
O58 - SDL:09/10/2013 - 08:03:42 ---A- . (.VMware, Inc. - VMware USB driver.) -- C:\Windows\System32\Drivers\vmusb.sys [51256]
O58 - SDL:18/10/2013 - 12:46:18 ---A- . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\Drivers\vmx86.sys [64080]
O58 - SDL:22/08/2013 - 12:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800]
O58 - SDL:08/10/2013 - 18:21:10 ---A- . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\Drivers\vsock.sys [73296]
O58 - SDL:22/08/2013 - 12:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504]
O58 - SDL:17/10/2014 - 09:06:28 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{6ccfd995-07be-49cf-8ad6-1422dc08761a}w64.sys [48784] =>PUP.LinkiDoo
O58 - SDL:26/10/2014 - 22:46:26 ---A- . (.Macrovision Europe Ltd - Macrovision SECURITY Driver.) -- C:\Windows\SysWOW64\drivers\CDAC15BA.SYS [12464]
O58 - SDL:15/09/2014 - 13:12:31 ---A- . (.360安全中心 - 360Efimon Driver.) -- C:\Windows\SysWOW64\drivers\efimon.sys [23752]
O58 - SDL:21/06/2001 - 21:39:02 ---A- . (.Rainbow Technologies, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\Windows\SysWOW64\drivers\SENTINEL.SYS [73728]
O58 - SDL:22/02/2013 - 03:28:26 ---A- . (.VMware, Inc. - VMware Virtual Storage Volume Driver.) -- C:\Windows\SysWOW64\drivers\vstor2-mntapi20-shared.sys [33872]
~ Drivers: 95 Scanned in 00mn 09s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 15/03/2015 - 21:15:36 ---A- . (.Google Inc..) -- C:\Users\omaima\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdm.dll [7959880]
O61 - LFC: 15/03/2015 - 21:18:20 ---A- . (.Hervé Leclerc (HeL).) -- C:\Users\omaima\Downloads\wampserver2.5-Apache-2.4.9-Mysql-5.6.17-php5.5.12-64b.exe [43507845]
O61 - LFC: 16/03/2015 - 21:18:20 ---A- . (...) -- C:\Users\omaima\Downloads\S4\wmap\geoserver-2.6.2.exe [61726186]
O61 - LFC: 17/03/2015 - 21:15:36 ---A- . (...) -- C:\Users\omaima\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 21/03/2015 - 21:18:20 ---A- . (.Nicolas Coolman.) -- C:\Users\omaima\Downloads\ZHPDiag2-2015.3.19.31.exe [6876452] =>.Nicolas Coolman
~ 3808 Fichiers temporaires (Temporary files)
~ Files: 5 Scanned in 03mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.scr> [HKCU\..\open\Command] (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\notepad.exe =>.Microsoft Corporation
~ FASS Keys: 12 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com =>PUP.Istart
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (webssearches) - http://istart.webssearches.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {47927089-16A1-45B6-83F4-D4205C008BBE} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} - (default-search.net) - http://www.default-search.net =>Hijacker.Browsers
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (Sweetpacks) - http://mysearch.sweetpacks.com =>PUP.SweetIM
~ Keys: Scanned in 00mn 00s



---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Users\omaima\Downloads\AutoDesk 2015 Patch-Keygen XForce\xf-adsk2015_x64.exe =>.Crack,Keygen
C:\Users\omaima\Downloads\AutoDesk 2015 Patch-Keygen XForce\xf-adsk2015_x64.exe =>.Crack,Keygen
~ Files: Scanned in 08mn 42s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [208896]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [324096]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1261056]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1063424]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [914432]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [107008]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1212928]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [220672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [70656]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [324096]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [339456]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1576960]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [50688]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [201728]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [164352]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [101376]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [534528]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [223744]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [71680]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [433664]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [306688]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3557376]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [1017856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [629760]
~ Services: 34 Scanned in 00mn 02s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.69CAB7049A5E913FFF1A9A6E7052CED2] [SPRF][10/04/2014] (...) -- C:\ProgramData\1397111347.bdinstall.bin [1867980]
[MD5.3E395DE814AB445C50368E3B277AD855] [SPRF][28/05/2014] (...) -- C:\ProgramData\1401273118.bdinstall.bin [90230]
[MD5.BD8F2B2D44CE2C1E0222BA607C41B0F7] [SPRF][28/05/2014] (...) -- C:\ProgramData\1401273348.bdinstall.bin [243810]
[MD5.D76CA171B39AC530B376390066D6BC18] [SPRF][06/10/2014] (.Object Browser - Sense exe.) -- C:\Users\omaima\AppData\Roaming\MSVGA.exe [1520544] =>PUP.ObjectBrowser
[MD5.FA5620263997A26E1A8BFC6F75EACC18] [SPRF][01/02/2015] (.Tonec Inc. - Internet Download Manager installer.) -- C:\Users\omaima\Desktop\idman621build18.exe [6355128]
[MD5.D2188B49C403E2EF252A0F4F905717D1] [SPRF][07/02/2014] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [117064]
[MD5.D5C3D1D685BF3350D2AB6AFBCA0757AA] [SPRF][13/03/2003] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropFRA.dll [114600]
~ Files: 7 Scanned in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8FEDCB7F-1589-4026-B1F6-68B414F7ABA1}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\omaima\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{E458D887-BB3F-45C5-8BE2-5FCF94856122}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\omaima\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 08s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "5EC33E4FBA7A86F47A7E0FAA48FED2E9" . (.Internet Explorer Toolbar 4.9 by SweetPacks.) -- C:\Windows\Installer\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}\ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 1 Scanned in 00mn 02s



