cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.8.5.111 Par Nicolas Coolman (2015/08/5)
~ Démarré par Laurent (Administrator) (2015/08/06 12:36:16)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\Laurent\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\Laurent\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
~ Windows 8 Pro, 32-bit (Build 9200)

---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v44.0.2403.130
MSIE: Internet Explorer v10.0.9200.17413

---\\ Informations sur les produits Windows (4) - 5s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Demand)
Windows Activation Technologies : OK

---\\ Surveillance de Logiciels (1) - 6s
Adobe Flash Player 18 NPAPI

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 15 Model 107 Stepping 2, AuthenticAMD
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2096.436 MB (49% free)
~ System Restore: Activé (Enable)
~ System drive C: has 20 GB free of 76 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: LAURENT
~ User Name: Laurent
~ Logged in as Administrator

---\\ Enumération des unités disques (3) - 11s
~ Drive C: has 20 GB free of 76 GB (System)
~ Drive D: has 10 GB free of 162 GB
~ Drive E: has GB free of 0 GB

---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.EAFE46B0292D2BD2467835E2ACF717CC] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [2106176]
[MD5.224F6B374852153C8C24BED141AE3A20] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [48640]
[MD5.7109FF769FFF962869C50D720F7AA7D7] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\WINDOWS\System32\Wininit.exe [101376]
[MD5.E0103806C6CD91CFA8696A8A9EB4C822] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\WINDOWS\System32\wininet.dll [1763328]
[MD5.89D6AFD5B257049375008BAA512910EE] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [429056]
[MD5.FAB11E1AC62579A9BE21593319F8E464] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\WINDOWS\System32\sppcomapi.dll [246784]
[MD5.65AA2DE8787146679BB8A7D14BFFB6A3] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [18944]
[MD5.B92C9A8C3CAE22129CC5B4A920B00608] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [439296]
[MD5.48D8C3F2006698691F5AE0BB595FDCC8] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [22768]
[MD5.00B4FA77732C7823D292ECD672660882] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [89088]
[MD5.4E707EC5071DD8F5C29A7410780BD4C3] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [135680]
[MD5.E608E26B536A42B5ACC145D25CB9F2AC] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [92160]
[MD5.6BFEBBA25AD34E5922E60349C721B1DD] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [62464]
[MD5.11EDC37780E8A2F8E311D73F7658A4D7] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [89600]
[MD5.57B0C0D982013C72911A3F5CBA795034] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [126976]
[MD5.60978139E6942772545EAB1BC2DB1393] - (.Microsoft Corporation - Minirdr SMB Windows NT.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [341504]
[MD5.303A053C25E468B9925C22288BEF8484] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [254464]
[MD5.6C816842AC5E2B0E033ED0BD1058E077] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [1618264]
[MD5.8BCE63AF5B52642E832630F862DE96EF] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [90624]
[MD5.6E0649D7325D85C47C844EB3267E4625] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [88064]
[MD5.2CAD2A13569741C67CD9C52F97E0F992] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [156160]
[MD5.0886D9F1B5A5334FBB143A260E4BFB5C] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [97792]
[MD5.BF079843E272759BAE587FB980163293] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [281408]

---\\ Processus lancés (16) - 1s
[MD5.F9E7DC9ECF924163A06EED9944F74F56] - (.Beijing Rising Information Technology Co., Ltd. - RsMgrSvc Application.) -- C:\Program Files\Rising\RSD\RsMgrSvc.exe [179992] [PID.872]
[MD5.28D944CAE5632248D3A546AAF7601160] - (.Beijing Rising Information Technology Co., Ltd. - 瑞星杀毒软件 安全服务核心程序.) -- C:\Program Files\Rising\RAV\ravmond.exe [277552] [PID.940]
[MD5.B316692B0291A16DE76E7DD9A496D778] - (...) -- C:\Program Files\03000200-1428775273-0500-0006-000700080009\knspC178.tmp [376320] [PID.1812] =>PUP.Optional.CrossRider
[MD5.E49A5016A1F5FCF76AD8ABFE4FB5CAB8] - (...) -- C:\Users\Laurent\AppData\Roaming\03000200-1428775273-0500-0006-000700080009\jnsc79EF.tmp [181248] [PID.1300] =>PUP.Optional.CrossRider
[MD5.BEAF0275507F165FBE4C89942CAB3D41] - (...) -- C:\Users\Laurent\AppData\Local\03000200-1428782682-0500-0006-000700080009\cnsd6D37.tmp [162816] [PID.2144] =>PUP.Optional.CrossRider
[MD5.F413662AA2CA5A4C3121A71BBF43BF4A] - (.TuneUp Software - TuneUp Utilities Service.) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896] [PID.2184]
[MD5.300DC0A697E6B9D1F8E517AE503092DB] - (.Word Surfer - Word Surfer Client Service.) -- C:\Program Files\WordSurfer_1.10.0.19\Service\wsasvc.exe [299608] [PID.2232] =>PUP.Optional.WordSurfer
[MD5.11A0BD4849599B558D41972B531BFE18] - (.Goobzo - Update Helper.) -- C:\Program Files\YTDownloader\YTDUpdater.exe [178688] [PID.2288] =>PUP.Optional.YTDownloader
[MD5.4DA638D3082E8402D0CEAD16E00D1B21] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe [1927480] [PID.2960]
[MD5.C6BC0501ACC3F9BA67A9366567D03683] - (.Corporate Inc - winservice86 exe.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6.exe [1408512] [PID.2648] =>PUP.Optional.CrossRider
[MD5.3F19293A52A949CEA9681F5BD2BFA4DD] - (.Corporate Inc - winservice86 exe.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6.exe [1504256] [PID.668] =>PUP.Optional.CrossRider
[MD5.426965FF0434DDFA0D03CAB123636DD7] - (.Corporate Inc - winservice86 exe.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10.exe [1432064] [PID.2572] =>PUP.Optional.CrossRider
[MD5.2203BE296A9C8D252DBF941E4F25F9FD] - (...) -- C:\Users\Laurent\AppData\Local\gmsd_be_005010051\upgmsd_be_005010051.exe [3299984] [PID.4432] =>PUP.Optional.CrossRider
[MD5.066625BA6EBE437A2DD38DC0EF6A289A] - (...) -- C:\Program Files\gmsd_be_005010051\gmsd_be_005010051.exe [3982480] [PID.5404] =>PUP.Optional.CrossRider
[MD5.136EBEBD47C626269EC708F35BC5E253] - (.Beijing Rising Information Technology Co., Ltd. - 瑞星杀毒软件 托盘程序.) -- C:\PROGRAM FILES\Rising\RAV\rstray.exe [111000] [PID.5484]
[MD5.CF90B37D48B83B781A33F9B541FAA226] - (.TuneUp Software - TuneUp Program Deactivator.) -- C:\Program Files\TuneUp Utilities 2013\ProgramDeactivator.exe [323896] [PID.1576]

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (21) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://adplus.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://bd.xingcloud.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://d.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://e.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://f.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://odin.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G0 - GCSP: Preferences [User Data\Default][HomePage] http://xa.xingcloud.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://butterfly.infoswimmer.com/
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gfkbfjcbkhnmiignagpkiijohkcdkffb] Yahoo!
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (12) - 1s
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml =>PUP.Optional.DeltaHomes
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\qone8.xml =>PUP.Optional.Qone8
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\webssearches.xml =>PUP.Optional.WebsSearches
P2 - FPN: [HKCU] [@chicalogic.com/PasswordManager] - (...) -- C:\Program Files\ChicaLogic\Chica Password Manager\npchAutofill.dll
P2 - FPN: [HKCU] [@iqiyi.com/npWebPlayer] - (.pps-webplayer-plugin.) -- C:\IQIYI Video\LStyle\npWebPlayer.dll =>PUP.Optional.IQIYIVideo
P2 - FPN: [HKCU] [@rising.com.cn/nprising] - (.Beijing Rising Information Technology Co., Ltd..) -- C:\Program Files\Rising\RAV\nprising.dll
P2 - FPN: [HKCU] [vasco.com/VascoCardReaderPlugin] - (.VASCO Data Security.) -- C:\Users\Laurent\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@iqiyi.com/npWebPlayer] - (.pps-webplayer-plugin.) -- C:\IQIYI Video\LStyle\npWebPlayer.dll =>PUP.Optional.IQIYIVideo
P2 - FPN: [HKLM] [@rising.com.cn/nprising] - (.Beijing Rising Information Technology Co., Ltd..) -- C:\Program Files\Rising\RAV\nprising.dll
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.Optional.GlobalUpdate

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (11) - 0s
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/ =>PUP.Optional.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/ =>PUP.Optional.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (26)

---\\ Browser Helper Object de navigateur (BHO) (O2) (2) - 0s
O2 - BHO: Rising Web Helper - {14A5E567-034B-471A-89D8-598A6A93B24B} . (.Beijing Rising Information Technology Co., Ltd. - rsscrbho Module.) -- C:\Program Files\Rising\RAV\rsscrbho.dll
O2 - BHO: GoodTab Class - {1F91A9A1-01BA-4c81-863D-3BA0751E1419} . (...) -- C:\Program Files\MiuiTab\SupTab.dll (.not file.) =>PUP.Optional.MiuiTab

---\\ Applications lancées au démarrage du sytème (O4) (23) - 1s
O4 - HKLM\..\Run: [BingDesktop] . (.Microsoft Corp. - Bing Desktop Application.) -- C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (.not file.)
O4 - HKLM\..\Run: [gmsd_be_005010051] . (...) -- C:\Program Files\gmsd_be_005010051\gmsd_be_005010051.exe =>PUP.Optional.CrossRider
O4 - HKLM\..\Run: [RSDTRAY] . (.Beijing Rising Information Technology Co., Ltd. - tray 应用程序.) -- C:\Program Files\Rising\RSD\popwndexe.exe
O4 - HKLM\..\Run: [RavTRAY] . (.Beijing Rising Information Technology Co., Ltd. - 瑞星杀毒软件 托盘程序.) -- C:\Program Files\Rising\RAV\rstray.exe
O4 - HKLM\..\RunOnce: [upgmsd_be_005010051.exe] . (...) -- C:\Users\Laurent\AppData\Local\gmsd_be_005010051\upgmsd_be_005010051.exe =>PUP.Optional.CrossRider
O4 - HKCU\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files\Origin\Origin.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4C0B8624EA365B4F6304B5DF2BBE0388] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\Laurent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
O4 - HKCU\..\Run: [tsiVideo] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe
O4 - HKCU\..\Run: [apphide] . (...) -- C:\Program Files\baidu\baidu.exe
O4 - HKUS\S-1-5-21-1558589277-265320636-2682692885-1001\..\Run: [EADM] . (.Electronic Arts - Origin.) -- C:\Program Files\Origin\Origin.exe
O4 - HKUS\S-1-5-21-1558589277-265320636-2682692885-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-1558589277-265320636-2682692885-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-1558589277-265320636-2682692885-1001\..\Run: [GoogleChromeAutoLaunch_4C0B8624EA365B4F6304B5DF2BBE0388] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-1558589277-265320636-2682692885-1001\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\Laurent\AppData\Local\Dropbox\Update\DropboxUpdate.exe
O4 - HKUS\S-1-5-21-1558589277-265320636-2682692885-1001\..\Run: [tsiVideo] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe
O4 - HKUS\S-1-5-21-1558589277-265320636-2682692885-1001\..\Run: [apphide] . (...) -- C:\Program Files\baidu\baidu.exe

---\\ Modification Domaine/Adresses DNS (O17) (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.129 195.130.131.129
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.129 195.130.131.129

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) (1) - 0s
O20 - AppInit_DLLs: . (...) - c:\users\laurent\appdata\local\dprotect\ebp.dll,c:\users\laurent\appdata\local\dprotect\ebpsd.dll (.not file.)

