Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.8.11.117 Par Nicolas Coolman (2015/08/11)
~ Démarré par User (Administrator) (2015/08/11 20:39:49)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier réseau
~ Mode: Scanner
~ Rapport: C:\Users\User\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\User\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Navigateurs Internet (4) - 0s
GCIE: Google Chrome v44.0.2403.130
MFIE: Mozilla Firefox 39.0.3 (x86 fr) v39.0.3
OPIE: Opera 31.0.1889.99 v31.0.1889.99
MSIE: Internet Explorer v11.0.9600.17914
---\\ Informations sur les produits Windows (8) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK
~ Windows Operating System - Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : XM76F
~ Windows Remaining Initializations Number : 3
---\\ Logiciels de protection (3) - 0s
Malwarebytes Anti-Malware version 2.1.8.1057
Microsoft Security Client v4.8.0204.0
Microsoft Security Essentials v4.8.204.0
---\\ Surveillance de Logiciels (2) - 0s
Adobe Acrobat Reader DC - Français
Adobe Flash Player 18 NPAPI
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4069.408 MB (29% free)
~ System Restore: Activé (Enable)
~ System drive C: has 415 GB free of 476 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: USER-PC
~ User Name: User
~ Logged in as Administrator
---\\ Enumération des unités disques (1) - 0s
~ Drive C: has 415 GB free of 476 GB (System)
---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E066FDC3A2074D926903B8C31EF3B347] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2427392]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
[MD5.BDF76C3CE993FFB6214287272708364F] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [496640]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.A8D09796996D21BD2865049C41AC3511] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [105472]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.E9DD0E8829567362C1051E0905174DDE] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [159744]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.48B6047F82D5A8D0AEC71593F4ACD79B] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684416]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.DF83AA1C4278E2C0E36C0479C1555A9C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [296808]
---\\ Processus lancés (31) - 1s
[MD5.ABDD5AD016AFFD34AD40E944CE94BF59] - (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe [94208] [PID.1628]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1916]
[MD5.013697369EAFFA675D0671607F036020] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1996]
[MD5.7C5BFAAC8DCE7292B0C04EBF892E71F9] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [168448] [PID.1512]
[MD5.D4615670CD49A1679E6067F155C47C68] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [131072] [PID.1588]
[MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.2080]
[MD5.948220B9B823BC43E5A7890DE764491E] - (...) -- C:\Users\User\AppData\Roaming\Liberal Regiment\Liberal Regiment.exe [66048] [PID.2112]
[MD5.DFA3717104F996F273D81946B6CB923A] - (.Copyright © 2015 - mrouvwne.) -- C:\ProgramData\Puennagub\1.0.4.1\mrouvwne.exe [159744] [PID.2140]
[MD5.A7EDADFB0AE38AE6F0488F0F2448D8B5] - (.MICRO-STAR INTERNATIONAL CO., LTD. - MSI_Trigger_Service.) -- C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240] [PID.2256]
[MD5.C71EE856C4F5B52E2D094F494CEE4936] - (.Copyright (C) 2008 - WlanSvc Application.) -- C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [167936] [PID.2524]
[MD5.DFA3717104F996F273D81946B6CB923A] - (.Copyright © 2015 - mrouvwne.) -- C:\ProgramData\Puennagub\1.0.4.1\mrouvwne.exe [159744] [PID.3604]
[MD5.79F5103C1098501C552DD2EF622FCADD] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [391152] [PID.3864]
[MD5.D7614FA0BEC32E2989EC4281CB8B22C2] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [771056] [PID.3884]
[MD5.8B24451ED1FF26BC20384DC35AEA7048] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [769520] [PID.3892]
[MD5.E16C98951AF108CB5178A7BD2DD13660] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448] [PID.3900]
[MD5.BBB0A178EC88CE31727675C984AF9355] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [843248] [PID.3996]
[MD5.094E4E76FB9AB960A73F841BC6733F42] - (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848] [PID.3088]
[MD5.D3AC38E80E928CC61A22650E04423BB8] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [979328] [PID.2824]
[MD5.CF8BC90EFB85B870CBC967E3117FCB50] - (.Copyright (C) 2011 - WlanCU MFC Application.) -- C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe [581632] [PID.2788]
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.2792]
[MD5.3DE66F47365AA8CEB18B1EE272F4FEBA] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.2376]
[MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.4384]
[MD5.F7CEB1E5F0000FDEEE04B046BBDE1D4E] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.4356]
[MD5.FE5889AECDC809DF70435989867FC5A8] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [271016] [PID.4280]
[MD5.05704EB8BF443999EBE4E9D2C075C26A] - (.Adobe Systems, Inc. - Adobe Flash Player 18.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe [3423920] [PID.3576]
[MD5.05704EB8BF443999EBE4E9D2C075C26A] - (.Adobe Systems, Inc. - Adobe Flash Player 18.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe [3423920] [PID.4584]
[MD5.0ECDED87539685FF86B0D21B2C46C087] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\User\Downloads\ZHPDiag3(1).exe [1901568] [PID.4224]
[MD5.0ECDED87539685FF86B0D21B2C46C087] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\User\AppData\Roaming\ZHP\ZHPDiag3.exe [1901568] [PID.2328]
[MD5.FE5889AECDC809DF70435989867FC5A8] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [271016] [PID.1092]
[MD5.61AD62A4A403B570D16473715A2989EF] - (.Adobe Systems, Inc. - Adobe Flash Player 18.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe [3423944] [PID.4240]
[MD5.61AD62A4A403B570D16473715A2989EF] - (.Adobe Systems, Inc. - Adobe Flash Player 18.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe [3423944] [PID.3832]
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (16) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://adplus.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://d.zombienewsapp.com/ =>PUP.Optional.ZombieNews
G0 - GCSP: Preferences [User Data\Default][HomePage] http://e.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://elex-tech.lesseigneurs.fr/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://s.zombienewsapp.com/ =>PUP.Optional.ZombieNews
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mynamedomain.koko/
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (31) - 2s
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\firebug@software.joehewitt.com.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\html5_validator@erikvold.com.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\launchy@gemal.dk.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{6BFD307A-C040-11DA-9749-FB1C850B47DF}.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\searchplugins\webssearches.xml =>PUP.Optional.WebsSearches
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (. - youtubeadblocker.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\7P@qdd.net
P2 - EXT: (.Video HDV31.07 - PlusHD_v3.1V31.07.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com
P2 - EXT: (.roc - Default SearchProtected .) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\defsearchp@gmail.com
P2 - EXT: (.lightningnewtab.com - deskCut.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab
P2 - EXT: (.Cinema PlusV10.08 - CinemaPlus-4.5vV10.08.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\DXYYH4339170@JXVPYKS65865478.com
P2 - EXT: (. - PiRiceLesus.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\maA0UjT@CvG.com
P2 - EXT: (. - PriceLess.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\QJ7@eizr.net
P2 - EXT: (.LastPass Dev Team - LastPass.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\support@lastpass.com
P2 - EXT: (. - youtubeadblocker.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\UqWhC@p3.net
P2 - EXT: (.Marc Gueury - Html Validator.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
P2 - EXT: (.Alex Sirota - ColorZilla.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
---\\ Opera, Démarrage,Recherche,Plugins (B0,B1,B2) (2) - 0s
B2 - EXT: [CinemaPlus-4.5vV10.08] C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bfaohpmjmhdgnjblojekjlnadhehiadj
B2 - EXT: [BrowserV10.08] C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhkmcfanijhphphomamdkaejjadkhgn
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)
---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Browser Helper Object de navigateur (BHO) (O2) (1) - 0s
O2 - BHO: (no name) [64Bits] - {1F91A9A1-01BA-4c81-863D-3BA0751E1419} (Orphean)
---\\ Applications lancées au démarrage du sytème (O4) (20) - 1s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [gpuminer] C:\Users\User\AppData\Roaming\cpuminer\sgminer\sgminer.cmd (.not file.)
O4 - HKLM\..\Run: [cpuminer] C:\Windows\system32\cpuminer-gw64.exe (.not file.)
O4 - HKCU\..\Run: [EPSON PX730 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQE.EXE
O4 - HKCU\..\Run: [Epson Stylus Photo PX730(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQE.EXE
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Wow6432Node\Run: [mbot_fr_014010057] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [mpck_fr_017010057] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010057] (Orphean)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3791441938-798904429-1813275689-1000\..\Run: [EPSON PX730 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQE.EXE
O4 - HKUS\S-1-5-21-3791441938-798904429-1813275689-1000\..\Run: [Epson Stylus Photo PX730(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQE.EXE
---\\ Modification Domaine/Adresses DNS (O17) (9) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Liste des services NT non Microsoft et non désactivés (O23) (17) - 0s
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY - ABBYY network license server.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Wire Professional Version (comyninu) . (...) - C:\Program Files (x86)\FFFFFFFF-1439241224-FFFF-FFFF-FFFFFFFFFFFF\hnsz2050.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: EpsonBidirectionalService (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: Kerning Down (gopibeko) . (...) - C:\Users\User\AppData\Local\FFFFFFFF-1439248474-FFFF-FFFF-FFFFFFFFFFFF\snsz84CD.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Key In Bold Italic (hyverumu) . (...) - C:\Program Files (x86)\FFFFFFFF-1439241224-FFFF-FFFF-FFFFFFFFFFFF\jnsk8C9.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Liberal Regiment (Liberal Regiment) . (...) - C:\Users\User\AppData\Roaming\Liberal Regiment\Liberal Regiment.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: (MSI_Trigger_Service) . (.MICRO-STAR INTERNATIONAL CO., LTD. - MSI_Trigger_Service.) - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: Lid Charger (synocufe) . (...) - C:\Program Files (x86)\FFFFFFFF-1439241224-FFFF-FFFF-FFFFFFFFFFFF\knsjE432.tmpfs (.not file.) =>PUP.Optional.CrossRider
O23 - Service: WlanWpsSvc (WlanWpsSvc) . (.Copyright (C) 2008 - WlanSvc Application.) - C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
---\\ Tâches planifiées en automatique (O39) (23) - 4s
[MD5.E3FB05F33E1404AD606B1E1FE7C323C3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104]
[MD5.9B3355B29942AF67F014EA90CE1EA960] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.00000000000000000000000000000000] [APT] [AutoMount] (...) -- c:\programdata\{9b959bde-97fa-1f6e-9b95-59bde97f6f7a}\pricelessinstaller.exe (.not file.) [0] =>PUP.Optional.PriceLess
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.CD9E638EFC321B1856E1F3CCCCCCA478] [APT] [Opera scheduled Autoupdate 1438368161] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [930936]
[MD5.DFA3717104F996F273D81946B6CB923A] [APT] [Puennagub] (.Copyright © 2015.) -- C:\ProgramData\Puennagub\1.0.4.1\mrouvwne.exe [159744] =>Heuristic.PullUpdate
[MD5.00000000000000000000000000000000] [APT] [Superclean] (...) -- c:\programdata\{50688150-234f-33b7-5068-881502340540}\hqghumeaylnlf.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] =>.Adobe Systems Incorporated
O39 - APT: AutoMount - (...) -- C:\Windows\Tasks\AutoMount.job [348] =>PUP.Optional.PriceLess
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] =>.Google Inc.
