cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.23.100 Par Nicolas Coolman (2015/07/22)
~ Démarré par hp (Administrator) (2015/07/24 01:45:06)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\hp\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\hp\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
~ Windows 8, 64-bit (Build 9200)

---\\ Navigateurs Internet (1) - 0s
MSIE: Internet Explorer v10.0.9200.17413

---\\ Informations sur les produits Windows (4) - 5s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Demand)
Windows Activation Technologies : OK

---\\ Logiciels de protection (1) - 2s
Avast Internet Security v10.2.2218

---\\ Logiciels de protection et autres (Superflus) (1) - 2s
McAfee Security Scan Plus v3.11.149.2

---\\ Logiciels d'optimisation (1) - 2s
CCleaner v5.08

---\\ Surveillance de Logiciels (2) - 2s
Adobe Flash Player 18 NPAPI
Adobe Acrobat Reader DC

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4090.216 MB (57% free)
~ System Restore: Activé (Enable)
~ System drive C: has 30 GB free of 99 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: PC
~ User Name: hp
~ Logged in as Administrator

---\\ Enumération des unités disques (3) - 0s
~ Drive C: has 30 GB free of 99 GB (System)
~ Drive D: has 57 GB free of 99 GB
~ Drive E: has 51 GB free of 276 GB

---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2391280]
[MD5.3A6209AC494296C24C2065CB4392B5F4] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [51712]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [132608]
[MD5.322200890E01D1747657C7A59590FF4A] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2237440]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.65AA2DE8787146679BB8A7D14BFFB6A3] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [18944]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [145920]
[MD5.6BA2A5D1C74E7CB3AFAF301A7E5D9E44] - (.Microsoft Corporation - Minirdr SMB Windows NT.) () -- C:\Windows\System32\drivers\MRxSmb.sys [403456]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) () -- C:\Windows\System32\drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [328000]

---\\ Processus lancés (29) - 2s
[MD5.FC179CDBDC350D4FDD739983D42D0F08] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032] [PID.1240]
[MD5.EC7059FE43C74A6281ECC08253B6D5DB] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592] [PID.1260]
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336] [PID.1392]
[MD5.C569E7F268C43D6C9C4D74EE2F06CCD8] - (.Avast Software s.r.o. - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [107448] [PID.1700]
[MD5.D1E343BC00136CE03C4D403194D06A80] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208] [PID.1852]
[MD5.0527D8DE2738B88966F90B5B8CC0708B] - (.AnchorFree Inc. - Hotspot Shield 4.15.3.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1169616] [PID.1132]
[MD5.292DF49003B7F412811E16EC5786253E] - (...) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [589520] [PID.1076]
[MD5.8FEF3CDAFFBB862E0903199AB6A08D55] - (.Copyright © 2013 - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe [37888] [PID.1484] =>PUA.KMSpico
[MD5.BBBE16038D99851E9144557724B0C425] - (.Cinema PlusV11.07 - CinemaP-1.9cV11.07 exe.) -- C:\Program Files (x86)\CinemaP-1.9cV11.07\406ecacf-0395-4406-8ab7-9a8424a50c47-10.exe [1316432] [PID.2492] =>PUP.Optional.CrossRider
[MD5.91A18F5BDDA1ED3E6002A07E27EBA9DC] - (.Cinema PlusV11.07 - CinemaP-1.9cV11.07 exe.) -- C:\Program Files (x86)\CinemaP-1.9cV11.07\406ecacf-0395-4406-8ab7-9a8424a50c47-1-6.exe [1557072] [PID.2832] =>PUP.Optional.CrossRider
[MD5.F3DDA4F205FF7CC08D60EA23019E77C9] - (.Cinema PlusV11.07 - CinemaP-1.9cV11.07 exe.) -- C:\Program Files (x86)\CinemaP-1.9cV11.07\406ecacf-0395-4406-8ab7-9a8424a50c47-6.exe [1353296] [PID.2848] =>PUP.Optional.CrossRider
[MD5.A903E5C565A2677F3960E4AAB7B42280] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056] [PID.3108]
[MD5.EFDC4DC553400BFC8A174C52D13ECBF4] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696] [PID.4288]
[MD5.EC7059FE43C74A6281ECC08253B6D5DB] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592] [PID.4388]
[MD5.4076E418CD3EB0E09FFBCD828C35CE26] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288] [PID.4444]
[MD5.4E668DD3F32EA831EA3DD244514DD51D] - (...) -- C:\Windows\System32\cpuminer-gw64.exe [1418544] [PID.4612]
[MD5.BD0EA5C8A4EF518C46E05F99908A56CE] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [121640] [PID.4696]
[MD5.DC7B578A97F82AAB19906DAEB3693D1C] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3878480] [PID.5020]
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.4152]
[MD5.65C6AA484AD2287D20541C7735989437] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496] [PID.4852]
[MD5.4F9DD96AECDC12373D4203253D665C6D] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896] [PID.4976]
[MD5.BCDED612CA627FF3B77D2669F61A653F] - (.AnchorFree Inc. - Hotspot Shield 4.15.3.) -- C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe [2449616] [PID.5908]
[MD5.B62357FECDE0B4ED437063407E24738C] - (.AnchorFree Inc. - Hotspot Shield 4.15.3.) -- C:\Program Files (x86)\Hotspot Shield\bin\af_proxy_cmd.exe [371920] [PID.4668]
[MD5.8B7EAE18E3EE78E9BA78AC712AAC2725] - (...) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpn.exe [686816] [PID.3972]
[MD5.3832663A335773EE6B78080D3F51817B] - (.AnchorFree Inc. - Hotspot Shield 4.15.3.) -- C:\Program Files (x86)\Hotspot Shield\bin\FBWMgr.exe [575696] [PID.1796]
[MD5.0C43B9C32B54149F2D9B6CA6FE5901D7] - (.AnchorFree Inc. - Hotspot Shield 4.15.3.) -- C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe [1170128] [PID.6328]
[MD5.0C43B9C32B54149F2D9B6CA6FE5901D7] - (.AnchorFree Inc. - Hotspot Shield 4.15.3.) -- C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe [1170128] [PID.3588]
[MD5.0C43B9C32B54149F2D9B6CA6FE5901D7] - (.AnchorFree Inc. - Hotspot Shield 4.15.3.) -- C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe [1170128] [PID.6716]
[MD5.566F5A07C950D52ECB5CEBDAE39DDEC0] - (.Internet Download Manager, Tonec Inc. - Broker for reading of IDM settings.) -- C:\Program Files (x86)\Internet Download Manager\idmBroker.exe [69144] [PID.8896]

