cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.2.80 by Nicolas Coolman (2015\07\02)
~ Run by Gwen'g (Administrator) (2015/07/02 20:54:24)
~ Site : http://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Gwen'g\Desktop\ZHPDiag.txt
~ UAC : Deactivate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)

---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v43.0.2357.130
MSIE: Internet Explorer v11.0.9600.16428

---\\ Informations sur les produits Windows (9) - 5s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 1
Windows Activation Technologies : OK

---\\ Logiciels de protection (3) - 1s
Microsoft Security Client v4.8.0204.0
Microsoft Security Essentials v4.8.204.0
Trend Micro Titanium Internet Security v3.00

---\\ Logiciels d'optimisation (1) - 1s
CCleaner v4.19

---\\ Surveillance de Logiciels (1) - 1s
Adobe Flash Player 15 Plugin

---\\ Logiciels de partage P2P (1) - 1s
Pando Media Booster v2.6.0.7

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 6200012
~ System Restore: Activé (Enable)
~ System drive C: has 62 GB free of 286 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: GWENNEGGODEL-PC
~ User Name: Gwen'g
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 62 GB free of 286 GB (System)
~ Drive D: has 123 GB free of 403 GB

---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E6CB36B85BE59095337427E853A5B65A] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2332160]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [295808]

---\\ Processus lancés (25) - 1s
[MD5.CAC04FF26BD3D6521BE79B5B4EB2E53A] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216] [PID.828]
[MD5.FB50E60564ED30DDC855F0CE435C8467] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.0.) -- C:\Windows\system32\nvvsvc.exe [920864] [PID.896]
[MD5.7FCE08C739136C9C64107A8814EF854C] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [414496] [PID.920]
[MD5.F73AE30945F674DF57D2CBFD6397C85F] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe [1171744] [PID.1444]
[MD5.FB50E60564ED30DDC855F0CE435C8467] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.0.) -- C:\Windows\system32\nvvsvc.exe [920864] [PID.1452]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [84536] [PID.1496]
[MD5.7910158929571214A959D5A6D16DD9C0] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1536]
[MD5.54FC81B0162478A72A93DBBEAFB35671] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [1517328] [PID.1776]
[MD5.91CE3F9C53AB08ADAFBAAE443BA0AD1A] - (.Nitro PDF Software - Nitro PDF Spool Service.) -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416] [PID.2108]
[MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.2168]
[MD5.71FF75BAE3D6E362BE3AD07E26C2D00A] - (.Copyright © 2013 - GameScannerService.) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048] [PID.2216]
[MD5.A436F5E7D80BBDBB0826D0F176D5BEA8] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [844560] [PID.2672]
[MD5.B548CAFE52EBFD3AEE173BDA55E91A35] - (.Razer Inc. - RzKLService.exe.) -- C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448] [PID.2696]
[MD5.6564E84B1522C12EA1C3A181ED03276F] - (.Intel(R) Corporation - Turbo Boost Monitor Service.) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe [134928] [PID.1060]
[MD5.918C6F7D4C240FF4D9FBCB8937BD11C3] - (...) -- C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\hnsyAC3D.tmp [165376] [PID.2492] =>Adware.CrossRider
[MD5.2B639342639296899D5488CFFC6914B7] - (...) -- C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\jnsy93DB.tmp [199168] [PID.3188] =>Adware.CrossRider
[MD5.9F7152D8E9894560B9FB99F3DF0C452F] - (...) -- C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\knsuEBD.tmp [122368] [PID.3236] =>Adware.CrossRider
[MD5.69D76CE06BB629B69165C81D83A4B03E] - (.Trend Micro Inc. - Titanium mini-service.) -- C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488] [PID.4344]
[MD5.E852C399D73B84E682816F55C9F8ABB4] - (.Trend Micro Inc. - .) -- C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe [297808] [PID.4368]
[MD5.BB8609D796C1D93561DBFBB11A920168] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2450208] [PID.4556]
[MD5.777788D9B63CCEEEF2DB353BA4EDD454] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14904] [PID.2320]
[MD5.C63E582366EAD77978BFFD959A66DBB8] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1364256] [PID.4664]
[MD5.103F39DB6652A01F08BAA37C3B5260A8] - (...) -- C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020\upgmsd_fr_009010020.exe [3285160] [PID.4500] =>Adware.CrossRider
[MD5.432F4E8794A2EA8A64E4C75EA80B790E] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Gwen'g\AppData\Roaming\uTorrent\uTorrent.exe [1694560] [PID.228]
[MD5.44069C2AC699C8DAD80A96FB1C8DFE57] - (.SoftBrain Technologies Ltd. - SmartWeb Application.) -- C:\Users\Gwen'g\AppData\Local\SmartWeb\SmartWebApp.exe [557088] [PID.3844] =>PUP.SmartWebSearch

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (3) - 1s
G2 - GCE: Extension [User Data\Default] [eiknpkdjaijoilnmlcmkgcelkafbnpbl] ace race =>Adware.Sambreel
G2 - GCE: Extension [User Data\Default] [fleddijeeakbkhkpepocimdkpmjeklke] On Stage =>PUP.OnStage
G2 - GCE: Extension [User Data\Default] [njcppddkcdojnilnknjifcgmnnelhifi] On Stage =>PUP.OnStage

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (10) - 0s
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS.) -- C:\Users\Gwen'g\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.9.2] - (.Oracle Corporation.) -- C:\Windows\SysWOW64\npDeployJava1.dll
P2 - FPN: [HKLM] [@nitropdf.com/NitroPDF] - (.Nitro PDF.) -- C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.0] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

---\\ Opera, Démarrage,Recherche,Plugins (B0,B1,B2) (1) - 0s
B2 - EXT: [nboinfelnglhdhgchcmomigiddalpjka] C:\Users\Gwen'g\AppData\Roaming\Opera Software\Opera Stable\Extensions\nboinfelnglhdhgchcmomigiddalpjka

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (19) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/ =>PUP.StartSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 1s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (34)

---\\ Browser Helper Object de navigateur (BHO) (O2) (2) - 0s
O2 - BHO: (no name) [64Bits] - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} (Orphean)
O2 - BHO: On Stage [64Bits] - {9771c444-42b0-4e23-a7fb-ff707123ab30} (Orphean) =>PUP.OnStage

---\\ Applications lancées au démarrage du sytème (O4) (70) - 1s
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Windesk Winsearch] C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe (.not file.) =>PUP.WindeskWinsearch
O4 - HKLM\..\RunOnce: [ed69b892-0ec1-4e94-a1d9-deec0d80b038] cmd/c rd /s /q C:\Program Files (x86)\ed69b892-0ec1-4e94-a1d9-deec0d80b038 (.not file.)
O4 - HKLM\..\RunOnce: [SmartWeb.lnk] cmd/c erase C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SmartWeb.lnk (.not file.) =>PUP.SmartWebSearch
O4 - HKLM\..\RunOnce: [AnyProtect.exe] cmd/c erase C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\RunOnce: [product.guid] cmd/c erase C:\Program Files (x86)\AnyProtectEx\product.guid (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\RunOnce: [Uninstall.exe] cmd/c erase C:\Users\Gwen'g\AppData\Local\Temp\Uninstall.exe (.not file.)
O4 - HKLM\..\RunOnce: [gamesdesktop_widget.exe] cmd/c erase C:\Program Files (x86)\gmsd_fr_009010020\gamesdesktop_widget.exe (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [gmsd_fr_005010020.exe] cmd/c erase C:\Program Files (x86)\gmsd_fr_005010020\gmsd_fr_005010020.exe (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [predm.exe] cmd/c erase C:\Program Files (x86)\gmsd_fr_009010020\predm.exe (.not file.) =>Adware.Downware
O4 - HKLM\..\RunOnce: [unins000.dat] cmd/c erase C:\Program Files (x86)\gmsd_fr_009010020\unins000.dat (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [unins000.exe] cmd/c erase C:\Program Files (x86)\gmsd_fr_009010020\unins000.exe (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [unins000.msg] cmd/c erase C:\Program Files (x86)\gmsd_fr_009010020\unins000.msg (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [gmsd_fr_009010020.exe] cmd/c erase C:\Program Files (x86)\gmsd_fr_009010020\gmsd_fr_009010020.exe (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [chrome] cmd/c rd /s /q C:\Users\Gwen'g\AppData\LocalLow\gamesagogo_w3i\chrome (.not file.) =>Adware.Agent
O4 - HKLM\..\RunOnce: [components] cmd/c rd /s /q C:\Program Files (x86)\gamesagogo_w3i\components (.not file.) =>Adware.Agent
O4 - HKLM\..\RunOnce: [CrashReports] cmd/c rd /s /q C:\Program Files (x86)\Software\CrashReports (.not file.)
O4 - HKLM\..\RunOnce: [AnyProtectEx] cmd/c rd /s /q C:\Users\Gwen'g\AppData\Roaming\AnyProtectEx (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\RunOnce: [gamesagogo_w3i] cmd/c rd /s /q C:\Users\Gwen'g\AppData\LocalLow\gamesagogo_w3i (.not file.) =>Adware.Agent
O4 - HKLM\..\RunOnce: [gmsd_fr_005010020] cmd/c rd /s /q C:\Users\Gwen'g\AppData\Local\gmsd_fr_005010020 (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [gmsd_fr_009010020] cmd/c rd /s /q C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020 (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [HQPro-1] cmd/c rd /s /q C:\Program Files (x86)\HQPro-1 (.not file.) =>Adware.CrossRider
O4 - HKLM\..\RunOnce: [Software] cmd/c rd /s /q C:\Program Files (x86)\Software (.not file.)
O4 - HKLM\..\RunOnce: [SpyHunter] cmd/c rd /s /q C:\Program Files\Enigma Software Group\SpyHunter (.not file.) =>PUP.EnigmaSoftware
O4 - HKLM\..\RunOnce: [Enigma Software Group] cmd/c rd /s /q C:\Program Files\Enigma Software Group (.not file.) =>PUP.EnigmaSoftware
O4 - HKLM\..\RunOnce: [e6cd0d931a434b178ae56f2e125ad7be] cmd/c erase C:\ProgramData\19a87fa1ec024bbcbb41931263354405\e6cd0d931a434b178ae56f2e125ad7be (.not file.)
O4 - HKLM\..\RunOnce: [b243ee80933744728c5dbcc3f2860e49] cmd/c erase C:\ProgramData\9da5f12d7e994cecb0c7f31e9277ba3f\b243ee80933744728c5dbcc3f2860e49 (.not file.)
O4 - HKLM\..\RunOnce: [ProtectWindowsManager.exe] cmd/c erase C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (.not file.) =>PUP.Fuyu
O4 - HKLM\..\RunOnce: [update] cmd/c rd /s /q C:\ProgramData\WindowsMangerProtect\update (.not file.) =>PUP.Fuyu
O4 - HKLM\..\RunOnce: [19a87fa1ec024bbcbb41931263354405] cmd/c rd /s /q C:\ProgramData\19a87fa1ec024bbcbb41931263354405 (.not file.)
O4 - HKLM\..\RunOnce: [9da5f12d7e994cecb0c7f31e9277ba3f] cmd/c rd /s /q C:\ProgramData\9da5f12d7e994cecb0c7f31e9277ba3f (.not file.)
O4 - HKLM\..\RunOnce: [C5A3BB37E7764FD69BB3D8A75A7BB3E1] cmd/c rd /s /q C:\ProgramData\C5A3BB37E7764FD69BB3D8A75A7BB3E1 (.not file.)
O4 - HKLM\..\RunOnce: [IHProtectUpDate] cmd/c rd /s /q C:\ProgramData\IHProtectUpDate (.not file.) =>Adware.AgentODR
O4 - HKLM\..\RunOnce: [WindowsMangerProtect] cmd/c rd /s /q C:\ProgramData\WindowsMangerProtect (.not file.) =>PUP.Fuyu
O4 - HKLM\..\RunOnce: [GamesDesktop.lnk] cmd/c erase C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP\GamesDesktop.lnk (.not file.) =>Adware.GamesDesktop
O4 - HKLM\..\RunOnce: [GAMESDESKTOP] cmd/c rd /s /q C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP (.not file.) =>Adware.GamesDesktop
O4 - HKLM\..\RunOnce: [{28632291-9C31-4BB8-A1DE-FD057A2FF3FD}] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin\{28632291-9C31-4BB8-A1DE-FD057A2FF3FD} (.not file.)
O4 - HKLM\..\RunOnce: [{48CCB491-0470-477E-B4C4-56C7513219EB}] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin\{48CCB491-0470-477E-B4C4-56C7513219EB} (.not file.)
O4 - HKLM\..\RunOnce: [{685550EF-EBCD-41B6-BB86-F94FEFF679B8}] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin\{685550EF-EBCD-41B6-BB86-F94FEFF679B8} (.not file.)
O4 - HKLM\..\RunOnce: [{78768754-DE92-4714-8279-8F3105A4DFD1}] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin\{78768754-DE92-4714-8279-8F3105A4DFD1} (.not file.)
O4 - HKLM\..\RunOnce: [{83785BF5-9CCF-4BFE-B35E-081A60DB434B}] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin\{83785BF5-9CCF-4BFE-B35E-081A60DB434B} (.not file.)
O4 - HKLM\..\RunOnce: [{8A5FC36B-3E08-45AB-8BAA-A7AFB8853868}] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin\{8A5FC36B-3E08-45AB-8BAA-A7AFB8853868} (.not file.)
O4 - HKLM\..\RunOnce: [{BCA721D4-E56D-4548-ACF4-6258811ADFC1}] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin\{BCA721D4-E56D-4548-ACF4-6258811ADFC1} (.not file.)
O4 - HKLM\..\RunOnce: [{FD75E911-D8C4-41D3-8B07-C6DE43657D1D}] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin\{FD75E911-D8C4-41D3-8B07-C6DE43657D1D} (.not file.)
O4 - HKLM\..\RunOnce: [AI_RecycleBin] cmd/c rd /s /q C:\Windows\SysWOW64\AI_RecycleBin (.not file.)
O4 - HKLM\..\RunOnce: [402.json] cmd/c erase C:\Users\Gwen'g\AppData\Roaming\mystartsearch\402.json (.not file.) =>PUP.StartSearch
O4 - HKLM\..\RunOnce: [MessageBox.xml] cmd/c erase C:\Users\Gwen'g\AppData\Roaming\mystartsearch\MessageBox.xml (.not file.) =>PUP.StartSearch
O4 - HKLM\..\RunOnce: [uninstallDlg2.xml] cmd/c erase C:\Users\Gwen'g\AppData\Roaming\mystartsearch\uninstallDlg2.xml (.not file.) =>PUP.StartSearch
O4 - HKLM\..\RunOnce: [UninstallManager.exe] cmd/c erase C:\Users\Gwen'g\AppData\Roaming\mystartsearch\UninstallManager.exe (.not file.) =>PUP.StartSearch
O4 - HKLM\..\RunOnce: [installer] cmd/c rd /s /q C:\Users\Gwen'g\AppData\Roaming\AnyProtectEx\installer (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\RunOnce: [language] cmd/c rd /s /q C:\Users\Gwen'g\AppData\Roaming\AnyProtectEx\language (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\RunOnce: [logs] cmd/c rd /s /q C:\Users\Gwen'g\AppData\Roaming\AnyProtectEx\logs (.not file.) =>PUP.AnyProtect
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Gwen'g\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_252F8AF4D0265A1169AF678F8A8EB545] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_65A18160625952E7915461F0CA25A608] C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowse
O4 - HKLM\..\Wow6432Node\Run: [SmartWeb] C:\Users\Gwen'g\AppData\Local\SmartWeb\SmartWebHelper.exe (.not file.) =>PUP.SmartWebSearch
O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_009010020.exe] . (...) -- C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020\upgmsd_fr_009010020.exe =>Adware.CrossRider
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4882581-3073459929-3602348364-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-4882581-3073459929-3602348364-1000\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (.not file.)
O4 - HKUS\S-1-5-21-4882581-3073459929-3602348364-1000\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background (.not file.)
O4 - HKUS\S-1-5-21-4882581-3073459929-3602348364-1000\..\Run: [MediaGet2] C:\Users\UpdatusUser\AppData\Local\MediaGet2\mediaget.exe (.not file.) =>PUP.MediaGet
O4 - HKUS\S-1-5-21-4882581-3073459929-3602348364-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-4882581-3073459929-3602348364-1000\..\RunOnce: [Uninstall C:\Users\Gwenneg Godel.Gwenneggodel-PC\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKUS\S-1-5-21-4882581-3073459929-3602348364-1000\..\RunOnce: [Uninstall C:\Users\Gwenneg Godel.Gwenneggodel-PC\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe

---\\ Raccourcis Global Startup (O4G) (8) - 2s
O4 - GS\sendTo [Administrateur]: AnySend.lnk . (...) C:\Program Files (x86)\AnySend\AnySendUI.exe =>PUP.ASPackage
O4 - GS\Startup [Administrateur]: SmartWeb.lnk . (...) C:\Users\Gwen'g\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWebSearch
O4 - GS\sendTo [Gwen'g]: AnySend.lnk . (...) C:\Program Files (x86)\AnySend\AnySendUI.exe =>PUP.ASPackage
O4 - GS\Startup [Gwen'g]: SmartWeb.lnk . (...) C:\Users\Gwen'g\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWebSearch
O4 - GS\sendTo [Invité]: AnySend.lnk . (...) C:\Program Files (x86)\AnySend\AnySendUI.exe =>PUP.ASPackage
O4 - GS\Startup [Invité]: SmartWeb.lnk . (...) C:\Users\Gwen'g\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWebSearch
O4 - GS\sendTo [UpdatusUser]: AnySend.lnk . (...) C:\Program Files (x86)\AnySend\AnySendUI.exe =>PUP.ASPackage
O4 - GS\Startup [UpdatusUser]: SmartWeb.lnk . (...) C:\Users\Gwen'g\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWebSearch

---\\ Modification Domaine/Adresses DNS (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1

---\\ Protocole additionnel (O18) (2) - 0s
O18 - Handler: tmbp [64Bits] - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} . (.Trend Micro Inc. - Trend Micro Browser Plug-In (IE).) -- C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
O18 - Handler: tmpx [64Bits] - {0E526CB5-7446-41D1-A403-19BFE95E8C23} . (.Trend Micro Inc. - Trend Micro NSC IE Plug-In.) -- C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\ProgramData\TomorrowGames\TomorrowGames64.dll (.not file.) =>PUP.TomorrowGames

---\\ Liste des services NT non Microsoft et non désactivés (O23) (29) - 1s
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) . (.IObit - Advanced SystemCare Service.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: AFBAgent (AFBAgent) . (.ASUSTeK Computer Inc. - ASUS FastBoot.) - C:\Windows\system32\FBAgent.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) . (.ASUS - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Visit Signal (cipoqilu) . (...) - C:\Users\Gwen'g\AppData\Local\CE7ACE80-1429976751-81E0-32B2-5404A6081E81\snsc2F6C.tmp (.not file.) =>Adware.CrossRider
O23 - Service: Sharpen Lid (dijekehy) . (...) - C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1429969252-81E0-32B2-5404A6081E81\jnsl19B8.tmp (.not file.) =>Adware.CrossRider
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Alphabet Key Margin (gohocehu) . (...) - C:\Users\Gwen'g\AppData\Local\CE7ACE80-1429976734-81E0-32B2-5404A6081E81\cnscFBA2.tmp (.not file.) =>Adware.CrossRider
O23 - Service: Kerning Down (gopibeko) . (...) - C:\Users\Gwen'g\AppData\Local\CE7ACE80-1435693261-81E0-32B2-5404A6081E81\snspA165.tmp (.not file.) =>Adware.CrossRider
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Technologie de stockage Intel(R) Rapid (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IMF Service (IMFservice) . (.IObit - IObit Malware Fighter Service.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
O23 - Service: Asterisk Enable (nucekyjo) . (...) - C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1429969252-81E0-32B2-5404A6081E81\nsf9EF8.tmp (.not file.) =>Adware.CrossRider
O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 327.0.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe (.not file.)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) . (.Copyright © 2013 - GameScannerService.) - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: rTiSPm (rTiSPm) . (...) - C:\ProgramData\xcrpyHVbH\rTiSPm.exe (.not file.)
O23 - Service: RzKLService (RzKLService) . (.Razer Inc. - RzKLService.exe.) - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) . (.Intel(R) Corporation - Turbo Boost Monitor Service.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: Encyclopaedia Enter (vicoqudu) . (...) - C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\hnsyAC3D.tmp =>Adware.CrossRider
O23 - Service: Typewriter High Resolution (zejytose) . (...) - C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\jnsy93DB.tmp =>Adware.CrossRider
O23 - Service: Unauthorised Access Stroke (zuhekojy) . (...) - C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\knsuEBD.tmp =>Adware.CrossRider

---\\ Tâches planifiées en automatique (O39) (76) - 4s
[MD5.6259A5B669AE018A5E53247259A101C3] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.00000000000000000000000000000000] [APT] [ASC7_PerformanceMonitor] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe (.not file.) [0]
[MD5.F3748043289FF4DAAB824269FAE0CD58] [APT] [ASC7_SkipUac_Gwen'g] (.IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [4486944]
[MD5.00000000000000000000000000000000] [APT] [Bidaily Synchronize Task[3c32]] (.IObit.) -- c:\programdata\{4b2929bb-e5f5-e40f-4b29-929bbe5fa6ef}\hqghumeaylnlf.exe (.not file.) [0] =>PUP.BidailySync
[MD5.00000000000000000000000000000000] [APT] [Bidaily Synchronize Task[8da6]] (.IObit.) -- c:\programdata\{caa030ad-aff4-98fa-caa0-030adaffc2b6}\hqghumeaylnlf.exe (.not file.) [0] =>PUP.BidailySync
[MD5.00000000000000000000000000000000] [APT] [Bidaily Synchronize Task[973b]] (.IObit.) -- c:\programdata\{443b9867-53cd-1249-443b-b986753c619d}\rld-wwe15c.exe (.not file.) [0] =>PUP.BidailySync
[MD5.00000000000000000000000000000000] [APT] [bRDec4jr3GCse2Z] (.IObit.) -- C:\Users\Gwen'g\AppData\Roaming\I8TS742\YcuWzJl.exe (.not file.) [0]
[MD5.D87E0BF2E8BB7E5C49E79F32F8FEAFC4] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4826904]
[MD5.00000000000000000000000000000000] [APT] [DingRing] (.Piriform Ltd.) -- c:\programdata\{408b05b1-5a36-b5a6-408b-b05b15a316c5}\2485118312030358906b.exe (.not file.) [0]
[MD5.D715C5ECFF8C895859081FF72919D13A] [APT] [Driver Booster SkipUAC (Gwen'g)] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [3819328]
[MD5.D715C5ECFF8C895859081FF72919D13A] [APT] [Driver Booster SkipUAC (SystŠme)] (.IObit.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [3819328]
[MD5.00000000000000000000000000000000] [APT] [DWCSYTTKQ1] (.IObit.) -- C:\ProgramData\TomorrowGames\TomorrowGames.exe (.not file.) [0] =>PUP.TomorrowGames
[MD5.FCC7C432FBF465C38FD5D940580EF9B7] [APT] [FacebookUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1001Core] (.Facebook Inc..) -- C:\Users\Gwenneg godel\AppData\Local\Facebook\Update\FacebookUpdate.exe [137536]
[MD5.FCC7C432FBF465C38FD5D940580EF9B7] [APT] [FacebookUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1001UA] (.Facebook Inc..) -- C:\Users\Gwenneg godel\AppData\Local\Facebook\Update\FacebookUpdate.exe [137536]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1005Core] (.Facebook Inc..) -- C:\Users\gwenneg\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1005UA] (.Facebook Inc..) -- C:\Users\gwenneg\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1008Core] (.Facebook Inc..) -- C:\Users\Gwenneg Godel.Gwenneggodel-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1008UA] (.Facebook Inc..) -- C:\Users\Gwenneg Godel.Gwenneggodel-PC\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [0]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1005Core] (.Google Inc..) -- C:\Users\gwenneg\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1005UA] (.Google Inc..) -- C:\Users\gwenneg\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1007Core] (.Google Inc..) -- C:\Users\Gwenneg_2\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-4882581-3073459929-3602348364-1007UA] (.Google Inc..) -- C:\Users\Gwenneg_2\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.817468B3E01928EE9A64557657FF4F11] [APT] [LXRXMIKAFVTNHJBS] (.All rights reserved..) -- C:\ProgramData\Service1104\Service1104.exe [80896] =>Adware.Graftor
[MD5.2D08AC1443FFA7FBED9A5EA5FD49AEB3] [APT] [{62619E77-FF43-4EA3-81C2-5AC4807F335A}] (.Google Inc..) -- c:\Users\gwenneg\AppData\Local\Google\Chrome\application\chrome.exe [1242728]
O39 - APT: Bidaily Synchronize Task[3c32] - (.IObit.) -- C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job [342] =>PUP.BidailySync
O39 - APT: Bidaily Synchronize Task[8da6] - (.IObit.) -- C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job [342] =>PUP.BidailySync
O39 - APT: Bidaily Synchronize Task[973b] - (.IObit.) -- C:\Windows\Tasks\Bidaily Synchronize Task[973b].job [336] =>PUP.BidailySync
O39 - APT: DWCSYTTKQ1 - (.IObit.) -- C:\Windows\Tasks\DWCSYTTKQ1.job [356]
O39 - APT: LXRXMIKAFVTNHJBS - (.All rights reserved..) -- C:\Windows\Tasks\LXRXMIKAFVTNHJBS.job [344] =>Adware.Graftor
O39 - APT: ASC7_SkipUac_Gwen'g - (.IObit.) -- C:\Windows\System32\Tasks\ASC7_SkipUac_Gwen'g [2856]
O39 - APT: Bidaily Synchronize Task[3c32] - (.IObit.) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[3c32] [3256] =>PUP.BidailySync
O39 - APT: Bidaily Synchronize Task[8da6] - (.IObit.) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6] [3256] =>PUP.BidailySync
O39 - APT: Bidaily Synchronize Task[973b] - (.IObit.) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b] [3250] =>PUP.BidailySync
O39 - APT: bRDec4jr3GCse2Z - (.IObit.) -- C:\Windows\System32\Tasks\bRDec4jr3GCse2Z [3240]
O39 - APT: Driver Booster SkipUAC (Gwen'g) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (Gwen'g) [2856]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (Système) [2860]
O39 - APT: DWCSYTTKQ1 - (.IObit.) -- C:\Windows\System32\Tasks\DWCSYTTKQ1 [2878]
O39 - APT: LXRXMIKAFVTNHJBS - (.All rights reserved..) -- C:\Windows\System32\Tasks\LXRXMIKAFVTNHJBS [3380] =>Adware.Graftor
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe [3092]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe [3090]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe [3118]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe [3062]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe [3060]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\PenWes [2970]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\SidebarExecute [3150]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Taplika lino [4124] =>PUP.Taplika
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\UMvhQA9fttyqdlP [3282]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_Gwen'g [2888]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Updater19962.exe [3850]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{76177B22-0FB7-4BBB-8D77-495DAAC3C64A} [3996]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\WIN-fdfEfEfAfC [3186]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\WIN-fIGbfFfEGCfFGEGbfCfE [3186]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\WIN-statsSystem [3238]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\ZDTBpxAY0kjLpJb [3242]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{01DFB8D8-D427-47FB-A65A-29C8CA53CE91} [3150]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{0A7A2C4B-DF0B-48BC-8272-1654D3C9C32D} [2968]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{0ED63CCF-CCAE-4F49-BCA8-6F76342BB0EB} [3184]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{1249BE10-542B-4EA0-9689-8833A71F7702} [3250]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{130FE78C-66ED-450B-8BE2-A950C49B38F2} [3210]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{1484194C-0624-40F7-8690-2C20E71D7D87} [3272]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{1EF94DC2-3E57-4AE2-80AC-FAA888526617} [3178]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{36AF7261-5352-4D3F-912C-4AAF8900689C} [3200]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{418B1B47-54EA-4972-AC7F-AF748C240154} [3160]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{47D4AF41-F2A3-4788-8F48-79909CA69A65} [3150]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{522BE010-B86A-496D-9719-5A2905635706} [3146]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{65EC6A08-80C3-4225-A146-FA58E377A483} [3256]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{6767137C-67BD-48DD-8203-730D5EE9413A} [3150]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{758312FE-174F-4634-828F-80D4432DDBB1} [3046]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{8CAC8378-B932-49EE-9EC8-DC4E7FC4CFC2} [2968]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{903FE047-8795-43AD-8A3D-F63E680B7A1D} [3164]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{E8D56873-C7F9-48EF-ADBA-3F872AA6D81F} [2968]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{E964E542-0CAB-40C4-B889-4CB2823CD456} [3178]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{F3A6166A-AED1-4F6D-B25E-3F1232634D1C} [2968]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{F5FAC84A-C720-435E-8285-A81ED7E24A51} [3258]