O39 - APT: Superclean - (...) -- C:\Windows\Tasks\Superclean.job [338]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3940] =>.Adobe Systems Incorporated
O39 - APT: AutoMount - (...) -- C:\Windows\System32\Tasks\AutoMount [3258] =>PUP.Optional.PriceLess
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3814] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4066] =>.Google Inc.
O39 - APT: Opera scheduled Autoupdate 1438368161 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1438368161 [3854] =>.Opera Software
O39 - APT: Puennagub - (.Copyright © 2015.) -- C:\Windows\System32\Tasks\Puennagub [3438] =>Heuristic.PullUpdate
O39 - APT: Superclean - (...) -- C:\Windows\System32\Tasks\Superclean [3248]
[MD5.368290D0A612D62DA6F3D798B1BB8FE7] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000]
---\\ Logiciels installés (O42) (46) - 4s
O42 - Logiciel: EPSON PX730 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON PX730 Series
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM][64Bits] -- ABBYY FineReader 9.0 Sprint
O42 - Logiciel: Audacity 2.1.0 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1
O42 - Logiciel: Guide réseau EPSON PX730 Series - (...) [HKLM][64Bits] -- EPSON PX730 Series Netg
O42 - Logiciel: Guide d'utilisation EPSON PX730 Series - (...) [HKLM][64Bits] -- EPSON PX730 Series Useg
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM][64Bits] -- EPSON Scanner
O42 - Logiciel: FileZilla Client 3.12.0.2 - (.Tim Kosse.) [HKLM][64Bits] -- FileZilla Client
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0.3 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: Opera Stable 31.0.1889.99 - (.Opera Software.) [HKLM][64Bits] -- Opera 31.0.1889.99
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Epson Download Navigator - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {10F63395-157F-4B93-AB4D-702A2FF11942}
O42 - Logiciel: OpenOffice 4.1.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {121727D5-FDF3-4723-BA57-EB383440ED72}
O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 - Logiciel: MyImgur 3.76 - (.Eden.fm.) [HKLM][64Bits] -- {2C08A2AE-BF6F-4100-95AF-8A6CCF379EF1}_is1
O42 - Logiciel: TRENDnet TEW-649UB Wireless N speed USB Adapter - (.TRENDnet.) [HKLM][64Bits] -- {35163C1D-77D1-4D6C-B7D5-B22E6EEBE2A8}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {3E31400D-274E-4647-916C-2CACC3741799}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: VGA Boost - (.MSI.) [HKLM][64Bits] -- {809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Software Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824147215}
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100}
O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION2.) [HKLM][64Bits] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Epson Print CD - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {D16A31F9-276D-4968-A753-FFEAC56995D0}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM][64Bits] -- {F9000000-0018-0000-0000-074957833700}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {FFF841F3-9A15-4F61-BD16-C19F132E5A27}
O42 - Logiciel: PhotoFiltre Studio X - (...) [HKCU][64Bits] -- PhotoFiltre Studio X
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
---\\ HKCU & HKLM Software Keys (83) - 4s
HKLM\SOFTWARE\Wow6432Node\ABBYY
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\BrowserV10.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\BrowserV10.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.5vV10.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.5vV10.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\EPSON
HKLM\SOFTWARE\Wow6432Node\EpsonNet
HKLM\SOFTWARE\Wow6432Node\FileZilla 3
HKLM\SOFTWARE\Wow6432Node\FileZilla Client
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MSI
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenOffice
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PlusHD_v3.1V31.07-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\PlusHD_v3.1V31.07-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RtWLan
HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON CORPORATION
HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON CORPORATION2
HKLM\SOFTWARE\Wow6432Node\Software
HKLM\SOFTWARE\Wow6432Node\Sony Corporation
HKLM\SOFTWARE\Wow6432Node\The Silicon Realms Toolworks
HKLM\SOFTWARE\Wow6432Node\TRENDnet
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\BrowserV10.08 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaPlus-4.5vV10.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus-4.5vV10.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\D1ZtrNWmJBKI9DdfZmxxdz9b
HKCU\SOFTWARE\D7azmmjWOVNHNhqPZN1g
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\e1vPwiTfG8VxY
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\eT4pfwLKrFIyQdFWrlj1CXY6uR
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\maxdriverupdater =>PUP.Optional.MaxDriverUpdater
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MyImgur
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\nga3UDQyqyQccH
HKCU\SOFTWARE\OpenOffice
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PhotoFiltre Studio X
HKCU\SOFTWARE\PlusHD_v3.1V31.07-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\PlusHD_v3.1V31.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\SEIKO EPSON CORPORATION
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\StormAlertsApp =>PUP.Optional.StormAlert
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
HKCU\SOFTWARE\VSRevoGroup
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\xAAX6CgObfCExonpErwq
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Contenu des dossiers Programmes (O43) (138) - 4s
O43 - CFD: 2015/07/30 20:54:48 - [] D -- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
O43 - CFD: 2015/08/10 23:24:08 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/08/01 08:02:30 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2015/07/31 20:35:38 - [] D -- C:\Program Files (x86)\Audacity
O43 - CFD: 2015/08/01 08:47:00 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/07/30 20:43:45 - [] D -- C:\Program Files (x86)\epson
O43 - CFD: 2015/07/30 20:48:29 - [] D -- C:\Program Files (x86)\EPSON Software
O43 - CFD: 2015/07/29 16:03:00 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/07/30 20:48:28 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/07/29 10:15:49 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/08/01 03:18:11 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/01 09:10:43 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/29 12:13:19 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/08/01 18:23:39 - [] D -- C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 2015/07/29 12:16:25 - [] D -- C:\Program Files (x86)\Microsoft SkyDrive
O43 - CFD: 2015/07/29 12:15:32 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/08/09 09:24:30 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/08/09 09:24:30 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/08/11 19:33:17 - [] D -- C:\Program Files (x86)\MSI
O43 - CFD: 2015/08/01 18:48:20 - [] D -- C:\Program Files (x86)\Notepad++
O43 - CFD: 2015/08/01 09:13:53 - [] D -- C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 2015/08/05 20:43:30 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/07/31 20:58:46 - [] D -- C:\Program Files (x86)\PhotoFiltre Studio X
O43 - CFD: 2015/07/29 16:16:00 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/01 08:02:56 - [] D -- C:\Program Files (x86)\Safari
O43 - CFD: 2015/07/29 16:17:06 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2009/07/14 06:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/07/29 16:04:06 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/08/07 18:30:25 - [] D -- C:\Program Files (x86)\VS Revo Group
O43 - CFD: 2015/04/17 15:40:51 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2011/04/12 11:16:36 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/07/29 12:21:25 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2011/04/12 11:16:36 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2010/11/21 05:31:38 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2011/04/12 11:16:36 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/07/30 20:53:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
O43 - CFD: 2015/07/29 12:30:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2009/07/14 06:57:13 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/04/17 14:50:04 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
O43 - CFD: 2015/07/30 20:42:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 2015/07/30 20:49:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
O43 - CFD: 2015/07/31 20:56:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 2009/07/14 06:57:12 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/08/11 19:48:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2009/07/14 06:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/01 09:10:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/29 12:13:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/07/31 20:38:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyImgur
O43 - CFD: 2015/07/31 20:31:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/08/01 09:14:15 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
O43 - CFD: 2015/07/31 20:58:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/07/30 20:28:02 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2011/04/12 11:27:52 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/30 20:28:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TRENDnet
O43 - CFD: 2015/07/29 16:04:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/08/10 23:48:49 - [] D -- C:\ProgramData\13097179769996351717
O43 - CFD: 2015/08/10 23:18:08 - [] D -- C:\ProgramData\6WinManPro6
O43 - CFD: 2015/07/30 20:52:20 - [] D -- C:\ProgramData\ABBYY
O43 - CFD: 2015/07/29 13:05:22 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/08/01 08:02:29 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/08/01 08:02:46 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/07/29 15:59:03 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/07/30 20:49:05 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 2015/07/29 15:59:03 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/08/10 23:13:05 - [] D -- C:\ProgramData\FWinManProF
O43 - CFD: 2015/08/11 19:39:43 - [] D -- C:\ProgramData\gWinManProg
O43 - CFD: 2015/07/29 10:15:33 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/08/01 09:10:41 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/07/29 15:59:03 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2015/08/01 18:23:39 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/07/29 12:16:10 - [] D -- C:\ProgramData\Microsoft SkyDrive
O43 - CFD: 2015/07/29 15:59:03 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2015/07/31 19:18:48 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/08/10 23:30:33 - [] D -- C:\ProgramData\Puennagub
O43 - CFD: 2015/08/01 08:48:19 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/30 20:49:05 - [] D -- C:\ProgramData\UDL
O43 - CFD: 2015/08/10 23:46:40 - [0] D -- C:\ProgramData\WWinManProW
O43 - CFD: 2015/07/30 20:52:19 - [] D -- C:\Program Files (x86)\Common Files\ABBYY
O43 - CFD: 2015/07/29 16:02:01 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/08/01 08:47:00 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/07/30 20:57:35 - [] D -- C:\Program Files (x86)\Common Files\EPSON
O43 - CFD: 2015/07/29 16:15:49 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/07/29 16:15:25 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/08/01 08:47:00 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2015/07/29 10:14:30 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/04/17 15:19:37 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/02 20:49:02 - [] D -- C:\Users\User\AppData\Roaming\Adobe
O43 - CFD: 2015/08/01 11:19:01 - [] D -- C:\Users\User\AppData\Roaming\Apple Computer