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (20) - 1s
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [eofcbnmajmjmplflapaojjnihcjkigck] Avast SafePrice
G2 - GCE: Preference [User Data\Default] [fcfenmboojpjinhpgggodefccipikbpd] Bing
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gclhodkofgoighinmongpkpncdpalejb] VideoCast (VLC/Chromecast)
G2 - GCE: Preference [User Data\Default] [gdefoklganepljiopdnglodohlgfikkl] gdefoklganepljiopdnglodohlgfikkl
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [gkakfimgbmogkpmjokgnbbanmmemcdij] Follow
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security
G2 - GCE: Preference [User Data\Default] [jeaohhlajejodfjadcponpnjgkiikocn] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [klbibkeccnjlkjkiokjodocebajanakg] The Great Suspender
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [lkadffjmnaiokkdncgdlecdegajoiemi] Bleaner
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (6) - 1s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.51.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.51.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.1] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (16) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ar.yahoo.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ar.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ar.search.yahoo.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://ar.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ar.search.yahoo.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://ar.search.yahoo.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (2) - 0s
0
~ Le fichier hôte est sain (The hosts file is clean) (23)

---\\ Browser Helper Object de navigateur (BHO) (O2) (5) - 1s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
O2 - BHO: (no name) [64Bits] - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} (Orphean)
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (Orphean)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Avast Software s.r.o. - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O2 - BHO: (no name) [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean)

---\\ Internet Explorer Toolbars (O3) (1) - 0s
O3 - Toolbar: (no name) - [HKLM]{FEEEB9C2-E466-4A83-876C-6FD2DDF1A3D1} (Orphean) (.not file.)

---\\ Applications lancées au démarrage du sytème (O4) (22) - 1s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [gpuminer] . (...) -- C:\Users\hp\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
O4 - HKLM\..\Run: [cpuminer] . (...) -- C:\Windows\system32\cpuminer-gw64.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_524DA4ADC166382907FB595A75849B9C] . (.The Chromium Authors - Chromium.) -- C:\Users\hp\AppData\Local\Chromium\Application\chrome.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\hp\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKUS\S-1-5-21-1566245659-2758304020-2251461123-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-1566245659-2758304020-2251461123-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-1566245659-2758304020-2251461123-1001\..\Run: [GoogleChromeAutoLaunch_524DA4ADC166382907FB595A75849B9C] . (.The Chromium Authors - Chromium.) -- C:\Users\hp\AppData\Local\Chromium\Application\chrome.exe
O4 - HKUS\S-1-5-21-1566245659-2758304020-2251461123-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1566245659-2758304020-2251461123-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\hp\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKUS\S-1-5-21-1566245659-2758304020-2251461123-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe

---\\ Modification Domaine/Adresses DNS (O17) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8

---\\ Liste des services NT non Microsoft et non désactivés (O23) (11) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) . (.Avast Software s.r.o. - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Hotspot Shield Service (hshld) . (.AnchorFree Inc. - Hotspot Shield 4.15.3.) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\system32\igfxCUIService.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: Service KMSELDI (Service KMSELDI) . (.Copyright © 2013 - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