---\\ Liste des services NT non Microsoft et non désactivés (O23) (16) - 2s
O23 - Service: Share Video Camera (cykomire) . (...) - C:\Program Files\03000200-1428775273-0500-0006-000700080009\knspC178.tmp =>PUP.Optional.CrossRider
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IHProtect Service (IHProtect Service) . (...) - C:\Program Files\MiuiTab\ProtectService.exe (.not file.) =>PUP.Optional.AgentODR
O23 - Service: Repetitive Strain Injury Margin (nogedycy) . (...) - C:\Users\Laurent\AppData\Roaming\03000200-1428775273-0500-0006-000700080009\jnsc79EF.tmp =>PUP.Optional.CrossRider
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 341.4.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: Rsd Service (RsMgrSvc) . (.Beijing Rising Information Technology Co., Ltd. - RsMgrSvc Application.) - C:\Program Files\Rising\RSD\RsMgrSvc.exe
O23 - Service: Rav Service (RsRavMon) . (.Beijing Rising Information Technology Co., Ltd. - 瑞星杀毒软件 安全服务核心程序.) - C:\Program Files\Rising\RAV\ravmond.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Ctrl Log Off (topupete) . (...) - C:\Users\Laurent\AppData\Local\03000200-1428782682-0500-0006-000700080009\cnsd6D37.tmp =>PUP.Optional.CrossRider
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: Word Surfer 1.10.0.19 Client Service (wsasvc_1.10.0.19) . (.Word Surfer - Word Surfer Client Service.) - C:\Program Files\WordSurfer_1.10.0.19\Service\wsasvc.exe =>PUP.Optional.WordSurfer
O23 - Service: (YTDUpdt) . (.Goobzo - Update Helper.) - C:\Program Files\YTDownloader\YTDUpdater.exe =>PUP.Optional.Goobzo

---\\ Tâches planifiées en automatique (O39) (93) - 8s
[MD5.00000000000000000000000000000000] [APT] [3t75CSxq3MBkKsa] (...) -- C:\Users\Laurent\AppData\Roaming\NEzyvOf\qLlYhjk.exe (.not file.) [0]
[MD5.C6BC0501ACC3F9BA67A9366567D03683] [APT] [879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6] (.Corporate Inc.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6.exe [1408512] =>PUP.Optional.CrossRider
[MD5.68A4A222C63EE658050EFA90C47B38BB] [APT] [879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7] (.Corporate Inc.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7.exe [1133568] =>PUP.Optional.CrossRider
[MD5.426965FF0434DDFA0D03CAB123636DD7] [APT] [879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10_user] (.Corporate Inc.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10.exe [1432064] =>PUP.Optional.CrossRider
[MD5.6DD33EFBA1A80FA9F29910AC48E80252] [APT] [879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5] (.Corporate Inc.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5.exe [1188864] =>PUP.Optional.CrossRider
[MD5.6DD33EFBA1A80FA9F29910AC48E80252] [APT] [879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5_user] (.Corporate Inc.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5.exe [1188864] =>PUP.Optional.CrossRider
[MD5.3F19293A52A949CEA9681F5BD2BFA4DD] [APT] [879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6] (.Corporate Inc.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6.exe [1504256] =>PUP.Optional.CrossRider
[MD5.68A4A222C63EE658050EFA90C47B38BB] [APT] [879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7] (.Corporate Inc.) -- C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7.exe [1133568] =>PUP.Optional.CrossRider
[MD5.00000000000000000000000000000000] [APT] [9cj2loE2yE23TOp] (...) -- C:\Users\Laurent\AppData\Roaming\GbW8RaD\2x3dPZQ.exe (.not file.) [0]
[MD5.9B3355B29942AF67F014EA90CE1EA960] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect
[MD5.C6FF00DA1605982E616C03BE809FFE2D] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200]
[MD5.C6FF00DA1605982E616C03BE809FFE2D] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200]
[MD5.A55FB42F0642DBF4817543A58E97721F] [APT] [Java Update Scheduler] (.Oracle Corporation.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232]
[MD5.00000000000000000000000000000000] [APT] [kP7rGZWCq0A0XPY] (...) -- C:\Users\Laurent\AppData\Roaming\dDWGR0X\V8YuD4u.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.Optional.MyPCBackup
[MD5.2EB16A11294850C253FBD095C92E579C] [APT] [RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380}] (.Beijing Rising Information Technology Co., Ltd..) -- C:\PROGRAM FILES\Rising\RAV\rsdelaylauncher.exe [76568]
[MD5.00000000000000000000000000000000] [APT] [SmartWeb Upgrade Trigger Task] (...) -- C:\Users\Laurent\AppData\Local\SmartWeb\SmartWebHelper.exe (.not file.) [0] =>PUP.Optional.SmartWebSearch
[MD5.00000000000000000000000000000000] [APT] [Software Removal Tool post reboot run] (...) -- C:\Users\Laurent\AppData\Local\Temp\4D26.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [TaskUserUpdate_wp] (...) -- C:\Users\Laurent\AppData\Roaming\~vbsudxk.exe (.not file.) [0]
[MD5.426058D692C1E4B2EC48235870EF7282] [APT] [TuneUpUtilities_Task_BkGndMaintenance2013] (.TuneUp Software.) -- C:\Program Files\TuneUp Utilities 2013\OneClick.exe [426296]
[MD5.00000000000000000000000000000000] [APT] [WIN-fdfEfEfAfC] (...) -- C:\Users\Laurent\AppData\Roaming\~sogwghs.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [WIN-GGfIfEGCfEGbGffIfCfEGC] (...) -- C:\Users\Laurent\AppData\Roaming\~wxbbmjl.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [WIN-statsAdmin] (...) -- C:\Users\Laurent\AppData\Local\Microsoft\WinU\~jbkfquy.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [WIN-statsSystem] (...) -- C:\Users\Laurent\AppData\Local\Microsoft\WinU\~rdhdjet.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [WindApp Update] (...) -- C:\Users\Laurent\AppData\Roaming\Store\WindApp\WindApp Update.exe (.not file.) [0] =>PUP.Optional.Nosibay
[MD5.85FCB2EBD224E405C181DAD61E6BB184] [APT] [WordSurfer Auto Updater 1.10.0.19 Core] (.Word Surfer.) -- C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [63576] =>PUP.Optional.WordSurfer
[MD5.85FCB2EBD224E405C181DAD61E6BB184] [APT] [WordSurfer Auto Updater 1.10.0.19 Pending Update] (.Word Surfer.) -- C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe [63576] =>PUP.Optional.WordSurfer
[MD5.00000000000000000000000000000000] [APT] [YTDownloader] (...) -- C:\Program Files\YTDownloader\YTDownloader.exe (.not file.) [0] =>PUP.Optional.YTDownloader
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6 - (.Corporate Inc.) -- C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6.job [3128] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7 - (.Corporate Inc.) -- C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7.job [3128] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10_user - (.Corporate Inc.) -- C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10_user.job [2102] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5 - (.Corporate Inc.) -- C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5.job [2436] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5_user - (.Corporate Inc.) -- C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5_user.job [2436] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6 - (.Corporate Inc.) -- C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6.job [5508] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7 - (.Corporate Inc.) -- C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7.job [5508] =>PUP.Optional.CrossRider
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: APSnotifierPP1 - (...) -- C:\WINDOWS\Tasks\APSnotifierPP1.job [366] =>PUP.Optional.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\WINDOWS\Tasks\APSnotifierPP2.job [364] =>PUP.Optional.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\WINDOWS\Tasks\APSnotifierPP3.job [364] =>PUP.Optional.AnyProtect
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\ContentDealer.job [384]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1558589277-265320636-2682692885-1001Core1d0c5e192676c4c.job [1168]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1070]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1074]
O39 - APT: 3t75CSxq3MBkKsa - (...) -- C:\WINDOWS\System32\Tasks\3t75CSxq3MBkKsa [3242]
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6 - (.Corporate Inc.) -- C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6 [6132] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7 - (.Corporate Inc.) -- C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7 [6132] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10_user - (.Corporate Inc.) -- C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10_user [5104] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5 - (.Corporate Inc.) -- C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5 [5440] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5_user - (.Corporate Inc.) -- C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5_user [5438] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6 - (.Corporate Inc.) -- C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6 [8512] =>PUP.Optional.CrossRider
O39 - APT: 879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7 - (.Corporate Inc.) -- C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7 [8512] =>PUP.Optional.CrossRider
O39 - APT: 9cj2loE2yE23TOp - (...) -- C:\WINDOWS\System32\Tasks\9cj2loE2yE23TOp [3244]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3890]
O39 - APT: APSnotifierPP1 - (...) -- C:\WINDOWS\System32\Tasks\APSnotifierPP1 [2818] =>PUP.Optional.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\WINDOWS\System32\Tasks\APSnotifierPP2 [2816] =>PUP.Optional.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\WINDOWS\System32\Tasks\APSnotifierPP3 [2816] =>PUP.Optional.AnyProtect
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask [3552]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3810]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [4046]
O39 - APT: Java Update Scheduler - (.Oracle Corporation.) -- C:\WINDOWS\System32\Tasks\Java Update Scheduler [3680]
O39 - APT: kP7rGZWCq0A0XPY - (...) -- C:\WINDOWS\System32\Tasks\kP7rGZWCq0A0XPY [3284]
O39 - APT: LaunchSignup - (...) -- C:\WINDOWS\System32\Tasks\LaunchSignup [4004] =>PUP.Optional.MyPCBackup
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe [3062]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe [3060]
O39 - APT: RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} - (.Beijing Rising Information Technology Co., Ltd..) -- C:\WINDOWS\System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} [3304]
O39 - APT: SmartWeb Upgrade Trigger Task - (...) -- C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task [4040] =>PUP.Optional.SmartWebSearch
O39 - APT: Software Removal Tool post reboot run - (...) -- C:\WINDOWS\System32\Tasks\Software Removal Tool post reboot run [3452]
O39 - APT: TaskUserUpdate_wp - (...) -- C:\WINDOWS\System32\Tasks\TaskUserUpdate_wp [2900]
O39 - APT: TuneUpUtilities_Task_BkGndMaintenance2013 - (.TuneUp Software.) -- C:\WINDOWS\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 [2758]
O39 - APT: WIN-fdfEfEfAfC - (...) -- C:\WINDOWS\System32\Tasks\WIN-fdfEfEfAfC [3188]
O39 - APT: WIN-GGfIfEGCfEGbGffIfCfEGC - (...) -- C:\WINDOWS\System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC [3188]
O39 - APT: WIN-statsAdmin - (...) -- C:\WINDOWS\System32\Tasks\WIN-statsAdmin [3310]
O39 - APT: WIN-statsSystem - (...) -- C:\WINDOWS\System32\Tasks\WIN-statsSystem [3240]
O39 - APT: WindApp Update - (...) -- C:\WINDOWS\System32\Tasks\WindApp Update [3720] =>PUP.Optional.Nosibay
O39 - APT: WordSurfer Auto Updater 1.10.0.19 Core - (.Word Surfer.) -- C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core [4160] =>PUP.Optional.WordSurfer
O39 - APT: WordSurfer Auto Updater 1.10.0.19 Pending Update - (.Word Surfer.) -- C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update [4170] =>PUP.Optional.WordSurfer
O39 - APT: YTDownloader - (...) -- C:\WINDOWS\System32\Tasks\YTDownloader [3572] =>PUP.Optional.YTDownloader
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{07AA6FB7-8C39-4503-A38E-6E7A43B4E9AE} [3290]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{0B1B65AD-1457-434F-9013-2A0BFB9DDAF6} [3094]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{0C406FF4-DE2F-4FD8-A042-565EADC8C27A} [3156]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{0D853177-3C96-41F1-B392-331DDC35F856} [3336]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{14FAE57E-A54F-4155-B8C9-A24F15F458F4} [3038]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{1A76D823-0D3D-4D5F-914B-B59A3E8713F6} [3314]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{2EFD29C2-D7D9-44F1-BA6C-A5D56AE4B2BA} [3040]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{39857F90-4608-487E-9E68-26FA6E36D5AD} [3336]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{8294182B-8885-4EE0-83B1-D1451C1725C5} [3266]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{98AE0E78-9A0B-49AB-8152-6382868E5A76} [3038]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{CE3799B4-744A-4A19-94A4-61AE8D67A9AA} [3130]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{DA0A4F96-C0B8-46FD-9EAD-DC86477DE336} [3046]
O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{FF76614A-14B6-4171-9C12-ED1FCFB59F5A} [3236]