O43 - CFD: 2015/07/31 20:35:48 - [] D -- C:\Users\User\AppData\Roaming\Audacity
O43 - CFD: 2015/08/01 19:07:43 - [] D -- C:\Users\User\AppData\Roaming\dvdcss
O43 - CFD: 2015/07/31 18:48:08 - [] D -- C:\Users\User\AppData\Roaming\Epson
O43 - CFD: 2015/08/09 23:39:09 - [] D -- C:\Users\User\AppData\Roaming\FileZilla
O43 - CFD: 2015/07/31 20:58:48 - [] D -- C:\Users\User\AppData\Roaming\Identities
O43 - CFD: 2015/07/30 20:27:29 - [] D -- C:\Users\User\AppData\Roaming\InstallShield
O43 - CFD: 2015/08/10 23:44:59 - [] D -- C:\Users\User\AppData\Roaming\Liberal Regiment
O43 - CFD: 2015/08/02 08:37:43 - [] D -- C:\Users\User\AppData\Roaming\Macromedia
O43 - CFD: 2011/04/12 11:27:52 - [0] D -- C:\Users\User\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/08/10 23:15:55 - [] SD -- C:\Users\User\AppData\Roaming\Microsoft
O43 - CFD: 2015/07/31 19:19:05 - [] D -- C:\Users\User\AppData\Roaming\Mozilla
O43 - CFD: 2015/07/31 20:38:58 - [] D -- C:\Users\User\AppData\Roaming\MyImgur
O43 - CFD: 2015/08/02 11:05:21 - [] D -- C:\Users\User\AppData\Roaming\Notepad++
O43 - CFD: 2015/08/02 16:20:33 - [] D -- C:\Users\User\AppData\Roaming\OpenOffice
O43 - CFD: 2015/07/31 20:42:44 - [] D -- C:\Users\User\AppData\Roaming\Opera Software
O43 - CFD: 2015/07/31 20:59:40 - [] D -- C:\Users\User\AppData\Roaming\PhotoFiltre Studio X
O43 - CFD: 2015/08/02 23:06:45 - [] D -- C:\Users\User\AppData\Roaming\vlc
O43 - CFD: 2015/08/02 16:22:45 - [] D -- C:\Users\User\AppData\Roaming\WinRAR
O43 - CFD: 2015/08/11 20:24:30 - [] D -- C:\Users\User\AppData\Roaming\ZHP
O43 - CFD: 2015/08/11 19:07:29 - [] D -- C:\Users\User\AppData\Local\CrashDumps
O43 - CFD: 2015/08/10 23:30:24 - [] D -- C:\Users\User\AppData\Local\Google
O43 - CFD: 2015/08/11 20:13:33 - [] D -- C:\Users\User\AppData\Local\Macromedia
O43 - CFD: 2015/08/11 19:06:46 - [] D -- C:\Users\User\AppData\Local\Microsoft
O43 - CFD: 2015/08/11 20:13:12 - [] D -- C:\Users\User\AppData\Local\Mozilla
O43 - CFD: 2015/08/11 19:37:15 - [] D -- C:\Users\User\AppData\Local\Opera Software
O43 - CFD: 2015/08/10 23:38:40 - [] D -- C:\Users\User\AppData\Local\Programs
O43 - CFD: 2015/08/11 20:22:43 - [] D -- C:\Users\User\AppData\Local\Temp
O43 - CFD: 2015/08/11 19:07:53 - [] D -- C:\Users\User\AppData\Local\VirtualStore
O43 - CFD: 2015/08/11 19:37:23 - [] D -- C:\Users\User\AppData\Local\ZombieNews =>PUP.Optional.ZombieNews
O43 - CFD: 2009/07/14 06:54:32 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/11 19:50:36 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/30 20:42:25 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
O43 - CFD: 2009/07/14 06:49:38 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/31 20:31:46 - [0] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/07/31 20:58:46 - [0] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/08/07 18:30:26 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 2015/08/11 19:50:36 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/08/11 20:39:53 - [] D -- C:\Users\User\AppData\Roaming\ZHP
O43 - CFD: 2015/08/11 20:39:59 - [] D -- C:\Users\User\AppData\Local\Temp
---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (21) - 5s
O45 - LFCP:[MD5.995DA2000491E1339BD57382C0B96433] 2015/08/10 23:16:28 A -- C:\Windows\Prefetch\62793.WINDAPP.MON001.NO.EXE-812E0B13.pf =>PUP.Optional.Nosibay
O45 - LFCP:[MD5.738BAA02B298B9ADA461EBA898B23940] 2015/08/10 23:16:07 A -- C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.EXE-7572042E.pf =>PUP.Optional.WebBar
O45 - LFCP:[MD5.ECCF9979094D3A80C2D3BAB52DDF117B] 2015/08/10 23:16:07 A -- C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.TMP-2A313DF5.pf =>PUP.Optional.WebBar
O45 - LFCP:[MD5.D1F53D104F223578FE46B242A605B09A] 2015/08/10 23:11:15 A -- C:\Windows\Prefetch\AMT_OURSURFING.EXE-45D3D7AD.pf =>PUP.Optional.OurSurfing
O45 - LFCP:[MD5.A9EE7B92AE7128A129BAC5C825A7663E] 2015/08/10 23:19:17 A -- C:\Windows\Prefetch\BOXORE.EXE-872755D1.pf =>PUP.Optional.Boxore
O45 - LFCP:[MD5.C3C76B5CDB4F532FBC1911AFFA1B9CE2] 2015/08/10 23:15:50 A -- C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-41ADDF0F.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.0D429818B3D5DAE939E6B9DF58E682C6] 2015/08/10 23:16:56 A -- C:\Windows\Prefetch\BUBBLE DOCK.EXE-433B683F.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.B1D8CB4DC65EFD903FD920A4915C314D] 2015/08/10 23:15:48 A -- C:\Windows\Prefetch\INSTALL_BUBBLEDOCK.EXE-F3AEDE4B.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.1A98B41970E7EFF1641266210972AC9E] 2015/08/10 23:16:29 A -- C:\Windows\Prefetch\LBUBBLE DOCK.EXE-69D3BD2B.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.688B5040AC4D9D23210C161638E265EE] 2015/08/10 23:13:04 A -- C:\Windows\Prefetch\MBOT_FR_014010057.EXE-33E9976D.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.0FDBAD87D5877E7B9C6658CD1C0E9CB3] 2015/08/10 23:16:02 A -- C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-2D4C6830.pf =>PUP.Optional.WebBar
O45 - LFCP:[MD5.8814DF9D6ABB53D25D223993097C9527] 2015/08/10 23:16:01 A -- C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-D047C149.pf =>PUP.Optional.WebBar
O45 - LFCP:[MD5.DFB155AA13D53FDE80478D3FB63AEF49] 2015/08/10 23:15:13 A -- C:\Windows\Prefetch\PREDM.EXE-ADCCD3BB.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.FEEC8A0E6896B36B57438B341D5DC685] 2015/08/10 23:15:13 A -- C:\Windows\Prefetch\PREDM.TMP-10EBBDF8.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.5A677EBBCD15E92755CA928AE25C0171] 2015/08/10 23:47:03 A -- C:\Windows\Prefetch\STORMALERTS.EXE-81EABC86.pf =>PUP.Optional.StormAlert
O45 - LFCP:[MD5.9C18BD325F18E64A2BF9DB650902D52F] 2015/08/10 23:15:35 A -- C:\Windows\Prefetch\STORMALERTS2_1.EXE-4E923938.pf =>PUP.Optional.StormAlert
O45 - LFCP:[MD5.AA43184BC982915A09F67088EF36A4F4] 2015/08/10 23:46:55 A -- C:\Windows\Prefetch\STORMALERTSAPP.EXE-9138FCCB.pf =>PUP.Optional.StormAlert
O45 - LFCP:[MD5.56A13FBBDFA85824696F99B57EFF9AEA] 2015/08/10 23:15:33 A -- C:\Windows\Prefetch\STORMALERTSSETUP.EXE-9BEA863B.pf =>PUP.Optional.StormAlert
O45 - LFCP:[MD5.592506F23A52389535F1C5312512F593] 2015/08/10 23:13:03 A -- C:\Windows\Prefetch\UPMBOT_FR_014010057.EXE-05B46C83.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.70BFA585E4EA87BECE0C8602DCBEE6D7] 2015/08/10 23:16:45 A -- C:\Windows\Prefetch\VOPACKAGE.EXE-FF7E87CB.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.A46B39D2661FF627C1B5EB650D6374AA] 2015/08/10 23:18:13 A -- C:\Windows\Prefetch\WPM_V20.0.0.2294.EXE-1A92E269.pf =>PUP.Optional.WpManager
---\\ Liste des pilotes du système (SDL) (O58) (55) - 2s
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2015/04/17 14:00:32 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904]
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2015/04/17 14:00:33 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704]
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232]
O58 - SDL:2010/11/21 05:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
O58 - SDL:2015/04/17 14:00:32 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496]
O58 - SDL:2013/08/20 01:20:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4165120]
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2013/08/02 02:01:32 A . (.Copyright (C) 2011-2012 - Intel(R) Smart Connect Technology Device Dr.) -- C:\Windows\System32\drivers\ISCTD64.sys [46568]
O58 - SDL:2013/04/26 04:24:58 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\Windows\System32\drivers\iusb3hcs.sys [20464]
O58 - SDL:2013/04/26 04:24:56 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\iusb3hub.sys [368112]
O58 - SDL:2013/04/26 04:24:56 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [786416]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272]
O58 - SDL:2015/08/11 20:11:12 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2015/06/18 08:41:56 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704]
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2015/04/17 14:00:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352]
O58 - SDL:2015/04/17 14:00:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272]
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2013/04/10 05:09:24 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [849992]
O58 - SDL:2013/09/10 15:40:40 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3640024]
O58 - SDL:2011/07/20 13:58:18 A . (.Realtek Semiconductor Corporation - Realtek RTL8192S USB NDIS Driver.) -- C:\Windows\System32\drivers\RTL8192su.sys [694376]
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2009/07/14 02:00:40 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208]
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2013/09/16 21:20:12 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (3) - 5s
O61 - LFC: 2015/08/10 23:10:34 A . (.Dummy, Ltd..) -- C:\Users\User\Downloads\Adobe Photoshop CC 2014 Crack Full Download With Serial Key_10924_i42995435_il345.exe [1542160]
O61 - LFC: 2015/08/10 23:44:57 A . (..) -- C:\Users\User\AppData\Roaming\Liberal Regiment\Liberal Regiment.exe [66048]
O61 - LFC: 2015/08/11 00:01:41 A . (..) -- C:\Users\User\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [333410]
---\\ Associations Shell Spawning (O67) (10) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
---\\ Menu de démarrage Internet (SMI) (O68) (20) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Launcher.) -- C:\Program Files (x86)\Opera\Launcher.exe http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files (x86)\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files (x86)\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files (x86)\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (27) - 14s
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.defaultenginename", "webssearches"); =>PUP.Optional.WebsSearches
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.searchengine.uid", "ST500DM002-1BD142_Z3TNEPPKXXXXZ3TNEPPK"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.selectedEngine", "webssearches"); =>PUP.Optional.WebsSearches
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb [...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri [...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_bundledWithHash.value", "null"); =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri F[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D"); =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_regBundledWithSoftware.expiration"[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.name", "CinemaPlus-4.5vV10.08"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.publisher", "Cinema PlusV10.08"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledUrls.expi[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledUrls.valu[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledWithHash.[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_notBundledArr_.e[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_notBundledArr_.v[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_regBundledWithSo[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.name", "CinemaPlus-3.2c"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.publisher", "Cinema Plus"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.crossrider.bic", "14f1df77cafb6ed40fe1c520243f9e00"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.quick_start.enable_search1", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Enumère les services démarrés par Svchost (SSS) (O83) (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [235520]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [792064]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [861184]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2603008]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [127488]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [225792]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (3) - 0s
O87 - FAEL: "{1C5F96AA-8294-42B8-B33B-1B1E48B2D0D2}" [In-None-P6-TRUE] .(...) -- C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (.not file.)