---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7253826FD00B972095260E17EF0DD7BF] [WIS][19/04/2014] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\14651165.msi [2732544] =>PUP.SweetIM
~ WIS: 1 Scanned in 01mn 40s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\snipsmart_RASAPI32 =>PUP.SnipSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\snipsmart_RASMANCS =>PUP.SnipSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateAdvanceElite_RASAPI32 =>PUP.AdvanceElite
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateAdvanceElite_RASMANCS =>PUP.AdvanceElite
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatesnipsmart_RASAPI32 =>PUP.SnipSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatesnipsmart_RASMANCS =>PUP.SnipSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilsnipsmart_RASAPI32 =>PUP.SnipSmart
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilsnipsmart_RASMANCS =>PUP.SnipSmart
~ BTK: 95 Scanned in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110611191111}] (Ge-Force) =>PUP.CrossRider
[HKCR\CLSID\{11111111-1111-1111-1111-110611341129}] (SavePass 1.1) =>PUP.CrossRider
[HKCR\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}] (SmdmF Module) =>PUP.SystemK
~ BCK: 7032 Scanned in 00mn 55s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 13/02/2014 1452408 | (ArcGIS License Manager) . (.Flexera Software LLC.) - C:\Program Files (x86)\ArcGIS\License10.2\bin\lmgrd.exe
SS - | Demand 20/09/2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 21/03/2015 1074480 | (FlexNet Licensing Service) . (.Flexera Software LLC.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
SS - | Demand 13/01/2015 1357104 | (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
SS - | Demand 24/04/2014 203344 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 06/10/2014 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Demand 06/10/2014 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Demand 15/04/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 12/05/2013 822232 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Auto 10/09/2012 655744 | (Internet Mobile. RunOuc) . (...) - C:\Program Files (x86)\Internet Mobile\UpdateDog\ouc.exe
SS - | Auto 12/11/2012 657504 | (Modem HDM EC156. RunOuc) . (...) - C:\Program Files (x86)\Modem HDM EC156\UpdateDog\ouc.exe
SS - | Demand 05/03/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 19/07/2013 116088 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe =>.Toshiba Corporation
SS - | Auto 22/07/1658 0 | (Util AdvanceElite) . (...) - C:\Program Files (x86)\AdvanceElite\bin\utilAdvanceElite.exe =>PUP.AdvanceElite
SS - | Demand 22/07/1658 0 | (wampapache) . (...) - c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
SS - | Demand 22/07/1658 0 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe
SS - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 04/09/2014 597896 | (AdAppMgrSvc) . (.Autodesk Inc..) - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
SR - | Auto 01/10/2013 312448 | (AtherosSvc) . (.Windows (R) Win 7 DDK provider.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 07/02/2014 31192 | (Autodesk Content Service) . (.Autodesk, Inc..) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 15/11/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 15/11/2014 4012248 | (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
SR - | Auto 13/10/2014 36936 | (BackupStack) . (.Just Develop It.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SR - | Auto 22/07/1658 0 | (C-DillaCdaC11BA) . (.Macrovision.) - C:\Windows\system32\drivers\CDAC11BA.exe
SR - | Auto 10/09/2013 19792 | (dts_apo_service) . (...) - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
SR - | Auto 07/10/2014 254016 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
SR - | Auto 27/03/2013 163168 | (GFNEXSrv) . (...) - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
SR - | Auto 15/04/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 14/03/2011 346976 | (HWDeviceService64.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - | Auto 14/03/2012 53312 | (IAM Aegean Modem Device Helper) . (...) - C:\Program Files (x86)\My Connection\BackgroundService\ServiceManager.exe
SR - | Auto 26/10/2014 714208 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
SR - | Auto 12/05/2013 733696 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 04/09/2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 04/09/2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 04/09/2013 390616 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 12/04/2014 230240 | (Mobile Broadband HL Service) . (...) - C:\ProgramData\MobileBrServ\mbbservice.exe
SR - | Auto 20/10/2014 89088 | (postgresql-x64-9.3) . (.PostgreSQL Global Development Group.) - C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe
SR - | Auto 16/08/2013 339456 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SR - | Auto 10/08/2013 328544 | (TOSHIBA eco Utility Service) . (.Toshiba Corporation.) - C:\Program Files\TOSHIBA\Teco\TecoService.exe =>.Toshiba Corporation
SR - | Demand 04/09/2013 466504 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
SR - | Auto 18/10/2013 86096 | (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc
SR - | Auto 22/07/1658 0 | (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\system32\vmnetdhcp.exe
SR - | Auto 09/10/2013 905272 | (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
SR - | Auto 22/07/1658 0 | (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\system32\vmnat.exe
SR - | Auto 18/10/2013 14405200 | (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc
SR - | Demand 01/05/2014 24576 | (wampapache64) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
SR - | Demand 01/05/2014 12942848 | (wampmysqld64) . (...) - c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe
SR - | Demand 22/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
~ Services: Scanned in 01mn 06s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by omaima at 21/03/2015 21:30:50
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
~ Emulateurs: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (19/03/2015)
Clés trouvées (Keys found) : 85
Valeurs trouvées (Values found) : 14
Dossiers trouvés (Folders found) : 26
Fichiers trouvés (Files found) : 80