---\\ Logiciels installés (O42) (87) - 16s
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM] -- 7-Zip
O42 - Logiciel: Cake Mania 3 Deluxe - (.Zylom.) [HKLM] -- ac01abb5591fe3b08e79b6c7a1752278
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Bandizip - (.Bandisoft.com.) [HKLM] -- Bandizip
O42 - Logiciel: Cheat Engine 6.4 - (.Cheat Engine.) [HKLM] -- Cheat Engine 6.4_is1
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite
O42 - Logiciel: FIFA 14 Ultimate Edition version 1.4 - (.Alucard2.) [HKLM] -- FIFA 14 Ultimate Edition_is1
O42 - Logiciel: Fitness Dash FINAL 1.0.0.127 - (...) [HKLM] -- Fitness Dash FINAL 1.0.0.127
O42 - Logiciel: GamesDesktop 005.005010051 - (.GAMESDESKTOP.) [HKLM] -- gmsd_be_005010051_is1 =>PUP.Optional.GamesDesktop
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Hotel Dash Suite Success - (.AllSmartGames.) [HKLM] -- Hotel Dash Suite Success1.0
O42 - Logiciel: iNet Parchis version 2.0 - (.Nosfe.) [HKLM] -- iNet Parchis_is1
O42 - Logiciel: LUXOR HD Deluxe - (...) [HKLM] -- LUXOR HD Deluxe
O42 - Logiciel: Centre Souris et Claviers Microsoft - (.Microsoft Corporation.) [HKLM] -- Microsoft Mouse and Keyboard Center
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM] -- Origin
O42 - Logiciel: SolSuite 2013 v13.0 - (.TreeCardGames.) [HKLM] -- SolSuite_is1
O42 - Logiciel: Logitech SetPoint 6.65 - (.Logitech.) [HKLM] -- sp6
O42 - Logiciel: Star Wars - Knights of the Old Republic 2 version Star Wars - Knights of th - (.Alucard2.) [HKLM] -- Star Wars - Knights of the Old Republic 2_is1
O42 - Logiciel: TSLRCM 1.8.3 - (...) [HKLM] -- The Sith Lords Restored Content Mod_is1
O42 - Logiciel: TuneUp Utilities 2013 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2013
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: winservice86 - (.Corporate Inc.) [HKLM] -- winservice86 =>PUP.Optional.CrossRider
O42 - Logiciel: WordSurfer 1.10.0.19 - (.WordSurfer.) [HKLM] -- WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}
O42 - Logiciel: Native Instruments Controller Editor - (.Native Instruments.) [HKLM] -- {0886900B-B2F3-452C-B580-60F1253F7F80}
O42 - Logiciel: Native Instruments Service Center - (.Native Instruments.) [HKLM] -- {0B8565BA-BAD5-4732-B122-5FD78EFC50A9}
O42 - Logiciel: Guitar Hero III - (.Aspyr.) [HKLM] -- {0CE1A6C0-F3F7-49E6-8F9D-2431F9827441}
O42 - Logiciel: Medal of Honor débarquement allié - (...) [HKLM] -- {0DEA94ED-915A-4834-A87E-388D012C8E02}
O42 - Logiciel: MOH Débarquement allié En Formation Patch 2.15 - (...) [HKLM] -- {18EF2DEE-DCB0-466A-ABA5-4C73E508530A}
O42 - Logiciel: Star Wars Jedi Knight Jedi Academy - (...) [HKLM] -- {1EECBA68-8BE4-4076-94DF-E9ED206B1D21}
O42 - Logiciel: RomStation - (.RomStation.) [HKLM] -- {223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1
O42 - Logiciel: Native Instruments Traktor S4 - (.Native Instruments.) [HKLM] -- {22717ED3-0869-4A88-8F87-4737CDE7144C}
O42 - Logiciel: Skype™ 7.3 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Need for Speed™ Carbon - (...) [HKLM] -- {259C0ABB-A3B2-4D70-008F-BF7EE491B70B}
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0}
O42 - Logiciel: Native Instruments Traktor Kontrol S4 Driver - (.Native Instruments.) [HKLM] -- {28F19F09-F228-49cb-8B90-F97DA7180DD4}
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {34927EBC-98D4-4D53-98BE-510DF5999F50}
O42 - Logiciel: giftssoft - (.giftssoft.) [HKLM] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1
O42 - Logiciel: Belfius Smart Card Reader Chrome-App - (.VASCO Data Security.) [HKLM] -- {3A2575B9-5F74-4357-9B96-3EB102030200}
O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
O42 - Logiciel: Ballance - (...) [HKLM] -- {42E0783D-3BA4-454B-B58A-BF26E49EB7DE}
O42 - Logiciel: VASCO Card Reader Plug-In (32-Bit) - (.VASCO Data Security.) [HKLM] -- {47659F12-27AE-3200-9B8A-2BD803020304}
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM] -- {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}
O42 - Logiciel: Star Wars JK II Jedi Outcast - (...) [HKLM] -- {576E71DA-3000-48F6-9B21-B9A70D47DFCF}
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A}
O42 - Logiciel: "FIFA 14" - (...) [HKLM] -- {6049054B-DB11-48E1-A583-9A565D5C8856}_is1
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: FMRTE 15.3.2.16 - (.FMRTE.) [HKLM] -- {6D986DE6-CA9D-4E83-B49C-18C0BFEB6AD6}_is1
O42 - Logiciel: Pokémon Trading Card Game Online - (.The Pokémon Company International.) [HKLM] -- {73550466-AE32-47D0-9868-C6066BDC0A3D}
O42 - Logiciel: Medal of Honor Débarquement allié(tm) En Formation - (...) [HKLM] -- {7914BE1E-F186-4790-B8F4-9F63C52A41C1}
O42 - Logiciel: Bing Bureau - (.Microsoft Corporation.) [HKLM] -- {7D095455-D971-4D4C-9EFD-9AF6A6584F3A}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {80407BA7-7763-4395-AB98-5233F1B34E65}
O42 - Logiciel: Medal of Honor Débarquement Allié(tm) l'Offensive - (...) [HKLM] -- {823A68CC-3049-4A6B-8F63-7DC85E4BB1C9}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8}
O42 - Logiciel: Need for Speed Underground 2 - (...) [HKLM] -- {909F8EBC-EC7F-48FF-0085-475D818F0F31}
O42 - Logiciel: Europa Universalis IV version 1.9.2 - (.REVOLUTiONiT.) [HKLM] -- {99738B45-8F6C-4975-90FB-064867063BFB}_is1
O42 - Logiciel: Guitar Hero World Tour - (.Aspyr.) [HKLM] -- {A126E617-63F0-4E57-BFA4-7190F5845C39}
O42 - Logiciel: Hitman Blood Money - (.Eidos.) [HKLM] -- {A804B134-F03D-4EFD-9BC0-DCD257AA1B22}
O42 - Logiciel: Need For Speed Underground - (...) [HKLM] -- {A99968BE-C155-474C-0089-33239DEE1CE2}
O42 - Logiciel: NVIDIA Pilote 3D Vision 341.44 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote graphique 341.44 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 2.4.1.21 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 340.50 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.13.1220 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: Football Manager 2015 version 15.3.2 - (.SEGA.) [HKLM] -- {BD2F10CE-5561-4A0A-BD82-EB56E87D4FFB}_is1
O42 - Logiciel: Medal of Honor Débarquement allié En Formation - (...) [HKLM] -- {BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}
O42 - Logiciel: LEGO® Harry Potter™: Années 1 à 4 - (.WB Games.) [HKLM] -- {C5A8DF48-580B-44D3-B2B2-E965A9368F28}
O42 - Logiciel: Medal of Honor Débarquement Allié(tm) l'Offensive v2.40 Patch - (...) [HKLM] -- {DF9046D6-5F1F-40B6-9782-3DC2D902D391}
O42 - Logiciel: Youda Farmer Premium Pack - (.LeeGT-Games.) [HKLM] -- {FEEDBC3B-A09C-471A-8A43-EB8B6AC82D5F}
O42 - Logiciel: Cake Mania 2 Deluxe - (.Zylom Games.) [HKCU] -- Cake Mania 2 Deluxe
O42 - Logiciel: Cake Mania 3 Deluxe - (.Zylom Games.) [HKCU] -- Cake Mania 3 Deluxe
O42 - Logiciel: Cake Mania Deluxe - (.Zylom Games.) [HKCU] -- Cake Mania Deluxe
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: Luxor - (...) [HKCU] -- Luxor
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent
O42 - Logiciel: WindApp - (.Store.) [HKCU] -- WindApp =>PUP.Optional.Nosibay
O42 - Logiciel: Belfius Smart Card Reader Chrome-App - (.VASCO Data Security.) [HKCU] -- {22723509-aab9-4276-8b57-734560faf359}
O42 - Logiciel: VASCO Smart Card Reader Plug-In (User) - (.VASCO Data Security.) [HKCU] -- {c77cb28d-ddd3-46f7-b51a-14a599127ba7}

---\\ HKCU & HKLM Software Keys (252) - 17s
HKLM\SOFTWARE\3ACE2D45-EC4F-4644-9197-53176FC1E1EE =>PUP.Optional.CrossRider
HKLM\SOFTWARE\433fd46f-0349-4552-8b1b-5fb005415d20 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\7-Zip
HKLM\SOFTWARE\9c0fd159-94af-449a-9866-a32c936452b3 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Acclaim
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\AGEIA Technologies
HKLM\SOFTWARE\AIM Toolbar
HKLM\SOFTWARE\Alienware
HKLM\SOFTWARE\Anti-Valve Software
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\ASIO
HKLM\SOFTWARE\AskPartnerNetwork =>Toolbar.Ask
HKLM\SOFTWARE\Aspyr
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\Aureal
HKLM\SOFTWARE\b060fe99-59c0-25d8-8b31-86381a7d76b3 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Ballance
HKLM\SOFTWARE\Bandizip
HKLM\SOFTWARE\Bethesda Softworks
HKLM\SOFTWARE\Big Fish Games
HKLM\SOFTWARE\BioWare
HKLM\SOFTWARE\Bunndle
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Canneverbe Limited
HKLM\SOFTWARE\Caphyon
HKLM\SOFTWARE\CommonShare =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\Core
HKLM\SOFTWARE\Core Design
HKLM\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\cybelsoft
HKLM\SOFTWARE\Cygwin
HKLM\SOFTWARE\Cyparade
HKLM\SOFTWARE\Disc Soft
HKLM\SOFTWARE\EA GAMES
HKLM\SOFTWARE\EA Sports
HKLM\SOFTWARE\Eidos
HKLM\SOFTWARE\Eidos Interactive
HKLM\SOFTWARE\Electronic Arts
HKLM\SOFTWARE\GameInstaller
HKLM\SOFTWARE\GAMESDESKTOP =>PUP.Optional.GamesDesktop
HKLM\SOFTWARE\GEARBOX
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\GOG.COM
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GreyGray =>PUP.Optional.Sambreel
HKLM\SOFTWARE\HPS
HKLM\SOFTWARE\IGS
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\Iminent =>PUP.Optional.IMBooster
HKLM\SOFTWARE\Infonaut_1.10.0.13 =>PUP.Optional.Infonaut
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\IO Interactive
HKLM\SOFTWARE\istartsurfSoftware =>PUP.Optional.IsStart
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Logitech
HKLM\SOFTWARE\LucasArts
HKLM\SOFTWARE\LucasArts Entertainment Company LLC
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Matrox
HKLM\SOFTWARE\MimarSinan
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Native Instruments
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\OpenOffice
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Origin
HKLM\SOFTWARE\PopCap
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Reflexive Entertainment
HKLM\SOFTWARE\ReflexiveArcade
HKLM\SOFTWARE\Reg
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Registry Helper =>PUP.Optional.RegistryHelper
HKLM\SOFTWARE\rising
HKLM\SOFTWARE\RTLSetup
HKLM\SOFTWARE\SafetySearch =>PUP.Optional.SafetySearch
HKLM\SOFTWARE\Sandlot Games
HKLM\SOFTWARE\SearchProtect =>PUP.Optional.SearchProtect
HKLM\SOFTWARE\searchult =>PUP.Optional.Gen
HKLM\SOFTWARE\Sierra On-Line
HKLM\SOFTWARE\Sierra OnLine
HKLM\SOFTWARE\Silicon Graphics
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\SpeedBit
HKLM\SOFTWARE\SPPDCOM =>PUP.Optional.PCSpeedUp
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\troll
HKLM\SOFTWARE\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\Tunngle.net
HKLM\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\Universal
HKLM\SOFTWARE\Valve
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\WajIntEnhance =>PUP.Optional.Wajam
HKLM\SOFTWARE\WB Games
HKLM\SOFTWARE\webssearchesSoftware =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\winservice86 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\winservice86-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\winservice86-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\WinU
HKLM\SOFTWARE\WON
HKLM\SOFTWARE\WordProser_1.10.0.5 =>PUP.Optional.WordProser
HKLM\SOFTWARE\WordProser_1.10.0.6 =>PUP.Optional.WordProser
HKLM\SOFTWARE\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer
HKLM\SOFTWARE\Wrench
HKCU\SOFTWARE\2015
HKCU\SOFTWARE\4shared
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Alucard
HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ArchiverDLL
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.Ask
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Bandizip
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Canneverbe Limited
HKCU\SOFTWARE\CeWe Color
HKCU\SOFTWARE\Cheat Engine
HKCU\SOFTWARE\CheckMUOB
HKCU\SOFTWARE\ChicaLogic, Inc.
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Core Design
HKCU\SOFTWARE\Counter-Strike
HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser
HKCU\SOFTWARE\Cygwin
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DownLite
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\DropboxUpdate
HKCU\SOFTWARE\DSS
HKCU\SOFTWARE\EA Games
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\Emulators
HKCU\SOFTWARE\epsxe
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GameHouse
HKCU\SOFTWARE\gamesdesktop =>PUP.Optional.GamesDesktop
HKCU\SOFTWARE\Ge-Force-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Gearbox
HKCU\SOFTWARE\GigaClicks Crawler =>PUP.Optional.GigaClicks
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\GoBit
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GreyGray =>PUP.Optional.Sambreel
HKCU\SOFTWARE\HipSoft
HKCU\SOFTWARE\HomeTab =>PUP.Optional.CertifiedToolbar
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\IO Interactive
HKCU\SOFTWARE\iVIDI.org
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JayteeMaster2003
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\Kromtech
HKCU\SOFTWARE\LADY'S WOOD 2013 LIMITED
HKCU\SOFTWARE\Leadertech
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\LucasArts
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Macrovision
HKCU\SOFTWARE\Massive Media
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Monopoly
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\myfingershurt
HKCU\SOFTWARE\Nadeo
HKCU\SOFTWARE\Native Instruments
HKCU\SOFTWARE\Native Systems Inc.
HKCU\SOFTWARE\Nosibay =>PUP.Optional.SPointer
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\OpenOffice
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Optimizer Pro =>PUP.Optional.OptimizerPro
HKCU\SOFTWARE\PCSX2
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PopCap
HKCU\SOFTWARE\PSXGameEdit
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Sandlot Games
HKCU\SOFTWARE\SearchProtectWS =>PUP.Optional.SearchProtect
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\Sense-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Services
HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech
HKCU\SOFTWARE\Skyhook Wireless
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Smartbar =>PUP.Optional.SmartBar
HKCU\SOFTWARE\SOG
HKCU\SOFTWARE\SpinTop
HKCU\SOFTWARE\Store =>PUP.Optional.Gen
HKCU\SOFTWARE\TexMod
HKCU\SOFTWARE\The Pokémon Company International
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\TikGames
HKCU\SOFTWARE\TNT2 =>PUP.Optional.TidyNetwork
HKCU\SOFTWARE\TreeCardGames
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Tunngle.net
HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\UpdateYTD
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VASCO
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Vision Thing
HKCU\SOFTWARE\WajIEnhance =>PUP.Optional.Wajam
HKCU\SOFTWARE\WajIntEnhance =>PUP.Optional.Wajam
HKCU\SOFTWARE\WB Games
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\winservice86 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\winservice86-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\winservice86-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\zylom
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\mystarttb =>PUP.Optional.StartSearch
HKCU\SOFTWARE\AppDataLow\Software\Re-Markable
HKCU\SOFTWARE\AppDataLow\Software\Unity