---\\ Tâches planifiées en automatique (O39) (24) - 2s
O39 - APT: - (...) -- C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-1-6.job [3132] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-1-7.job [3132] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-10_user.job [2106] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-3.job [4152] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-5.job [2440] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-5_user.job [2440] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-6.job [5512] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-7.job [5176] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: - (...) -- C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-1-6 [6136] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-1-7 [6136] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-10_user [5088] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-3 [7156] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-5 [5444] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-5_user [5422] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-6 [8516] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-7 [8180] =>PUP.Optional.CrossRider
O39 - APT: - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886]
O39 - APT: - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3890]
O39 - APT: - (...) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-pc-hp [3484]
O39 - APT: - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182]
O39 - APT: - (...) -- C:\Windows\System32\Tasks\avastBCLRestart_chrome.exe [3190]
O39 - APT: - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2772]
O39 - APT: - (...) -- C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for pc-hp pc [5018]

---\\ Logiciels installés (O42) (62) - 11s
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: KMSpico 4.1 - (...) [HKLM][64Bits] -- KMSpico v4.1_is1 =>PUA.KMSpico
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: Virtual Audio Cable 4.14 - (...) [HKLM][64Bits] -- Virtual Audio Cable 4.14
O42 - Logiciel: WinRAR 5.21 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: MPC-HC 1.7.8 (64-bit) - (.MPC-HC Team.) [HKLM][64Bits] -- {2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-040C-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-040C-1000-0000000FF1CE}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{DD51BA84-F589-4939-B5FE-5538B3DCC12E}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: AV Video Karaoke Maker - (.AVSOFT Corporation.) [HKLM][64Bits] -- AV Video Karaoke Maker
O42 - Logiciel: Avast Internet Security - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: Car Mechanic Simulator 2015 - (...) [HKLM][64Bits] -- Car Mechanic Simulator 2015_is1
O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: CinemaP-1.9cV11.07 - (.Cinema PlusV11.07.) [HKLM][64Bits] -- CinemaP-1.9cV11.07 =>PUP.Optional.CrossRider
O42 - Logiciel: FormatFactory 3.5.0.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Hotspot Shield 4.15.3 - (.AnchorFree Inc..) [HKLM][64Bits] -- HotspotShield
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager
O42 - Logiciel: L&H TTS3000 British English - (...) [HKLM][64Bits] -- LHTTSENG
O42 - Logiciel: L&H TTS3000 Español - (...) [HKLM][64Bits] -- LHTTSSPE
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO
O42 - Logiciel: SmartsysSoft Business Card Maker v3.00 - (.Friends in War.) [HKLM][64Bits] -- SmartsysSoft Business Card Maker v3.003.00
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer
O42 - Logiciel: TextAloud 3.0 - (.NextUp.com.) [HKLM][64Bits] -- TextAloud3_is1
O42 - Logiciel: The Logo Creator v6 6.0 - (.Laughingbird Software.) [HKLM][64Bits] -- The Logo Creator v6
O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1
O42 - Logiciel: VLC media player 2.1.1 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: BusinessCards MX - (.MOJOSOFT.) [HKLM][64Bits] -- {0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Java 8 Update 51 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218051F0}
O42 - Logiciel: Aurora 3D Text & Logo Maker version 12.09.26 - (.Aurora3D Software.) [HKLM][64Bits] -- {4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1
O42 - Logiciel: Adobe Illustrator CC 2015 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5680D629-B263-49CC-821E-3CEBD4507B51}
O42 - Logiciel: calibre - (.Kovid Goyal.) [HKLM][64Bits] -- {5A119A69-9ACD-4287-97FB-1EC30DE71459}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}
O42 - Logiciel: TypingMaster Pro - (.TypingMaster Inc.) [HKLM][64Bits] -- {98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824147215}
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100}
O42 - Logiciel: Adobe Help Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AF37176A-78CA-545B-34EF-8B6A21514DD1}
O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A}
O42 - Logiciel: Chromium - (.Chromium.) [HKCU][64Bits] -- Chromium
O42 - Logiciel: Popcorn Time - (.Popcorn Official.) [HKCU][64Bits] -- Popcorn Time
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent

---\\ HKCU & HKLM Software Keys (111) - 11s
HKLM\SOFTWARE\Wow6432Node\09d66346-d78a-4d66-a423-b1cdbeb323ff =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\AviSynth
HKLM\SOFTWARE\Wow6432Node\Avnex
HKLM\SOFTWARE\Wow6432Node\calibre
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV11.07 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV11.07-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV11.07-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\HotspotShield
HKLM\SOFTWARE\Wow6432Node\IHProtect =>PUP.Optional.AgentODR
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\L&H
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NextUpTech
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SupDp =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\supTab =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\Synaptics
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\TypingMaster Inc
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Voice
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WordAnchor_1.10.0.20 =>PUP.Optional.WordAnchor
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\Andrew Zhezherun
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AudioBookCreator.com
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Avnex
HKCU\SOFTWARE\BellCraft.com
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\calibre
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaP-1.9cV11.07 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV11.07-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV11.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Microsof
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NextUpTech
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Qualitica
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Red Dot Games
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SmartsysSoft
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) (180) - 12s
O43 - CFD: 2015/07/12 20:39:43 - [] D -- C:\Program Files (x86)\1-click run
O43 - CFD: 2015/07/11 15:21:33 - [] D -- C:\Program Files (x86)\99857539-d22b-4f6b-8e29-fba8bd2627e1 =>PUP.Optional.CrossRider
O43 - CFD: 2015/06/09 13:44:09 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/07/11 15:58:00 - [] D -- C:\Program Files (x86)\APP
O43 - CFD: 2015/07/21 12:06:31 - [] D -- C:\Program Files (x86)\Aurora3D
O43 - CFD: 2015/07/13 03:04:18 - [] D -- C:\Program Files (x86)\AV Video Karaoke Maker
O43 - CFD: 2015/07/11 15:21:34 - [] D -- C:\Program Files (x86)\Calibre2
O43 - CFD: 2015/07/11 15:22:33 - [] D -- C:\Program Files (x86)\CinemaP-1.9cV11.07 =>PUP.Optional.CrossRider
O43 - CFD: 2015/07/23 19:57:12 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/06/07 08:23:57 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 2015/07/11 15:21:01 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/07/24 01:41:37 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/07/23 10:44:54 - [] D -- C:\Program Files (x86)\Hotspot Shield
O43 - CFD: 2015/06/01 20:48:28 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/05/30 20:46:09 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/07/02 10:46:07 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2015/07/20 00:05:35 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/07/23 19:57:26 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2015/06/01 14:39:40 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2015/06/01 14:39:35 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/06/01 14:42:39 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2015/06/09 12:17:43 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/07/13 02:13:23 - [] D -- C:\Program Files (x86)\mojosoft
O43 - CFD: 2015/06/10 13:47:42 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/06/25 22:28:18 - [] D -- C:\Program Files (x86)\Notepad++
O43 - CFD: 2015/06/24 08:07:49 - [] D -- C:\Program Files (x86)\Pro Evolution Soccer 2015
O43 - CFD: 2015/06/22 16:30:23 - [] D -- C:\Program Files (x86)\R.G. Mechanics
O43 - CFD: 2015/06/01 20:48:28 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2015/07/19 17:19:12 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/06/27 23:01:31 - [] D -- C:\Program Files (x86)\Sonic & All-Stars Racing Transformed
O43 - CFD: 2015/07/10 23:19:00 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2015/06/01 20:50:41 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2015/07/11 00:14:46 - [] D -- C:\Program Files (x86)\TextAloud
O43 - CFD: 2015/07/21 12:16:08 - [] D -- C:\Program Files (x86)\The Logo Creator v6
O43 - CFD: 2015/07/21 13:23:59 - [] D -- C:\Program Files (x86)\The Logo Creator v6.8
O43 - CFD: 2015/07/05 00:51:35 - [] RD -- C:\Program Files (x86)\TypingMaster
O43 - CFD: 2015/05/30 21:10:40 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/06/09 14:56:20 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2012/07/26 12:08:59 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/06/11 17:55:24 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2012/07/26 10:12:59 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2015/06/09 14:51:05 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2012/07/26 10:12:59 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/07/23 18:49:12 - [] D -- C:\Program Files (x86)\WordAnchor_1.10.0.20 =>PUP.Optional.WordAnchor