O87 - FAEL: "{35887E3E-6322-4969-BDE0-D0F3A653F830}" [In-None-P6-TRUE] .(...) -- D:\Network\EpsonNetSetup\ENEasyApp.exe (.not file.)
O87 - FAEL: "{A4402150-7FCE-431C-ADF0-943260710A7B}" [In-None-P17-TRUE] .(...) -- D:\Network\EpsonNetSetup\ENEasyApp.exe (.not file.)
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) (1) - 1s
[MD5.] [WIS][2015/08/10 23:13:53] (.The Software Group - Windows Installer XML Toolset (3.8.1128.0).) -- C:\Windows\Installer\9ff0ea.msi [45056] =>PUP.Optional.Boxore
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) (19) - 7s
SR - Auto [2009/05/14 17:07:14] [ 759048] ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
SR - Auto [2015/07/07 20:12:28] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Demand [2015/08/02 08:37:32] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - Demand [2013/08/24 03:48:06] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SR - Auto [2006/12/19 18:23:20] [ 94208] EpsonBidirectionalService (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION.) - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
SR - Auto [2011/01/11 22:00:00] [ 168448] EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
SR - Auto [2011/01/11 22:00:00] [ 131072] EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
SS - Auto [2015/07/29 16:02:54] [ 107848] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Demand [2015/07/29 16:02:54] [ 107848] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - Auto [2013/08/27 14:32:14] [ 747520] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - Demand [2013/08/27 14:32:30] [ 828376] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - Auto [2013/09/16 21:20:10] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto [2015/08/10 23:44:57] [ 66048] Liberal Regiment (Liberal Regiment) . (...) - C:\Users\User\AppData\Roaming\Liberal Regiment\Liberal Regiment.exe
SR - Auto [2013/09/16 21:20:16] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - Demand [2015/08/07 18:47:05] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - Auto [2013/09/26 13:39:36] [ 30240] (MSI_Trigger_Service) . (.MICRO-STAR INTERNATIONAL CO., LTD..) - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
SR - Auto [2008/06/26 19:09:36] [ 167936] WlanWpsSvc (WlanWpsSvc) . (.Copyright (C) 2008.) - C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
SS - Demand [2015/08/11 20:35:26] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
---\\ Scan Additionnel (O88) (50) - 0s
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\searchplugins\webssearches.xml =>PUP.Optional.WebsSearches
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab
HKLM\SYSTEM\CurrentControlSet\Services\comyninu =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\hyverumu =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\synocufe =>PUP.Optional.CrossRider
C:\ProgramData\Puennagub\1.0.4.1\mrouvwne.exe =>Heuristic.PullUpdate
C:\Windows\Tasks\AutoMount.job =>PUP.Optional.PriceLess
C:\Windows\System32\Tasks\AutoMount =>PUP.Optional.PriceLess
C:\Windows\System32\Tasks\Puennagub =>Heuristic.PullUpdate
HKLM\SOFTWARE\Wow6432Node\BrowserV10.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\BrowserV10.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.5vV10.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.5vV10.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\PlusHD_v3.1V31.07-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\PlusHD_v3.1V31.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus-4.5vV10.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus-4.5vV10.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\maxdriverupdater =>PUP.Optional.MaxDriverUpdater
HKCU\SOFTWARE\PlusHD_v3.1V31.07-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\PlusHD_v3.1V31.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\StormAlertsApp =>PUP.Optional.StormAlert
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
C:\Users\User\AppData\Local\ZombieNews =>PUP.Optional.ZombieNews
C:\Windows\Prefetch\62793.WINDAPP.MON001.NO.EXE-812E0B13.pf =>PUP.Optional.Nosibay
C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.EXE-7572042E.pf =>PUP.Optional.WebBar
C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.TMP-2A313DF5.pf =>PUP.Optional.WebBar
C:\Windows\Prefetch\AMT_OURSURFING.EXE-45D3D7AD.pf =>PUP.Optional.OurSurfing
C:\Windows\Prefetch\BOXORE.EXE-872755D1.pf =>PUP.Optional.Boxore
C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-41ADDF0F.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\BUBBLE DOCK.EXE-433B683F.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\INSTALL_BUBBLEDOCK.EXE-F3AEDE4B.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\LBUBBLE DOCK.EXE-69D3BD2B.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\MBOT_FR_014010057.EXE-33E9976D.pf =>PUP.Optional.CrossRider
C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-2D4C6830.pf =>PUP.Optional.WebBar
C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-D047C149.pf =>PUP.Optional.WebBar
C:\Windows\Prefetch\PREDM.EXE-ADCCD3BB.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\PREDM.TMP-10EBBDF8.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\STORMALERTS.EXE-81EABC86.pf =>PUP.Optional.StormAlert
C:\Windows\Prefetch\STORMALERTS2_1.EXE-4E923938.pf =>PUP.Optional.StormAlert
C:\Windows\Prefetch\STORMALERTSAPP.EXE-9138FCCB.pf =>PUP.Optional.StormAlert
C:\Windows\Prefetch\STORMALERTSSETUP.EXE-9BEA863B.pf =>PUP.Optional.StormAlert
C:\Windows\Prefetch\UPMBOT_FR_014010057.EXE-05B46C83.pf =>PUP.Optional.CrossRider
C:\Windows\Prefetch\VOPACKAGE.EXE-FF7E87CB.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\WPM_V20.0.0.2294.EXE-1A92E269.pf =>PUP.Optional.WpManager
C:\Windows\Installer\9ff0ea.msi =>PUP.Optional.Boxore
---\\ Récapitulatif des éléments trouvées sur votre station (21) - 0s
http://www.nicolascoolman.fr/blog =>PUP.Optional.ZombieNews
http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch
http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
http://www.nicolascoolman.fr/blog =>PUP.Optional.LightningNewTab
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.PriceLess
http://www.nicolascoolman.fr/blog =>Heuristic.PullUpdate
http://www.nicolascoolman.fr/pup-optional-dailypcclean/ =>PUP.Optional.DailyPCClean
http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxDriverUpdater
http://www.nicolascoolman.fr/blog =>PUP.Optional.StormAlert
http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxComputerCleaner
http://www.nicolascoolman.fr/blog =>PUP.Optional.Nosibay
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebBar
http://www.nicolascoolman.fr/blog =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/adware-boxore/ =>PUP.Optional.Boxore
http://www.nicolascoolman.fr/pup-bubbledock/ =>PUP.Optional.BubbleDock
http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware
http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/blog =>PUP.Optional.Monetization
http://www.nicolascoolman.fr/pup-quickstart/ =>PUP.Optional.QuickStart
~ End of the scan, 31042 items in 64 seconds (801)(0)()
~ Démarré par User (Administrator) (2015/08/11 20:39:49)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier réseau
~ Mode: Scanner
~ Rapport: C:\Users\User\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\User\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Navigateurs Internet (4) - 0s
GCIE: Google Chrome v44.0.2403.130
MFIE: Mozilla Firefox 39.0.3 (x86 fr) v39.0.3
OPIE: Opera 31.0.1889.99 v31.0.1889.99
MSIE: Internet Explorer v11.0.9600.17914
---\\ Informations sur les produits Windows (8) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK
~ Windows Operating System - Windows(R) 7, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : XM76F
~ Windows Remaining Initializations Number : 3
---\\ Logiciels de protection (3) - 0s
Malwarebytes Anti-Malware version 2.1.8.1057
Microsoft Security Client v4.8.0204.0
Microsoft Security Essentials v4.8.204.0
---\\ Surveillance de Logiciels (2) - 0s
Adobe Acrobat Reader DC - Français
Adobe Flash Player 18 NPAPI
---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4069.408 MB (29% free)
~ System Restore: Activé (Enable)
~ System drive C: has 415 GB free of 476 GB
---\\ Mode de connexion au système (3) - 0s
~ Computer Name: USER-PC
~ User Name: User
~ Logged in as Administrator
---\\ Enumération des unités disques (1) - 0s
~ Drive C: has 415 GB free of 476 GB (System)
---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2871808]
[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [129024]
[MD5.E066FDC3A2074D926903B8C31EF3B347] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2427392]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
[MD5.BDF76C3CE993FFB6214287272708364F] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [496640]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456]
[MD5.A8D09796996D21BD2865049C41AC3511] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [105472]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224]
[MD5.E9DD0E8829567362C1051E0905174DDE] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [159744]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632]
[MD5.48B6047F82D5A8D0AEC71593F4ACD79B] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1684416]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296]
[MD5.DF83AA1C4278E2C0E36C0479C1555A9C] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [296808]
---\\ Processus lancés (31) - 1s
[MD5.ABDD5AD016AFFD34AD40E944CE94BF59] - (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe [94208] [PID.1628]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.1916]
[MD5.013697369EAFFA675D0671607F036020] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1996]
[MD5.7C5BFAAC8DCE7292B0C04EBF892E71F9] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [168448] [PID.1512]
[MD5.D4615670CD49A1679E6067F155C47C68] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [131072] [PID.1588]
[MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.2080]
[MD5.948220B9B823BC43E5A7890DE764491E] - (...) -- C:\Users\User\AppData\Roaming\Liberal Regiment\Liberal Regiment.exe [66048] [PID.2112]