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) (322) - 14s
O43 - CFD: 2015/08/05 13:07:20 - [] D -- C:\Program Files\03000200-1428775273-0500-0006-000700080009 =>PUP.Optional.CrossRider
O43 - CFD: 2015/01/13 11:32:04 - [] D -- C:\Program Files\0ca45c95134d
O43 - CFD: 2015/03/25 13:10:30 - [] D -- C:\Program Files\1acf32df-b1fe-4175-996d-52aaa728b99a =>PUP.Optional.CrossRider
O43 - CFD: 2015/01/03 12:39:39 - [0] D -- C:\Program Files\50CoiupoNs
O43 - CFD: 2015/01/13 11:30:54 - [] D -- C:\Program Files\7-Zip
O43 - CFD: 2015/03/25 13:10:30 - [] D -- C:\Program Files\974be818-95d1-421a-bcd1-71f58442e441 =>PUP.Optional.CrossRider
O43 - CFD: 2014/05/18 14:46:45 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2014/06/20 09:24:34 - [0] D -- C:\Program Files\AGEIA Technologies
O43 - CFD: 2015/08/05 09:40:41 - [] D -- C:\Program Files\baidu
O43 - CFD: 2015/07/31 17:59:04 - [] D -- C:\Program Files\CCutThePrice =>PUP.Optional.Multiplug
O43 - CFD: 2014/10/03 16:47:11 - [] D -- C:\Program Files\Cheat Engine 6.4
O43 - CFD: 2015/08/05 09:18:05 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/01/24 16:08:31 - [] D -- C:\Program Files\CommonShare =>PUP.Optional.CommonShare
O43 - CFD: 2013/10/10 11:49:52 - [] D -- C:\Program Files\CR-TEKnologies
O43 - CFD: 2015/04/11 20:33:55 - [] D -- C:\Program Files\Crossbrowse =>PUP.Optional.CrossBrowse
O43 - CFD: 2015/07/31 17:59:37 - [] D -- C:\Program Files\CutThePrice =>PUP.Optional.Multiplug
O43 - CFD: 2013/12/11 15:30:45 - [] D -- C:\Program Files\DAEMON Tools Lite
O43 - CFD: 2015/07/23 12:39:52 - [] D -- C:\Program Files\EA GAMES
O43 - CFD: 2013/07/15 13:26:58 - [0] SHD -- C:\Program Files\Fichiers communs
O43 - CFD: 2015/03/25 13:10:17 - [] D -- C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/05 09:41:42 - [] D -- C:\Program Files\gmsd_be_005010051 =>PUP.Optional.CrossRider
O43 - CFD: 2014/11/08 19:29:08 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/01/14 12:01:10 - [0] D -- C:\Program Files\GU Player =>PUP.Optional.GUPlayer
O43 - CFD: 2015/04/11 20:46:57 - [] D -- C:\Program Files\IGS
O43 - CFD: 2015/05/13 11:57:50 - [] D -- C:\Program Files\iNet Parchis
O43 - CFD: 2015/07/30 11:37:27 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2015/07/15 19:43:19 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/04/20 11:21:40 - [] D -- C:\Program Files\Java
O43 - CFD: 2014/11/08 19:53:26 - [] D -- C:\Program Files\Logitech
O43 - CFD: 2013/10/20 14:17:35 - [] D -- C:\Program Files\Microsoft
O43 - CFD: 2015/07/18 10:51:24 - [] D -- C:\Program Files\Microsoft ASP.NET
O43 - CFD: 2013/07/23 15:28:33 - [] D -- C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD: 2014/11/08 19:51:37 - [] D -- C:\Program Files\Microsoft Mouse and Keyboard Center
O43 - CFD: 2015/05/15 11:14:22 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2014/09/01 14:26:42 - [] D -- C:\Program Files\Microsoft XNA
O43 - CFD: 2012/07/26 08:53:43 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/02/04 16:12:57 - [] D -- C:\Program Files\MiniGet
O43 - CFD: 2014/11/08 19:25:51 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2013/07/18 12:34:02 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2015/07/08 16:50:15 - [] D -- C:\Program Files\Notepad++
O43 - CFD: 2014/12/17 15:31:33 - [] D -- C:\Program Files\NVIDIA Corporation
O43 - CFD: 2013/12/06 18:19:36 - [] D -- C:\Program Files\OpenOffice 4
O43 - CFD: 2015/07/02 18:21:14 - [] D -- C:\Program Files\Origin
O43 - CFD: 2013/07/18 12:45:54 - [0] D -- C:\Program Files\Origin Games
O43 - CFD: 2015/07/08 16:50:57 - [0] D -- C:\Program Files\Pixum
O43 - CFD: 2015/02/04 16:14:06 - [0] D -- C:\Program Files\predm =>PUP.Optional.Downware
O43 - CFD: 2014/12/19 12:20:29 - [] D -- C:\Program Files\PriceLess =>PUP.Optional.PriceLess
O43 - CFD: 2014/11/08 19:49:10 - [] D -- C:\Program Files\Realtek
O43 - CFD: 2013/07/18 12:34:02 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/01/16 14:44:28 - [] D -- C:\Program Files\ReviverSoft
O43 - CFD: 2015/08/05 10:16:10 - [] D -- C:\Program Files\Rising
O43 - CFD: 2015/01/13 11:33:18 - [0] D -- C:\Program Files\RobooSaver =>PUP.Optional.Multiplug
O43 - CFD: 2014/07/25 11:26:53 - [0] D -- C:\Program Files\SearchNewTab =>PUP.Optional.FastSaveApp
O43 - CFD: 2015/01/15 11:43:37 - [] D -- C:\Program Files\Settings Manager =>PUP.Optional.SettingsManager
O43 - CFD: 2014/09/18 13:50:35 - [] D -- C:\Program Files\Sierra On-Line
O43 - CFD: 2015/04/29 18:02:11 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2015/07/31 18:01:39 - [0] D -- C:\Program Files\Supporter =>PUP.Optional.SaveClicker
O43 - CFD: 2013/12/07 22:13:08 - [] D -- C:\Program Files\surf! aNd keep =>PUP.Optional.Multiplug
O43 - CFD: 2015/01/13 11:38:56 - [0] D -- C:\Program Files\TakkeTheCoupono =>PUP.Optional.Multiplug
O43 - CFD: 2015/01/24 16:06:23 - [0] D -- C:\Program Files\TinyWallet =>PUP.Optional.Multiplug
O43 - CFD: 2014/06/16 15:06:04 - [] D -- C:\Program Files\TuneUp Utilities 2013
O43 - CFD: 2012/07/26 08:04:59 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2015/04/25 18:33:33 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2015/08/05 16:21:42 - [0] D -- C:\Program Files\VS Revo Group
O43 - CFD: 2015/03/12 19:42:18 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2015/05/15 12:51:28 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2012/07/26 10:23:29 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2013/07/16 11:57:53 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2012/07/26 08:53:56 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 2013/07/15 13:26:58 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2013/07/15 21:57:59 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2012/07/26 08:53:56 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2012/07/26 08:53:43 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 2015/07/11 11:16:24 - [] HD -- C:\Program Files\WindowsApps
O43 - CFD: 2014/11/08 18:43:27 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/03/25 13:11:16 - [] D -- C:\Program Files\winservice86 =>PUP.Optional.CrossRider
O43 - CFD: 2015/08/05 09:38:11 - [] D -- C:\Program Files\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer
O43 - CFD: 2014/12/19 12:20:40 - [] D -- C:\Program Files\YoutubeAdBlocke =>PUP.Optional.YouTubeAdBlock
O43 - CFD: 2015/02/04 16:10:37 - [] D -- C:\Program Files\YTDownloader =>PUP.Optional.YTDownloader
O43 - CFD: 2014/10/12 11:04:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2012/07/26 08:53:44 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2014/10/16 18:16:18 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/10/12 18:13:18 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/07/06 13:01:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ballance
O43 - CFD: 2013/10/20 14:17:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau
O43 - CFD: 2014/11/08 19:52:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre Souris et Claviers Microsoft
O43 - CFD: 2014/08/31 11:59:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
O43 - CFD: 2015/01/16 14:44:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
O43 - CFD: 2013/10/10 11:49:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CR-TEKnologies
O43 - CFD: 2013/12/11 15:30:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2014/08/30 20:21:52 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolphin
O43 - CFD: 2015/07/30 11:08:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
O43 - CFD: 2013/12/30 14:13:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
O43 - CFD: 2013/12/13 20:12:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive
O43 - CFD: 2015/01/15 15:53:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
O43 - CFD: 2015/05/15 11:00:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Europa Universalis IV
O43 - CFD: 2015/07/08 20:23:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
O43 - CFD: 2015/07/07 18:57:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14 Ultimate Edition
O43 - CFD: 2015/07/31 18:16:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FMRTE
O43 - CFD: 2015/01/24 16:13:26 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/08/05 09:41:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP =>PUP.Optional.GamesDesktop
O43 - CFD: 2015/08/01 20:35:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2013/12/22 13:00:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
O43 - CFD: 2014/09/12 12:43:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life Decay
O43 - CFD: 2014/07/27 14:37:07 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasbro
O43 - CFD: 2015/05/13 12:02:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iNet Parchis
O43 - CFD: 2014/10/20 19:36:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insaniquarium
O43 - CFD: 2015/04/20 19:08:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2014/11/08 19:56:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
O43 - CFD: 2014/02/11 10:31:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
O43 - CFD: 2015/04/18 15:43:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LUXOR HD Deluxe
O43 - CFD: 2015/07/16 13:09:23 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
O43 - CFD: 2012/07/26 08:53:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2013/07/23 15:28:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
O43 - CFD: 2015/05/15 11:14:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/07/03 13:24:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
O43 - CFD: 2015/04/14 16:12:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2013/12/06 18:20:39 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
O43 - CFD: 2015/07/02 18:21:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
O43 - CFD: 2014/08/30 20:21:52 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
O43 - CFD: 2014/03/07 11:49:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
O43 - CFD: 2014/08/30 20:28:01 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS3 Media Server
O43 - CFD: 2015/07/16 11:29:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Re-Volt
O43 - CFD: 2015/01/27 12:49:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RomStation
O43 - CFD: 2013/11/22 12:16:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab =>PUP.Optional.FastSaveApp
O43 - CFD: 2014/09/30 17:27:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
O43 - CFD: 2015/02/14 19:43:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2013/10/10 15:48:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games
O43 - CFD: 2015/07/15 15:40:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sports Interactive
O43 - CFD: 2015/07/30 11:28:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Wars - Knights of the Old Republic 2
O43 - CFD: 2015/03/18 17:39:00 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2013/07/16 11:58:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2012/07/26 10:27:21 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/16 11:29:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrackMania
O43 - CFD: 2013/07/24 11:03:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
O43 - CFD: 2015/07/03 13:07:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
O43 - CFD: 2015/01/24 13:01:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubi Soft Games
O43 - CFD: 2015/04/25 18:33:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/05/04 11:52:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youda Farmer Premium Pack
O43 - CFD: 2015/01/20 15:53:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
O43 - CFD: 2014/01/02 13:10:57 - [] D -- C:\ProgramData\.mono
O43 - CFD: 2015/07/31 18:05:47 - [] D -- C:\ProgramData\1932916710937654368
O43 - CFD: 2015/01/24 16:06:23 - [] D -- C:\ProgramData\1ad31981efdaf460
O43 - CFD: 2015/01/04 13:06:05 - [0] D -- C:\ProgramData\50CoiupoNs
O43 - CFD: 2015/08/05 16:20:55 - [] D -- C:\ProgramData\8d709fa600005b80
O43 - CFD: 2014/05/18 14:46:47 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/10/30 15:46:23 - [] D -- C:\ProgramData\AdPunisher
O43 - CFD: 2014/09/06 15:05:39 - [] D -- C:\ProgramData\AirportMania
O43 - CFD: 2014/09/06 14:26:47 - [0] D -- C:\ProgramData\AirportMania (2)
O43 - CFD: 2012/07/26 08:04:44 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/11/22 18:56:24 - [] D -- C:\ProgramData\atjs
O43 - CFD: 2013/09/17 09:23:55 - [] D -- C:\ProgramData\Big Fish
O43 - CFD: 2015/06/07 12:58:29 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2014/12/19 12:20:05 - [] D -- C:\ProgramData\bmapngfelfdkehbdplopllegndkadcil =>Toolbar.Ask
O43 - CFD: 2013/07/15 13:26:58 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2013/12/24 22:01:24 - [] D -- C:\ProgramData\Canneverbe Limited
O43 - CFD: 2014/11/08 18:34:16 - [0] D -- C:\ProgramData\choosefun
O43 - CFD: 2015/01/06 18:27:37 - [] D -- C:\ProgramData\cjnkmfnokibpkbobbchkleglnigbchbj
O43 - CFD: 2015/01/20 15:53:36 - [] D -- C:\ProgramData\com.gamehouse.acid
O43 - CFD: 2013/07/24 11:02:37 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2013/12/11 15:31:50 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2012/07/26 08:04:44 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/07/31 17:58:31 - [] D -- C:\ProgramData\dncnfncdaogelegbhcjobiamkdonjpdb
O43 - CFD: 2012/07/26 08:04:44 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/07/24 09:12:51 - [] D -- C:\ProgramData\Dropbox
O43 - CFD: 2015/08/05 09:40:22 - [] D -- C:\ProgramData\DWinManProD
O43 - CFD: 2013/09/17 10:03:40 - [] D -- C:\ProgramData\EA Core
O43 - CFD: 2013/09/17 10:26:45 - [] D -- C:\ProgramData\EA Logs
O43 - CFD: 2015/07/02 18:17:59 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 2014/10/15 12:08:48 - [] D -- C:\ProgramData\FarmFrenzy-PizzaParty
O43 - CFD: 2014/10/07 18:13:45 - [] D -- C:\ProgramData\FarmFrenzy2
O43 - CFD: 2014/10/16 13:39:00 - [] D -- C:\ProgramData\FarmFrenzy3
O43 - CFD: 2014/02/16 15:44:50 - [] D -- C:\ProgramData\GameHouse
O43 - CFD: 2014/11/03 11:11:23 - [] D -- C:\ProgramData\giftssoft
O43 - CFD: 2015/04/30 11:31:13 - [] D -- C:\ProgramData\GoBit Games
O43 - CFD: 2014/05/28 07:42:58 - [] D -- C:\ProgramData\HipSoft
O43 - CFD: 2015/05/31 19:19:54 - [] D -- C:\ProgramData\hps
O43 - CFD: 2015/05/16 20:33:10 - [] D -- C:\ProgramData\IePluginServices =>Trojan.SProtector
O43 - CFD: 2015/08/05 09:40:06 - [] D -- C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR
O43 - CFD: 2013/12/30 12:39:12 - [] D -- C:\ProgramData\InstallMate =>PUP.Optional.Tarma
O43 - CFD: 2015/08/05 10:28:42 - [0] D -- C:\ProgramData\IQIYI Video =>PUP.Optional.IQIYIVideo
O43 - CFD: 2015/07/31 18:05:20 - [] D -- C:\ProgramData\jfbjcmoffaaodnekahdemdinblcbdekk
O43 - CFD: 2015/01/13 15:52:55 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2014/11/08 19:53:35 - [] D -- C:\ProgramData\Logishrd
O43 - CFD: 2013/07/16 12:04:17 - [] D -- C:\ProgramData\Logitech
O43 - CFD: 2013/07/18 13:18:37 - [] D -- C:\ProgramData\Logs
O43 - CFD: 2013/09/17 08:58:05 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2013/07/15 13:26:58 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2015/07/16 11:57:33 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2013/07/15 13:26:58 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2013/09/16 13:13:06 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/04/18 15:43:29 - [] D -- C:\ProgramData\MumboJumbo
O43 - CFD: 2013/07/28 15:01:08 - [] D -- C:\ProgramData\Native Instruments
O43 - CFD: 2015/03/07 12:58:06 - [] D -- C:\ProgramData\NFS Underground
O43 - CFD: 2015/08/06 12:10:41 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2014/06/20 09:09:59 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/04/20 11:22:14 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/07/08 16:22:44 - [] D -- C:\ProgramData\Origin
O43 - CFD: 2014/08/12 14:01:18 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/04/14 16:18:55 - [] D -- C:\ProgramData\PlayFirst
O43 - CFD: 2014/05/23 15:37:57 - [] D -- C:\ProgramData\Pogo
O43 - CFD: 2013/09/15 12:56:02 - [] D -- C:\ProgramData\PopCap Games
O43 - CFD: 2013/07/15 22:11:38 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 2012/07/26 10:27:21 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2014/12/21 12:31:08 - [] D -- C:\ProgramData\Registry Helper =>PUP.Optional.RegistryHelper
O43 - CFD: 2015/08/05 10:16:50 - [] D -- C:\ProgramData\Rising
O43 - CFD: 2015/01/14 12:01:10 - [0] D -- C:\ProgramData\RobooSaver =>PUP.Optional.Multiplug
O43 - CFD: 2015/01/20 16:10:31 - [] D -- C:\ProgramData\Sandlot Games
O43 - CFD: 2014/07/26 17:38:41 - [0] D -- C:\ProgramData\SearchNewTab =>PUP.Optional.FastSaveApp
O43 - CFD: 2015/04/29 18:02:14 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2013/09/15 12:56:46 - [] D -- C:\ProgramData\SpinTop Games
O43 - CFD: 2012/07/26 08:04:44 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/03/18 08:26:37 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2013/09/17 08:24:33 - [] D -- C:\ProgramData\SummerSoft
O43 - CFD: 2013/07/22 11:59:45 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2013/12/07 22:13:09 - [] D -- C:\ProgramData\surf! aNd keep =>PUP.Optional.Multiplug
O43 - CFD: 2015/01/14 12:01:10 - [0] D -- C:\ProgramData\TakkeTheCoupono =>PUP.Optional.Multiplug
O43 - CFD: 2015/04/18 15:42:09 - [] AD -- C:\ProgramData\TEMP
O43 - CFD: 2012/07/26 08:04:44 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/08/05 10:13:43 - [] D -- C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2015/01/25 12:40:15 - [0] D -- C:\ProgramData\TinyWallet =>PUP.Optional.Multiplug
O43 - CFD: 2015/05/31 19:22:08 - [] D -- C:\ProgramData\tmp
O43 - CFD: 2015/04/26 20:57:15 - [] D -- C:\ProgramData\TrackMania
O43 - CFD: 2013/10/10 15:48:38 - [] D -- C:\ProgramData\TreeCardGames
O43 - CFD: 2015/04/12 11:27:56 - [] D -- C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
O43 - CFD: 2014/03/06 15:54:08 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2015/04/26 12:21:41 - [] D -- C:\ProgramData\Tunngle
O43 - CFD: 2015/08/03 23:52:46 - [0] D -- C:\ProgramData\{04fa2573-ce86-3e22-04fa-a2573ce895cf}
O43 - CFD: 2014/11/26 16:00:15 - [0] HDC -- C:\ProgramData\{95684022-A736-4575-ABB0-5B7388BB873D}
O43 - CFD: 2013/07/28 14:51:57 - [0] HDC -- C:\ProgramData\{B5F0C192-874D-49A8-88D7-8431E3714756}
O43 - CFD: 2014/11/26 16:00:15 - [0] HDC -- C:\ProgramData\{B7C85E99-2AC6-455D-B4D1-752A56403757}
O43 - CFD: 2013/07/24 11:06:42 - [0] SHD -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 2013/07/30 18:07:22 - [0] HDC -- C:\ProgramData\{F168E1FD-951A-4765-8E54-46D13B7C8F72}
O43 - CFD: 2015/05/03 11:38:53 - [] D -- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 2015/02/18 19:00:30 - [] HD -- C:\Program Files\Common Files\EAInstaller
O43 - CFD: 2014/02/03 15:06:21 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2015/04/14 14:54:07 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 2014/11/08 19:56:36 - [] D -- C:\Program Files\Common Files\LogiShrd
O43 - CFD: 2014/09/01 14:26:42 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2014/11/23 18:07:37 - [] D -- C:\Program Files\Common Files\Native Instruments
O43 - CFD: 2012/07/26 08:53:56 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2015/02/14 19:43:45 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2015/02/01 17:16:13 - [] D -- C:\Program Files\Common Files\Steam
O43 - CFD: 2014/02/03 15:12:09 - [0] D -- C:\Program Files\Common Files\SWF Studio
O43 - CFD: 2015/02/04 16:10:48 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/07/15 13:12:34 - [] D -- C:\Users\Laurent\AppData\Roaming\03000200-1428775273-0500-0006-000700080009
O43 - CFD: 2015/05/03 11:38:31 - [] D -- C:\Users\Laurent\AppData\Roaming\Adobe
O43 - CFD: 2015/01/12 12:30:02 - [] SHD -- C:\Users\Laurent\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect
O43 - CFD: 2015/04/15 13:24:18 - [] D -- C:\Users\Laurent\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/07/28 09:14:07 - [] D -- C:\Users\Laurent\AppData\Roaming\Dropbox
O43 - CFD: 2015/07/31 18:21:29 - [] D -- C:\Users\Laurent\AppData\Roaming\FMRTE15
O43 - CFD: 2015/05/03 11:39:11 - [] D -- C:\Users\Laurent\AppData\Roaming\Gabob.NowBoarding
O43 - CFD: 2015/05/03 11:39:10 - [] D -- C:\Users\Laurent\AppData\Roaming\Gabob.NowBoarding.75EFD321A77FF3E9D3E8C023673644AB2F392162.1
O43 - CFD: 2015/08/05 16:06:34 - [] D -- C:\Users\Laurent\AppData\Roaming\Identities
O43 - CFD: 2015/08/06 12:26:27 - [] D -- C:\Users\Laurent\AppData\Roaming\IQIYI Video =>PUP.Optional.IQIYIVideo
O43 - CFD: 2015/04/12 10:57:11 - [] D -- C:\Users\Laurent\AppData\Roaming\Logitech
O43 - CFD: 2015/04/11 20:48:25 - [] D -- C:\Users\Laurent\AppData\Roaming\Macromedia
O43 - CFD: 2015/07/02 18:33:36 - [] SD -- C:\Users\Laurent\AppData\Roaming\Microsoft
O43 - CFD: 2015/07/08 16:50:15 - [] D -- C:\Users\Laurent\AppData\Roaming\Notepad++
O43 - CFD: 2015/04/26 11:11:23 - [] D -- C:\Users\Laurent\AppData\Roaming\NVIDIA
O43 - CFD: 2015/04/13 12:40:25 - [] D -- C:\Users\Laurent\AppData\Roaming\OpenOffice
O43 - CFD: 2015/07/03 11:18:31 - [] D -- C:\Users\Laurent\AppData\Roaming\Origin
O43 - CFD: 2015/04/14 16:18:55 - [] D -- C:\Users\Laurent\AppData\Roaming\PlayFirst
O43 - CFD: 2015/08/06 12:26:18 - [0] D -- C:\Users\Laurent\AppData\Roaming\ppslog
O43 - CFD: 2014/05/22 15:51:59 - [] RHD -- C:\Users\Laurent\AppData\Roaming\SecuROM
O43 - CFD: 2015/06/08 19:51:34 - [] D -- C:\Users\Laurent\AppData\Roaming\Skype
O43 - CFD: 2015/07/02 16:03:22 - [] D -- C:\Users\Laurent\AppData\Roaming\SolSuite
O43 - CFD: 2015/08/05 10:13:45 - [] D -- C:\Users\Laurent\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2015/04/11 20:14:07 - [] D -- C:\Users\Laurent\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/04/26 12:21:42 - [] D -- C:\Users\Laurent\AppData\Roaming\Tunngle
O43 - CFD: 2015/07/30 00:28:16 - [] D -- C:\Users\Laurent\AppData\Roaming\uTorrent
O43 - CFD: 2015/05/08 19:00:59 - [] D -- C:\Users\Laurent\AppData\Roaming\VASCO
O43 - CFD: 2015/06/23 18:11:32 - [] D -- C:\Users\Laurent\AppData\Roaming\vlc
O43 - CFD: 2015/05/10 15:12:46 - [] D -- C:\Users\Laurent\AppData\Roaming\YoudaGames
O43 - CFD: 2015/08/06 12:36:47 - [] D -- C:\Users\Laurent\AppData\Roaming\ZHP
O43 - CFD: 2015/04/11 20:11:24 - [] D -- C:\Users\Laurent\AppData\Local\03000200-1428782682-0500-0006-000700080009
O43 - CFD: 2015/06/18 09:27:12 - [0] D -- C:\Users\Laurent\AppData\Local\03000200-1428782706-0500-0006-000700080009
O43 - CFD: 2015/05/03 11:38:13 - [] D -- C:\Users\Laurent\AppData\Local\Adobe
O43 - CFD: 2013/07/15 13:33:04 - [0] SHD -- C:\Users\Laurent\AppData\Local\Application Data
O43 - CFD: 2015/07/02 17:42:33 - [] D -- C:\Users\Laurent\AppData\Local\Bandizip
O43 - CFD: 2015/07/29 17:23:45 - [0] D -- C:\Users\Laurent\AppData\Local\Diagnostics
O43 - CFD: 2015/07/24 09:12:51 - [] D -- C:\Users\Laurent\AppData\Local\Dropbox
O43 - CFD: 2015/08/05 09:54:32 - [0] D -- C:\Users\Laurent\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2015/04/11 20:47:13 - [] D -- C:\Users\Laurent\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/06 12:19:03 - [] D -- C:\Users\Laurent\AppData\Local\gmsd_be_005010051 =>PUP.Optional.CrossRider
O43 - CFD: 2015/08/05 16:17:20 - [] D -- C:\Users\Laurent\AppData\Local\Google
O43 - CFD: 2013/07/15 13:33:04 - [0] SHD -- C:\Users\Laurent\AppData\Local\Historique
O43 - CFD: 2015/08/05 16:06:33 - [] D -- C:\Users\Laurent\AppData\Local\Microsoft
O43 - CFD: 2015/07/11 21:23:58 - [] D -- C:\Users\Laurent\AppData\Local\NFS Underground 2
O43 - CFD: 2015/04/15 13:18:02 - [] D -- C:\Users\Laurent\AppData\Local\NVIDIA
O43 - CFD: 2015/04/15 13:22:45 - [] D -- C:\Users\Laurent\AppData\Local\NVIDIA Corporation
O43 - CFD: 2015/07/03 11:18:29 - [] D -- C:\Users\Laurent\AppData\Local\Origin
O43 - CFD: 2015/05/08 19:00:56 - [] D -- C:\Users\Laurent\AppData\Local\Package Cache
O43 - CFD: 2015/08/05 16:06:27 - [] D -- C:\Users\Laurent\AppData\Local\Packages
O43 - CFD: 2015/05/15 10:55:42 - [] D -- C:\Users\Laurent\AppData\Local\Programs
O43 - CFD: 2015/07/08 17:36:03 - [] D -- C:\Users\Laurent\AppData\Local\Setup Integrity Check
O43 - CFD: 2015/04/27 18:36:05 - [] D -- C:\Users\Laurent\AppData\Local\Skype
O43 - CFD: 2015/08/05 16:17:06 - [] D -- C:\Users\Laurent\AppData\Local\SmartWeb =>PUP.Optional.SmartWebSearch
O43 - CFD: 2015/07/17 11:45:15 - [] D -- C:\Users\Laurent\AppData\Local\Sports Interactive
O43 - CFD: 2015/08/05 09:42:48 - [] D -- C:\Users\Laurent\AppData\Local\SysassistByHotWheel =>PUP.Optional.Gen
O43 - CFD: 2015/08/06 12:36:30 - [] D -- C:\Users\Laurent\AppData\Local\Temp
O43 - CFD: 2013/07/15 13:33:04 - [0] SHD -- C:\Users\Laurent\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/08/05 16:21:30 - [0] D -- C:\Users\Laurent\AppData\Local\Unity
O43 - CFD: 2015/07/23 11:02:29 - [] D -- C:\Users\Laurent\AppData\Local\VirtualStore
O43 - CFD: 2012/07/26 08:53:44 - [] RD -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2012/07/26 08:53:43 - [] RD -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/05 16:06:38 - [] RD -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/08/17 15:08:47 - [0] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
O43 - CFD: 2015/07/24 09:13:51 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 2015/04/14 16:18:42 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fitness Dash FINAL 1.0.0.127
O43 - CFD: 2013/12/11 22:00:18 - [0] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/30 11:58:42 - [0] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/16 11:29:12 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hotel Dash Suite Success
O43 - CFD: 2012/07/26 08:53:44 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/12 11:19:12 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokémon Trading Card Game Online
O43 - CFD: 2014/03/07 11:49:34 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PopCap Games
O43 - CFD: 2014/10/26 17:45:37 - [0] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Re-Volt
O43 - CFD: 2014/09/18 13:50:35 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra
O43 - CFD: 2015/08/05 16:17:06 - [] RD -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/16 11:29:12 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2012/07/26 08:53:43 - [] RD -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/01/20 16:10:11 - [] D -- C:\Users\Laurent\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zylom Games