---\\ Logiciels installés (O42) (140) - 13s
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Module linguistique de la visionneuse d'aide Microsoft 1.0 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Help Viewer 1.0 Language Pack - FRA
O42 - Logiciel: Centre Souris et Claviers Microsoft - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Mouse and Keyboard Center
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Intel PROSet Wireless - (...) [HKLM][64Bits] -- ProInst
O42 - Logiciel: Fast Boot - (.ASUS.) [HKLM][64Bits] -- {13F4A7F3-EABC-4261-AF6B-1317777F0755}
O42 - Logiciel: Microsoft System CLR Types pour SQL Server 2014 - (.Microsoft Corporation.) [HKLM][64Bits] -- {1FF1A3CB-22D0-40BC-B4AF-A55D094BC049}
O42 - Logiciel: Java(TM) 6 Update 39 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416039FF}
O42 - Logiciel: Java 8 Update 40 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418040F0}
O42 - Logiciel: Intel(R) Turbo Boost Technology Monitor - (.Intel.) [HKLM][64Bits] -- {39F4C6F9-618A-4E5B-8FB2-6BD661174E32}
O42 - Logiciel: Intel(R) PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {3C41721F-AF0F-4086-AA1C-4C7F29076228}
O42 - Logiciel: Microsoft Xbox 360 Accessories 1.2 - (.Microsoft.) [HKLM][64Bits] -- {45CD67FD-3218-4207-A0A2-BC41245189E3}
O42 - Logiciel: Windows Software Development Kit DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}
O42 - Logiciel: Module linguistique du modèle objet Microsoft Team Foundation Server 2013 U - (.Microsoft Corporation.) [HKLM][64Bits] -- {557E39EA-1E25-39F1-9DFE-EB4823649EBB}
O42 - Logiciel: Java SE Development Kit 8 Update 40 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180400}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {75104836-CAC7-444E-A39E-3F54151942F5}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {96F4525A-470D-F15C-796E-58D9988C3E5F}
O42 - Logiciel: ASUS Power4Gear Hybrid - (.ASUS.) [HKLM][64Bits] -- {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
O42 - Logiciel: Nitro Reader 3 - (.Nitro.) [HKLM][64Bits] -- {9EA981E5-EE67-4662-86F1-58937D31FE07}
O42 - Logiciel: Trend Micro Titanium Internet Security - (.Trend Micro Inc..) [HKLM][64Bits] -- {ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}
O42 - Logiciel: Trend Micro Titanium Internet Security - (.Trend Micro Inc..) [HKLM][64Bits] -- {ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}
O42 - Logiciel: NVIDIA Pilote 3D Vision 327.02 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote graphique 327.02 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Mises à jour NVIDIA 1.14.17 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Windows Software Development Kit DirectX x64 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {B74B199A-EDD4-B657-E055-327D454402D2}
O42 - Logiciel: Microsoft Team Foundation Server 2013 Update 4 Object Model (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C0DE47ED-AFAF-3B17-8268-D5BFDEC404A8}
O42 - Logiciel: Build Tools - amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {CC1F74DF-058F-406C-BC7D-F14D6E5F7CBD}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
O42 - Logiciel: Build Tools Language Resources - amd64 - (.Microsoft Corporation.) [HKLM][64Bits] -- {E43BBAEB-4914-44C6-88C0-E7A1DBD20A91}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: Microsoft System CLR Types pour SQL Server 2012 (x64) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F6DA7ACD-4377-477F-9422-6A7AB9E6DF1E}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 15 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: ASUS K3 Series ScreenSaver - (.ASUS.) [HKLM][64Bits] -- ASUS K3 Series ScreenSaver
O42 - Logiciel: ASUS WebStorage - (.eCareme Technologies, Inc..) [HKLM][64Bits] -- ASUS WebStorage
O42 - Logiciel: BitRaider Web Client - (.BitRaider, LLC.) [HKLM][64Bits] -- BitRaider Web Client
O42 - Logiciel: Bookworm Deluxe - (.Oberon Media Inc..) [HKLM][64Bits] -- Bookworm Deluxe
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite
O42 - Logiciel: Dream Pinball 3D Demo - (...) [HKLM][64Bits] -- Dream Pinball 3D Demo
O42 - Logiciel: Driver Booster - (.IObit.) [HKLM][64Bits] -- Driver Booster_is1
O42 - Logiciel: FormatFactory 3.1.1 - (.Free Time.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Haali Media Splitter - (...) [HKLM][64Bits] -- HaaliMkx
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM][64Bits] -- IL Download Manager
O42 - Logiciel: IL Shared Libraries - (.Image-Line.) [HKLM][64Bits] -- IL Shared Libraries
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: IObit Malware Fighter - (.IObit.) [HKLM][64Bits] -- IObit Malware Fighter_is1
O42 - Logiciel: IrfanView (remove only) - (.Irfan Skiljan.) [HKLM][64Bits] -- IrfanView
O42 - Logiciel: Module linguistique de la visionneuse d'aide Microsoft 2.1 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- Module linguistique de la visionneuse d'aide Microsoft 2.1 - FRA
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM][64Bits] -- PunkBusterSvc
O42 - Logiciel: Razer Cortex - (.Razer Inc..) [HKLM][64Bits] -- Razer Cortex_is1
O42 - Logiciel: VLC media player 2.0.0 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: WinRAR 5.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Types CLR du système Microsoft pour SQL Server 2012 - (.Microsoft Corporation.) [HKLM][64Bits] -- {06E862CA-3920-4745-9C26-2DE51B50057E}
O42 - Logiciel: ASUS Splendid Video Enhancement Technology - (.ASUS.) [HKLM][64Bits] -- {0969AF05-4FF6-4C00-9406-43599238DE0D}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79}
O42 - Logiciel: ASUS LifeFrame3 - (.ASUS.) [HKLM][64Bits] -- {1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
O42 - Logiciel: Microsoft Portable Library Multi-Targeting Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {205A8E25-7ABE-30AB-929E-80A63A7AFBE3}
O42 - Logiciel: Wireless Console 3 - (.ASUS.) [HKLM][64Bits] -- {20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM][64Bits] -- {24554447-718C-4EE5-A376-0000014A88D8}
O42 - Logiciel: Skype™ 7.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Behaviors SDK (Windows) for Visual Studio 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {28C7344F-E894-4CF5-8D05-EDC7ED71796C}
O42 - Logiciel: ASUS FancyStart - (.ASUSTeK Computer Inc..) [HKLM][64Bits] -- {2B81872B-A054-48DA-BE3B-FA5C164C303A}
O42 - Logiciel: syncables desktop SE - (.syncables.) [HKLM][64Bits] -- {341697D8-9923-445E-B42A-529E5A99CB7A}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {343666E2-A059-48AC-AD67-230BF74E2DB2}
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps - (.Microsoft Corporation.) [HKLM][64Bits] -- {37464E70-B0B9-9DFF-649A-CBE169BAD657}
O42 - Logiciel: ASUS AI Recovery - (.ASUS.) [HKLM][64Bits] -- {38253529-D97D-4901-AE53-5CC9736D3A2E}
O42 - Logiciel: Star Wars: The Old Republic - (.Electronic Arts, Inc..) [HKLM][64Bits] -- {3B11D799-48E0-48ED-BFD7-EA655676D8BB}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Noise Reduction Plug-In 2.0 - (.Sony.) [HKLM][64Bits] -- {4067FB80-133F-11E2-AFA8-1040F3E7010F}
O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: Module linguistique de la visionneuse d'aide Microsoft 2.1 - FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {4727EDB7-0478-31CF-AD6C-346D29254144}
O42 - Logiciel: Microsoft C++ REST SDK for Visual Studio 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {4781443E-204D-4D98-8899-18A123C13B1E}
O42 - Logiciel: Visual Studio 2013 Update 4 (KB2829760) - (.Microsoft Corporation.) [HKLM][64Bits] -- {53d408db-eb91-43fb-9d8f-167681c19763}
O42 - Logiciel: Amnesia - The Dark Descent - (.Frictional Games.) [HKLM][64Bits] -- {54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {56AD3004-0B49-967F-F682-B05650B61A78}
O42 - Logiciel: Behaviors SDK (Windows Phone) for Visual Studio 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {594DB57D-58D1-4AA3-AE6C-BF99484F52F8}
O42 - Logiciel: Windows Software Development Kit - (.Microsoft Corporation.) [HKLM][64Bits] -- {5D5CFAD6-9F93-8C63-3EB0-B6A0D3D4BD12}
O42 - Logiciel: TypeScript Power Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {6098D454-CB7B-44C2-8615-D869FD9655C7}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: LocalESPC - (.Microsoft Corporation.) [HKLM][64Bits] -- {62910715-63E3-0AB0-0B29-99140DE1C15E}
O42 - Logiciel: Realtek USB 2.0 Reader Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {62BBB2F0-E220-4821-A564-730807D2C34D}
O42 - Logiciel: ASUS SmartLogon - (.ASUS.) [HKLM][64Bits] -- {64452561-169F-4A36-A2FF-B5E118EC65F5}
O42 - Logiciel: Microsoft Report Viewer Add-On for Visual Studio 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {73629F80-9DFE-421A-908B-C71FBD243E5A}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Module linguistique des composants partagés Microsoft Azure pour Visual Stu - (.Microsoft Corporation.) [HKLM][64Bits] -- {783E7C28-51B2-4C00-B11F-A779B37ED6EC}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Microsoft Azure Shared Components for Visual Studio 2013 - v1.3 - (.Microsoft Corporation.) [HKLM][64Bits] -- {7A05796B-4FB2-4BAE-8CDC-28F7ABBC6EF3}
O42 - Logiciel: Modèle de redirection de Python Tools - (.Microsoft Corporation.) [HKLM][64Bits] -- {7A2DFB95-3800-47ED-8C1B-5819D4C061A0}
O42 - Logiciel: Visual Studio Extensions for Windows Library for JavaScript - (.Microsoft Corporation.) [HKLM][64Bits] -- {7AE61976-6FE2-4B65-9E1C-4DE44288772B}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {7BBAEC47-1CC0-4CB8-ADB4-531B78DBD1DD}
O42 - Logiciel: Facebook Video Calling 1.2.0.159 - (.Skype Limited.) [HKLM][64Bits] -- {7CAC6A44-C3DE-4153-ACA6-7524602C789E}
O42 - Logiciel: Entity Framework 6.1.1 Tools for Visual Studio 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {85253F13-EE42-4850-A3A5-79B90E92D7AC}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Software Engine - (.The Advertising Network.) [HKLM][64Bits] -- {8848B3CD-4464-414F-953C-966678634540}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: Microsoft System CLR Types pour SQL Server 2014 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8EDDAAF5-6C54-4D2E-BF39-D7F3E5213C4E}
O42 - Logiciel: WinFlash - (.ASUS.) [HKLM][64Bits] -- {8F21291E-0444-4B1D-B9F9-4370A73E346D}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: Windows Software Development Kit - (.Microsoft Corporation.) [HKLM][64Bits] -- {984022F2-9BCA-A41D-6A38-1AE658F01415}
O42 - Logiciel: Windows Software Development Kit for Windows Store Apps - (.Microsoft Corporation.) [HKLM][64Bits] -- {99FCCA2B-F1FD-E66E-E3B9-AA57FBBF2E66}
O42 - Logiciel: VS Update core components - (.Microsoft Corporation.) [HKLM][64Bits] -- {9F7DE660-6BFE-3BA2-A93D-4F13BD13E10B}
O42 - Logiciel: Windows Software Development Kit DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {A1CB8286-CFB3-A985-D799-721A0F2A27F3}
O42 - Logiciel: Windows Software Development Kit DirectX x86 Remote - (.Microsoft Corporation.) [HKLM][64Bits] -- {A6030DAD-1600-F767-C8DD-C722ADFE8FBC}
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
O42 - Logiciel: Build Tools - x86 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B255880F-8C5E-4FAF-8F9C-7DBA635B2615}
O42 - Logiciel: OpenOffice 4.1.0 - (.Apache Software Foundation.) [HKLM][64Bits] -- {B3B009FC-6909-4E00-9F43-FFB5CA93D606}
O42 - Logiciel: Facebook Video Calling 1.2.0.287 - (.Skype Limited.) [HKLM][64Bits] -- {B92C5909-1D37-4C51-8397-A28BB28E5DC3}
O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM][64Bits] -- {C60F3836-333A-4AE2-B526-CFDBA143A9BA}
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D0774B8F-13DF-11E2-A943-005056C00008}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Composants requis pour SSDT - (.Microsoft Corporation.) [HKLM][64Bits] -- {D2B694C7-21FB-4E7C-B207-EBC1CB0EBA79}
O42 - Logiciel: Build Tools Language Resources - x86 - (.Microsoft Corporation.) [HKLM][64Bits] -- {D37FDF2F-8766-4BDF-A0E3-A60BDBB630ED}
O42 - Logiciel: Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 FRA - (.Microsoft Corporation.) [HKLM][64Bits] -- {D60023FA-3DF1-4537-93DD-13024CC4E366}
O42 - Logiciel: Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9706C72-EB6E-37CC-8E21-FCDC0F9F93EE}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Asmedia ASM104x USB 3.0 Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}
O42 - Logiciel: ASUS Virtual Camera - (.asus.) [HKLM][64Bits] -- {EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
O42 - Logiciel: PowreShellIntegration.Notifications - (.Microsoft Corporation.) [HKLM][64Bits] -- {ED8DFB38-C87B-42B3-A33E-B20DF935C055}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Windows XP Targeting with C++ - (.Microsoft Corporation.) [HKLM][64Bits] -- {F361FE04-789E-42F3-BBAB-E7B380AA5E06}
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: ASUS Live Update - (.ASUS.) [HKLM][64Bits] -- {FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
O42 - Logiciel: Composants requis pour SSDT - (.Microsoft Corporation.) [HKLM][64Bits] -- {FAFA0B40-AF76-4158-9DFA-1D2052CD0963}
O42 - Logiciel: WinUtilities Free Edition 11.33 - (.YL Computing, Inc.) [HKLM][64Bits] -- {FC274982-5AAD-4C20-848D-4424A5043010}_is1
O42 - Logiciel: Price Meter (remove only) - (.Price Meter.) [HKCU][64Bits] -- Price Meter
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent

---\\ HKCU & HKLM Software Keys (139) - 13s
HKLM\SOFTWARE\Wow6432Node\Activision
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AIM Toolbar
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\Dofus 2
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\IrfanView
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\MaxPower
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\Mircrosoft
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NCH Software
HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound
HKLM\SOFTWARE\Wow6432Node\Nitro
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\NuGet
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\Oberon Media
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenOffice
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\Pando Networks
HKLM\SOFTWARE\Wow6432Node\PENSEWEB
HKLM\SOFTWARE\Wow6432Node\PJ
HKLM\SOFTWARE\Wow6432Node\Plus Video HD 1.8cV22.04-nv-ie =>Adware.CrossRider
HKLM\SOFTWARE\Wow6432Node\Propellerhead Software
HKLM\SOFTWARE\Wow6432Node\Razer
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Reg
HKLM\SOFTWARE\Wow6432Node\Riot Games
HKLM\SOFTWARE\Wow6432Node\searchult =>PUP.Optional
HKLM\SOFTWARE\Wow6432Node\SecureDigitalServices
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SoftVoice
HKLM\SOFTWARE\Wow6432Node\Sony Creative Software
HKLM\SOFTWARE\Wow6432Node\Sony Media Software
HKLM\SOFTWARE\Wow6432Node\SpeedBit
HKLM\SOFTWARE\Wow6432Node\syncables
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\TweakBit
HKLM\SOFTWARE\Wow6432Node\Ubisoft
HKLM\SOFTWARE\Wow6432Node\Valve
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WajIntEnhance =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\WinU
HKLM\SOFTWARE\Wow6432Node\WombatUpdater
HKLM\SOFTWARE\Wow6432Node\Even Balance
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Ankama
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Browser =>Adware.CrossRider
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\clR0Q0TtmGte87lRGYx
HKCU\SOFTWARE\Clubic
HKCU\SOFTWARE\ComNotificationV26.04
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\ECAREME
HKCU\SOFTWARE\FileOpen
HKCU\SOFTWARE\FLEXnet
HKCU\SOFTWARE\FLT
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\IO Interactive
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Kromtech
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Media+PlayerVidEd2.5-nv =>Adware.CrossRider
HKCU\SOFTWARE\Minecraft
HKCU\SOFTWARE\mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MP3DO
HKCU\SOFTWARE\mr fun
HKCU\SOFTWARE\mrfun
HKCU\SOFTWARE\Nico Mak Computing
HKCU\SOFTWARE\NITRO
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\OpenOffice
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Pando Networks
HKCU\SOFTWARE\PhotoFiltre Studio X
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Plus Video HD 1.8cV22.04-nv =>Adware.CrossRider
HKCU\SOFTWARE\Plus Video HD 1.8cV22.04-nv-ie =>Adware.CrossRider
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\SimplyTech =>PUP.SimplyTech
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\SoftVoice
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\SystemNotifierV10.03 =>PUP.SystemNotifier
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\TeleCharger_v2
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\TrendMicro
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Tutorials =>PUP.AgenceExclusive
HKCU\SOFTWARE\Ubisoft
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\WajIntEnhance =>PUP.Wajam
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\Zeon
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/ (462) - 21s
O43 - CFD: 2015/01/11 - 13:56:47 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/07/02 - 20:18:25 - [] D -- C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 2015/07/01 - 21:48:24 - [] D -- C:\Program Files (x86)\ASUS
O43 - CFD: 2015/07/02 - 14:27:07 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/11/10 - 16:39:07 - [] D -- C:\Program Files (x86)\DAEMON Tools Lite
O43 - CFD: 2015/07/02 - 20:29:00 - [0] D -- C:\Program Files (x86)\ed69b892-0ec1-4e94-a1d9-deec0d80b038 =>Adware.CrossRider
O43 - CFD: 2013/07/07 - 16:18:07 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 2015/02/14 - 10:20:41 - [] D -- C:\Program Files (x86)\gamesagogo_w3i =>Adware.Agent
O43 - CFD: 2015/07/02 - 20:14:26 - [] D -- C:\Program Files (x86)\gmsd_fr_005010020 =>Adware.CrossRider
O43 - CFD: 2015/07/02 - 19:45:06 - [] D -- C:\Program Files (x86)\gmsd_fr_009010020 =>Adware.CrossRider
O43 - CFD: 2015/02/06 - 23:28:02 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2013/01/16 - 14:46:18 - [] D -- C:\Program Files (x86)\Haali
O43 - CFD: 2015/02/14 - 10:20:47 - [0] D -- C:\Program Files (x86)\HQPro-1 =>Adware.CrossRider
O43 - CFD: 2014/04/12 - 14:09:15 - [] D -- C:\Program Files (x86)\Image-Line
O43 - CFD: 2014/06/11 - 18:16:31 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/04/21 - 16:44:08 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2013/12/08 - 13:34:52 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/01/11 - 15:31:15 - [] D -- C:\Program Files (x86)\IObit
O43 - CFD: 2015/06/15 - 12:08:49 - [] D -- C:\Program Files (x86)\IrfanView
O43 - CFD: 2012/08/21 - 16:38:27 - [] D -- C:\Program Files (x86)\JoWood
O43 - CFD: 2014/04/20 - 14:53:49 - [] D -- C:\Program Files (x86)\MarkAny
O43 - CFD: 2014/04/27 - 22:48:18 - [0] D -- C:\Program Files (x86)\Microsoft
O43 - CFD: 2015/06/13 - 01:15:01 - [] D -- C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 2015/06/16 - 21:48:32 - [0] D -- C:\Program Files (x86)\Microsoft Games
O43 - CFD: 2015/03/11 - 00:35:35 - [] D -- C:\Program Files (x86)\Microsoft Help Viewer
O43 - CFD: 2014/11/09 - 15:29:08 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/03/11 - 00:58:41 - [] D -- C:\Program Files (x86)\Microsoft SDKs
O43 - CFD: 2015/06/13 - 01:11:27 - [] D -- C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 2015/06/13 - 19:20:58 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2012/10/31 - 15:19:30 - [] D -- C:\Program Files (x86)\Microsoft SkyDrive
O43 - CFD: 2015/03/11 - 01:05:46 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2015/03/11 - 00:28:21 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 2015/03/06 - 13:22:21 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services
O43 - CFD: 2015/03/11 - 01:04:35 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 12.0
O43 - CFD: 2015/03/11 - 00:51:59 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/02 - 20:29:08 - [] D -- C:\Program Files (x86)\MiuiTab =>PUP.MiuiTab
O43 - CFD: 2012/01/21 - 13:21:26 - [] D -- C:\Program Files (x86)\Movie Maker
O43 - CFD: 2015/03/11 - 00:35:29 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/01/25 - 01:06:03 - [] D -- C:\Program Files (x86)\MSECache
O43 - CFD: 2014/04/20 - 14:50:08 - [] D -- C:\Program Files (x86)\MyFree Codec
O43 - CFD: 2013/08/24 - 22:23:40 - [] D -- C:\Program Files (x86)\Mystik Media
O43 - CFD: 2015/03/13 - 18:16:49 - [] D -- C:\Program Files (x86)\Nitro
O43 - CFD: 2015/03/23 - 14:09:54 - [] D -- C:\Program Files (x86)\Notepad++
O43 - CFD: 2015/03/11 - 00:56:44 - [] D -- C:\Program Files (x86)\NuGet
O43 - CFD: 2014/07/01 - 15:44:42 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2014/11/09 - 19:06:51 - [] D -- C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 2015/01/04 - 22:44:22 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2014/03/02 - 15:38:01 - [] D -- C:\Program Files (x86)\Pando Networks
O43 - CFD: 2015/01/17 - 14:55:01 - [] D -- C:\Program Files (x86)\Razer
O43 - CFD: 2011/09/21 - 01:25:24 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2013/02/23 - 04:07:13 - [] D -- C:\Program Files (x86)\Red Kawa
O43 - CFD: 2009/07/14 - 07:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2012/07/20 - 17:19:53 - [] D -- C:\Program Files (x86)\RevolutionMT2
O43 - CFD: 2012/08/02 - 16:51:09 - [] D -- C:\Program Files (x86)\RomStation
O43 - CFD: 2014/04/20 - 14:51:44 - [] D -- C:\Program Files (x86)\Samsung
O43 - CFD: 2015/06/30 - 20:16:54 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/04/22 - 20:40:03 - [] D -- C:\Program Files (x86)\Software
O43 - CFD: 2012/09/28 - 22:05:13 - [] D -- C:\Program Files (x86)\Software Installer
O43 - CFD: 2013/10/29 - 03:59:41 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 2011/04/13 - 04:49:28 - [] D -- C:\Program Files (x86)\syncables
O43 - CFD: 2012/04/22 - 19:46:42 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2013/02/14 - 16:13:59 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2012/01/30 - 21:32:02 - [] D -- C:\Program Files (x86)\TopWare
O43 - CFD: 2015/06/30 - 20:13:34 - [0] D -- C:\Program Files (x86)\Ubisoft
O43 - CFD: 2012/08/21 - 16:13:47 - [] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2014/07/10 - 14:41:39 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2014/11/09 - 18:10:57 - [] D -- C:\Program Files (x86)\VstPlugins
O43 - CFD: 2013/07/10 - 20:04:00 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/03/11 - 00:42:10 - [] D -- C:\Program Files (x86)\Windows Kits
O43 - CFD: 2015/03/14 - 01:53:00 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 2012/02/09 - 23:19:00 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/06/13 - 19:24:39 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 - 07:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2012/02/09 - 23:19:00 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2011/02/18 - 22:09:10 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2012/02/09 - 23:19:00 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/01/01 - 15:58:52 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/06/15 - 12:05:39 - [] D -- C:\Program Files (x86)\WinUtilities
O43 - CFD: 2012/01/21 - 13:20:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessoires
O43 - CFD: 2014/06/23 - 17:43:13 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2009/07/14 - 06:57:13 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/02 - 14:32:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amnesia - The Dark Descent
O43 - CFD: 2012/06/15 - 21:02:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 2014/11/08 - 19:41:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
O43 - CFD: 2015/01/11 - 14:40:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
O43 - CFD: 2014/11/09 - 15:40:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2014/07/01 - 13:18:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre Souris et Claviers Microsoft
O43 - CFD: 2015/04/27 - 16:06:40 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
O43 - CFD: 2015/01/11 - 14:40:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2013/02/14 - 16:57:32 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dofus
O43 - CFD: 2015/03/07 - 05:37:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dofus 2
O43 - CFD: 2015/02/26 - 20:22:48 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dofus2
O43 - CFD: 2014/08/26 - 20:58:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
O43 - CFD: 2014/04/29 - 22:57:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
O43 - CFD: 2013/01/16 - 14:46:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
O43 - CFD: 2012/11/15 - 02:37:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge
O43 - CFD: 2015/06/30 - 20:13:21 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/02 - 20:14:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP =>Adware.GamesDesktop
O43 - CFD: 2015/07/02 - 14:29:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2014/11/10 - 16:39:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 2013/01/16 - 14:46:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 2014/04/29 - 22:57:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 2013/02/14 - 16:18:06 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2011/09/21 - 01:27:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
O43 - CFD: 2014/11/10 - 16:38:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
O43 - CFD: 2013/02/14 - 16:57:33 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/04/04 - 02:28:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/04/03 - 20:35:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 2009/07/14 - 06:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2013/04/01 - 14:17:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Français)
O43 - CFD: 2015/06/13 - 00:51:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2014/11/08 - 19:41:10 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
O43 - CFD: 2015/03/23 - 14:09:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2014/11/09 - 19:07:48 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0
O43 - CFD: 2014/11/08 - 19:41:10 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/01/17 - 14:55:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
O43 - CFD: 2014/04/20 - 14:49:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 2015/03/14 - 20:29:54 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2013/10/29 - 04:22:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 2015/06/22 - 23:03:40 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/11/08 - 19:41:10 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2011/04/13 - 04:49:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\syncables
O43 - CFD: 2009/07/14 - 09:44:38 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/06/30 - 20:28:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/03/11 - 00:39:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
O43 - CFD: 2015/03/11 - 00:41:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
O43 - CFD: 2015/03/04 - 22:20:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/03/03 - 21:27:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities
O43 - CFD: 2015/07/02 - 14:25:03 - [] D -- C:\ProgramData\19a87fa1ec024bbcbb41931263354405
O43 - CFD: 2015/07/02 - 14:28:11 - [] D -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8
O43 - CFD: 2015/04/17 - 19:34:01 - [] D -- C:\ProgramData\9da5f12d7e994cecb0c7f31e9277ba3f
O43 - CFD: 2015/06/30 - 20:44:27 - [] D -- C:\ProgramData\abc
O43 - CFD: 2013/07/02 - 17:43:29 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2011/12/27 - 14:20:48 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2011/12/27 - 14:21:44 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2012/01/08 - 00:46:32 - [] D -- C:\ProgramData\ASUS
O43 - CFD: 2015/01/04 - 16:48:09 - [] D -- C:\ProgramData\atjs
O43 - CFD: 2014/06/29 - 16:56:52 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2014/03/02 - 16:09:30 - [] D -- C:\ProgramData\Battle.net
O43 - CFD: 2014/05/04 - 17:37:23 - [] D -- C:\ProgramData\BitRaider
O43 - CFD: 2012/01/30 - 17:32:19 - [] D -- C:\ProgramData\Blizzard Entertainment
O43 - CFD: 2015/02/21 - 09:55:26 - [0] D -- C:\ProgramData\C5A3BB37E7764FD69BB3D8A75A7BB3E1
O43 - CFD: 2011/12/25 - 23:50:17 - [] D -- C:\ProgramData\ChangeFolderView
O43 - CFD: 2012/05/28 - 19:34:17 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2012/02/05 - 19:47:13 - [] D -- C:\ProgramData\CounterPath
O43 - CFD: 2011/09/21 - 01:38:18 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2014/07/06 - 22:47:55 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2011/04/13 - 04:33:02 - [] D -- C:\ProgramData\Downloaded Installations
O43 - CFD: 2012/06/02 - 21:40:11 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/03/13 - 18:17:43 - [] D -- C:\ProgramData\FileOpen
O43 - CFD: 2011/04/13 - 04:33:04 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2011/12/25 - 23:47:17 - [] D -- C:\ProgramData\FolderView
O43 - CFD: 2013/02/14 - 17:01:26 - [] D -- C:\ProgramData\Google
O43 - CFD: 2015/07/02 - 20:14:35 - [] D -- C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
O43 - CFD: 2011/09/21 - 01:27:29 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2012/05/08 - 21:18:29 - [] D -- C:\ProgramData\InterAction studios
O43 - CFD: 2015/01/11 - 14:24:28 - [] D -- C:\ProgramData\IObit
O43 - CFD: 2015/06/17 - 09:43:16 - [] D -- C:\ProgramData\Logs
O43 - CFD: 2012/08/21 - 01:22:53 - [] D -- C:\ProgramData\Media Center Programs
O43 - CFD: 2015/03/11 - 01:07:49 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/05/17 - 13:51:47 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2012/10/31 - 15:19:12 - [] D -- C:\ProgramData\Microsoft SkyDrive
O43 - CFD: 2011/12/26 - 11:04:46 - [] D -- C:\ProgramData\MumboJumbo
O43 - CFD: 2012/06/15 - 20:58:20 - [] D -- C:\ProgramData\NCH Swift Sound
O43 - CFD: 2015/03/13 - 18:16:49 - [] D -- C:\ProgramData\Nitro
O43 - CFD: 2013/03/24 - 12:25:08 - [] D -- C:\ProgramData\Norton
O43 - CFD: 2013/03/24 - 11:55:43 - [] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 2015/01/24 - 18:13:22 - [] D -- C:\ProgramData\Nuance
O43 - CFD: 2015/03/11 - 00:56:44 - [] D -- C:\ProgramData\NuGet
O43 - CFD: 2015/07/02 - 20:34:24 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2011/09/21 - 01:19:43 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2012/12/01 - 22:40:35 - [] D -- C:\ProgramData\Oberon Media
O43 - CFD: 2011/04/13 - 04:48:44 - [] D -- C:\ProgramData\OberonGameConsole
O43 - CFD: 2015/04/03 - 20:36:03 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/01/01 - 02:57:14 - [] D -- C:\ProgramData\Orbit
O43 - CFD: 2011/09/21 - 01:30:37 - [] D -- C:\ProgramData\P4G
O43 - CFD: 2015/06/24 - 19:18:37 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2012/03/02 - 15:54:00 - [] D -- C:\ProgramData\PlayFirst
O43 - CFD: 2014/03/02 - 15:38:10 - [] D -- C:\ProgramData\PMB Files
O43 - CFD: 2015/06/27 - 18:26:29 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 2015/01/17 - 14:55:02 - [] D -- C:\ProgramData\Razer
O43 - CFD: 2015/03/11 - 00:11:19 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2011/09/21 - 01:28:14 - [] D -- C:\ProgramData\Roaming
O43 - CFD: 2014/04/20 - 14:50:54 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 2015/07/02 - 14:25:06 - [] D -- C:\ProgramData\Service1104
O43 - CFD: 2015/04/19 - 19:23:57 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2011/09/21 - 01:23:14 - [] D -- C:\ProgramData\SonicFocus
O43 - CFD: 2013/10/29 - 03:59:42 - [] D -- C:\ProgramData\Sony
O43 - CFD: 2013/07/06 - 11:06:39 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/06/17 - 09:35:37 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2012/10/06 - 14:23:23 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/06/17 - 09:43:16 - [] AD -- C:\ProgramData\Temp
O43 - CFD: 2009/07/14 - 07:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/06/29 - 11:30:17 - [] D -- C:\ProgramData\Trend Micro
O43 - CFD: 2014/11/09 - 18:12:26 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2015/06/17 - 10:19:27 - [] D -- C:\ProgramData\TweakBit
O43 - CFD: 2015/06/22 - 22:30:51 - [] D -- C:\ProgramData\UniqueId
O43 - CFD: 2013/04/01 - 17:50:09 - [] D -- C:\ProgramData\VirtualizedApplications
O43 - CFD: 2015/03/08 - 06:01:20 - [] D -- C:\ProgramData\VS
O43 - CFD: 2015/07/02 - 20:14:14 - [] D -- C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 2015/06/22 - 23:03:41 - [0] D -- C:\ProgramData\WinZip
O43 - CFD: 2015/02/21 - 09:59:52 - [] D -- C:\ProgramData\xcrpyHVbH
O43 - CFD: 2014/06/23 - 05:52:21 - [0] D -- C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 2015/04/19 - 18:47:40 - [] D -- C:\ProgramData\{59CEB10D-094C-608B-B8CA-10096848C387}
O43 - CFD: 2011/12/27 - 14:21:57 - [] D -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 2015/01/11 - 14:24:43 - [0] D -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
O43 - CFD: 2014/11/09 - 18:12:32 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2015/07/02 - 14:27:09 - [] D -- C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8
O43 - CFD: 2015/01/04 - 16:49:57 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2012/06/15 - 20:51:00 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 2014/04/29 - 22:57:42 - [] D -- C:\Program Files (x86)\Common Files\BioWare
O43 - CFD: 2014/03/03 - 00:54:54 - [] D -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
O43 - CFD: 2014/05/17 - 11:41:52 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2014/07/06 - 23:04:14 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller
O43 - CFD: 2012/01/23 - 19:33:11 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2013/02/14 - 16:27:34 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2015/01/11 - 14:24:28 - [] D -- C:\Program Files (x86)\Common Files\IObit
O43 - CFD: 2015/04/03 - 20:37:23 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2015/03/11 - 00:51:16 - [] D -- C:\Program Files (x86)\Common Files\Merge Modules
O43 - CFD: 2015/03/11 - 00:39:40 - [] D -- C:\Program Files (x86)\Common Files\Microsoft
O43 - CFD: 2015/03/11 - 00:59:02 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2015/03/13 - 18:16:49 - [] D -- C:\Program Files (x86)\Common Files\Nitro
O43 - CFD: 2011/04/13 - 04:48:00 - [] D -- C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 2014/11/09 - 18:10:55 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software
O43 - CFD: 2009/07/14 - 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/10/19 - 21:40:40 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2009/07/14 - 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2014/07/17 - 17:34:15 - [] D -- C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 2013/03/24 - 11:56:08 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 2012/02/09 - 23:19:00 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2011/04/13 - 04:33:36 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 2014/06/02 - 12:26:51 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2014/07/10 - 20:46:15 - [] D -- C:\Users\Gwen'g\AppData\Roaming\.minecraft
