~ ZHPDiag v2015.7.20.20 Par Nicolas Coolman (2015/07/20) ~ Démarré par rémi (Administrator) (2015/07/20 18:32:45) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Etat de la version: Version OK ~ Mode: Scanner ~ Rapport: C:\Users\rémi\Desktop\ZHPDiag.txt ~ Rapport: C:\Users\rémi\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Démarrage du système: Normal (Normal boot) ~ Windows 8.1, 64-bit (Build 9600) ---\\ Navigateurs Internet (2) - 0s MFIE: Mozilla Firefox 38.0.5 (x86 en-US) v38.0.5 MSIE: Internet Explorer v11.0.9600.17905 ---\\ Informations sur les produits Windows (4) - 1s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK (Auto) Windows Activation Technologies : OK ---\\ Logiciels d'optimisation (1) - 1s CCleaner v5.06 ---\\ Surveillance de Logiciels (1) - 1s Adobe Flash Player 18 NPAPI ---\\ Logiciels de partage P2P (1) - 1s qBittorrent 3.1.11 v3.1.11 ---\\ Informations sur le système (6) - 0s ~ Operating System: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8314.9 MB (76% free) ~ System Restore: Activé (Enable) ~ System drive C: has 55 GB free of 114 GB ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: DIEHUMAN ~ User Name: rémi ~ Logged in as Administrator ---\\ Enumération des unités disques (6) - 0s ~ Drive C: has 55 GB free of 114 GB (System) ~ Drive E: has 552 GB free of 953 GB ~ Drive F: has GB free of 3 GB ~ Drive G: has GB free of 15 GB ~ Drive H: has GB free of 1 GB ~ Drive J: has GB free of 8 GB ---\\ Etat du Centre de Sécurité Windows (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Recherche particulière de fichiers génériques (23) - 1s [MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2501368] [MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [54784] [MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [145920] [MD5.98C6A46E9E2822BF83196C2EAE43DBD4] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2427392] [MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [572416] [MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.E37F897ED7B5AFF79B1398258DB96BD9] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [19456] [MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [563200] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352] [MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134144] [MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [76800] [MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [108544] [MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848] [MD5.6FBDF2B1B025A8E6E069234362FFFFB7] - (.Microsoft Corporation - Minirdr SMB Windows NT.) () -- C:\Windows\System32\drivers\MRxSmb.sys [401408] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624] [MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [2025792] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520] [MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [310080] ---\\ Processus lancés (41) - 3s [MD5.2998362D1E550F0C990D77E34415BEB6] - (.AMD - AMD External Events Service Module.) -- C:\Windows\system32\atiesrxx.exe [244736] [PID.840] [MD5.CAC9C36B2E28F3AE76FF62EA7523D71F] - (.AMD - AMD External Events Client Module.) -- C:\Windows\system32\atieclxx.exe [774656] [PID.332] [MD5.A9D556F96B3E7AB0539A064DAA82B596] - (.Realtek Semiconductor - NetworkGenie.exe.) -- C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe [2039808] [PID.1712] [MD5.75736425D9B4A1D0CEF604FF41EA5FCE] - (.Hi-Rez Studios - HiPatchService.) -- E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704] [PID.2020] [MD5.37831E830D0C6D98A2516D3A6ABC50DD] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [2773632] [PID.1848] [MD5.D74E5BC84B7138730023570421BF7ADD] - (...) -- C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [1992704] [PID.1548] [MD5.4A18834C9D7C7A635855D457967DE674] - (.Micro-Star Int'l Co., Ltd. - MSIFileSyncMonitor.) -- C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe [13824] [PID.2096] [MD5.629CC5BE3BD275ECD8BBDBEC412C3C8A] - (.MSI - FastBootService.) -- C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992] [PID.2204] [MD5.3269323591C8B104C7F77159F7E5ED56] - (.Micro-Star