---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (9) - 21s
O45 - LFCP:[MD5.C4CF3A3B57F879675F9AE24B7CA96F26] 2015/08/05 09:47:22 A -- C:\WINDOWS\Prefetch\ANYPROTECT.EXE-E6F566D4.pf =>PUP.Optional.AnyProtect
O45 - LFCP:[MD5.5EA6F4A2BC8A499BEC3E62913F5BAC51] 2015/08/06 12:12:13 A -- C:\WINDOWS\Prefetch\GMSD_BE_005010051.EXE-7FD22B69.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.543CDBCC9292CCB6D5BBC54C274A00E5] 2015/08/05 09:41:09 A -- C:\WINDOWS\Prefetch\IQIYISETUP_L_SPL004@KB005.EXE-D558BE74.pf =>PUP.Optional.IQIYIVideo
O45 - LFCP:[MD5.3185CDE0161D48526C14F6927D72F871] 2015/08/06 12:27:11 A -- C:\WINDOWS\Prefetch\PERFORMANCEOPTIMIZER.EXE-2139B7C9.pf =>PUP.Optional.BProtector
O45 - LFCP:[MD5.AF65DE126113944E032C838DB925ED22] 2015/08/05 16:07:10 A -- C:\WINDOWS\Prefetch\SMARTWEBAPP.EXE-1D5CAE84.pf =>PUP.Optional.SmartWebSearch
O45 - LFCP:[MD5.09DE2A99F4F197CD2E2C4EE812E31A46] 2015/08/05 16:10:27 A -- C:\WINDOWS\Prefetch\SMARTWEBHELPER.EXE-8564817F.pf =>PUP.Optional.SmartWebSearch
O45 - LFCP:[MD5.55D7FB3B0AF9CE818BE0338551BCD8AD] 2015/08/06 12:15:01 A -- C:\WINDOWS\Prefetch\UPGMSD_BE_005010051.EXE-7945F1CE.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.EF1B1382FBB220DA1AB41BF1154D9DC3] 2015/08/05 09:38:11 A -- C:\WINDOWS\Prefetch\WORDSURFERAUTOUPDATECLIENT.EX-1E7E4672.pf =>PUP.Optional.WordSurfer
O45 - LFCP:[MD5.1DBE81F227364C16BE5BBCC70F6CC182] 2015/08/05 09:39:25 A -- C:\WINDOWS\Prefetch\WPM_V20.0.0.2294.EXE-4DCFA169.pf =>PUP.Optional.WpManager