O43 - CFD: 2012/07/26 10:13:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/06/09 14:54:27 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/19 15:40:45 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/21 12:06:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora 3D Text & Logo Maker
O43 - CFD: 2015/06/30 18:39:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 2015/07/23 18:52:06 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Best Popup Killer
O43 - CFD: 2015/07/02 10:41:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
O43 - CFD: 2015/06/29 11:52:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Car Mechanic Simulator 2015
O43 - CFD: 2015/07/23 00:05:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
O43 - CFD: 2015/05/31 14:50:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/06/25 18:32:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/06/27 13:19:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/21 14:47:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 2015/07/18 03:50:25 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/06/03 13:22:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
O43 - CFD: 2015/06/01 20:49:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 2015/06/25 22:28:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/06/02 14:01:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2015/06/03 18:22:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/06/27 23:01:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic & All-Stars Racing Transformed
O43 - CFD: 2015/07/21 14:47:47 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/06/11 17:55:59 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2012/07/26 12:11:33 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/21 12:16:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Logo Creator v6
O43 - CFD: 2015/07/21 13:23:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Logo Creator v6.8
O43 - CFD: 2015/07/05 00:51:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TypingMaster
O43 - CFD: 2015/05/30 21:10:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/07/13 03:38:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
O43 - CFD: 2015/05/30 23:21:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/06/09 15:18:33 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/07/23 15:27:50 - [0] D -- C:\ProgramData\ALM
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/05/31 15:18:44 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 2015/06/07 08:24:36 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2015/06/30 18:04:41 - [] D -- C:\ProgramData\Broderbund
O43 - CFD: 2015/05/30 19:40:36 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/07/23 00:06:27 - [] D -- C:\ProgramData\Hotspot Shield
O43 - CFD: 2015/05/31 14:50:11 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2015/07/10 23:29:27 - [] D -- C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR
O43 - CFD: 2015/07/15 14:02:51 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2015/06/03 08:00:22 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2015/07/21 14:47:46 - [] D -- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2015/05/30 19:40:36 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2015/06/09 14:56:24 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/07/18 03:50:09 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/05/30 19:40:36 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2015/07/11 00:04:17 - [] D -- C:\ProgramData\NextUp
O43 - CFD: 2015/07/23 19:57:37 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/07/23 15:24:54 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/05/30 19:42:02 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 2015/07/19 23:40:39 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/06/01 14:42:17 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/07/19 17:18:42 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/07/15 14:02:46 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2015/06/25 18:33:07 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/23 15:22:27 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/06/01 14:32:03 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2015/07/19 15:02:38 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/05/30 20:46:04 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/07/23 19:57:12 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2015/07/10 23:45:47 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/06/03 18:22:52 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2012/07/26 12:08:59 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/07/23 18:53:18 - [] D -- C:\Users\hp\AppData\Roaming\Adobe
O43 - CFD: 2015/05/31 15:20:17 - [] D -- C:\Users\hp\AppData\Roaming\AVAST Software
O43 - CFD: 2015/07/11 00:26:09 - [] D -- C:\Users\hp\AppData\Roaming\BellCraft.com
O43 - CFD: 2015/06/30 18:04:41 - [] D -- C:\Users\hp\AppData\Roaming\Broderbund
O43 - CFD: 2015/07/02 11:33:38 - [] D -- C:\Users\hp\AppData\Roaming\calibre
O43 - CFD: 2015/07/21 13:24:07 - [] D -- C:\Users\hp\AppData\Roaming\com.laughingbirdsoftware.TLC6
O43 - CFD: 2015/07/19 23:00:09 - [] D -- C:\Users\hp\AppData\Roaming\cpuminer
O43 - CFD: 2015/07/20 19:43:01 - [] D -- C:\Users\hp\AppData\Roaming\DMCache
O43 - CFD: 2015/07/23 00:05:08 - [] D -- C:\Users\hp\AppData\Roaming\Hotspot Shield