[MD5.DFA3717104F996F273D81946B6CB923A] - (.Copyright © 2015 - mrouvwne.) -- C:\ProgramData\Puennagub\1.0.4.1\mrouvwne.exe [159744] [PID.2140]
[MD5.A7EDADFB0AE38AE6F0488F0F2448D8B5] - (.MICRO-STAR INTERNATIONAL CO., LTD. - MSI_Trigger_Service.) -- C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240] [PID.2256]
[MD5.C71EE856C4F5B52E2D094F494CEE4936] - (.Copyright (C) 2008 - WlanSvc Application.) -- C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [167936] [PID.2524]
[MD5.DFA3717104F996F273D81946B6CB923A] - (.Copyright © 2015 - mrouvwne.) -- C:\ProgramData\Puennagub\1.0.4.1\mrouvwne.exe [159744] [PID.3604]
[MD5.79F5103C1098501C552DD2EF622FCADD] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [391152] [PID.3864]
[MD5.D7614FA0BEC32E2989EC4281CB8B22C2] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [771056] [PID.3884]
[MD5.8B24451ED1FF26BC20384DC35AEA7048] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [769520] [PID.3892]
[MD5.E16C98951AF108CB5178A7BD2DD13660] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448] [PID.3900]
[MD5.BBB0A178EC88CE31727675C984AF9355] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [843248] [PID.3996]
[MD5.094E4E76FB9AB960A73F841BC6733F42] - (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848] [PID.3088]
[MD5.D3AC38E80E928CC61A22650E04423BB8] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe [979328] [PID.2824]
[MD5.CF8BC90EFB85B870CBC967E3117FCB50] - (.Copyright (C) 2011 - WlanCU MFC Application.) -- C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe [581632] [PID.2788]
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.2792]
[MD5.3DE66F47365AA8CEB18B1EE272F4FEBA] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.2376]
[MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.4384]
[MD5.F7CEB1E5F0000FDEEE04B046BBDE1D4E] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.4356]
[MD5.FE5889AECDC809DF70435989867FC5A8] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [271016] [PID.4280]
[MD5.05704EB8BF443999EBE4E9D2C075C26A] - (.Adobe Systems, Inc. - Adobe Flash Player 18.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe [3423920] [PID.3576]
[MD5.05704EB8BF443999EBE4E9D2C075C26A] - (.Adobe Systems, Inc. - Adobe Flash Player 18.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe [3423920] [PID.4584]
[MD5.0ECDED87539685FF86B0D21B2C46C087] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\User\Downloads\ZHPDiag3(1).exe [1901568] [PID.4224]
[MD5.0ECDED87539685FF86B0D21B2C46C087] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\User\AppData\Roaming\ZHP\ZHPDiag3.exe [1901568] [PID.2328]
[MD5.FE5889AECDC809DF70435989867FC5A8] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [271016] [PID.1092]
[MD5.61AD62A4A403B570D16473715A2989EF] - (.Adobe Systems, Inc. - Adobe Flash Player 18.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe [3423944] [PID.4240]
[MD5.61AD62A4A403B570D16473715A2989EF] - (.Adobe Systems, Inc. - Adobe Flash Player 18.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe [3423944] [PID.3832]
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (16) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://a.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://adplus.goo.mx/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://d.zombienewsapp.com/ =>PUP.Optional.ZombieNews
G0 - GCSP: Preferences [User Data\Default][HomePage] http://e.thanksearch.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://elex-tech.lesseigneurs.fr/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://s.zombienewsapp.com/ =>PUP.Optional.ZombieNews
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mynamedomain.koko/
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (31) - 2s
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\firebug@software.joehewitt.com.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\html5_validator@erikvold.com.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\launchy@gemal.dk.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{6BFD307A-C040-11DA-9749-FB1C850B47DF}.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\searchplugins\webssearches.xml =>PUP.Optional.WebsSearches
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (. - youtubeadblocker.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\7P@qdd.net
P2 - EXT: (.Video HDV31.07 - PlusHD_v3.1V31.07.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com
P2 - EXT: (.roc - Default SearchProtected .) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\defsearchp@gmail.com
P2 - EXT: (.lightningnewtab.com - deskCut.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab
P2 - EXT: (.Cinema PlusV10.08 - CinemaPlus-4.5vV10.08.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\DXYYH4339170@JXVPYKS65865478.com
P2 - EXT: (. - PiRiceLesus.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\maA0UjT@CvG.com
P2 - EXT: (. - PriceLess.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\QJ7@eizr.net
P2 - EXT: (.LastPass Dev Team - LastPass.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\support@lastpass.com
P2 - EXT: (. - youtubeadblocker.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\UqWhC@p3.net
P2 - EXT: (.Marc Gueury - Html Validator.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}
P2 - EXT: (.Alex Sirota - ColorZilla.) -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
---\\ Opera, Démarrage,Recherche,Plugins (B0,B1,B2) (2) - 0s
B2 - EXT: [CinemaPlus-4.5vV10.08] C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\bfaohpmjmhdgnjblojekjlnadhehiadj
B2 - EXT: [BrowserV10.08] C:\Users\User\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhkmcfanijhphphomamdkaejjadkhgn
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)
---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Browser Helper Object de navigateur (BHO) (O2) (1) - 0s
O2 - BHO: (no name) [64Bits] - {1F91A9A1-01BA-4c81-863D-3BA0751E1419} (Orphean)
---\\ Applications lancées au démarrage du sytème (O4) (20) - 1s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [gpuminer] C:\Users\User\AppData\Roaming\cpuminer\sgminer\sgminer.cmd (.not file.)
O4 - HKLM\..\Run: [cpuminer] C:\Windows\system32\cpuminer-gw64.exe (.not file.)
O4 - HKCU\..\Run: [EPSON PX730 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQE.EXE
O4 - HKCU\..\Run: [Epson Stylus Photo PX730(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQE.EXE
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - iusb3mon.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Wow6432Node\Run: [mbot_fr_014010057] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [mpck_fr_017010057] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010057] (Orphean)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3791441938-798904429-1813275689-1000\..\Run: [EPSON PX730 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQE.EXE
O4 - HKUS\S-1-5-21-3791441938-798904429-1813275689-1000\..\Run: [Epson Stylus Photo PX730(Réseau)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHQE.EXE
---\\ Modification Domaine/Adresses DNS (O17) (9) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 52.18.92.32,8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Liste des services NT non Microsoft et non désactivés (O23) (17) - 0s
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY - ABBYY network license server.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Wire Professional Version (comyninu) . (...) - C:\Program Files (x86)\FFFFFFFF-1439241224-FFFF-FFFF-FFFFFFFFFFFF\hnsz2050.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: EpsonBidirectionalService (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION - eEBAPI Core Process module.) - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: Kerning Down (gopibeko) . (...) - C:\Users\User\AppData\Local\FFFFFFFF-1439248474-FFFF-FFFF-FFFFFFFFFFFF\snsz84CD.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Key In Bold Italic (hyverumu) . (...) - C:\Program Files (x86)\FFFFFFFF-1439241224-FFFF-FFFF-FFFFFFFFFFFF\jnsk8C9.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Liberal Regiment (Liberal Regiment) . (...) - C:\Users\User\AppData\Roaming\Liberal Regiment\Liberal Regiment.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: (MSI_Trigger_Service) . (.MICRO-STAR INTERNATIONAL CO., LTD. - MSI_Trigger_Service.) - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: Lid Charger (synocufe) . (...) - C:\Program Files (x86)\FFFFFFFF-1439241224-FFFF-FFFF-FFFFFFFFFFFF\knsjE432.tmpfs (.not file.) =>PUP.Optional.CrossRider
O23 - Service: WlanWpsSvc (WlanWpsSvc) . (.Copyright (C) 2008 - WlanSvc Application.) - C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
---\\ Tâches planifiées en automatique (O39) (23) - 4s
[MD5.E3FB05F33E1404AD606B1E1FE7C323C3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104]
[MD5.9B3355B29942AF67F014EA90CE1EA960] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.00000000000000000000000000000000] [APT] [AutoMount] (...) -- c:\programdata\{9b959bde-97fa-1f6e-9b95-59bde97f6f7a}\pricelessinstaller.exe (.not file.) [0] =>PUP.Optional.PriceLess
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.CD9E638EFC321B1856E1F3CCCCCCA478] [APT] [Opera scheduled Autoupdate 1438368161] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [930936]
[MD5.DFA3717104F996F273D81946B6CB923A] [APT] [Puennagub] (.Copyright © 2015.) -- C:\ProgramData\Puennagub\1.0.4.1\mrouvwne.exe [159744] =>Heuristic.PullUpdate
[MD5.00000000000000000000000000000000] [APT] [Superclean] (...) -- c:\programdata\{50688150-234f-33b7-5068-881502340540}\hqghumeaylnlf.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] =>.Adobe Systems Incorporated
O39 - APT: AutoMount - (...) -- C:\Windows\Tasks\AutoMount.job [348] =>PUP.Optional.PriceLess
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070] =>.Google Inc.
O39 - APT: Superclean - (...) -- C:\Windows\Tasks\Superclean.job [338]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3940] =>.Adobe Systems Incorporated
O39 - APT: AutoMount - (...) -- C:\Windows\System32\Tasks\AutoMount [3258] =>PUP.Optional.PriceLess
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3814] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4066] =>.Google Inc.