---\\ Liste des pilotes du système (SDL) (O58) (76) - 8s
O58 - SDL:2012/07/26 05:42:31 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [85232]
O58 - SDL:2012/07/26 05:42:31 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\WINDOWS\System32\drivers\adp94xx.sys [424176]
O58 - SDL:2012/07/26 05:42:31 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\WINDOWS\System32\drivers\adpahci.sys [298736]
O58 - SDL:2012/07/26 05:42:31 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\WINDOWS\System32\drivers\adpu320.sys [147696]
O58 - SDL:2012/07/26 05:42:31 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [67312]
O58 - SDL:2012/07/26 05:42:31 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [213744]
O58 - SDL:2012/07/26 05:42:31 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [22256]
O58 - SDL:2012/07/26 05:42:30 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\WINDOWS\System32\drivers\arc.sys [91888]
O58 - SDL:2012/07/26 05:42:30 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [94448]
O58 - SDL:2013/12/11 15:30:45 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128]
O58 - SDL:2012/07/26 05:42:33 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [56048]
O58 - SDL:2012/07/26 05:42:33 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [333552]
O58 - SDL:2012/07/26 05:42:33 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\WINDOWS\System32\drivers\iirsp.sys [42224]
O58 - SDL:2014/05/14 04:02:23 N . (.Beijing Rising Information Technology Co., Ltd. - kguard nt driver.) -- C:\WINDOWS\System32\drivers\kguard.sys [68376]
O58 - SDL:2012/12/18 08:46:44 A . (.Native Instruments GmbH - Traktor Kontrol S4.) -- C:\WINDOWS\System32\drivers\ks4avs.sys [347496]
O58 - SDL:2012/12/18 08:46:44 A . (.Native Instruments GmbH - Traktor Kontrol S4.) -- C:\WINDOWS\System32\drivers\ks4usb.sys [99176]
O58 - SDL:2014/03/19 02:24:16 A . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\WINDOWS\System32\drivers\LHidFilt.Sys [43800]
O58 - SDL:2014/03/19 02:24:18 A . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\WINDOWS\System32\drivers\LMouFilt.Sys [37528]
O58 - SDL:2015/06/24 16:20:31 A . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\WINDOWS\System32\drivers\LNonPnP.sys [16400]
O58 - SDL:2012/07/26 05:42:33 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [93424]
O58 - SDL:2012/07/26 05:42:33 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2.sys [78576]
O58 - SDL:2012/07/26 05:42:33 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_scsi.sys [100592]
O58 - SDL:2012/07/26 05:42:33 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [68848]
O58 - SDL:2012/07/26 05:42:33 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [45296]
O58 - SDL:2012/07/26 05:42:15 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\MegaSR.sys [283888]
O58 - SDL:2012/07/26 05:42:15 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [59120]
O58 - SDL:2012/07/26 05:42:15 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\WINDOWS\System32\drivers\nfrd960.sys [45808]
O58 - SDL:2015/02/04 05:35:16 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys [10702664]
O58 - SDL:2012/07/26 05:42:15 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [120048]
O58 - SDL:2012/07/26 05:42:15 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [141552]
O58 - SDL:2014/11/22 12:46:30 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\WINDOWS\System32\drivers\nvvad32v.sys [32912]
O58 - SDL:2006/12/23 11:44:59 A . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\WINDOWS\System32\drivers\prodrv06.sys [80768]
O58 - SDL:2006/12/23 11:43:17 A . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\System32\drivers\prohlp02.sys [77120]
O58 - SDL:2005/12/21 11:16:58 A . (.Protection Technology - StarForce Protection Synchronization Driver.) -- C:\WINDOWS\System32\drivers\prosync1.sys [7136]
O58 - SDL:2014/05/28 09:37:30 N . (.Beijing Rising Information Technology Co., Ltd. - protectreg.sys.) -- C:\WINDOWS\System32\drivers\protreg.sys [24120]
O58 - SDL:2012/02/29 09:49:55 N . (.Beijing Rising Information Technology Co., Ltd. - rsndisp.sys.) -- C:\WINDOWS\System32\drivers\rsndisp.sys [10808]
O58 - SDL:2014/08/15 03:22:22 N . (.Beijing Rising Information Technology Co., Ltd. - rsutils.sys.) -- C:\WINDOWS\System32\drivers\rsutils.sys [58664]
O58 - SDL:2014/07/18 08:31:08 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 32-bit Dr.) -- C:\WINDOWS\System32\drivers\Rt630x86.sys [732888]
O58 - SDL:2013/07/09 07:58:32 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\WINDOWS\System32\drivers\RtsUStor.sys [208600]
O58 - SDL:2012/07/26 08:52:42 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480]
O58 - SDL:2003/12/01 17:20:52 A . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\System32\drivers\sfhlp01.sys [4832]
O58 - SDL:2012/07/26 05:42:15 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [41200]
O58 - SDL:2012/07/26 05:42:16 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [79088]
O58 - SDL:2012/07/26 05:42:15 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [26352]
O58 - SDL:2014/09/10 08:11:30 N . (.Beijing Rising Information Technology Co., Ltd. - sysmon.sys.) -- C:\WINDOWS\System32\drivers\sysmon.sys [156144]
O58 - SDL:2009/09/16 07:02:40 A . (.Tunngle.net - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901t.sys [27136]
O58 - SDL:2015/03/16 18:44:30 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys [749664]
O58 - SDL:2015/03/16 18:42:58 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\WINDOWS\System32\drivers\VBoxNetAdp.sys [115672]
O58 - SDL:2015/03/16 18:42:58 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\WINDOWS\System32\drivers\VBoxUSBMon.sys [104384]
O58 - SDL:2012/07/26 05:42:18 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\WINDOWS\System32\drivers\viaide.sys [18160]
O58 - SDL:2012/07/26 05:42:19 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [155376]
O58 - SDL:2012/07/26 05:42:19 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [285424]
O58 - SDL:2015/06/16 00:28:50 A . (.Word Surfer - Word Surfer WFP Driver x86.) -- C:\WINDOWS\System32\drivers\wsafd_1_10_0_19.sys [48512]
O58 - SDL:2015/02/03 22:31:06 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{089299d4-0680-4375-a6a9-d9a7c9109a71}Gw.sys [43160] =>PUP.Optional.LinkiDoo
O58 - SDL:2015/01/31 16:25:52 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{3f6dc02a-32f1-4a7f-a53e-19dfac9f0741}Gw.sys [43160] =>PUP.Optional.LinkiDoo
O58 - SDL:2015/01/11 17:27:44 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{4aa4b1c6-cd07-4b9c-ade7-11609f549f85}Gw.sys [43200] =>PUP.Optional.LinkiDoo
O58 - SDL:2015/01/23 14:28:28 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{6a0e715f-5cd3-4402-8a39-80497da09315}Gw.sys [43144] =>PUP.Optional.LinkiDoo
O58 - SDL:2015/01/30 00:37:30 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{94bca0b7-79be-40d7-98b1-f3dc8ee5c9e2}Gw.sys [43160] =>PUP.Optional.LinkiDoo
O58 - SDL:2015/01/12 19:28:24 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{b38cdf0b-ae17-4747-9786-f2e8acede16d}Gw.sys [43200] =>PUP.Optional.LinkiDoo
O58 - SDL:2015/04/12 01:56:46 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{c8576b75-cc46-4cd3-80ad-eb9418cd1f02}Gw.sys [43160] =>PUP.Optional.LinkiDoo
O58 - SDL:2014/11/27 00:40:38 A . (.StdLib - StdLib.) -- C:\WINDOWS\System32\drivers\{dc19896d-a3e2-417d-be46-d18ebc99e240}Gw.sys [43144] =>PUP.Optional.LinkiDoo
O58 - SDL:2012/07/26 00:52:51 A . (...) -- C:\WINDOWS\System32\ANSI.SYS [9029]
O58 - SDL:2012/07/26 00:52:51 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2012/07/26 00:52:51 A . (...) -- C:\WINDOWS\System32\HIMEM.SYS [4768]
O58 - SDL:2012/07/26 00:52:52 A . (...) -- C:\WINDOWS\System32\KEY01.SYS [42809]
O58 - SDL:2012/07/26 00:52:52 A . (...) -- C:\WINDOWS\System32\KEYBOARD.SYS [42537]
O58 - SDL:2012/07/26 00:52:54 A . (...) -- C:\WINDOWS\System32\NTDOS.SYS [27866]
O58 - SDL:2012/07/26 00:52:54 A . (...) -- C:\WINDOWS\System32\NTDOS404.SYS [29146]
O58 - SDL:2012/07/26 00:52:54 A . (...) -- C:\WINDOWS\System32\NTDOS411.SYS [29370]
O58 - SDL:2012/07/26 00:52:54 A . (...) -- C:\WINDOWS\System32\NTDOS412.SYS [29274]
O58 - SDL:2012/07/26 00:52:54 A . (...) -- C:\WINDOWS\System32\NTDOS804.SYS [29146]
O58 - SDL:2012/07/26 00:52:51 A . (...) -- C:\WINDOWS\System32\NTIO.SYS [33968]
O58 - SDL:2012/07/26 00:52:51 A . (...) -- C:\WINDOWS\System32\NTIO404.SYS [34688]
O58 - SDL:2012/07/26 00:52:51 A . (...) -- C:\WINDOWS\System32\NTIO411.SYS [35776]
O58 - SDL:2012/07/26 00:52:51 A . (...) -- C:\WINDOWS\System32\NTIO412.SYS [35552]
O58 - SDL:2012/07/26 00:52:51 A . (...) -- C:\WINDOWS\System32\NTIO804.SYS [34688]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (12) - 27s
O61 - LFC: 2015/07/31 18:12:18 A . (.FMRTE.) -- C:\Users\Laurent\Downloads\FMRTE 15.3.2.16-Setup.exe [9483144]
O61 - LFC: 2015/07/31 15:57:14 A . (..) -- C:\Users\Laurent\Downloads\FMRTE 15.3.2 build 16.zip\FMRTE 15.3.2 build 16.zip1\FMRTE 15.3.2 build 16.zip.exe [391680]
O61 - LFC: 2015/07/31 17:27:51 A . (..) -- C:\Users\Laurent\Documents\FIFA 14\instance0\replay0.bin [1073741824]
O61 - LFC: 2015/07/29 17:07:55 A . (..) -- C:\Users\Laurent\AppData\Roaming\NVIDIA\GLCache\cb05ea612e23ecc768fb87881d9bc45f\023efcb37a204133\2e41cc102f07c8c0.bin [4394594]
O61 - LFC: 2015/07/30 11:42:05 A . (..) -- C:\Users\Laurent\AppData\Roaming\NVIDIA\GLCache\cb05ea612e23ecc768fb87881d9bc45f\023efcb37a204133\342ea23ca92c554a.bin [6157]
O61 - LFC: 2015/08/05 09:40:20 A . (.SoftBrain Technologies Ltd..) -- C:\Users\Laurent\AppData\Local\SmartWeb\__u.exe [172673] =>PUP.Optional.SmartWebSearch
O61 - LFC: 2015/08/03 10:00:04 A . (..) -- C:\Users\Laurent\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [5133709]
O61 - LFC: 2015/08/04 11:05:35 A . (..) -- C:\Users\Laurent\AppData\Local\NVIDIA\NvBackend\Packages\00007bb7\DAO.19826035.exe [5931992]
O61 - LFC: 2015/08/04 11:05:28 A . (..) -- C:\Users\Laurent\AppData\Local\NVIDIA\NvBackend\Packages\00007bb5\CoProc update.19825278.exe [515672]
O61 - LFC: 2015/08/06 12:13:28 A . (..) -- C:\Users\Laurent\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/08/04 13:47:20 A . (..) -- C:\Users\Laurent\AppData\Local\gmsd_be_005010051\upgmsd_be_005010051.exe [3299984] =>PUP.Optional.CrossRider
O61 - LFC: 2015/08/06 12:14:53 A . (..) -- C:\Users\Laurent\AppData\Local\gmsd_be_005010051\Download\majmp_gentleeu.exe [3832747] =>PUP.Optional.CrossRider