O43 - CFD: 2015/07/24 01:44:42 - [] D -- C:\Users\hp\AppData\Roaming\IDM
O43 - CFD: 2015/05/30 21:12:39 - [] D -- C:\Users\hp\AppData\Roaming\Macromedia
O43 - CFD: 2015/07/16 23:48:48 - [] SD -- C:\Users\hp\AppData\Roaming\Microsoft
O43 - CFD: 2015/07/13 02:13:23 - [] D -- C:\Users\hp\AppData\Roaming\mojosoft
O43 - CFD: 2015/07/23 18:45:06 - [0] D -- C:\Users\hp\AppData\Roaming\MPC-HC
O43 - CFD: 2015/06/30 12:14:19 - [] D -- C:\Users\hp\AppData\Roaming\Notepad++
O43 - CFD: 2015/07/16 18:31:45 - [] D -- C:\Users\hp\AppData\Roaming\oald8
O43 - CFD: 2015/06/02 14:02:39 - [] D -- C:\Users\hp\AppData\Roaming\PowerISO
O43 - CFD: 2015/07/23 18:45:02 - [] D -- C:\Users\hp\AppData\Roaming\Skype
O43 - CFD: 2015/05/31 19:32:15 - [] D -- C:\Users\hp\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 2015/06/29 12:08:47 - [] D -- C:\Users\hp\AppData\Roaming\Steam
O43 - CFD: 2015/07/23 18:45:08 - [] D -- C:\Users\hp\AppData\Roaming\TeamViewer
O43 - CFD: 2015/07/15 13:19:04 - [] D -- C:\Users\hp\AppData\Roaming\TypingMaster7
O43 - CFD: 2015/07/24 00:44:45 - [] D -- C:\Users\hp\AppData\Roaming\uTorrent
O43 - CFD: 2015/07/21 15:03:05 - [] D -- C:\Users\hp\AppData\Roaming\vlc
O43 - CFD: 2015/05/30 23:21:22 - [] D -- C:\Users\hp\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/24 01:45:24 - [] D -- C:\Users\hp\AppData\Roaming\ZHP
O43 - CFD: 2015/07/23 02:00:12 - [] D -- C:\Users\hp\AppData\Local\Adobe
O43 - CFD: 2015/05/30 19:41:52 - [0] SHD -- C:\Users\hp\AppData\Local\Application Data
O43 - CFD: 2015/07/02 10:42:15 - [0] D -- C:\Users\hp\AppData\Local\calibre-cache
O43 - CFD: 2015/07/19 15:35:39 - [] D -- C:\Users\hp\AppData\Local\CEF
O43 - CFD: 2015/06/02 14:04:18 - [] D -- C:\Users\hp\AppData\Local\Chromium
O43 - CFD: 2015/07/21 12:06:59 - [] D -- C:\Users\hp\AppData\Local\Configure
O43 - CFD: 2015/07/20 12:51:50 - [] D -- C:\Users\hp\AppData\Local\Diagnostics
O43 - CFD: 2015/07/20 12:51:52 - [0] D -- C:\Users\hp\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/07/11 15:21:00 - [] D -- C:\Users\hp\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/05/30 19:56:39 - [] D -- C:\Users\hp\AppData\Local\Google
O43 - CFD: 2015/05/30 19:41:52 - [0] SHD -- C:\Users\hp\AppData\Local\Historique
O43 - CFD: 2015/07/21 12:06:58 - [] D -- C:\Users\hp\AppData\Local\Maker3D
O43 - CFD: 2015/07/16 23:48:48 - [] D -- C:\Users\hp\AppData\Local\Microsoft
O43 - CFD: 2015/06/01 14:39:37 - [0] D -- C:\Users\hp\AppData\Local\Microsoft Help
O43 - CFD: 2015/07/11 00:04:28 - [] D -- C:\Users\hp\AppData\Local\NextUp
O43 - CFD: 2015/07/16 18:31:42 - [] D -- C:\Users\hp\AppData\Local\oald8
O43 - CFD: 2015/06/27 13:21:03 - [] D -- C:\Users\hp\AppData\Local\Packages
O43 - CFD: 2015/07/10 05:47:28 - [] D -- C:\Users\hp\AppData\Local\Popcorn Time
O43 - CFD: 2015/07/23 03:13:13 - [] D -- C:\Users\hp\AppData\Local\Popcorn-Time
O43 - CFD: 2015/06/03 13:15:35 - [] D -- C:\Users\hp\AppData\Local\Programs
O43 - CFD: 2015/06/03 18:23:01 - [] D -- C:\Users\hp\AppData\Local\Skype
O43 - CFD: 2015/07/24 01:45:26 - [] D -- C:\Users\hp\AppData\Local\Temp
O43 - CFD: 2015/05/30 19:41:52 - [0] SHD -- C:\Users\hp\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/07/10 23:01:18 - [] D -- C:\Users\hp\AppData\Local\VirtualStore
O43 - CFD: 2015/07/12 20:40:32 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/09 15:06:41 - [] RD -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/13 03:04:15 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AV Video Karaoke Maker
O43 - CFD: 2015/07/13 02:13:40 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BusinessCards MX
O43 - CFD: 2015/06/07 08:24:26 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/05/31 14:50:09 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2012/07/26 10:13:00 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/25 22:28:17 - [0] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/07/10 05:47:30 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
O43 - CFD: 2015/07/12 20:40:32 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
O43 - CFD: 2015/06/09 15:06:41 - [] RD -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/05/30 23:21:13 - [] D -- C:\Users\hp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Liste des pilotes du système (SDL) (O58) (59) - 8s
O58 - SDL:2012/07/26 07:00:49 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [106736]
O58 - SDL:2012/07/26 07:00:49 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [492272]
O58 - SDL:2012/07/26 07:00:48 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [340720]
O58 - SDL:2012/07/26 07:00:49 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [184048]
O58 - SDL:2012/07/26 07:00:49 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [76016]
O58 - SDL:2012/07/26 07:00:49 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [258288]
O58 - SDL:2012/07/26 07:00:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [26352]
O58 - SDL:2012/07/26 07:00:49 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [104688]
O58 - SDL:2012/07/26 07:00:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [108272]
O58 - SDL:2015/06/25 12:08:32 A . (...) -- C:\Windows\System32\drivers\aswHwid.sys [29168]
O58 - SDL:2015/06/25 12:08:01 A . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\drivers\aswKbd.sys [28144]
O58 - SDL:2015/06/25 12:08:32 A . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [89944]