O39 - APT: Opera scheduled Autoupdate 1438368161 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1438368161 [3854] =>.Opera Software
O39 - APT: Puennagub - (.Copyright © 2015.) -- C:\Windows\System32\Tasks\Puennagub [3438] =>Heuristic.PullUpdate
O39 - APT: Superclean - (...) -- C:\Windows\System32\Tasks\Superclean [3248]
[MD5.368290D0A612D62DA6F3D798B1BB8FE7] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000]
---\\ Logiciels installés (O42) (46) - 4s
O42 - Logiciel: EPSON PX730 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON PX730 Series
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Office 15 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008F-0000-1000-0000000FF1CE}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM][64Bits] -- ABBYY FineReader 9.0 Sprint
O42 - Logiciel: Audacity 2.1.0 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1
O42 - Logiciel: Guide réseau EPSON PX730 Series - (...) [HKLM][64Bits] -- EPSON PX730 Series Netg
O42 - Logiciel: Guide d'utilisation EPSON PX730 Series - (...) [HKLM][64Bits] -- EPSON PX730 Series Useg
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM][64Bits] -- EPSON Scanner
O42 - Logiciel: FileZilla Client 3.12.0.2 - (.Tim Kosse.) [HKLM][64Bits] -- FileZilla Client
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0.3 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++
O42 - Logiciel: Opera Stable 31.0.1889.99 - (.Opera Software.) [HKLM][64Bits] -- Opera 31.0.1889.99
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Epson Download Navigator - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {10F63395-157F-4B93-AB4D-702A2FF11942}
O42 - Logiciel: OpenOffice 4.1.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {121727D5-FDF3-4723-BA57-EB383440ED72}
O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 - Logiciel: MyImgur 3.76 - (.Eden.fm.) [HKLM][64Bits] -- {2C08A2AE-BF6F-4100-95AF-8A6CCF379EF1}_is1
O42 - Logiciel: TRENDnet TEW-649UB Wireless N speed USB Adapter - (.TRENDnet.) [HKLM][64Bits] -- {35163C1D-77D1-4D6C-B7D5-B22E6EEBE2A8}
O42 - Logiciel: EpsonNet Print - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {3E31400D-274E-4647-916C-2CACC3741799}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: VGA Boost - (.MSI.) [HKLM][64Bits] -- {809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}
O42 - Logiciel: Office 15 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-0000-0000-0000000FF1CE}
O42 - Logiciel: Office 15 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-008C-040C-0000-0000000FF1CE}
O42 - Logiciel: Software Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824147215}
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100}
O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION2.) [HKLM][64Bits] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: Epson Print CD - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {D16A31F9-276D-4968-A753-FFEAC56995D0}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: ABBYY FineReader 9.0 Sprint - (.ABBYY.) [HKLM][64Bits] -- {F9000000-0018-0000-0000-074957833700}
O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {FFF841F3-9A15-4F61-BD16-C19F132E5A27}
O42 - Logiciel: PhotoFiltre Studio X - (...) [HKCU][64Bits] -- PhotoFiltre Studio X
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
---\\ HKCU & HKLM Software Keys (83) - 4s
HKLM\SOFTWARE\Wow6432Node\ABBYY
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\BrowserV10.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\BrowserV10.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.5vV10.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.5vV10.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\EPSON
HKLM\SOFTWARE\Wow6432Node\EpsonNet
HKLM\SOFTWARE\Wow6432Node\FileZilla 3
HKLM\SOFTWARE\Wow6432Node\FileZilla Client
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MSI
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenOffice
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PlusHD_v3.1V31.07-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\PlusHD_v3.1V31.07-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RtWLan
HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON CORPORATION
HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON CORPORATION2
HKLM\SOFTWARE\Wow6432Node\Software
HKLM\SOFTWARE\Wow6432Node\Sony Corporation
HKLM\SOFTWARE\Wow6432Node\The Silicon Realms Toolworks
HKLM\SOFTWARE\Wow6432Node\TRENDnet
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\BrowserV10.08 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaPlus-4.5vV10.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus-4.5vV10.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\D1ZtrNWmJBKI9DdfZmxxdz9b
HKCU\SOFTWARE\D7azmmjWOVNHNhqPZN1g
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\e1vPwiTfG8VxY
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\eT4pfwLKrFIyQdFWrlj1CXY6uR
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\maxdriverupdater =>PUP.Optional.MaxDriverUpdater
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MyImgur
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\nga3UDQyqyQccH
HKCU\SOFTWARE\OpenOffice
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PhotoFiltre Studio X
HKCU\SOFTWARE\PlusHD_v3.1V31.07-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\PlusHD_v3.1V31.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\SEIKO EPSON CORPORATION
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\StormAlertsApp =>PUP.Optional.StormAlert
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
HKCU\SOFTWARE\VSRevoGroup
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\xAAX6CgObfCExonpErwq
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
---\\ Contenu des dossiers Programmes (O43) (138) - 4s
O43 - CFD: 2015/07/30 20:54:48 - [] D -- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint
O43 - CFD: 2015/08/10 23:24:08 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/08/01 08:02:30 - [] D -- C:\Program Files (x86)\Apple Software Update
O43 - CFD: 2015/07/31 20:35:38 - [] D -- C:\Program Files (x86)\Audacity
O43 - CFD: 2015/08/01 08:47:00 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/07/30 20:43:45 - [] D -- C:\Program Files (x86)\epson
O43 - CFD: 2015/07/30 20:48:29 - [] D -- C:\Program Files (x86)\EPSON Software
O43 - CFD: 2015/07/29 16:03:00 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/07/30 20:48:28 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/07/29 10:15:49 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/08/01 03:18:11 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/01 09:10:43 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/29 12:13:19 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/08/01 18:23:39 - [] D -- C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 2015/07/29 12:16:25 - [] D -- C:\Program Files (x86)\Microsoft SkyDrive
O43 - CFD: 2015/07/29 12:15:32 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/08/09 09:24:30 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/08/09 09:24:30 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/08/11 19:33:17 - [] D -- C:\Program Files (x86)\MSI
O43 - CFD: 2015/08/01 18:48:20 - [] D -- C:\Program Files (x86)\Notepad++
O43 - CFD: 2015/08/01 09:13:53 - [] D -- C:\Program Files (x86)\OpenOffice 4
O43 - CFD: 2015/08/05 20:43:30 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/07/31 20:58:46 - [] D -- C:\Program Files (x86)\PhotoFiltre Studio X
O43 - CFD: 2015/07/29 16:16:00 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/01 08:02:56 - [] D -- C:\Program Files (x86)\Safari
O43 - CFD: 2015/07/29 16:17:06 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2009/07/14 06:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 2015/07/29 16:04:06 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/08/07 18:30:25 - [] D -- C:\Program Files (x86)\VS Revo Group
O43 - CFD: 2015/04/17 15:40:51 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2011/04/12 11:16:36 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2015/07/29 12:21:25 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2009/07/14 07:32:38 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2011/04/12 11:16:36 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2010/11/21 05:31:38 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2011/04/12 11:16:36 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2015/07/30 20:53:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
O43 - CFD: 2015/07/29 12:30:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2009/07/14 06:57:13 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/04/17 14:50:04 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
O43 - CFD: 2015/07/30 20:42:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 2015/07/30 20:49:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
O43 - CFD: 2015/07/31 20:56:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 2009/07/14 06:57:12 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/08/11 19:48:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2009/07/14 06:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/01 09:10:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/29 12:13:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/07/31 20:38:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyImgur
O43 - CFD: 2015/07/31 20:31:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/08/01 09:14:15 - [] SD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
O43 - CFD: 2015/07/31 20:58:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/07/30 20:28:02 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2011/04/12 11:27:52 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/30 20:28:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TRENDnet
O43 - CFD: 2015/07/29 16:04:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/08/10 23:48:49 - [] D -- C:\ProgramData\13097179769996351717
O43 - CFD: 2015/08/10 23:18:08 - [] D -- C:\ProgramData\6WinManPro6
O43 - CFD: 2015/07/30 20:52:20 - [] D -- C:\ProgramData\ABBYY
O43 - CFD: 2015/07/29 13:05:22 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/08/01 08:02:29 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/08/01 08:02:46 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/07/29 15:59:03 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/07/30 20:49:05 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 2015/07/29 15:59:03 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/08/10 23:13:05 - [] D -- C:\ProgramData\FWinManProF
O43 - CFD: 2015/08/11 19:39:43 - [] D -- C:\ProgramData\gWinManProg
O43 - CFD: 2015/07/29 10:15:33 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/08/01 09:10:41 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/07/29 15:59:03 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2015/08/01 18:23:39 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/07/29 12:16:10 - [] D -- C:\ProgramData\Microsoft SkyDrive