---\\ Associations Shell Spawning (O67) (1) - 0s
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe

---\\ Menu de démarrage Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://istart.webssearches.com/ =>PUP.Optional.WebsSearches
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (6) - 1s
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Trovi search) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - () - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} - (Bing) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2514} - (default-search.net) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch

---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) (2) - 8s
O82 - LFC: 2015/07/31 18:44:11 A . (...) -- C:\Users\Laurent\Downloads\FMRTE_keygen_by_ViKiNG (1).zip [1676262] =>.Crack,Keygen
O82 - LFC: 2015/07/31 18:43:45 A . (...) -- C:\Users\Laurent\Downloads\FMRTE_keygen_by_ViKiNG.zip [1676262] =>.Crack,Keygen

---\\ Enumère les services démarrés par Svchost (SSS) (O83) (36) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [168960]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [115200]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [115200]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236544]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1285632]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [683520]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [87552]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\Windows\System32\rasmans.dll [302080]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [81920]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [49152]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [392192]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [245760]
O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [30520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2601472]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [630272]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [506368]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [741376]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [20992]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [52224]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [115200]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [89088]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [944640]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [166400]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll [60928]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [105472]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [170496]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [249344]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [59392]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL [73216]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [33280]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1532928]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [154112]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [117760]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [161792]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\Windows\System32\NcaSvc.dll [138752]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [152064]

---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (24) - 2s
O87 - FAEL: "{5F4D9AA5-7AF0-4E43-985D-C29F88F9A732}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{8D8FD5A5-A2F0-4DC8-8429-BF4FD19A9BB2}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{378DF372-EB27-41C6-8587-69D99AE8EAE8}D:\program files(x86)\jeux\romstation\emulation\gameboy advance\visualboyadvance link\visualboyadvance.exe" [In-None-P6-TRUE] .(.None - VisualBoyAdvance emulator.) -- D:\program files(x86)\jeux\romstation\emulation\gameboy advance\visualboyadvance link\visualboyadvance.exe
O87 - FAEL: "UDP Query User{3DE3B054-769B-462C-885A-66F17DAC594E}D:\program files(x86)\jeux\romstation\emulation\gameboy advance\visualboyadvance link\visualboyadvance.exe" [In-None-P17-TRUE] .(.None - VisualBoyAdvance emulator.) -- D:\program files(x86)\jeux\romstation\emulation\gameboy advance\visualboyadvance link\visualboyadvance.exe
O87 - FAEL: "{F7959700-9BF8-4F49-A745-A126565AB68A}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{BD0CD954-7FD5-4D7C-A8DA-09A670C8B0E3}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Laurent\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{AEDD080A-5C1B-477E-B429-7EF02D819876}" [In-None-P17-TRUE] .(...) -- C:\Users\Laurent\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{7ACEFFF4-4A88-40A7-AC2D-8B70E224A537}" [In-None-P17-TRUE] .(.爱奇艺 - 爱奇艺万能播放器.) -- C:\IQIYI Video\GeePlayer\GeePlayer.exe =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{5562A67F-2DEE-4F22-BB4A-E036E15A1C95}" [In-None-P17-TRUE] .(...) -- C:\Users\Laurent\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{3FEDC076-E11B-4DD8-8A5B-1D7EF22016DD}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{938B58F0-2246-4A7D-92EC-8352D6B907D3}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{20B9345E-A76A-4D85-899E-6567459D83EE}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{CB90EEC4-4924-429A-925D-6B4008E4318C}" [In-None-P17-TRUE] .(...) -- C:\Users\Laurent\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{4D6DF772-7242-48E3-9E92-3E03169FE0B0}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{2A20560C-577A-48CC-941F-12CA1F29F0F5}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{08FB6374-6EF8-40F9-A2DE-AA2E9A77EAF8}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{DD7F0966-727A-4547-A83F-501792731DDA}" [In-None-P17-TRUE] .(...) -- C:\Users\Laurent\AppData\Roaming\IQIYI Video\LStyle\GpUpdate.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{3B5B9766-2165-4648-BDAC-332F6C309502}" [In-None-P17-TRUE] .(.爱奇艺 - 爱奇艺万能播放器.) -- C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{A9D23103-DDD1-4F6E-8C5C-3B8B52524DD3}" [In-None-P17-TRUE] .(...) -- C:\Users\Laurent\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{4C16D951-AA72-424D-B104-FB8D5F204468}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyClient.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{B75D52D0-6CAC-450E-AFC6-F5962593FA82}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyWebPlayer.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{FC8C4C9A-64B8-4946-9EFF-9EAC66813C79}" [In-None-P17-TRUE] .(...) -- C:\IQIYI Video\LStyle\QyPlayer.exe (.not file.) =>PUP.Optional.IQIYIVideo
O87 - FAEL: "{D9EC6C8C-565E-4FAB-9E3D-86E2935DFFBD}" [In-None-P6-TRUE] .(.Beijing Rising Information Technology Co., Ltd. - 瑞星杀毒软件 安全服务核心程序.) -- C:\Program Files\Rising\RAV\ravmond.exe
O87 - FAEL: "{B4BE9403-EDB2-434D-BAB5-C1DAFFC880DD}" [In-None-P17-TRUE] .(.Beijing Rising Information Technology Co., Ltd. - 瑞星杀毒软件 安全服务核心程序.) -- C:\Program Files\Rising\RAV\ravmond.exe

---\\ Enumère les codes produits des logiciels (PUC) (O90) (1) - 1s
O90 - PUC: "E0BD057F254D8013369CEF61CB867614" . (.Webplayer.) =>PUP.Optional.WebPlayer

---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) (1) - 2s
[MD5.] [WIS][2014/05/18 14:47:06] (.Kreapixel - Adobe AIR.) -- C:\WINDOWS\Installer\122b8d2.msi [21504] =>PUP.Optional.SocialSkinz

---\\ Recherche de clés de registre Tracing (O100) (22) - 2s
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BrowserGoodUntemp_RASAPI32 =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\BrowserGoodUntemp_RASMANCS =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\CommonShareUntemp_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\CommonShareUntemp_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 =>PUP.Optional.BProtector
HKLM\SOFTWARE\Microsoft\Tracing\PerformanceOptimizer_RASMANCS =>PUP.Optional.BProtector
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowserGood_RASAPI32 =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowserGood_RASMANCS =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\updateCommonShare_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateCommonShare_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateDizzyDing_RASAPI32 =>PUP.Optional.DizzyDing
HKLM\SOFTWARE\Microsoft\Tracing\updateDizzyDing_RASMANCS =>PUP.Optional.DizzyDing
HKLM\SOFTWARE\Microsoft\Tracing\utilBrowserGood_RASAPI32 =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\utilBrowserGood_RASMANCS =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\utilCommonShare_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\utilCommonShare_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\utilDizzyDing_RASAPI32 =>PUP.Optional.DizzyDing
HKLM\SOFTWARE\Microsoft\Tracing\utilDizzyDing_RASMANCS =>PUP.Optional.DizzyDing
HKLM\SOFTWARE\Microsoft\Tracing\WordSurferAutoUpdateClient_RASAPI32 =>PUP.Optional.WordSurfer
HKLM\SOFTWARE\Microsoft\Tracing\WordSurferAutoUpdateClient_RASMANCS =>PUP.Optional.WordSurfer