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611341129}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
[HKLM\SYSTEM\CurrentControlSet\Services\Util AdvanceElite] =>PUP.AdvanceElite^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AdvanceElite] =>PUP.AdvanceElite^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}] =>PUP.SweetIM^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey] =>PUP.LinkeySearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SavePass 1.1] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sense] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager] =>PUP.SystemK^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro] =>PUP.ShopperPro^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic for Windows] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\snipsmart] =>PUP.SnipSmart^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall] =>Hijacker.WebsSearches^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611341129}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622192211}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622192215}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622342229}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611191111}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611341129}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622192211}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622192215}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622342229}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}] =>Adware.Bandoo^
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E7F552EF334C802D75A55F0F6344722] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SPDriver =>PUP.ShopperPro^
C:\Program Files (x86)\AdvanceElite =>PUP.AdvanceElite^
C:\Program Files (x86)\eBay =>Toolbar.eBay^
C:\Program Files (x86)\Ge-Force =>PUP.CrossRider^
C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\SavePass 1.1 =>PUP.CrossRider^
C:\Program Files (x86)\Settings Manager =>PUP.SystemK^
C:\Program Files (x86)\ShopperPro =>PUP.ShopperPro^
C:\Program Files (x86)\snipsmart =>PUP.SnipSmart^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\Program Files (x86)\SweetIM =>PUP.SweetIM^
C:\Program Files (x86)\sweetpacks bundle uninstaller =>PUP.SweetIM^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\ProgramData\ShopperPro =>PUP.ShopperPro^
C:\ProgramData\smdmf =>PUP.SystemK^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\omaima\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\omaima\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\omaima\AppData\Roaming\webssearches =>Hijacker.WebsSearches^
C:\Users\omaima\AppData\Local\globalUpdate =>PUP.GlobalUpdate^
C:\Users\omaima\AppData\Local\Linkey =>PUP.LinkeySearch^
C:\Users\omaima\AppData\Local\Softonic =>Toolbar.Conduit^
C:\Users\omaima\AppData\Local\tbccint =>Toolbar.Conduit^
C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^
C:\Users\omaima\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic =>Toolbar.Conduit^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.1323\jsdrv.exe =>PUP.ShopperPro^
C:\Program Files (x86)\Sense\4d6ce82f-8643-42cf-b1bf-1167c872532a-2.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\4d6ce82f-8643-42cf-b1bf-1167c872532a-5.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate^
C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe =>PUP.MyPCBackup^
C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-1.job =>PUP.CrossRider^
C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-11.job =>PUP.CrossRider^
C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-2 =>PUP.CrossRider^
C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-3.job =>PUP.CrossRider^
C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-4.job =>PUP.CrossRider^
C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-5 =>PUP.CrossRider^
C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\4d6ce82f-8643-42cf-b1bf-1167c872532a-7.job =>PUP.CrossRider^
C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-11.job =>PUP.CrossRider^
C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-2.job =>PUP.CrossRider^
C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-4.job =>PUP.CrossRider^
C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-5.job =>PUP.CrossRider^
C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\975f67fb-c1f2-4531-a952-f5c4aea3d53d-6.job =>PUP.CrossRider^