O43 - CFD: 2015/07/29 15:59:03 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2015/07/31 19:18:48 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/08/10 23:30:33 - [] D -- C:\ProgramData\Puennagub
O43 - CFD: 2015/08/01 08:48:19 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2009/07/14 07:08:56 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/30 20:49:05 - [] D -- C:\ProgramData\UDL
O43 - CFD: 2015/08/10 23:46:40 - [0] D -- C:\ProgramData\WWinManProW
O43 - CFD: 2015/07/30 20:52:19 - [] D -- C:\Program Files (x86)\Common Files\ABBYY
O43 - CFD: 2015/07/29 16:02:01 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/08/01 08:47:00 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2015/07/30 20:57:35 - [] D -- C:\Program Files (x86)\Common Files\EPSON
O43 - CFD: 2015/07/29 16:15:49 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/07/29 16:15:25 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/08/01 08:47:00 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 2015/07/29 10:14:30 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2009/07/14 05:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 2015/04/17 15:19:37 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/02 20:49:02 - [] D -- C:\Users\User\AppData\Roaming\Adobe
O43 - CFD: 2015/08/01 11:19:01 - [] D -- C:\Users\User\AppData\Roaming\Apple Computer
O43 - CFD: 2015/07/31 20:35:48 - [] D -- C:\Users\User\AppData\Roaming\Audacity
O43 - CFD: 2015/08/01 19:07:43 - [] D -- C:\Users\User\AppData\Roaming\dvdcss
O43 - CFD: 2015/07/31 18:48:08 - [] D -- C:\Users\User\AppData\Roaming\Epson
O43 - CFD: 2015/08/09 23:39:09 - [] D -- C:\Users\User\AppData\Roaming\FileZilla
O43 - CFD: 2015/07/31 20:58:48 - [] D -- C:\Users\User\AppData\Roaming\Identities
O43 - CFD: 2015/07/30 20:27:29 - [] D -- C:\Users\User\AppData\Roaming\InstallShield
O43 - CFD: 2015/08/10 23:44:59 - [] D -- C:\Users\User\AppData\Roaming\Liberal Regiment
O43 - CFD: 2015/08/02 08:37:43 - [] D -- C:\Users\User\AppData\Roaming\Macromedia
O43 - CFD: 2011/04/12 11:27:52 - [0] D -- C:\Users\User\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/08/10 23:15:55 - [] SD -- C:\Users\User\AppData\Roaming\Microsoft
O43 - CFD: 2015/07/31 19:19:05 - [] D -- C:\Users\User\AppData\Roaming\Mozilla
O43 - CFD: 2015/07/31 20:38:58 - [] D -- C:\Users\User\AppData\Roaming\MyImgur
O43 - CFD: 2015/08/02 11:05:21 - [] D -- C:\Users\User\AppData\Roaming\Notepad++
O43 - CFD: 2015/08/02 16:20:33 - [] D -- C:\Users\User\AppData\Roaming\OpenOffice
O43 - CFD: 2015/07/31 20:42:44 - [] D -- C:\Users\User\AppData\Roaming\Opera Software
O43 - CFD: 2015/07/31 20:59:40 - [] D -- C:\Users\User\AppData\Roaming\PhotoFiltre Studio X
O43 - CFD: 2015/08/02 23:06:45 - [] D -- C:\Users\User\AppData\Roaming\vlc
O43 - CFD: 2015/08/02 16:22:45 - [] D -- C:\Users\User\AppData\Roaming\WinRAR
O43 - CFD: 2015/08/11 20:24:30 - [] D -- C:\Users\User\AppData\Roaming\ZHP
O43 - CFD: 2015/08/11 19:07:29 - [] D -- C:\Users\User\AppData\Local\CrashDumps
O43 - CFD: 2015/08/10 23:30:24 - [] D -- C:\Users\User\AppData\Local\Google
O43 - CFD: 2015/08/11 20:13:33 - [] D -- C:\Users\User\AppData\Local\Macromedia
O43 - CFD: 2015/08/11 19:06:46 - [] D -- C:\Users\User\AppData\Local\Microsoft
O43 - CFD: 2015/08/11 20:13:12 - [] D -- C:\Users\User\AppData\Local\Mozilla
O43 - CFD: 2015/08/11 19:37:15 - [] D -- C:\Users\User\AppData\Local\Opera Software
O43 - CFD: 2015/08/10 23:38:40 - [] D -- C:\Users\User\AppData\Local\Programs
O43 - CFD: 2015/08/11 20:22:43 - [] D -- C:\Users\User\AppData\Local\Temp
O43 - CFD: 2015/08/11 19:07:53 - [] D -- C:\Users\User\AppData\Local\VirtualStore
O43 - CFD: 2015/08/11 19:37:23 - [] D -- C:\Users\User\AppData\Local\ZombieNews =>PUP.Optional.ZombieNews
O43 - CFD: 2009/07/14 06:54:32 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/11 19:50:36 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/30 20:42:25 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
O43 - CFD: 2009/07/14 06:49:38 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/31 20:31:46 - [0] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/07/31 20:58:46 - [0] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/08/07 18:30:26 - [] D -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 2015/08/11 19:50:36 - [] RD -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/08/11 20:39:53 - [] D -- C:\Users\User\AppData\Roaming\ZHP
O43 - CFD: 2015/08/11 20:39:59 - [] D -- C:\Users\User\AppData\Local\Temp
---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (21) - 5s
O45 - LFCP:[MD5.995DA2000491E1339BD57382C0B96433] 2015/08/10 23:16:28 A -- C:\Windows\Prefetch\62793.WINDAPP.MON001.NO.EXE-812E0B13.pf =>PUP.Optional.Nosibay
O45 - LFCP:[MD5.738BAA02B298B9ADA461EBA898B23940] 2015/08/10 23:16:07 A -- C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.EXE-7572042E.pf =>PUP.Optional.WebBar
O45 - LFCP:[MD5.ECCF9979094D3A80C2D3BAB52DDF117B] 2015/08/10 23:16:07 A -- C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.TMP-2A313DF5.pf =>PUP.Optional.WebBar
O45 - LFCP:[MD5.D1F53D104F223578FE46B242A605B09A] 2015/08/10 23:11:15 A -- C:\Windows\Prefetch\AMT_OURSURFING.EXE-45D3D7AD.pf =>PUP.Optional.OurSurfing
O45 - LFCP:[MD5.A9EE7B92AE7128A129BAC5C825A7663E] 2015/08/10 23:19:17 A -- C:\Windows\Prefetch\BOXORE.EXE-872755D1.pf =>PUP.Optional.Boxore
O45 - LFCP:[MD5.C3C76B5CDB4F532FBC1911AFFA1B9CE2] 2015/08/10 23:15:50 A -- C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-41ADDF0F.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.0D429818B3D5DAE939E6B9DF58E682C6] 2015/08/10 23:16:56 A -- C:\Windows\Prefetch\BUBBLE DOCK.EXE-433B683F.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.B1D8CB4DC65EFD903FD920A4915C314D] 2015/08/10 23:15:48 A -- C:\Windows\Prefetch\INSTALL_BUBBLEDOCK.EXE-F3AEDE4B.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.1A98B41970E7EFF1641266210972AC9E] 2015/08/10 23:16:29 A -- C:\Windows\Prefetch\LBUBBLE DOCK.EXE-69D3BD2B.pf =>PUP.Optional.BubbleDock
O45 - LFCP:[MD5.688B5040AC4D9D23210C161638E265EE] 2015/08/10 23:13:04 A -- C:\Windows\Prefetch\MBOT_FR_014010057.EXE-33E9976D.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.0FDBAD87D5877E7B9C6658CD1C0E9CB3] 2015/08/10 23:16:02 A -- C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-2D4C6830.pf =>PUP.Optional.WebBar
O45 - LFCP:[MD5.8814DF9D6ABB53D25D223993097C9527] 2015/08/10 23:16:01 A -- C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-D047C149.pf =>PUP.Optional.WebBar
O45 - LFCP:[MD5.DFB155AA13D53FDE80478D3FB63AEF49] 2015/08/10 23:15:13 A -- C:\Windows\Prefetch\PREDM.EXE-ADCCD3BB.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.FEEC8A0E6896B36B57438B341D5DC685] 2015/08/10 23:15:13 A -- C:\Windows\Prefetch\PREDM.TMP-10EBBDF8.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.5A677EBBCD15E92755CA928AE25C0171] 2015/08/10 23:47:03 A -- C:\Windows\Prefetch\STORMALERTS.EXE-81EABC86.pf =>PUP.Optional.StormAlert
O45 - LFCP:[MD5.9C18BD325F18E64A2BF9DB650902D52F] 2015/08/10 23:15:35 A -- C:\Windows\Prefetch\STORMALERTS2_1.EXE-4E923938.pf =>PUP.Optional.StormAlert
O45 - LFCP:[MD5.AA43184BC982915A09F67088EF36A4F4] 2015/08/10 23:46:55 A -- C:\Windows\Prefetch\STORMALERTSAPP.EXE-9138FCCB.pf =>PUP.Optional.StormAlert
O45 - LFCP:[MD5.56A13FBBDFA85824696F99B57EFF9AEA] 2015/08/10 23:15:33 A -- C:\Windows\Prefetch\STORMALERTSSETUP.EXE-9BEA863B.pf =>PUP.Optional.StormAlert
O45 - LFCP:[MD5.592506F23A52389535F1C5312512F593] 2015/08/10 23:13:03 A -- C:\Windows\Prefetch\UPMBOT_FR_014010057.EXE-05B46C83.pf =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.70BFA585E4EA87BECE0C8602DCBEE6D7] 2015/08/10 23:16:45 A -- C:\Windows\Prefetch\VOPACKAGE.EXE-FF7E87CB.pf =>PUP.Optional.Downware
O45 - LFCP:[MD5.A46B39D2661FF627C1B5EB650D6374AA] 2015/08/10 23:18:13 A -- C:\Windows\Prefetch\WPM_V20.0.0.2294.EXE-1A92E269.pf =>PUP.Optional.WpManager
---\\ Liste des pilotes du système (SDL) (O58) (55) - 2s
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864]
O58 - SDL:2009/07/14 03:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440]
O58 - SDL:2015/04/17 14:00:32 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904]
O58 - SDL:2009/07/14 03:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128]
O58 - SDL:2015/04/17 14:00:33 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632]
O58 - SDL:2009/07/14 03:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856]
O58 - SDL:2009/06/10 22:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432]
O58 - SDL:2009/06/10 22:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704]
O58 - SDL:2009/07/14 03:19:07 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976]
O58 - SDL:2009/06/10 22:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720]
O58 - SDL:2009/06/10 22:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480]
O58 - SDL:2009/07/14 03:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488]
O58 - SDL:2009/07/14 03:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496]
O58 - SDL:2009/06/10 22:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016]
O58 - SDL:2009/06/10 22:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232]
O58 - SDL:2010/11/21 05:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720]
O58 - SDL:2015/04/17 14:00:32 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496]
O58 - SDL:2013/08/20 01:20:18 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4165120]
O58 - SDL:2009/07/14 03:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112]
O58 - SDL:2013/08/02 02:01:32 A . (.Copyright (C) 2011-2012 - Intel(R) Smart Connect Technology Device Dr.) -- C:\Windows\System32\drivers\ISCTD64.sys [46568]
O58 - SDL:2013/04/26 04:24:58 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\Windows\System32\drivers\iusb3hcs.sys [20464]
O58 - SDL:2013/04/26 04:24:56 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\iusb3hub.sys [368112]
O58 - SDL:2013/04/26 04:24:56 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [786416]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816]
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272]
O58 - SDL:2015/08/11 20:11:12 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392]
O58 - SDL:2009/07/14 03:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736]
O58 - SDL:2015/06/18 08:41:56 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704]
O58 - SDL:2009/07/14 03:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264]
O58 - SDL:2015/04/17 14:00:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352]
O58 - SDL:2015/04/17 14:00:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272]
O58 - SDL:2009/07/14 03:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816]
O58 - SDL:2009/07/14 03:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592]
O58 - SDL:2013/04/10 05:09:24 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [849992]
O58 - SDL:2013/09/10 15:40:40 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3640024]
O58 - SDL:2011/07/20 13:58:18 A . (.Realtek Semiconductor Corporation - Realtek RTL8192S USB NDIS Driver.) -- C:\Windows\System32\drivers\RTL8192su.sys [694376]