---\\ Scan Additionnel (O88) (205) - 0s
C:\Program Files\03000200-1428775273-0500-0006-000700080009\knspC178.tmp =>PUP.Optional.CrossRider
C:\Users\Laurent\AppData\Roaming\03000200-1428775273-0500-0006-000700080009\jnsc79EF.tmp =>PUP.Optional.CrossRider
C:\Users\Laurent\AppData\Local\03000200-1428782682-0500-0006-000700080009\cnsd6D37.tmp =>PUP.Optional.CrossRider
C:\Program Files\WordSurfer_1.10.0.19\Service\wsasvc.exe =>PUP.Optional.WordSurfer
C:\Program Files\YTDownloader\YTDUpdater.exe =>PUP.Optional.YTDownloader
C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6.exe =>PUP.Optional.CrossRider
C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6.exe =>PUP.Optional.CrossRider
C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10.exe =>PUP.Optional.CrossRider
C:\Users\Laurent\AppData\Local\gmsd_be_005010051\upgmsd_be_005010051.exe =>PUP.Optional.CrossRider
C:\Program Files\gmsd_be_005010051\gmsd_be_005010051.exe =>PUP.Optional.CrossRider
C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml =>PUP.Optional.DeltaHomes
C:\Program Files\Mozilla Firefox\browser\searchplugins\qone8.xml =>PUP.Optional.Qone8
C:\Program Files\Mozilla Firefox\browser\searchplugins\webssearches.xml =>PUP.Optional.WebsSearches
C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419} =>PUP.Optional.MiuiTab
HKLM\SYSTEM\CurrentControlSet\Services\cykomire =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service =>PUP.Optional.AgentODR
HKLM\SYSTEM\CurrentControlSet\Services\nogedycy =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\topupete =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\wsasvc_1.10.0.19 =>PUP.Optional.WordSurfer
HKLM\SYSTEM\CurrentControlSet\Services\YTDUpdt =>PUP.Optional.Goobzo
C:\Program Files\YTDownloader\YTDUpdater.exe =>PUP.Optional.Goobzo
C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7.exe =>PUP.Optional.CrossRider
C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5.exe =>PUP.Optional.CrossRider
C:\Program Files\winservice86\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7.exe =>PUP.Optional.CrossRider
C:\Program Files\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe =>PUP.Optional.WordSurfer
C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10_user.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5_user.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\APSnotifierPP1.job =>PUP.Optional.AnyProtect
C:\WINDOWS\Tasks\APSnotifierPP2.job =>PUP.Optional.AnyProtect
C:\WINDOWS\Tasks\APSnotifierPP3.job =>PUP.Optional.AnyProtect
C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-6 =>PUP.Optional.CrossRider
C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-1-7 =>PUP.Optional.CrossRider
C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-10_user =>PUP.Optional.CrossRider
C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5 =>PUP.Optional.CrossRider
C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-5_user =>PUP.Optional.CrossRider
C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-6 =>PUP.Optional.CrossRider
C:\WINDOWS\System32\Tasks\879605fe-adf5-4ac4-b5c4-0f9b198b23fa-7 =>PUP.Optional.CrossRider
C:\WINDOWS\System32\Tasks\APSnotifierPP1 =>PUP.Optional.AnyProtect
C:\WINDOWS\System32\Tasks\APSnotifierPP2 =>PUP.Optional.AnyProtect
C:\WINDOWS\System32\Tasks\APSnotifierPP3 =>PUP.Optional.AnyProtect
C:\WINDOWS\System32\Tasks\LaunchSignup =>PUP.Optional.MyPCBackup
C:\WINDOWS\System32\Tasks\SmartWeb Upgrade Trigger Task =>PUP.Optional.SmartWebSearch
C:\WINDOWS\System32\Tasks\WindApp Update =>PUP.Optional.Nosibay
C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core =>PUP.Optional.WordSurfer
C:\WINDOWS\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update =>PUP.Optional.WordSurfer
C:\WINDOWS\System32\Tasks\YTDownloader =>PUP.Optional.YTDownloader
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_be_005010051_is1 =>PUP.Optional.GamesDesktop
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winservice86 =>PUP.Optional.CrossRider
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindApp =>PUP.Optional.Nosibay
HKLM\SOFTWARE\AskPartnerNetwork =>Toolbar.Ask
HKLM\SOFTWARE\CommonShare =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\GAMESDESKTOP =>PUP.Optional.GamesDesktop
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\GreyGray =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Iminent =>PUP.Optional.IMBooster
HKLM\SOFTWARE\Infonaut_1.10.0.13 =>PUP.Optional.Infonaut
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\istartsurfSoftware =>PUP.Optional.IsStart
HKLM\SOFTWARE\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\Registry Helper =>PUP.Optional.RegistryHelper
HKLM\SOFTWARE\SafetySearch =>PUP.Optional.SafetySearch
HKLM\SOFTWARE\SearchProtect =>PUP.Optional.SearchProtect
HKLM\SOFTWARE\searchult =>PUP.Optional.Gen
HKLM\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\SPPDCOM =>PUP.Optional.PCSpeedUp
HKLM\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\WajIntEnhance =>PUP.Optional.Wajam
HKLM\SOFTWARE\webssearchesSoftware =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\winservice86 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\winservice86-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\winservice86-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\WordProser_1.10.0.5 =>PUP.Optional.WordProser
HKLM\SOFTWARE\WordProser_1.10.0.6 =>PUP.Optional.WordProser
HKLM\SOFTWARE\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer
HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.Ask
HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser
HKCU\SOFTWARE\gamesdesktop =>PUP.Optional.GamesDesktop
HKCU\SOFTWARE\Ge-Force-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\GigaClicks Crawler =>PUP.Optional.GigaClicks
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GreyGray =>PUP.Optional.Sambreel
HKCU\SOFTWARE\HomeTab =>PUP.Optional.CertifiedToolbar
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\Nosibay =>PUP.Optional.SPointer
HKCU\SOFTWARE\Optimizer Pro =>PUP.Optional.OptimizerPro
HKCU\SOFTWARE\SearchProtectWS =>PUP.Optional.SearchProtect
HKCU\SOFTWARE\Sense-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech
HKCU\SOFTWARE\Smartbar =>PUP.Optional.SmartBar
HKCU\SOFTWARE\Store =>PUP.Optional.Gen
HKCU\SOFTWARE\TNT2 =>PUP.Optional.TidyNetwork
HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\WajIEnhance =>PUP.Optional.Wajam
HKCU\SOFTWARE\WajIntEnhance =>PUP.Optional.Wajam
HKCU\SOFTWARE\winservice86 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\winservice86-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\winservice86-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\mystarttb =>PUP.Optional.StartSearch =>PUP.Optional.StartSearch
C:\Program Files\03000200-1428775273-0500-0006-000700080009 =>PUP.Optional.CrossRider
C:\Program Files\1acf32df-b1fe-4175-996d-52aaa728b99a =>PUP.Optional.CrossRider
C:\Program Files\974be818-95d1-421a-bcd1-71f58442e441 =>PUP.Optional.CrossRider
C:\Program Files\CCutThePrice =>PUP.Optional.Multiplug
C:\Program Files\CommonShare =>PUP.Optional.CommonShare
C:\Program Files\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Program Files\CutThePrice =>PUP.Optional.Multiplug
C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files\gmsd_be_005010051 =>PUP.Optional.CrossRider
C:\Program Files\GU Player =>PUP.Optional.GUPlayer
C:\Program Files\predm =>PUP.Optional.Downware
C:\Program Files\PriceLess =>PUP.Optional.PriceLess
C:\Program Files\RobooSaver =>PUP.Optional.Multiplug
C:\Program Files\SearchNewTab =>PUP.Optional.FastSaveApp
C:\Program Files\Settings Manager =>PUP.Optional.SettingsManager
C:\Program Files\Supporter =>PUP.Optional.SaveClicker
C:\Program Files\surf! aNd keep =>PUP.Optional.Multiplug
C:\Program Files\TakkeTheCoupono =>PUP.Optional.Multiplug
C:\Program Files\TinyWallet =>PUP.Optional.Multiplug
C:\Program Files\winservice86 =>PUP.Optional.CrossRider
C:\Program Files\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer
C:\Program Files\YoutubeAdBlocke =>PUP.Optional.YouTubeAdBlock
C:\Program Files\YTDownloader =>PUP.Optional.YTDownloader
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP =>PUP.Optional.GamesDesktop
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab =>PUP.Optional.FastSaveApp
C:\ProgramData\bmapngfelfdkehbdplopllegndkadcil =>Toolbar.Ask
C:\ProgramData\IePluginServices =>Trojan.SProtector
C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR
C:\ProgramData\InstallMate =>PUP.Optional.Tarma
C:\ProgramData\IQIYI Video =>PUP.Optional.IQIYIVideo
C:\ProgramData\Registry Helper =>PUP.Optional.RegistryHelper
C:\ProgramData\RobooSaver =>PUP.Optional.Multiplug
C:\ProgramData\SearchNewTab =>PUP.Optional.FastSaveApp
C:\ProgramData\surf! aNd keep =>PUP.Optional.Multiplug
C:\ProgramData\TakkeTheCoupono =>PUP.Optional.Multiplug
C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
C:\ProgramData\TinyWallet =>PUP.Optional.Multiplug
C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
C:\Users\Laurent\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect
C:\Users\Laurent\AppData\Roaming\IQIYI Video =>PUP.Optional.IQIYIVideo
C:\Users\Laurent\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
C:\Users\Laurent\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\Laurent\AppData\Local\gmsd_be_005010051 =>PUP.Optional.CrossRider
C:\Users\Laurent\AppData\Local\SmartWeb =>PUP.Optional.SmartWebSearch
C:\Users\Laurent\AppData\Local\SysassistByHotWheel =>PUP.Optional.Gen
C:\WINDOWS\Prefetch\ANYPROTECT.EXE-E6F566D4.pf =>PUP.Optional.AnyProtect
C:\WINDOWS\Prefetch\GMSD_BE_005010051.EXE-7FD22B69.pf =>PUP.Optional.CrossRider
C:\WINDOWS\Prefetch\IQIYISETUP_L_SPL004@KB005.EXE-D558BE74.pf =>PUP.Optional.IQIYIVideo
C:\WINDOWS\Prefetch\PERFORMANCEOPTIMIZER.EXE-2139B7C9.pf =>PUP.Optional.BProtector
C:\WINDOWS\Prefetch\SMARTWEBAPP.EXE-1D5CAE84.pf =>PUP.Optional.SmartWebSearch
C:\WINDOWS\Prefetch\SMARTWEBHELPER.EXE-8564817F.pf =>PUP.Optional.SmartWebSearch
C:\WINDOWS\Prefetch\UPGMSD_BE_005010051.EXE-7945F1CE.pf =>PUP.Optional.CrossRider
C:\WINDOWS\Prefetch\WORDSURFERAUTOUPDATECLIENT.EX-1E7E4672.pf =>PUP.Optional.WordSurfer
C:\WINDOWS\Prefetch\WPM_V20.0.0.2294.EXE-4DCFA169.pf =>PUP.Optional.WpManager
C:\WINDOWS\System32\drivers\{089299d4-0680-4375-a6a9-d9a7c9109a71}Gw.sys =>PUP.Optional.LinkiDoo
C:\WINDOWS\System32\drivers\{3f6dc02a-32f1-4a7f-a53e-19dfac9f0741}Gw.sys =>PUP.Optional.LinkiDoo
C:\WINDOWS\System32\drivers\{4aa4b1c6-cd07-4b9c-ade7-11609f549f85}Gw.sys =>PUP.Optional.LinkiDoo
C:\WINDOWS\System32\drivers\{6a0e715f-5cd3-4402-8a39-80497da09315}Gw.sys =>PUP.Optional.LinkiDoo
C:\WINDOWS\System32\drivers\{94bca0b7-79be-40d7-98b1-f3dc8ee5c9e2}Gw.sys =>PUP.Optional.LinkiDoo
C:\WINDOWS\System32\drivers\{b38cdf0b-ae17-4747-9786-f2e8acede16d}Gw.sys =>PUP.Optional.LinkiDoo
C:\WINDOWS\System32\drivers\{c8576b75-cc46-4cd3-80ad-eb9418cd1f02}Gw.sys =>PUP.Optional.LinkiDoo
C:\WINDOWS\System32\drivers\{dc19896d-a3e2-417d-be46-d18ebc99e240}Gw.sys =>PUP.Optional.LinkiDoo
C:\Users\Laurent\AppData\Local\SmartWeb\__u.exe =>PUP.Optional.SmartWebSearch
C:\Users\Laurent\AppData\Local\gmsd_be_005010051\Download\majmp_gentleeu.exe =>PUP.Optional.CrossRider
C:\IQIYI Video\GeePlayer\GeePlayer.exe =>PUP.Optional.IQIYIVideo
C:\IQIYI Video\GeePlayer\GeePlayer\GeePlayer.exe =>PUP.Optional.IQIYIVideo
HKLM\Software\Classes\Installer\Products\E0BD057F254D8013369CEF61CB867614 =>PUP.Optional.WebPlayer
HKLM\Software\Classes\Installer\Features\E0BD057F254D8013369CEF61CB867614 =>PUP.Optional.WebPlayer
C:\WINDOWS\Installer\122b8d2.msi =>PUP.Optional.SocialSkinz
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BrowserGoodUntemp_RASAPI32 =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\BrowserGoodUntemp_RASMANCS =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\CommonShareUntemp_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\CommonShareUntemp_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 =>PUP.Optional.BProtector
HKLM\SOFTWARE\Microsoft\Tracing\PerformanceOptimizer_RASMANCS =>PUP.Optional.BProtector
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowserGood_RASAPI32 =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\updateBrowserGood_RASMANCS =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\updateCommonShare_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateCommonShare_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateDizzyDing_RASAPI32 =>PUP.Optional.DizzyDing
HKLM\SOFTWARE\Microsoft\Tracing\updateDizzyDing_RASMANCS =>PUP.Optional.DizzyDing
HKLM\SOFTWARE\Microsoft\Tracing\utilBrowserGood_RASAPI32 =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\utilBrowserGood_RASMANCS =>PUP.Optional.BrowserGood
HKLM\SOFTWARE\Microsoft\Tracing\utilCommonShare_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\utilCommonShare_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\utilDizzyDing_RASAPI32 =>PUP.Optional.DizzyDing
HKLM\SOFTWARE\Microsoft\Tracing\utilDizzyDing_RASMANCS =>PUP.Optional.DizzyDing
HKLM\SOFTWARE\Microsoft\Tracing\WordSurferAutoUpdateClient_RASAPI32 =>PUP.Optional.WordSurfer
HKLM\SOFTWARE\Microsoft\Tracing\WordSurferAutoUpdateClient_RASMANCS =>PUP.Optional.WordSurfer

---\\ Récapitulatif des éléments trouvées sur votre station (62) - 0s
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.WordSurfer
http://www.nicolascoolman.fr/pup-ytdownloader/ =>PUP.Optional.YTDownloader
http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.DeltaHomes
http://www.nicolascoolman.fr/hijacker-qone8 / =>PUP.Optional.Qone8
http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
http://www.nicolascoolman.fr/blog =>PUP.Optional.IQIYIVideo
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart
http://www.nicolascoolman.fr/blog =>PUP.Optional.MiuiTab
http://www.nicolascoolman.fr/blog =>PUP.Optional.AgentODR
http://www.nicolascoolman.fr/pup-goobzo/ =>PUP.Optional.Goobzo
http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect
http://www.nicolascoolman.fr/pup-mypcbackup/ =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/pup-smartwebsearch/ =>PUP.Optional.SmartWebSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.Nosibay
http://www.nicolascoolman.fr/blog =>PUP.Optional.GamesDesktop
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/blog =>PUP.Optional.Sambreel
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/adware-imbooster/ =>PUP.Optional.IMBooster
http://www.nicolascoolman.fr/blog =>PUP.Optional.Infonaut
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/blog =>PUP.Optional.RegistryHelper
http://www.nicolascoolman.fr/blog =>PUP.Optional.SafetySearch
http://www.nicolascoolman.fr/pup-searchprotect/ =>PUP.Optional.SearchProtect
http://www.nicolascoolman.fr/blog =>PUP.Optional.Gen
http://www.nicolascoolman.fr/blog =>PUP.Optional.SettingsManager
http://www.nicolascoolman.fr/rogue-pcspeedup/ =>PUP.Optional.PCSpeedUp
http://www.nicolascoolman.fr/adware-tencentaddressbar/ =>PUP.Optional.TencentAddressBar
http://www.nicolascoolman.fr/adware-trymedia/ =>PUP.Optional.Trymedia
http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive
http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Optional.Wajam
http://www.nicolascoolman.fr/blog =>PUP.Optional.WordProser
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowser
http://www.nicolascoolman.fr/pup-gigaclicks/ =>PUP.Optional.GigaClicks
http://www.nicolascoolman.fr/pup-certifiedtoolbar/ =>PUP.Optional.CertifiedToolbar
http://www.nicolascoolman.fr/pup-linkeysearch/ =>PUP.Optional.LinkeySearch
http://www.nicolascoolman.fr/adware-spointer/ =>PUP.Optional.SPointer
http://www.nicolascoolman.fr/pup-optimizerpro/ =>PUP.Optional.OptimizerPro
http://www.nicolascoolman.fr/blog =>PUP.Optional.SimplyTech
http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/adware-tidynetwork/ =>PUP.Optional.TidyNetwork
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/pup-commonshare/ =>PUP.Optional.CommonShare
http://www.nicolascoolman.fr/blog =>PUP.Optional.GUPlayer
http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware
http://www.nicolascoolman.fr/blog =>PUP.Optional.PriceLess
http://www.nicolascoolman.fr/adware-fastsaveapp/ =>PUP.Optional.FastSaveApp
http://www.nicolascoolman.fr/pup-saveclicker/ =>PUP.Optional.SaveClicker
http://www.nicolascoolman.fr/blog =>PUP.Optional.YouTubeAdBlock
http://www.nicolascoolman.fr/trojan-sprotector/ =>Trojan.SProtector
http://www.nicolascoolman.fr/pup-tarma/ =>PUP.Optional.Tarma
http://www.nicolascoolman.fr/pup-bprotector/ =>PUP.Optional.BProtector
http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/pup-linkidoo/ =>PUP.Optional.LinkiDoo
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebPlayer
http://www.nicolascoolman.fr/adware-socialskinz/ =>PUP.Optional.SocialSkinz
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserGood
http://www.nicolascoolman.fr/blog =>PUP.Optional.DizzyDing

~ End of the scan, 18060 items in 178 seconds (1423)(2)()

Publicité


Signaler le contenu de ce document

Publicité