O43 - CFD: 2013/08/24 - 18:29:42 - [] D -- C:\Users\Gwen'g\AppData\Roaming\.mono
O43 - CFD: 2015/03/28 - 01:26:23 - [] D -- C:\Users\Gwen'g\AppData\Roaming\8295475C-71BB-4CAE-B755-25D6DAE3ADFF
O43 - CFD: 2013/05/04 - 14:20:12 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Adobe
O43 - CFD: 2015/01/21 - 21:19:28 - [] D -- C:\Users\Gwen'g\AppData\Roaming\AjE2bVF
O43 - CFD: 2013/05/04 - 14:37:04 - [] D -- C:\Users\Gwen'g\AppData\Roaming\AnkamaCertificates
O43 - CFD: 2015/07/02 - 20:16:37 - [] SHD -- C:\Users\Gwen'g\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 2013/05/04 - 14:36:27 - [] D -- C:\Users\Gwen'g\AppData\Roaming\app
O43 - CFD: 2014/06/23 - 05:52:26 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Apple Computer
O43 - CFD: 2014/07/30 - 14:25:01 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Audacity
O43 - CFD: 2014/03/02 - 23:44:59 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Battle.net
O43 - CFD: 2015/06/17 - 11:48:19 - [] D -- C:\Users\Gwen'g\AppData\Roaming\BlueLabsSoftware
O43 - CFD: 2015/07/02 - 00:39:31 - [] D -- C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81
O43 - CFD: 2015/03/15 - 01:50:57 - [] D -- C:\Users\Gwen'g\AppData\Roaming\CodeBlocks
O43 - CFD: 2015/06/24 - 19:30:32 - [] D -- C:\Users\Gwen'g\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/03/28 - 01:03:44 - [] D -- C:\Users\Gwen'g\AppData\Roaming\dclogs
O43 - CFD: 2015/04/17 - 19:36:59 - [] D -- C:\Users\Gwen'g\AppData\Roaming\dlg
O43 - CFD: 2015/04/27 - 22:07:32 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus
O43 - CFD: 2015/01/18 - 20:20:35 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus Beta
O43 - CFD: 2014/01/28 - 14:09:06 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus-2
O43 - CFD: 2014/06/10 - 10:53:07 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus-3
O43 - CFD: 2014/06/10 - 11:28:48 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus-4
O43 - CFD: 2014/09/12 - 20:51:59 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus-5
O43 - CFD: 2014/10/26 - 01:17:35 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus-6
O43 - CFD: 2014/11/28 - 15:03:29 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus-7
O43 - CFD: 2015/02/21 - 06:25:07 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofus2
O43 - CFD: 2015/01/17 - 22:50:03 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofusbeta
O43 - CFD: 2015/01/17 - 22:52:11 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofusbeta-2
O43 - CFD: 2015/01/18 - 03:17:55 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Dofusbeta-3
O43 - CFD: 2013/05/07 - 16:54:05 - [] D -- C:\Users\Gwen'g\AppData\Roaming\DofusTesting
O43 - CFD: 2013/05/04 - 14:36:24 - [] D -- C:\Users\Gwen'g\AppData\Roaming\DofusTesting-2
O43 - CFD: 2013/05/22 - 19:14:12 - [] D -- C:\Users\Gwen'g\AppData\Roaming\DofusTesting-3
O43 - CFD: 2015/03/13 - 18:14:33 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Downloaded Installations
O43 - CFD: 2014/12/13 - 19:03:31 - [] D -- C:\Users\Gwen'g\AppData\Roaming\dvdcss
O43 - CFD: 2015/03/13 - 18:17:43 - [] D -- C:\Users\Gwen'g\AppData\Roaming\FileOpen
O43 - CFD: 2015/01/24 - 18:09:33 - [] D -- C:\Users\Gwen'g\AppData\Roaming\FLEXnet
O43 - CFD: 2014/04/12 - 14:08:51 - [] D -- C:\Users\Gwen'g\AppData\Roaming\FlowStone
O43 - CFD: 2015/01/25 - 01:08:28 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Foxit Software
O43 - CFD: 2014/08/22 - 12:17:47 - [] D -- C:\Users\Gwen'g\AppData\Roaming\GoodGameEmpire =>Adware.GoodGameEmpire
O43 - CFD: 2015/01/21 - 21:19:28 - [] D -- C:\Users\Gwen'g\AppData\Roaming\I8TS742
O43 - CFD: 2013/12/01 - 12:07:41 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Identities
O43 - CFD: 2014/04/12 - 14:09:18 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Image-Line
O43 - CFD: 2013/04/12 - 22:48:28 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Intel
O43 - CFD: 2013/04/12 - 22:50:08 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Intel Corporation
O43 - CFD: 2015/01/11 - 15:39:48 - [] D -- C:\Users\Gwen'g\AppData\Roaming\IObit
O43 - CFD: 2015/06/15 - 12:08:49 - [] D -- C:\Users\Gwen'g\AppData\Roaming\IrfanView
O43 - CFD: 2011/12/26 - 12:18:04 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Macromedia
O43 - CFD: 2014/06/08 - 09:37:30 - [] D -- C:\Users\Gwen'g\AppData\Roaming\MAGIX
O43 - CFD: 2009/07/14 - 09:44:38 - [0] D -- C:\Users\Gwen'g\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/03/28 - 02:00:05 - [] SD -- C:\Users\Gwen'g\AppData\Roaming\Microsoft
O43 - CFD: 2015/07/02 - 20:13:47 - [] D -- C:\Users\Gwen'g\AppData\Roaming\mystartsearch =>PUP.StartSearch
O43 - CFD: 2015/03/13 - 18:17:43 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Nitro
O43 - CFD: 2015/04/14 - 08:16:49 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Nitro PDF
O43 - CFD: 2015/03/23 - 14:10:45 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Notepad++
O43 - CFD: 2015/01/24 - 18:09:31 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Nuance
O43 - CFD: 2015/03/11 - 01:20:17 - [] D -- C:\Users\Gwen'g\AppData\Roaming\NuGet
O43 - CFD: 2014/11/10 - 14:49:16 - [] D -- C:\Users\Gwen'g\AppData\Roaming\OpenOffice
O43 - CFD: 2013/04/23 - 17:21:11 - [] D -- C:\Users\Gwen'g\AppData\Roaming\OpenOffice.org
O43 - CFD: 2015/01/04 - 19:00:09 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Opera Software
O43 - CFD: 2013/10/29 - 03:01:37 - [] D -- C:\Users\Gwen'g\AppData\Roaming\PCFix
O43 - CFD: 2014/07/12 - 12:57:05 - [] D -- C:\Users\Gwen'g\AppData\Roaming\PhotoFiltre Studio X
O43 - CFD: 2014/06/23 - 05:53:29 - [] D -- C:\Users\Gwen'g\AppData\Roaming\ProductData
O43 - CFD: 2013/10/29 - 04:03:52 - [0] D -- C:\Users\Gwen'g\AppData\Roaming\Publish Providers
O43 - CFD: 2014/08/14 - 21:46:52 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Reg
O43 - CFD: 2013/05/04 - 14:36:27 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1
O43 - CFD: 2015/01/17 - 22:50:06 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Regbeta
O43 - CFD: 2014/06/20 - 23:57:47 - [] D -- C:\Users\Gwen'g\AppData\Roaming\RegLocal
O43 - CFD: 2014/03/02 - 15:37:45 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Riot Games
O43 - CFD: 2014/04/20 - 14:53:00 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Samsung
O43 - CFD: 2015/07/02 - 20:43:03 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Skype
O43 - CFD: 2015/03/22 - 15:08:11 - [] D -- C:\Users\Gwen'g\AppData\Roaming\SoftGrid Client
O43 - CFD: 2013/10/29 - 04:03:56 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Sony
O43 - CFD: 2015/03/28 - 01:11:49 - [] SHD -- C:\Users\Gwen'g\AppData\Roaming\SubFolder
O43 - CFD: 2014/05/03 - 17:34:48 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Theta
O43 - CFD: 2014/04/12 - 14:12:46 - [] D -- C:\Users\Gwen'g\AppData\Roaming\TuneUp Software
O43 - CFD: 2013/08/24 - 18:37:13 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Unity
O43 - CFD: 2015/06/24 - 20:17:57 - [] D -- C:\Users\Gwen'g\AppData\Roaming\uplay
O43 - CFD: 2015/07/02 - 20:54:20 - [] D -- C:\Users\Gwen'g\AppData\Roaming\uTorrent
O43 - CFD: 2015/01/21 - 21:19:28 - [] D -- C:\Users\Gwen'g\AppData\Roaming\VFA8GzS
O43 - CFD: 2015/07/01 - 23:46:02 - [] D -- C:\Users\Gwen'g\AppData\Roaming\vlc
O43 - CFD: 2013/04/21 - 16:39:14 - [0] D -- C:\Users\Gwen'g\AppData\Roaming\Windows Live Writer
O43 - CFD: 2015/01/01 - 20:30:31 - [] D -- C:\Users\Gwen'g\AppData\Roaming\WinRAR
O43 - CFD: 2015/03/28 - 01:04:55 - [] D -- C:\Users\Gwen'g\AppData\Roaming\WinZip
O43 - CFD: 2015/01/24 - 18:09:27 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Zeon
O43 - CFD: 2015/07/02 - 20:54:43 - [] D -- C:\Users\Gwen'g\AppData\Roaming\ZHP
O43 - CFD: 2015/03/13 - 18:07:18 - [] D -- C:\Users\Gwen'g\AppData\Local\Adobe
O43 - CFD: 2015/04/28 - 15:51:20 - [] D -- C:\Users\Gwen'g\AppData\Local\Ankama
O43 - CFD: 2013/04/20 - 17:05:51 - [] D -- C:\Users\Gwen'g\AppData\Local\Apple
O43 - CFD: 2013/04/12 - 22:48:25 - [0] SHD -- C:\Users\Gwen'g\AppData\Local\Application Data
O43 - CFD: 2013/04/12 - 22:52:22 - [] D -- C:\Users\Gwen'g\AppData\Local\Apps
O43 - CFD: 2014/03/23 - 20:27:53 - [] D -- C:\Users\Gwen'g\AppData\Local\ASUS
O43 - CFD: 2013/09/14 - 16:26:56 - [] D -- C:\Users\Gwen'g\AppData\Local\avgchrome
O43 - CFD: 2014/01/12 - 13:26:02 - [] D -- C:\Users\Gwen'g\AppData\Local\Axialis
O43 - CFD: 2014/03/03 - 00:48:27 - [] D -- C:\Users\Gwen'g\AppData\Local\Battle.net
O43 - CFD: 2014/03/02 - 16:11:29 - [] D -- C:\Users\Gwen'g\AppData\Local\Blizzard Entertainment
O43 - CFD: 2015/01/04 - 16:34:00 - [] D -- C:\Users\Gwen'g\AppData\Local\com
O43 - CFD: 2015/07/02 - 19:55:24 - [] D -- C:\Users\Gwen'g\AppData\Local\CrashDumps
O43 - CFD: 2014/04/26 - 21:05:41 - [0] D -- C:\Users\Gwen'g\AppData\Local\Deployment
O43 - CFD: 2015/06/15 - 16:58:54 - [0] D -- C:\Users\Gwen'g\AppData\Local\Diagnostics
O43 - CFD: 2014/04/20 - 14:47:22 - [] D -- C:\Users\Gwen'g\AppData\Local\Downloaded Installations
O43 - CFD: 2015/04/04 - 15:49:32 - [] D -- C:\Users\Gwen'g\AppData\Local\Eclipse
O43 - CFD: 2013/07/06 - 11:48:10 - [] D -- C:\Users\Gwen'g\AppData\Local\Facebook
O43 - CFD: 2014/08/22 - 12:17:46 - [] D -- C:\Users\Gwen'g\AppData\Local\GGEmpire
O43 - CFD: 2015/07/02 - 20:14:28 - [] D -- C:\Users\Gwen'g\AppData\Local\gmsd_fr_005010020 =>Adware.CrossRider
O43 - CFD: 2015/07/02 - 20:45:17 - [] D -- C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020 =>Adware.CrossRider
O43 - CFD: 2014/11/10 - 16:37:29 - [] D -- C:\Users\Gwen'g\AppData\Local\Google
O43 - CFD: 2013/04/12 - 22:48:25 - [0] SHD -- C:\Users\Gwen'g\AppData\Local\Historique
O43 - CFD: 2015/06/17 - 11:48:37 - [] D -- C:\Users\Gwen'g\AppData\Local\Microsoft
O43 - CFD: 2013/08/30 - 17:11:14 - [] D -- C:\Users\Gwen'g\AppData\Local\Microsoft Games
O43 - CFD: 2014/05/17 - 13:51:42 - [0] D -- C:\Users\Gwen'g\AppData\Local\Microsoft Help
O43 - CFD: 2015/01/04 - 19:00:11 - [] D -- C:\Users\Gwen'g\AppData\Local\Opera Software
O43 - CFD: 2014/03/02 - 16:08:16 - [] D -- C:\Users\Gwen'g\AppData\Local\PMB Files
O43 - CFD: 2013/04/22 - 19:59:31 - [] D -- C:\Users\Gwen'g\AppData\Local\Programs
O43 - CFD: 2015/01/01 - 02:58:08 - [] D -- C:\Users\Gwen'g\AppData\Local\PunkBuster
O43 - CFD: 2015/01/17 - 14:55:58 - [] D -- C:\Users\Gwen'g\AppData\Local\Razer
O43 - CFD: 2015/01/17 - 15:01:33 - [] D -- C:\Users\Gwen'g\AppData\Local\Razer_Inc
O43 - CFD: 2014/04/20 - 14:52:57 - [] D -- C:\Users\Gwen'g\AppData\Local\Samsung
O43 - CFD: 2014/06/30 - 20:17:20 - [] D -- C:\Users\Gwen'g\AppData\Local\SKIDROW
O43 - CFD: 2014/03/03 - 01:11:34 - [] D -- C:\Users\Gwen'g\AppData\Local\Skype
O43 - CFD: 2015/07/02 - 20:47:11 - [] D -- C:\Users\Gwen'g\AppData\Local\SmartWeb =>PUP.SmartWebSearch
O43 - CFD: 2013/04/20 - 22:12:38 - [] D -- C:\Users\Gwen'g\AppData\Local\SoftGrid Client
O43 - CFD: 2013/10/29 - 04:00:10 - [] D -- C:\Users\Gwen'g\AppData\Local\Sony
O43 - CFD: 2014/04/29 - 22:57:51 - [] D -- C:\Users\Gwen'g\AppData\Local\SWTOR
O43 - CFD: 2013/12/26 - 15:20:44 - [] D -- C:\Users\Gwen'g\AppData\Local\SWTORPerf
O43 - CFD: 2015/07/02 - 20:55:04 - [] D -- C:\Users\Gwen'g\AppData\Local\Temp
O43 - CFD: 2013/04/12 - 22:48:25 - [0] SHD -- C:\Users\Gwen'g\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/11/09 - 18:16:43 - [] D -- C:\Users\Gwen'g\AppData\Local\TuneUp Software
O43 - CFD: 2015/06/30 - 20:13:34 - [0] D -- C:\Users\Gwen'g\AppData\Local\Ubisoft Game Launcher
O43 - CFD: 2013/08/24 - 18:28:49 - [] D -- C:\Users\Gwen'g\AppData\Local\Unity
O43 - CFD: 2014/06/02 - 12:18:35 - [] D -- C:\Users\Gwen'g\AppData\Local\VirtualStore
O43 - CFD: 2014/01/30 - 09:03:10 - [] D -- C:\Users\Gwen'g\AppData\Local\Windows Live
O43 - CFD: 2013/04/21 - 16:39:22 - [] D -- C:\Users\Gwen'g\AppData\Local\Windows Live Writer
O43 - CFD: 2013/09/01 - 10:06:43 - [0] D -- C:\Users\Gwen'g\AppData\Local\{07C9C7F9-2499-4790-A22A-25B2A2F0A337}
O43 - CFD: 2013/11/10 - 11:50:02 - [0] D -- C:\Users\Gwen'g\AppData\Local\{0C7F1DDA-F6E7-41F2-B6DF-1ED2103AE51F}
O43 - CFD: 2013/05/25 - 12:59:55 - [0] D -- C:\Users\Gwen'g\AppData\Local\{0DACC33C-5299-4F9D-ACBB-DF8B1DE55759}
O43 - CFD: 2013/05/15 - 11:24:02 - [0] D -- C:\Users\Gwen'g\AppData\Local\{0EF56F48-6313-411D-9E2E-DADCFB8382B1}
O43 - CFD: 2014/01/18 - 13:50:35 - [0] D -- C:\Users\Gwen'g\AppData\Local\{13035095-17D4-43DB-9496-6360E3FE759C}
O43 - CFD: 2013/05/22 - 18:50:59 - [0] D -- C:\Users\Gwen'g\AppData\Local\{17E4DDB9-F645-4D0D-A889-0B3AE94F3033}
O43 - CFD: 2013/05/18 - 12:43:19 - [0] D -- C:\Users\Gwen'g\AppData\Local\{195FE762-294A-41A8-A1E5-D339139E39BE}
O43 - CFD: 2013/06/17 - 11:42:54 - [0] D -- C:\Users\Gwen'g\AppData\Local\{1D83CC9E-0871-4BF0-8A9F-FA6A5AE2BB9B}
O43 - CFD: 2013/07/01 - 22:06:58 - [0] D -- C:\Users\Gwen'g\AppData\Local\{1D9CB714-F834-481D-AA78-7C884BD86983}
O43 - CFD: 2013/06/18 - 22:53:16 - [0] D -- C:\Users\Gwen'g\AppData\Local\{1ED892F8-F154-4AB5-9615-9D07FD564E5C}
O43 - CFD: 2013/05/08 - 12:00:02 - [0] D -- C:\Users\Gwen'g\AppData\Local\{208063CB-9BDB-4AAA-AB8E-22490FDC79D3}
O43 - CFD: 2013/04/22 - 10:41:19 - [0] D -- C:\Users\Gwen'g\AppData\Local\{21EB5156-557E-44D6-B73B-B7361FC974AC}
O43 - CFD: 2013/06/20 - 11:43:11 - [0] D -- C:\Users\Gwen'g\AppData\Local\{21F112B6-342C-487A-A41C-143A31D297BA}
O43 - CFD: 2013/05/27 - 09:46:52 - [0] D -- C:\Users\Gwen'g\AppData\Local\{227AD772-34C9-4776-A67C-91310C4832D5}
O43 - CFD: 2013/04/28 - 13:49:33 - [0] D -- C:\Users\Gwen'g\AppData\Local\{25B8D4D9-18D4-454D-A48B-0C1A82EEB79D}
O43 - CFD: 2013/06/19 - 15:35:07 - [0] D -- C:\Users\Gwen'g\AppData\Local\{2DFB6C13-C7CE-45FC-986D-90B94303494E}
O43 - CFD: 2013/05/19 - 22:16:44 - [0] D -- C:\Users\Gwen'g\AppData\Local\{2F7AB29C-DD5C-4F30-99D6-B01FA8E8BCF5}
O43 - CFD: 2013/06/27 - 14:22:48 - [0] D -- C:\Users\Gwen'g\AppData\Local\{35B02A5F-EA92-487A-8E4D-A015AFF93640}
O43 - CFD: 2013/05/29 - 07:57:23 - [0] D -- C:\Users\Gwen'g\AppData\Local\{3A3D537E-6CF2-4770-9988-4AEDEBBF523C}
O43 - CFD: 2013/04/29 - 18:48:14 - [0] D -- C:\Users\Gwen'g\AppData\Local\{3C54BBE8-734C-4C28-8ABC-6B902B5718F2}
O43 - CFD: 2013/04/25 - 21:35:51 - [0] D -- C:\Users\Gwen'g\AppData\Local\{3DF333C2-6756-4FC5-86B8-0D35A8338229}
O43 - CFD: 2013/08/24 - 20:34:18 - [0] D -- C:\Users\Gwen'g\AppData\Local\{3FA7F872-31EB-45E9-B074-96BF432282AB}
O43 - CFD: 2013/12/15 - 16:06:38 - [0] D -- C:\Users\Gwen'g\AppData\Local\{404B728E-2769-4C97-BECE-B8EFD863DB61}
O43 - CFD: 2013/04/23 - 11:47:07 - [0] D -- C:\Users\Gwen'g\AppData\Local\{44244F07-350B-493E-95F9-5AC34D1CD858}
O43 - CFD: 2013/05/28 - 18:04:52 - [0] D -- C:\Users\Gwen'g\AppData\Local\{484223DA-B20A-493A-9CC3-24448135486D}
O43 - CFD: 2013/04/21 - 16:50:18 - [0] D -- C:\Users\Gwen'g\AppData\Local\{4871B340-FA41-4266-B6AD-E9DFBA6369D5}
O43 - CFD: 2013/05/11 - 00:49:49 - [0] D -- C:\Users\Gwen'g\AppData\Local\{4B05869B-96F9-41BC-ACB0-856940CFA0F6}
O43 - CFD: 2013/05/20 - 18:40:43 - [0] D -- C:\Users\Gwen'g\AppData\Local\{4E0E687F-A873-4678-A6BB-6F0B4E034050}
O43 - CFD: 2013/05/23 - 18:06:04 - [0] D -- C:\Users\Gwen'g\AppData\Local\{51134730-3114-404C-A982-26441EF2B714}
O43 - CFD: 2013/05/07 - 13:54:40 - [0] D -- C:\Users\Gwen'g\AppData\Local\{518F20E3-1CF7-494A-89BB-3CC5C503EBF8}
O43 - CFD: 2013/11/23 - 20:41:08 - [0] D -- C:\Users\Gwen'g\AppData\Local\{53F5895E-5BE1-428C-9E83-3FBAE4009CC9}
O43 - CFD: 2013/04/24 - 18:12:00 - [0] D -- C:\Users\Gwen'g\AppData\Local\{54A6C48E-4A90-4349-9EA6-C7F1634DC781}
O43 - CFD: 2013/08/14 - 15:59:19 - [0] D -- C:\Users\Gwen'g\AppData\Local\{5B07F8DC-A926-4E79-8917-031537CF28E0}
O43 - CFD: 2013/05/11 - 12:50:27 - [0] D -- C:\Users\Gwen'g\AppData\Local\{64869C57-1125-4567-B683-2FC7BEA31906}
O43 - CFD: 2013/05/02 - 18:29:33 - [0] D -- C:\Users\Gwen'g\AppData\Local\{6AE06D41-C484-4F0D-B9AA-7A0A936C2B69}
O43 - CFD: 2013/08/31 - 15:58:39 - [0] D -- C:\Users\Gwen'g\AppData\Local\{6F9BB430-03CD-454C-8798-2A01A3F442E7}
O43 - CFD: 2014/01/12 - 15:03:24 - [0] D -- C:\Users\Gwen'g\AppData\Local\{6FFF19BC-9D40-4758-8BFA-585B1D89704F}
O43 - CFD: 2013/07/04 - 09:44:30 - [0] D -- C:\Users\Gwen'g\AppData\Local\{7173F945-9C86-4481-B293-C1C340EEFEF6}
O43 - CFD: 2014/01/05 - 22:34:18 - [0] D -- C:\Users\Gwen'g\AppData\Local\{77B6CCDC-EEB4-4CF7-8F7B-D9375ABEE257}
O43 - CFD: 2013/11/22 - 23:17:56 - [0] D -- C:\Users\Gwen'g\AppData\Local\{8A954904-05F9-467F-8A70-78A7D43A75D3}
O43 - CFD: 2013/04/27 - 14:08:06 - [0] D -- C:\Users\Gwen'g\AppData\Local\{9075D8DB-08EE-4CAD-A3CF-27059A863180}
O43 - CFD: 2013/05/24 - 18:06:14 - [0] D -- C:\Users\Gwen'g\AppData\Local\{93745392-3FB7-4332-A603-4E72636106E2}
O43 - CFD: 2014/02/01 - 22:00:21 - [0] D -- C:\Users\Gwen'g\AppData\Local\{9558CEFE-1723-4D55-A6BD-3EEB0379106E}
O43 - CFD: 2013/11/03 - 16:47:47 - [0] D -- C:\Users\Gwen'g\AppData\Local\{99954FAD-7C5B-4889-B8A2-8B1A4475271D}
O43 - CFD: 2013/06/11 - 14:43:15 - [0] D -- C:\Users\Gwen'g\AppData\Local\{9B836BC8-0C22-4732-91E8-6FA4C50C1BDE}
O43 - CFD: 2013/04/24 - 00:23:04 - [0] D -- C:\Users\Gwen'g\AppData\Local\{A407ABA9-E870-4D1B-A8D6-8961E6776055}
O43 - CFD: 2013/11/09 - 18:57:58 - [0] D -- C:\Users\Gwen'g\AppData\Local\{AA7CF9F8-49FA-4B55-876E-B8935E37CF72}
O43 - CFD: 2013/05/29 - 19:57:58 - [0] D -- C:\Users\Gwen'g\AppData\Local\{ABF31612-049C-40DA-AC9E-B24A12BE35E5}
O43 - CFD: 2014/01/18 - 13:49:54 - [0] D -- C:\Users\Gwen'g\AppData\Local\{AEE2F4EF-BA03-48CE-BD1D-4B0DC5C821F3}
O43 - CFD: 2013/11/09 - 18:56:55 - [0] D -- C:\Users\Gwen'g\AppData\Local\{AF0DAAAE-7529-470C-B71B-835C7EF36903}
O43 - CFD: 2013/06/16 - 18:17:03 - [0] D -- C:\Users\Gwen'g\AppData\Local\{B3121BA2-68D9-4926-9933-DA1ECE3DD071}
O43 - CFD: 2013/07/02 - 18:07:17 - [0] D -- C:\Users\Gwen'g\AppData\Local\{B4175940-E626-4D6D-9356-BED7A6C1DA6A}
O43 - CFD: 2013/05/27 - 21:52:43 - [0] D -- C:\Users\Gwen'g\AppData\Local\{B73C5EEA-8861-44BA-95E4-F7E479CE2804}
O43 - CFD: 2014/01/11 - 11:42:34 - [0] D -- C:\Users\Gwen'g\AppData\Local\{BDC75BC6-E824-46FB-A74B-97073BF97B4C}
O43 - CFD: 2013/04/26 - 17:11:57 - [0] D -- C:\Users\Gwen'g\AppData\Local\{C074FEE6-DDFB-40D2-A0CF-F26099899E2B}
O43 - CFD: 2013/04/30 - 18:20:47 - [0] D -- C:\Users\Gwen'g\AppData\Local\{C0A416A0-5401-4A2B-BAC9-0E5C857155D4}
O43 - CFD: 2013/06/25 - 18:36:49 - [0] D -- C:\Users\Gwen'g\AppData\Local\{C3062BAD-A663-426A-9F2C-213949A14126}
O43 - CFD: 2013/05/10 - 12:49:13 - [0] D -- C:\Users\Gwen'g\AppData\Local\{C31135B0-EBDB-415C-B54A-218ABB4E7F56}
O43 - CFD: 2013/08/04 - 13:14:14 - [0] D -- C:\Users\Gwen'g\AppData\Local\{C99B80F5-724B-44D6-B8DF-1A90AD873A56}
O43 - CFD: 2014/01/11 - 11:41:53 - [0] D -- C:\Users\Gwen'g\AppData\Local\{CB37AE18-31F1-4E5D-B235-A4B715C78AC9}
O43 - CFD: 2013/07/15 - 22:21:27 - [0] D -- C:\Users\Gwen'g\AppData\Local\{CD5EB38A-43EB-4512-AF59-44710AC98E25}
O43 - CFD: 2013/07/08 - 17:11:01 - [0] D -- C:\Users\Gwen'g\AppData\Local\{D535D75A-C249-4634-8A8D-7AE973440DB6}
O43 - CFD: 2014/01/05 - 22:33:44 - [0] D -- C:\Users\Gwen'g\AppData\Local\{D5DA5113-335E-41C1-A63D-D4758B0764F4}
O43 - CFD: 2014/01/10 - 20:57:31 - [0] D -- C:\Users\Gwen'g\AppData\Local\{D617D2A5-4AE8-4ABF-ABDE-09C566E4E2C0}
O43 - CFD: 2013/05/04 - 03:03:52 - [0] D -- C:\Users\Gwen'g\AppData\Local\{E065E100-23C0-4062-84B1-0A3788A0F442}
O43 - CFD: 2013/04/21 - 12:27:55 - [0] D -- C:\Users\Gwen'g\AppData\Local\{E3072192-0B51-4F6B-A82F-01DC680A6057}
O43 - CFD: 2013/12/22 - 11:42:38 - [0] D -- C:\Users\Gwen'g\AppData\Local\{E460F480-ADFB-492C-8651-854EF034B9F5}
O43 - CFD: 2013/05/01 - 14:00:30 - [0] D -- C:\Users\Gwen'g\AppData\Local\{E8475E54-C7E8-4CF9-955D-5DD4AAF61EE9}
O43 - CFD: 2013/08/24 - 20:34:56 - [0] D -- C:\Users\Gwen'g\AppData\Local\{E96C1F7A-4B9D-40DD-8F1B-E0F277B00D6E}
O43 - CFD: 2013/06/10 - 17:29:05 - [0] D -- C:\Users\Gwen'g\AppData\Local\{E97550DA-34B6-4F10-973D-DEC5B8B18200}
O43 - CFD: 2013/05/05 - 22:11:33 - [0] D -- C:\Users\Gwen'g\AppData\Local\{F344A42B-39F8-49EE-814D-62A4E1E86C8B}
O43 - CFD: 2013/07/07 - 14:50:34 - [0] D -- C:\Users\Gwen'g\AppData\Local\{F5435955-2DF0-41F7-B1E6-E5AD7DDD3857}
O43 - CFD: 2013/04/21 - 16:37:05 - [0] D -- C:\Users\Gwen'g\AppData\Local\{F6877AD8-1665-49DA-BADD-CAC5A64774BB}
O43 - CFD: 2013/05/26 - 10:39:30 - [0] D -- C:\Users\Gwen'g\AppData\Local\{F8363E91-1AA9-4505-B0CF-00D64898B1D9}
O43 - CFD: 2009/07/14 - 06:54:32 - [] RD -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/02 - 19:54:12 - [] RD -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/02 - 20:18:25 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect
O43 - CFD: 2011/09/21 - 01:38:28 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
O43 - CFD: 2015/03/07 - 05:28:54 - [0] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus 2
O43 - CFD: 2014/04/29 - 22:57:52 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2014/04/29 - 22:57:52 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/02 - 14:32:01 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoodGameEmpire =>Adware.GoodGameEmpire
O43 - CFD: 2015/07/02 - 14:32:01 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/04/28 - 15:59:58 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 2015/06/15 - 12:08:49 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
O43 - CFD: 2009/07/14 - 06:49:38 - [] RD -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/03/23 - 14:09:36 - [0] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2014/07/12 - 11:46:18 - [0] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/07/02 - 20:13:05 - [] RD -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/11/08 - 19:41:10 - [0] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2014/06/29 - 11:20:22 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
O43 - CFD: 2015/01/01 - 15:58:52 - [] D -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/06/23 - 12:46:35 - [0] HD -- C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PCCDisabled