C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-11.job =>PUP.CrossRider^
C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-2.job =>PUP.CrossRider^
C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-4.job =>PUP.CrossRider^
C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-5.job =>PUP.CrossRider^
C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\a390c6e1-7780-45a5-9876-807c3c0b8d50-6.job =>PUP.CrossRider^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^
[HKCU\Software\AdvanceElite] =>PUP.AdvanceElite^
[HKCU\Software\AppDataLow\Software\Ge-Force] =>PUP.CrossRider^
[HKCU\Software\AppDataLow\Software\SavePass 1.1] =>PUP.CrossRider^
[HKCU\Software\AppDataLow\Software\SmartBar] =>Hijacker.SmartBar^
[HKCU\Software\BitTorrent] =>P2P.BitTorrent^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\ShopperPro] =>PUP.ShopperPro^
[HKCU\Software\SmdmF] =>PUP.SystemK^
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider^
[HKCU\Software\UpdateStar] =>Adware.Boxore^
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^
[HKCU\Software\snipsmart] =>PUP.SnipSmart^
[HKLM\Software\Ge-Force-nv] =>PUP.CrossRider^
[HKLM\Software\Linkey] =>PUP.LinkeySearch^
[HKLM\Software\SavePass 1.1-nv] =>PUP.CrossRider^
[HKLM\Software\Sense-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\2c56e34a-3392-4f09-824a-1aa08ebb85aa] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\74465e3f-8133-4ae5-a14b-97187b0d085c] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\7c967b10-0159-467c-bad4-80bf485eccc4] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\907379b8-c49f-4a4c-bc33-25b81ecba339] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\9ef4a773-47d6-4e0c-bde5-7b3b6fcfb2e3] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\AdvanceElite] =>PUP.AdvanceElite^
[HKLM\Software\Wow6432Node\Ge-Force-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\Wow6432Node\Linkey] =>PUP.LinkeySearch^
[HKLM\Software\Wow6432Node\SavePass 1.1-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Sense-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\SmdmF] =>PUP.SystemK^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\bb1b8b3d-46ab-4dd9-8d90-8c89563be8b5] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\snipsmart] =>PUP.SnipSmart^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Wow6432Node\webssearchesSoftware] =>Hijacker.WebsSearches^
[HKLM\Software\YTDownloader] =>PUP.YTDownloader^
C:\Users\omaima\AppData\Roaming\MSVGA.exe =>PUP.ObjectBrowser^
C:\Windows\Installer\14651165.msi =>PUP.SweetIM^
[HKCR\CLSID\{11111111-1111-1111-1111-110611191111}] (Ge-Force) =>PUP.CrossRider^
[HKCR\CLSID\{11111111-1111-1111-1111-110611341129}] (SavePass 1.1) =>PUP.CrossRider^
[HKCR\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}] (SmdmF Module) =>PUP.SystemK^
C:\Users\omaima\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe =>PUP.SweetIM
C:\Users\omaima\AppData\Local\Temp\1397924312_342222921_646_4.tmp =>PUP.SweetIM
C:\Users\omaima\AppData\Local\Temp\mgsqlite3.dll =>PUP.SweetIM
C:\Users\omaima\AppData\Local\Temp\utt8C28.tmp.exe =>Toolbar.Conduit
~ Additionnel Scan: 1266088 Items scanned in 05mn 13s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>Hijacker.Application
http://nicolascoolman.fr/pup-shopperpro =>PUP.ShopperPro
http://www.nicolascoolman.fr/blog/ =>PUP.Istart
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-bahaty =>PUP.Bahaty
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://www.nicolascoolman.fr/blog/ =>PUP.IePluginService
http://nicolascoolman.fr/pup-advanceelite =>PUP.AdvanceElite
http://nicolascoolman.fr/pup-systemk =>PUP.SystemK
http://nicolascoolman.fr/pup-objectbrowser =>PUP.ObjectBrowser
http://nicolascoolman.fr/pup-ytdownloader =>PUP.YTDownloader
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/pup-sweetim =>PUP.SweetIM
http://nicolascoolman.fr/pup-linkeysearch =>PUP.LinkeySearch
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://nicolascoolman.fr/pup-snipsmart =>PUP.SnipSmart
http://nicolascoolman.fr/hijacker-webssearches =>Hijacker.WebsSearches
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/adware-incredibar =>Adware.IncrediBar
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
http://nicolascoolman.fr/pup-tarma =>PUP.Tarma
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
~ MSI: 32 link(s) detected in 00mn 00s



End of the scan (1920 lines in 24mn 00s)(2.10)

Publicité


Signaler le contenu de ce document

Publicité