O58 - SDL:2015/06/30 18:39:12 A . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [449896]
O58 - SDL:2015/06/25 12:08:31 A . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528]
O58 - SDL:2015/06/25 12:08:32 A . (...) -- C:\Windows\System32\drivers\aswRvrt.sys [65736]
O58 - SDL:2015/06/25 12:08:02 A . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [1047320]
O58 - SDL:2015/06/26 15:19:44 A . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [442264]
O58 - SDL:2015/06/25 12:08:33 A . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [137288]
O58 - SDL:2015/06/25 12:08:32 A . (...) -- C:\Windows\System32\drivers\aswVmm.sys [272248]
O58 - SDL:2014/06/22 20:54:54 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athw8x.sys [3978752]
O58 - SDL:2012/09/20 09:55:24 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [533224]
O58 - SDL:2012/09/20 09:55:27 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3265256]
O58 - SDL:2012/07/26 07:00:52 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64752]
O58 - SDL:2014/05/17 04:35:04 A . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\drivers\hssdrv6.sys [44744]
O58 - SDL:2012/07/26 07:00:52 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [411888]
O58 - SDL:2014/06/09 10:41:00 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [180136]
O58 - SDL:2014/10/01 19:54:16 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [3828152]
O58 - SDL:2012/07/26 07:00:52 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [45296]
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [108784]
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [92400]
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [116976]
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [81136]
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51952]
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [353008]
O58 - SDL:2012/07/26 07:00:55 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [64240]
O58 - SDL:2012/07/26 07:00:55 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [52464]
O58 - SDL:2012/07/26 07:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150256]
O58 - SDL:2012/07/26 07:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168176]
O58 - SDL:2012/06/02 16:31:56 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [589824]
O58 - SDL:2014/09/02 20:10:04 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4264536]
O58 - SDL:2014/11/06 18:07:10 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsP2Stor.sys [294104]
O58 - SDL:2015/04/08 04:01:26 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [127760]
O58 - SDL:2012/07/26 10:11:43 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2012/07/26 07:00:55 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44784]
O58 - SDL:2012/07/26 07:00:56 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81648]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [108800]
O58 - SDL:2014/01/22 08:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [206080]
O58 - SDL:2014/01/22 08:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile OBEX Device Driver (MSS.) -- C:\Windows\System32\drivers\ssudobex.sys [206080]
O58 - SDL:2014/01/22 08:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (M.) -- C:\Windows\System32\drivers\ssudserd.sys [206080]
O58 - SDL:2012/07/26 07:00:55 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [30960]
O58 - SDL:2011/10/14 04:37:44 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [396848]
O58 - SDL:2013/08/22 14:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664]
O58 - SDL:2014/05/17 02:42:36 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184]
O58 - SDL:2014/10/10 10:37:16 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [129312]
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19184]
O58 - SDL:2015/07/13 03:38:22 A . (.Eugene V. Muzychenko - Kernel-mode WDM driver.) -- C:\Windows\System32\drivers\vrtaucbl.sys [110368]
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [164080]
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [322800]
O58 - SDL:2013/08/06 14:33:30 A . (.Hewlett-Packard Development Company, L.P. - HP Wireless Button Driver.) -- C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (9) - 23s
O61 - LFC: 2015/07/23 18:41:51 A . (.Setup Factory is a trademark of Indigo Rose Corporati.) -- C:\Users\hp\Downloads\BestPopupKillerSetup.exe [1539576]
O61 - LFC: 2015/07/23 00:04:52 A . (..) -- C:\Users\hp\Downloads\HSS-3.42-install-plain-716-plain.exe [7774048]
O61 - LFC: 2015/07/21 15:57:09 A . (..) -- C:\Users\hp\Documents\KONAMI\Pro Evolution Soccer 2015\save\CL 01.bin [6085332]
O61 - LFC: 2015/07/18 15:11:04 A . (..) -- C:\Users\hp\Documents\KONAMI\Pro Evolution Soccer 2015\save\EDIT.bin [5812044]
O61 - LFC: 2015/07/21 15:57:39 A . (..) -- C:\Users\hp\Documents\KONAMI\Pro Evolution Soccer 2015\save\SYSTEM.bin [136577]
O61 - LFC: 2015/07/23 19:54:34 A . (.Oracle Corporation.) -- C:\Users\hp\AppData\Local\Temp\jre-8u51-windows-au.exe [563808]
O61 - LFC: 2015/07/24 00:43:42 A . (..) -- C:\Users\hp\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/18 16:17:03 A . (..) -- C:\Users\hp\AppData\Local\Chromium\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/21 16:00:21 A . (..) -- C:\Users\hp\AppData\Local\Adobe\Acrobat\DC\UserCache.bin [99506]