---\\ Enumération des clés de registre StartupReg (SMSR) (O53 (28) - 2s
O53 - SMSR:HKLM\...\startupreg\3D BubbleSound [Key] . (...) -- C:\Program Files\BubbleSound\3D BubbleSound.exe (.not file.) =>PUP.BubbleSound
O53 - SMSR:HKLM\...\startupreg\Advanced SystemCare 7 [Key] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\ASUSWebStorage [Key] . (.ecareme - AsusWebStorage.) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
O53 - SMSR:HKLM\...\startupreg\ATKMEDIA [Key] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O53 - SMSR:HKLM\...\startupreg\ATKOSD2 [Key] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
O53 - SMSR:HKLM\...\startupreg\ETDCtrl [Key] . (...) -- %ProgramFiles%\Elantech\ETDCtrl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\GoogleChromeAutoLaunch_252F8AF4D0265A1169AF678F8A8EB545 [Key] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O53 - SMSR:HKLM\...\startupreg\HControlUser [Key] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O53 - SMSR:HKLM\...\startupreg\IAStorIcon [Key] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O53 - SMSR:HKLM\...\startupreg\IntelPAN [Key] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
O53 - SMSR:HKLM\...\startupreg\IntelTBRunOnce [Key] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- wscript.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\IObit Malware Fighter [Key] . (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O53 - SMSR:HKLM\...\startupreg\Orbitum [Key] . (...) -- C:\Users\Gwen'g\AppData\Local\Orbitum\Application\chrome.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PC Speed Maximizer [Key] . (...) -- C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe (.not file.) =>PUP.PCSpeedMaximizer
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O53 - SMSR:HKLM\...\startupreg\SystemWindows [Key] . (...) -- C:\Windows\system32\MSDCSC\ungbjWqPA6SR\msdcsc.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\UnicoBrowser [Key] . (...) -- C:\Users\Gwen'g\AppData\Local\UnicoBrowser\Application\unicobrowser.exe (.not file.) =>PUP.UnicoBrowser
O53 - SMSR:HKLM\...\startupreg\UpdateLBPShortCut [Key] . (...) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\UpdateP2GoShortCut [Key] . (...) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Gwen'g\AppData\Roaming\uTorrent\uTorrent.exe
O53 - SMSR:HKLM\...\startupreg\WindApp [Key] . (...) -- C:\Users\Gwen'g\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O53 - SMSR:HKLM\...\startupreg\Winlogon [Key] . (...) -- C:\Users\Gwen'g\AppData\Roaming\SubFolder\SubFolder\winlogon.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Wireless Console 3 [Key] . (.Copyright (C) 2005 - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O53 - SMSR:HKLM\...\startupreg\work [Key] . (...) -- %APPDATA%\Microsoft\update.exe (.not file.)