O58 - SDL:2009/06/10 22:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2009/07/14 02:00:40 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208]
O58 - SDL:2009/07/14 03:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584]
O58 - SDL:2009/07/14 03:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464]
O58 - SDL:2009/07/14 03:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656]
O58 - SDL:2013/09/16 21:20:12 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488]
O58 - SDL:2009/07/14 03:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872]
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (3) - 5s
O61 - LFC: 2015/08/10 23:10:34 A . (.Dummy, Ltd..) -- C:\Users\User\Downloads\Adobe Photoshop CC 2014 Crack Full Download With Serial Key_10924_i42995435_il345.exe [1542160]
O61 - LFC: 2015/08/10 23:44:57 A . (..) -- C:\Users\User\AppData\Roaming\Liberal Regiment\Liberal Regiment.exe [66048]
O61 - LFC: 2015/08/11 00:01:41 A . (..) -- C:\Users\User\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [333410]
---\\ Associations Shell Spawning (O67) (10) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
---\\ Menu de démarrage Internet (SMI) (O68) (20) - 1s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (27) - 14s
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.defaultenginename", "webssearches"); =>PUP.Optional.WebsSearches
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.searchengine.uid", "ST500DM002-1BD142_Z3TNEPPKXXXXZ3TNEPPK"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("browser.search.selectedEngine", "webssearches"); =>PUP.Optional.WebsSearches
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb [...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri [...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_bundledWithHash.value", "null"); =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri F[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D"); =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_regBundledWithSoftware.expiration"[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.name", "CinemaPlus-4.5vV10.08"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.aDXYYH4339170JXVPYKS65865478com74261.74261.publisher", "Cinema PlusV10.08"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledUrls.expi[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledUrls.valu[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_bundledWithHash.[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_notBundledArr_.e[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_notBundledArr_.v[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.internaldb.monetization_plugin_regBundledWithSo[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.name", "CinemaPlus-3.2c"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.ad4db60df25f14dae9dd18185c395f9e794c9ab86be3ebcom72893.72893.publisher", "Cinema Plus"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.crossrider.bic", "14f1df77cafb6ed40fe1c520243f9e00"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.quick_start.enable_search1", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [User - 0p30h4va.default] user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Enumère les services démarrés par Svchost (SSS) (O83) (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [235520]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [792064]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [861184]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [2603008]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [127488]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [225792]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (3) - 0s
O87 - FAEL: "{1C5F96AA-8294-42B8-B33B-1B1E48B2D0D2}" [In-None-P6-TRUE] .(...) -- C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (.not file.)
O87 - FAEL: "{35887E3E-6322-4969-BDE0-D0F3A653F830}" [In-None-P6-TRUE] .(...) -- D:\Network\EpsonNetSetup\ENEasyApp.exe (.not file.)
O87 - FAEL: "{A4402150-7FCE-431C-ADF0-943260710A7B}" [In-None-P17-TRUE] .(...) -- D:\Network\EpsonNetSetup\ENEasyApp.exe (.not file.)
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) (1) - 1s
[MD5.] [WIS][2015/08/10 23:13:53] (.The Software Group - Windows Installer XML Toolset (3.8.1128.0).) -- C:\Windows\Installer\9ff0ea.msi [45056] =>PUP.Optional.Boxore
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) (19) - 7s
SR - Auto [2009/05/14 17:07:14] [ 759048] ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
SR - Auto [2015/07/07 20:12:28] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Demand [2015/08/02 08:37:32] [ 268976] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - Demand [2013/08/24 03:48:06] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe
SR - Auto [2006/12/19 18:23:20] [ 94208] EpsonBidirectionalService (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION.) - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
SR - Auto [2011/01/11 22:00:00] [ 168448] EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
SR - Auto [2011/01/11 22:00:00] [ 131072] EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
SS - Auto [2015/07/29 16:02:54] [ 107848] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Demand [2015/07/29 16:02:54] [ 107848] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - Auto [2013/08/27 14:32:14] [ 747520] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - Demand [2013/08/27 14:32:30] [ 828376] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - Auto [2013/09/16 21:20:10] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto [2015/08/10 23:44:57] [ 66048] Liberal Regiment (Liberal Regiment) . (...) - C:\Users\User\AppData\Roaming\Liberal Regiment\Liberal Regiment.exe
SR - Auto [2013/09/16 21:20:16] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - Demand [2015/08/07 18:47:05] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - Auto [2013/09/26 13:39:36] [ 30240] (MSI_Trigger_Service) . (.MICRO-STAR INTERNATIONAL CO., LTD..) - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
SR - Auto [2008/06/26 19:09:36] [ 167936] WlanWpsSvc (WlanWpsSvc) . (.Copyright (C) 2008.) - C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
SS - Demand [2015/08/11 20:35:26] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
---\\ Scan Additionnel (O88) (50) - 0s
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\searchplugins\webssearches.xml =>PUP.Optional.WebsSearches
C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\0p30h4va.default\extensions\deskCutv2@gmail.com =>PUP.Optional.LightningNewTab
HKLM\SYSTEM\CurrentControlSet\Services\comyninu =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\hyverumu =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\synocufe =>PUP.Optional.CrossRider
C:\ProgramData\Puennagub\1.0.4.1\mrouvwne.exe =>Heuristic.PullUpdate
C:\Windows\Tasks\AutoMount.job =>PUP.Optional.PriceLess
C:\Windows\System32\Tasks\AutoMount =>PUP.Optional.PriceLess
C:\Windows\System32\Tasks\Puennagub =>Heuristic.PullUpdate
HKLM\SOFTWARE\Wow6432Node\BrowserV10.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\BrowserV10.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.5vV10.08-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaPlus-4.5vV10.08-nv-ie =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\PlusHD_v3.1V31.07-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\PlusHD_v3.1V31.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BrowserV10.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus-4.5vV10.08-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaPlus-4.5vV10.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\maxdriverupdater =>PUP.Optional.MaxDriverUpdater
HKCU\SOFTWARE\PlusHD_v3.1V31.07-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\PlusHD_v3.1V31.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\StormAlertsApp =>PUP.Optional.StormAlert
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
C:\Users\User\AppData\Local\ZombieNews =>PUP.Optional.ZombieNews
C:\Windows\Prefetch\62793.WINDAPP.MON001.NO.EXE-812E0B13.pf =>PUP.Optional.Nosibay
C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.EXE-7572042E.pf =>PUP.Optional.WebBar
C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.TMP-2A313DF5.pf =>PUP.Optional.WebBar
C:\Windows\Prefetch\AMT_OURSURFING.EXE-45D3D7AD.pf =>PUP.Optional.OurSurfing
C:\Windows\Prefetch\BOXORE.EXE-872755D1.pf =>PUP.Optional.Boxore
C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-41ADDF0F.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\BUBBLE DOCK.EXE-433B683F.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\INSTALL_BUBBLEDOCK.EXE-F3AEDE4B.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\LBUBBLE DOCK.EXE-69D3BD2B.pf =>PUP.Optional.BubbleDock
C:\Windows\Prefetch\MBOT_FR_014010057.EXE-33E9976D.pf =>PUP.Optional.CrossRider
C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-2D4C6830.pf =>PUP.Optional.WebBar
C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-D047C149.pf =>PUP.Optional.WebBar
C:\Windows\Prefetch\PREDM.EXE-ADCCD3BB.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\PREDM.TMP-10EBBDF8.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\STORMALERTS.EXE-81EABC86.pf =>PUP.Optional.StormAlert
C:\Windows\Prefetch\STORMALERTS2_1.EXE-4E923938.pf =>PUP.Optional.StormAlert
C:\Windows\Prefetch\STORMALERTSAPP.EXE-9138FCCB.pf =>PUP.Optional.StormAlert
C:\Windows\Prefetch\STORMALERTSSETUP.EXE-9BEA863B.pf =>PUP.Optional.StormAlert
C:\Windows\Prefetch\UPMBOT_FR_014010057.EXE-05B46C83.pf =>PUP.Optional.CrossRider
C:\Windows\Prefetch\VOPACKAGE.EXE-FF7E87CB.pf =>PUP.Optional.Downware
C:\Windows\Prefetch\WPM_V20.0.0.2294.EXE-1A92E269.pf =>PUP.Optional.WpManager
C:\Windows\Installer\9ff0ea.msi =>PUP.Optional.Boxore
---\\ Récapitulatif des éléments trouvées sur votre station (21) - 0s
http://www.nicolascoolman.fr/blog =>PUP.Optional.ZombieNews
http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch
http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
http://www.nicolascoolman.fr/blog =>PUP.Optional.LightningNewTab
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.PriceLess
http://www.nicolascoolman.fr/blog =>Heuristic.PullUpdate
http://www.nicolascoolman.fr/pup-optional-dailypcclean/ =>PUP.Optional.DailyPCClean
http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxDriverUpdater
http://www.nicolascoolman.fr/blog =>PUP.Optional.StormAlert
http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxComputerCleaner
http://www.nicolascoolman.fr/blog =>PUP.Optional.Nosibay
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebBar
http://www.nicolascoolman.fr/blog =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/adware-boxore/ =>PUP.Optional.Boxore
http://www.nicolascoolman.fr/pup-bubbledock/ =>PUP.Optional.BubbleDock
http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware
http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/blog =>PUP.Optional.Monetization
http://www.nicolascoolman.fr/pup-quickstart/ =>PUP.Optional.QuickStart
~ End of the scan, 31042 items in 64 seconds (801)(0)()