---\\ Associations Shell Spawning (O67) (1) - 0s
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe

---\\ Menu de démarrage Internet (SMI) (O68) (4) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (7) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.sweet-page.com/ =>PUP.Optional.SweetPage
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (sweet-page) - http://www.sweet-page.com/ =>PUP.Optional.SweetPage
O69 - SBI: SearchScopes [HKCU] {6C64B16C-808A-490B-8916-4D5BBCED4D33} - (Search Provided by Yahoo) - http://www.sweet-page.com/ =>PUP.Optional.SweetPage
O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} [DefaultScope] - (Yahoo! (Avast)) - http://ar.search.yahoo.com/
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.sweet-page.com/ =>PUP.Optional.SweetPage

---\\ Enumère les services démarrés par Svchost (SSS) (O83) (35) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [204288]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [305664]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1160192]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [3286016]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1287680]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\system32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [187392]

---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (19) - 3s
O87 - FAEL: "{F05E689B-8C8E-4697-A97C-F96A800E4453}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{BAF5379F-005D-4687-A59F-9A8CA5E36779}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{C6A5F91B-5F8B-419D-8CF7-7DF68665C344}C:\users\hp\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P6-TRUE] .(...) -- C:\users\hp\appdata\local\popcorn time\node-webkit\popcorn time.exe
O87 - FAEL: "UDP Query User{9F3617FA-F37C-4302-807D-2FBFD93E7D52}C:\users\hp\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P17-TRUE] .(...) -- C:\users\hp\appdata\local\popcorn time\node-webkit\popcorn time.exe
O87 - FAEL: "{78012B25-D061-4599-93FA-18DEC7E24C57}" [In-None-P17-TRUE] .(.The Chromium Authors - Chromium.) -- C:\Users\hp\AppData\Local\Chromium\Application\chrome.exe
O87 - FAEL: "TCP Query User{377E4B96-BC63-4ABC-9619-FB0A01AD916F}C:\users\hp\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P6-TRUE] .(...) -- C:\users\hp\appdata\local\popcorn time\node-webkit\popcorn time.exe
O87 - FAEL: "UDP Query User{9BDE97DC-BB75-4F58-91B7-E639B34FAFA5}C:\users\hp\appdata\local\popcorn time\node-webkit\popcorn time.exe" [In-None-P17-TRUE] .(...) -- C:\users\hp\appdata\local\popcorn time\node-webkit\popcorn time.exe
O87 - FAEL: "{55D85BF0-5FBD-4BAF-A2FD-1B0874234C0C}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{887B0602-2EF0-429E-9987-6A1FA8FD9E02}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer.exe
O87 - FAEL: "{818EE13A-55F8-46DE-A47E-DF8C7C664FB2}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{ED944236-F414-4AE6-9B93-6F2046C5A3AD}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "TCP Query User{41231241-8318-4F98-895A-B440708472AC}C:\users\hp\appdata\local\popcorn time\nw.exe" [In-None-P6-TRUE] .(...) -- C:\users\hp\appdata\local\popcorn time\nw.exe
O87 - FAEL: "UDP Query User{923C2812-7D98-4162-8D46-0B9774774928}C:\users\hp\appdata\local\popcorn time\nw.exe" [In-None-P17-TRUE] .(...) -- C:\users\hp\appdata\local\popcorn time\nw.exe
O87 - FAEL: "TCP Query User{EC405D48-EFB3-475F-B963-F01950954D81}D:\installed\pro evolution soccer 2015\pes2015.exe" [In-None-P6-TRUE] .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2015.) -- D:\installed\pro evolution soccer 2015\pes2015.exe
O87 - FAEL: "UDP Query User{8A7412CB-FE6A-480B-A745-CC0AF39BAD7C}D:\installed\pro evolution soccer 2015\pes2015.exe" [In-None-P17-TRUE] .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2015.) -- D:\installed\pro evolution soccer 2015\pes2015.exe
O87 - FAEL: "TCP Query User{186C16A7-86AB-4E5C-BC2B-AB696A93F2D0}C:\program files (x86)\pro evolution soccer 2015\pes2015.exe" [In-None-P6-TRUE] .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2015.) -- C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
O87 - FAEL: "UDP Query User{975DB940-6AB4-40DA-8A3B-D1D7DF18E15F}C:\program files (x86)\pro evolution soccer 2015\pes2015.exe" [In-None-P17-TRUE] .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2015.) -- C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
O87 - FAEL: "TCP Query User{D5C2C6B4-88B9-4082-8D05-8665EC2592D5}C:\program files (x86)\pro evolution soccer 2015\pes2015.exe" [In-None-P6-TRUE] .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2015.) -- C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
O87 - FAEL: "UDP Query User{8902A8E5-AB89-41B2-AB91-7CB8B6593BA8}C:\program files (x86)\pro evolution soccer 2015\pes2015.exe" [In-None-P17-TRUE] .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2015.) -- C:\program files (x86)\pro evolution soccer 2015\pes2015.exe

---\\ Scan Additionnel (O88) (53) - 0s
C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
C:\Program Files (x86)\CinemaP-1.9cV11.07\406ecacf-0395-4406-8ab7-9a8424a50c47-10.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV11.07\406ecacf-0395-4406-8ab7-9a8424a50c47-1-6.exe =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV11.07\406ecacf-0395-4406-8ab7-9a8424a50c47-6.exe =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>PUA.KMSpico
C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-1-6.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-1-7.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-10_user.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-3.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-5.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-5_user.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-6.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-7.job =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-1-6 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-1-7 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-10_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-3 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-5 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-5_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-6 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\406ecacf-0395-4406-8ab7-9a8424a50c47-7 =>PUP.Optional.CrossRider
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico v4.1_is1 =>PUA.KMSpico
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV11.07 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV11.07 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV11.07-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.9cV11.07-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\IHProtect =>PUP.Optional.AgentODR
HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Wow6432Node\SupDp =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\supTab =>PUP.Optional.SupTab
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\WordAnchor_1.10.0.20 =>PUP.Optional.WordAnchor
HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV11.07 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV11.07-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV11.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider =>PUP.Optional.CrossRider
C:\Program Files (x86)\99857539-d22b-4f6b-8e29-fba8bd2627e1 =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.9cV11.07 =>PUP.Optional.CrossRider
C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files (x86)\WordAnchor_1.10.0.20 =>PUP.Optional.WordAnchor
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR
C:\Users\hp\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate

---\\ Récapitulatif des éléments trouvées sur votre station (9) - 0s
http://www.nicolascoolman.fr/pup-kmspico/ =>PUA.KMSpico
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/blog =>PUP.Optional.AgentODR
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab
http://www.nicolascoolman.fr/pup-sweetpage/ =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/pup-wordanchor/ =>PUP.Optional.WordAnchor
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore

~ End of the scan, 28612 items in 124 seconds (787)(0)()

Publicité


Signaler le contenu de ce document

Publicité