---\\ Liste des pilotes du système (SDL) (O58) (87) - 9s
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904]
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2011/03/11 08:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2011/06/02 19:32:50 A . (.ASMedia Technology Inc - ASMedia USB3 Hub Driver.) -- C:\Windows\System32\drivers\asmthub3.sys [128488]
O58 - SDL:2011/06/02 19:32:50 A . (.ASMedia Technology Inc - ASMEDIA XHCI Host Controller Driver.) -- C:\Windows\System32\drivers\asmtxhci.sys [401896]
O58 - SDL:2009/10/05 03:34:00 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\drivers\athrx.sys [1542656]
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704]
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2010/07/13 23:21:48 N . (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) -- C:\Windows\System32\drivers\diskperf64.sys [15464]
O58 - SDL:2014/07/06 22:41:29 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [283064]
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2011/04/12 23:18:08 A . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\drivers\ETD.sys [142632]
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2014/01/23 05:20:58 A . (.Intel Mobile Communications - USB driver for Flash Loader Utility.) -- C:\Windows\System32\drivers\FlashUSB.sys [19968]
O58 - SDL:2009/05/18 14:17:08 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [34152]
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232]
O58 - SDL:2010/09/22 03:59:38 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [56344]
O58 - SDL:2010/11/20 15:33:36 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
O58 - SDL:2012/03/26 23:45:18 A . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\drivers\HssDrv.sys [56832]
O58 - SDL:2010/09/13 12:24:26 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStor.sys [437272]
O58 - SDL:2012/11/19 13:10:38 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [652344]
O58 - SDL:2012/11/19 13:10:36 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28216]
O58 - SDL:2011/03/11 08:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496]
O58 - SDL:2014/01/29 23:02:28 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5363200]
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2014/06/23 12:38:49 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [452088]
O58 - SDL:2009/07/20 11:29:40 A . (. - Keyboard Filter Driver.) -- C:\Windows\System32\drivers\kbfiltr.sys [15416]
O58 - SDL:2009/06/10 22:34:18 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x64.sys [57344]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2011/05/01 23:33:06 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwNs64.sys [8593920]
O58 - SDL:2014/06/23 12:35:36 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwsw00.sys [11527888]
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2013/09/05 02:36:46 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [11273504]
O58 - SDL:2013/09/05 02:37:00 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvpciflt.sys [30496]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352]
O58 - SDL:2011/03/11 08:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272]
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2007/05/14 16:06:18 A . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\System32\drivers\RimUsb_AMD64.sys [27520]
O58 - SDL:2015/01/11 14:26:38 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [941784]
O58 - SDL:2014/06/23 12:36:16 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4094608]
O58 - SDL:2010/08/03 20:43:14 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\rtsuvstor.sys [290920]
O58 - SDL:2014/12/10 00:21:53 A . (.Razer, Inc. - Razer Overlay Support.) -- C:\Windows\System32\drivers\rzpmgrk.sys [37184]
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2009/06/10 22:35:57 A . (.Silicon Integrated Systems Corp. - NDIS 6.0 Miniport Driver for SiS191/SiS190.) -- C:\Windows\System32\drivers\SiSG664.sys [56832]
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2014/01/23 05:20:56 A . (.Google Inc - ADB Interface.) -- C:\Windows\System32\drivers\ssadadb.sys [38080]
O58 - SDL:2014/01/23 05:20:56 A . (.MCCI Corporation - SAMSUNG Android USB Composite Device Driver.) -- C:\Windows\System32\drivers\ssadbus.sys [169288]
O58 - SDL:2014/01/23 05:20:56 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadcm.sys [17224]
O58 - SDL:2014/01/23 05:20:56 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadcmnt.sys [17224]
O58 - SDL:2014/01/23 05:20:56 A . (.MCCI Corporation - SAMSUNG Android USB Modem Filter Driver.) -- C:\Windows\System32\drivers\ssadmdfl.sys [21320]
O58 - SDL:2014/01/23 05:20:56 A . (.MCCI Corporation - SAMSUNG Android USB Modem.) -- C:\Windows\System32\drivers\ssadmdm.sys [188232]
O58 - SDL:2014/01/23 05:20:56 A . (.MCCI Corporation - SAMSUNG Android USB Diagnostic Serial Port.) -- C:\Windows\System32\drivers\ssadserd.sys [158024]
O58 - SDL:2014/01/23 05:20:56 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadwh.sys [17736]
O58 - SDL:2014/01/23 05:20:56 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadwhnt.sys [17736]
O58 - SDL:2014/01/23 05:21:06 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [108800]
O58 - SDL:2014/01/23 05:21:06 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [206080]
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2014/06/23 12:37:47 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [100312]
O58 - SDL:2010/09/17 10:52:28 A . (.Trend Micro Inc. - TrendMicro Activity Monitor Module.) -- C:\Windows\System32\drivers\tmactmon.sys [90704]
O58 - SDL:2010/09/17 10:52:28 A . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\System32\drivers\tmcomm.sys [144464]
O58 - SDL:2010/09/17 10:52:28 A . (.Trend Micro Inc. - TrendMicro Event Management Module.) -- C:\Windows\System32\drivers\tmevtmgr.sys [67664]
O58 - SDL:2010/09/17 10:52:28 A . (.Trend Micro Inc. - Trend Micro TDI Driver (amd64-fre).) -- C:\Windows\System32\drivers\tmtdi.sys [105552]
O58 - SDL:2010/04/17 01:07:28 A . (...) -- C:\Windows\System32\drivers\TurboB.sys [13832]
O58 - SDL:2011/08/02 18:38:56 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [51712]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]
O58 - SDL:2015/01/27 01:23:46 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\drivers\wdcsam64.sys [14464]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (8) - 23s
O61 - LFC: 2015/06/30 19:37:41 A . (..) -- C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\rnsj74B4.exe [152576]
O61 - LFC: 2015/06/30 19:37:22 A . (..) -- C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\Uninstall.exe [65000]
O61 - LFC: 2015/07/02 20:13:10 A . (.SoftBrain Technologies Ltd..) -- C:\Users\Gwen'g\AppData\Local\SmartWeb\__u.exe [172673] =>PUP.SmartWebSearch
O61 - LFC: 2015/07/02 20:13:45 A . (..) -- C:\Users\Gwen'g\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/02 20:45:45 A . (..) -- C:\Users\Gwen'g\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [164]
O61 - LFC: 2015/07/02 16:20:37 A . (..) -- C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020\upgmsd_fr_009010020.exe [3285160] =>Adware.CrossRider
O61 - LFC: 2015/07/02 19:48:20 A . (..) -- C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020\Download\myoffergroup_fr.exe [4151856] =>Adware.CrossRider
O61 - LFC: 2015/07/02 16:53:51 A . (..) -- C:\Users\Gwen'g\AppData\Local\gmsd_fr_005010020\upgmsd_fr_005010020.exe [3297960] =>Adware.CrossRider

---\\ Associations Shell Spawning (O67) (8) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\SysWOW64\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\SysWOW64\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (SMI) (O68) (16) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/ =>PUP.StartSearch
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Gwenneg_2\AppData\Local\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/ =>PUP.StartSearch
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\gwenneg\AppData\Local\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/ =>PUP.StartSearch
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Gwenneg_2\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\gwenneg\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Gwenneg_2\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Users\gwenneg\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Gwenneg_2\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\gwenneg\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI (3) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.mystartsearch.com/ =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.mystartsearch.com/ =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com/ =>PUP.StartSearch

---\\ Enumère les service demarrés par Svchost (SSS) (O83) (32) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2553856]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]

---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (26) - 6s
O87 - FAEL: "{C4B4BC52-F18A-41B0-8897-D8DDB7B6A876}" [In-None-P6-TRUE] .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Gwenneg godel\Downloads\SweetImSetup.exe =>PUP.SweetIM
O87 - FAEL: "{D1EB9F2E-F724-45FF-97D7-ED815D7FCD2D}" [In-None-P17-TRUE] .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Gwenneg godel\Downloads\SweetImSetup.exe =>PUP.SweetIM
O87 - FAEL: "{BEED2E5B-2FC9-4E44-9644-23A87FA21DBD}" [In-None-P6-TRUE] .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Gwenneg godel\AppData\Local\Temp\SweetIMReinstall\SweetImSetup.exe =>PUP.SweetIM
O87 - FAEL: "{A0EB8698-E710-46B5-88EE-64354A48CB86}" [In-None-P17-TRUE] .(.SweetIM Technologies, Ltd. - SweetIM Installer.) -- C:\Users\Gwenneg godel\AppData\Local\Temp\SweetIMReinstall\SweetImSetup.exe =>PUP.SweetIM
O87 - FAEL: "{B7C6A78E-6413-4CB2-86EE-6A5B704B7F81}" [In-None-P6-TRUE] .(...) -- C:\Users\gwenneg\AppData\Local\MediaGet2\mediaget.exe =>PUP.MediaGet
O87 - FAEL: "{073A4327-27D4-45F4-B222-0BBB85685450}" [In-None-P17-TRUE] .(...) -- C:\Users\gwenneg\AppData\Local\MediaGet2\mediaget.exe =>PUP.MediaGet
O87 - FAEL: "TCP Query User{D4FC7B47-762D-470D-A465-77495796CEE5}C:\users\gwenneg\appdata\local\mediaget2\mediaget.exe" [In-None-P6-TRUE] .(...) -- C:\users\gwenneg\appdata\local\mediaget2\mediaget.exe =>PUP.MediaGet
O87 - FAEL: "UDP Query User{84E328C0-33A2-4AB3-A857-01767F375C49}C:\users\gwenneg\appdata\local\mediaget2\mediaget.exe" [In-None-P17-TRUE] .(...) -- C:\users\gwenneg\appdata\local\mediaget2\mediaget.exe =>PUP.MediaGet
O87 - FAEL: "{10170E94-BFEA-4851-A2DD-F8362C7F206E}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe =>Adware.IMBooster
O87 - FAEL: "{6BA0D850-93AE-462C-B4E9-A315AFF9643C}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
O87 - FAEL: "TCP Query User{FF3AE982-25F7-4209-B893-C3057349922F}C:\users\gwen'g\appdata\roaming\cacaoweb\cacaoweb.exe" [In-None-P6-TRUE] .(...) -- C:\users\gwen'g\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{8ADAFD43-D2A5-4E3E-A2ED-F3A4F8D1402D}C:\users\gwen'g\appdata\roaming\cacaoweb\cacaoweb.exe" [In-None-P17-TRUE] .(...) -- C:\users\gwen'g\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{A4F7DB48-AF1E-441C-945F-75BCFD403133}C:\users\gwen'g\appdata\roaming\cacaoweb\cacaoweb.exe" [In-None-P6-TRUE] .(...) -- C:\users\gwen'g\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{772613FF-1660-4061-A833-32E5F18E6B5B}C:\users\gwen'g\appdata\roaming\cacaoweb\cacaoweb.exe" [In-None-P17-TRUE] .(...) -- C:\users\gwen'g\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "{909D7D99-D58D-418F-92A4-02AE199DB4D7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe =>Adware.CrossRider
O87 - FAEL: "{56873DCD-57EF-4893-A225-0164750A971A}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Movies App\Datamngr\SRTOOL~1\IE\dtuser.exe =>Adware.CrossRider
O87 - FAEL: "TCP Query User{E702D0FF-E2C4-49EF-94F2-ABD0FA569CEA}C:\users\gwen'g\appdata\roaming\torntv.com\torntv downloader.exe" [In-None-P6-TRUE] .(...) -- C:\users\gwen'g\appdata\roaming\torntv.com\torntv downloader.exe =>Hijacker.TornTV
O87 - FAEL: "UDP Query User{95BE4AB9-17D1-4B22-BDB9-BAC4365D36FD}C:\users\gwen'g\appdata\roaming\torntv.com\torntv downloader.exe" [In-None-P17-TRUE] .(...) -- C:\users\gwen'g\appdata\roaming\torntv.com\torntv downloader.exe =>Hijacker.TornTV
O87 - FAEL: "{FEFF971E-8514-4CB1-8BFC-B1C4C207CA32}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\ace race\bin\acerace.BRT.Helper.exe =>PUP.AceRace
O87 - FAEL: "{12BC436A-FA00-4F02-8DAA-1BC3CCAEAEE1}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\ace race\bin\acerace.BRT.Helper.exe =>PUP.AceRace
O87 - FAEL: "{6FB1F21C-8890-49A2-BAA0-402B91680117}" [In-None-P17-TRUE] .(...) -- C:\Users\Gwen'g\AppData\Local\UnicoBrowser\Application\unicobrowser.exe =>PUP.UnicoBrowser
O87 - FAEL: "{94B071D6-4D14-45C7-BCB4-147DCD5FD97A}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe =>PUP.DllFilesFixer
O87 - FAEL: "{1731CB4F-1838-49AB-9A5E-1E513ED07A13}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe =>PUP.DllFilesFixer
O87 - FAEL: "{C53C7577-41A0-4F70-830D-C4E532C499C0}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe =>PUP.DllFilesFixer
O87 - FAEL: "{AC1360FD-8E8A-4798-8353-77F0A11D9F14}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AnySend\AnySendSVC.exe =>PUP.ASPackage
O87 - FAEL: "{ECD1B98B-4C07-4574-9B73-08403C9C8408}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowse

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NT (3) - 7s
[MD5.] [WIS][2014/08/13 17:50:50] (.LPT - Windows Installer XML (3.5.2519.0).) -- C:\Windows\Installer\2ba9926.msi [2146304] =>PUP.Linkury
[MD5.] [WIS][2015/07/01 21:47:38] (.globalupdate - Windows Installer XML Toolset (3.9.1208.0).) -- C:\Windows\Installer\3fff2c.msi [32768] =>PUP.GlobalUpdate
[MD5.] [WIS][2012/04/29 17:58:46] (.Aedge Performance BCN SL - InstallShield® 2011 - Professional Edition.) -- C:\Windows\Installer\e76187.msi [17887232] =>PUP.PCSpeedUp

---\\ Scan Additionnel (O88) (67) - 0s
C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\hnsyAC3D.tmp =>Adware.CrossRider
C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\jnsy93DB.tmp =>Adware.CrossRider
C:\Users\Gwen'g\AppData\Roaming\CE7ACE80-1435685842-81E0-32B2-5404A6081E81\knsuEBD.tmp =>Adware.CrossRider
C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020\upgmsd_fr_009010020.exe =>Adware.CrossRider
C:\Users\Gwen'g\AppData\Local\SmartWeb\SmartWebApp.exe =>PUP.SmartWebSearch
C:\Users\Gwen'g\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiknpkdjaijoilnmlcmkgcelkafbnpbl
C:\Users\Gwen'g\AppData\Local\Google\Chrome\User Data\Default\Extensions\fleddijeeakbkhkpepocimdkpmjeklke
C:\Users\Gwen'g\AppData\Local\Google\Chrome\User Data\Default\Extensions\njcppddkcdojnilnknjifcgmnnelhifi
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9771c444-42b0-4e23-a7fb-ff707123ab30} =>PUP.OnStage
HKLM\SYSTEM\CurrentControlSet\Services\cipoqilu =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\dijekehy =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\gohocehu =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\nucekyjo =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\vicoqudu =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\zejytose =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\zuhekojy =>Adware.CrossRider
C:\ProgramData\Service1104\Service1104.exe =>Adware.Graftor
C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job =>PUP.BidailySync
C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job =>PUP.BidailySync
C:\Windows\Tasks\Bidaily Synchronize Task[973b].job =>PUP.BidailySync
C:\Windows\Tasks\LXRXMIKAFVTNHJBS.job =>Adware.Graftor
C:\Windows\System32\Tasks\Bidaily Synchronize Task[3c32] =>PUP.BidailySync
C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6] =>PUP.BidailySync
C:\Windows\System32\Tasks\Bidaily Synchronize Task[973b] =>PUP.BidailySync
C:\Windows\System32\Tasks\LXRXMIKAFVTNHJBS =>Adware.Graftor
C:\Windows\System32\Tasks\Taplika lino =>PUP.Taplika
HKLM\SOFTWARE\Wow6432Node\Plus Video HD 1.8cV22.04-nv-ie =>Adware.CrossRider
HKLM\SOFTWARE\Wow6432Node\searchult =>PUP.Optional
HKLM\SOFTWARE\Wow6432Node\WajIntEnhance =>PUP.Wajam
HKCU\SOFTWARE\Browser =>Adware.CrossRider
HKCU\SOFTWARE\Media+PlayerVidEd2.5-nv =>Adware.CrossRider
HKCU\SOFTWARE\Plus Video HD 1.8cV22.04-nv =>Adware.CrossRider
HKCU\SOFTWARE\Plus Video HD 1.8cV22.04-nv-ie =>Adware.CrossRider
HKCU\SOFTWARE\SimplyTech =>PUP.SimplyTech
HKCU\SOFTWARE\SystemNotifierV10.03 =>PUP.SystemNotifier
HKCU\SOFTWARE\Tutorials =>PUP.AgenceExclusive
HKCU\SOFTWARE\WajIntEnhance =>PUP.Wajam
C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect
C:\Program Files (x86)\ed69b892-0ec1-4e94-a1d9-deec0d80b038 =>Adware.CrossRider
C:\Program Files (x86)\gamesagogo_w3i =>Adware.Agent
C:\Program Files (x86)\gmsd_fr_005010020 =>Adware.CrossRider
C:\Program Files (x86)\gmsd_fr_009010020 =>Adware.CrossRider
C:\Program Files (x86)\HQPro-1 =>Adware.CrossRider
C:\Program Files (x86)\MiuiTab =>PUP.MiuiTab
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP =>Adware.GamesDesktop
C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
C:\Users\Gwen'g\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
C:\Users\Gwen'g\AppData\Roaming\GoodGameEmpire =>Adware.GoodGameEmpire
C:\Users\Gwen'g\AppData\Roaming\mystartsearch =>PUP.StartSearch
C:\Users\Gwen'g\AppData\Local\gmsd_fr_005010020 =>Adware.CrossRider
C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020 =>Adware.CrossRider
C:\Users\Gwen'g\AppData\Local\SmartWeb =>PUP.SmartWebSearch
C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect
C:\Users\Gwen'g\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GoodGameEmpire =>Adware.GoodGameEmpire
C:\Users\Gwen'g\AppData\Local\SmartWeb\__u.exe =>PUP.SmartWebSearch
C:\Users\Gwen'g\AppData\Local\gmsd_fr_009010020\Download\myoffergroup_fr.exe =>Adware.CrossRider
C:\Users\Gwen'g\AppData\Local\gmsd_fr_005010020\upgmsd_fr_005010020.exe =>Adware.CrossRider
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\Open\command [Bad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/] =>PUP.StartSearch
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome.6XD2NGNUVTEV5TKHRRLWCQDSGI\shell\Open\command [Bad: C:\Users\Gwenneg_2\AppData\Local\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/] =>PUP.StartSearch
HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome.PLS4ZTYHAP4GISHHLCAT5IFHYI\shell\Open\command [Bad: C:\Users\gwenneg\AppData\Local\Google\Chrome\Application\chrome.exe http://www.mystartsearch.com/] =>PUP.StartSearch
C:\Users\Gwenneg godel\Downloads\SweetImSetup.exe =>PUP.SweetIM
C:\Users\Gwenneg godel\AppData\Local\Temp\SweetIMReinstall\SweetImSetup.exe =>PUP.SweetIM
C:\Windows\Installer\2ba9926.msi =>PUP.Linkury
C:\Windows\Installer\3fff2c.msi =>PUP.GlobalUpdate
C:\Windows\Installer\e76187.msi =>PUP.PCSpeedUp

---\\ Récapitulatif des détections trouvées sur votre station (40) - 0s
http://www.nicolascoolman.fr/pup-crossrider/ =>Adware.CrossRider
http://www.nicolascoolman.fr/pup-smartwebsearch/ =>PUP.SmartWebSearch
http://www.nicolascoolman.fr/blog =>Adware.Sambreel
http://www.nicolascoolman.fr/blog =>PUP.OnStage
http://www.nicolascoolman.fr/pup-startsearch/ =>PUP.StartSearch
http://www.nicolascoolman.fr/blog =>PUP.WindeskWinsearch
http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.AnyProtect
http://www.nicolascoolman.fr/adware-downware/ =>Adware.Downware
http://www.nicolascoolman.fr/blog =>Adware.Agent
http://www.nicolascoolman.fr/blog =>PUP.EnigmaSoftware
http://www.nicolascoolman.fr/trojan-fuyu/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog =>Adware.AgentODR
http://www.nicolascoolman.fr/blog =>Adware.GamesDesktop
http://www.nicolascoolman.fr/blog =>PUP.CrossBrowse
http://www.nicolascoolman.fr/pup-mediaget/ =>PUP.MediaGet
http://www.nicolascoolman.fr/blog =>PUP.ASPackage
http://www.nicolascoolman.fr/blog =>PUP.TomorrowGames
http://www.nicolascoolman.fr/blog =>PUP.BidailySync
http://www.nicolascoolman.fr/blog =>Adware.Graftor
http://www.nicolascoolman.fr/blog =>PUP.Taplika
http://www.nicolascoolman.fr/blog =>PUP.Optional
http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Wajam
http://www.nicolascoolman.fr/blog =>PUP.SimplyTech
http://www.nicolascoolman.fr/blog =>PUP.SystemNotifier
http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.AgenceExclusive
http://www.nicolascoolman.fr/blog =>PUP.MiuiTab
http://www.nicolascoolman.fr/blog =>Adware.GoodGameEmpire
http://www.nicolascoolman.fr/blog =>PUP.BubbleSound
http://www.nicolascoolman.fr/rogue-pcspeedmaximizer/ =>PUP.PCSpeedMaximizer
http://www.nicolascoolman.fr/blog =>PUP.UnicoBrowser
http://www.nicolascoolman.fr/blog =>PUP.Nosibay
http://www.nicolascoolman.fr/pup-sweetim/ =>PUP.SweetIM
http://www.nicolascoolman.fr/adware-imbooster/ =>Adware.IMBooster
http://www.nicolascoolman.fr/pup-cacaoweb/ =>PUP.CacaoWeb
http://www.nicolascoolman.fr/hijacker-torntv/ =>Hijacker.TornTV
http://www.nicolascoolman.fr/pup-acerace2/ =>PUP.AceRace
http://www.nicolascoolman.fr/blog =>PUP.DllFilesFixer
http://www.nicolascoolman.fr/blog =>PUP.Linkury
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.GlobalUpdate
http://www.nicolascoolman.fr/rogue-pcspeedup/ =>PUP.PCSpeedUp

~ End of the scan, 49720 items in 105 seconds (1406)(0)()

Publicité


Signaler le contenu de ce document

Publicité