INT'L CO., LTD. - MSI Live Update Service.) -- C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1736872] [PID.2244] [MD5.BEEECADE6833277953336A8C9637CC29] - (.MSI - Suite Charger Service.) -- C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe [140272] [PID.2284] [MD5.95396641B1C2C9F994181705D2EBB2EA] - (.MSI - ComCenService.) -- C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe [333296] [PID.2312] [MD5.A9FD6D2612E06BA1E04AC7E72A82A188] - (.MSI - SuiteFastBoot Service.) -- C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe [105016] [PID.2340] [MD5.F88CCB54F2B917F03DBFC27E93463035] - (.MSI - Super Charger Service.) -- C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280] [PID.2384] [MD5.A50CD1BC1CFFEC65E0D176DBEC70682A] - (...) -- c:\Windows\mtnr.exe [408576] [PID.2416] [MD5.93F304DEB07095BCF33BD1C17C2DB2A7] - (.Native Instruments GmbH - NIHardwareService.) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [6364024] [PID.2452] [MD5.4011BED31DD435F70EAD720F2B1594FC] - (...) -- C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\knsw6741.tmpfs [269312] [PID.2516] =>PUP.Optional.CrossRider [MD5.12CA8B23B88A04E83297D855972234AC] - (.Micro-Star INT'L CO., LTD. - SuperRAIDSvc.) -- C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648] [PID.2660] [MD5.CF3E485E3D3D7CCAB27B139D73B63E20] - (...) -- c:\Windows\tnr.exe [417792] [PID.2760] [MD5.918C6F7D4C240FF4D9FBCB8937BD11C3] - (...) -- C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\hnsyABF3.tmp [165376] [PID.2788] =>PUP.Optional.CrossRider [MD5.2B639342639296899D5488CFFC6914B7] - (...) -- C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\jnso924F.tmp [199168] [PID.2860] =>PUP.Optional.CrossRider [MD5.AE3ED3E84C9ECC8EC624048A48FDF3C9] - (...) -- C:\Users\rémi\AppData\Local\gmsd_fr_005010035\upgmsd_fr_005010035.exe [3298448] [PID.4056] =>PUP.Optional.CrossRider [MD5.912858EE253CA62AC0DC326BB556273B] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136] [PID.5832] [MD5.44A9229022A519ED45294A1934C05EEC] - (.Flux Software LLC - f.lux.) -- C:\Users\rémi\AppData\Local\FluxSoftware\Flux\flux.exe [1017224] [PID.5924] [MD5.9F8CC0B84798CE0737A9061F4F5A6C76] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [770048] [PID.6120] =>PUP.Optional.CrossBrowse [MD5.F7593C18BE0493DF2BE3B3245545EB9C] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe [299520] [PID.6128] [MD5.06DCDE310630A7E8BAB528168C29C7AF] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe [299520] [PID.5420] [MD5.4543E82F2992DA1BD06140CD676FFE0B] - (.Micro-Star INT'L CO.,LTD. - Fast Boot.) -- C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe [2438480] [PID.5756] [MD5.9F8CC0B84798CE0737A9061F4F5A6C76] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [770048] [PID.5644] =>PUP.Optional.CrossBrowse [MD5.2E8DAE04FDC0B3B92BC271FB7B3E6A5D] - (.Micro-Star INT'L CO., LTD. - Live Update 6 Application.) -- C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3454632] [PID.3132] [MD5.9F8CC0B84798CE0737A9061F4F5A6C76] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [770048] [PID.4840] =>PUP.Optional.CrossBrowse [MD5.075D7872E7AAD06350A4D687C4237C83] - (.MSI - Super Charger.) -- C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024] [PID.5808] [MD5.F5DF96342ACC1CFB5C55DEA9BF812DFD] - (.Disc Soft Ltd - Disc soft bus service.) -- E:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [887056] [PID.4816] [MD5.C14DEC0A9308A2230AD1A897067262FA] - (...) -- C:\Program Files (x86)\gmsd_fr_005010035\gmsd_fr_005010035.exe [3977360] [PID.6248] =>PUP.Optional.CrossRider [MD5.DF1F77F92EA216825F8E0F43B392C886] - (.Abengine - .) -- C:\Program Files (x86)\FastSearch\acengine.exe [1787024] [PID.5608] =>PUP.Optional.FastSearch [MD5.ACB1BE3F0AE4C8F96701577DA6462CC4] - (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- E:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe [10725320] [PID.7096] [MD5.E2B516A2212D500C8321BC1310D2A361] - (.Intel(R) Corporation - XtuService.) -- C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [17720] [PID.9284] [MD5.AE3ED3E84C9ECC8EC624048A48FDF3C9] - (...) -- C:\Users\rémi\AppData\Local\gmsd_fr_005010035\upgmsd_fr_005010035.exe [3298448] [PID.2684] =>PUP.Optional.CrossRider [MD5.9F50E818EC2D324791FEACAA6207CA89] - (...) -- C:\Users\rémi\AppData\Local\gmsd_fr_005010035\Download\myoffergroup_fr.exe [3725856] [PID.3600] =>PUP.Optional.CrossRider [MD5.9303156631EE2436DB23827E27337BE4] - (. - Setup/Uninstall.) -- C:\Users\rémi\AppData\Local\Temp\is-TDPCQ.tmp\myoffergroup_fr.tmp [708096] [PID.3268] [MD5.B9EA9376BA50ECD409CE5A09F365178D] - (...) -- C:\Users\rémi\AppData\Local\Temp\is-1R35U.tmp\gentlemjmp_ieu.exe [3272696] [PID.2000] [MD5.69CFD0A4426E7C22178CE43933423877] - (. - Setup/Uninstall.) -- C:\Users\rémi\AppData\Local\Temp\is-C5UHN.tmp\gentlemjmp_ieu.tmp [794624] [PID.10104] ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (9) - 0s G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Docs G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (10) - 1s P2 - EXT FILE: (...) -- C:\Users\rémi\AppData\Roaming\Mozilla\Firefox\Profiles\kirk93i3.default\extensions\info@youtube-mp3.org.xpi P2 - EXT FILE: (...) -- C:\Users\rémi\AppData\Roaming\Mozilla\Firefox\Profiles\kirk93i3.default\extensions\jid1-6gzTcCreJnRqoIj7t8ltxj2HuKc@jetpack.xpi P2 - EXT FILE: (...) -- C:\Users\rémi\AppData\Roaming\Mozilla\Firefox\Profiles\kirk93i3.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT FILE: (...) -- C:\Users\rémi\AppData\Roaming\Mozilla\Firefox\Profiles\kirk93i3.default\searchplugins\bingcom.xml P2 - EXT: (.Olivier R. - Dictionnaires français.) -- C:\Users\rémi\AppData\Roaming\Mozilla\Firefox\Profiles\kirk93i3.default\extensions\fr-dicollecte@dictionaries.addons.mozilla.org P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN.) -- E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.2.1] - (.VideoLAN.) -- E:\Program Files (x86)\VideoLAN\VLC\npvlc.dll ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (18) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/ =>PUP.Optional.StartSearch R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/ =>PUP.Optional.StartSearch R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/ =>PUP.Optional.StartSearch R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/ =>PUP.Optional.StartSearch R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Proxy Management (R5) (3) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ---\\ Hosts file redirection (O1) (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Applications lancées au démarrage du sytème (O4) (23) - 0s O4 - HKLM\..\Run: [ISCT Tray] . (.Intel Corporation - ISCT SysTray.) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe O4 - HKLM\..\Run: [SpaceSoundPro] C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe (.not file.) =>PUP.Optional.SpaceSondPro O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- E:\Program Files (x86)\Steam\Steam.exe O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- E:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe O4 - HKCU\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\rémi\AppData\Local\FluxSoftware\Flux\flux.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E514E5854911243E930B697E867D1C4D] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Intel Corporation - PIcon startup utility.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe O4 - HKLM\..\Wow6432Node\Run: [Fast Boot] . (...) -- C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe O4 - HKLM\..\Wow6432Node\Run: [Live Update] . (.Micro-Star INT'L CO., LTD. - Live Update 6 Application.) -- C:\Program Files (x86)\MSI\Live Update\Live Update.exe O4 - HKLM\..\Wow6432Node\Run: [Super Charger] . (.MSI - Super Charger.) -- C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe O4 - HKLM\..\Wow6432Node\Run: [Command Center] . (.MSI - .) -- C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_002030035] (Orphean) =>PUP.Optional.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010035] . (...) -- C:\Program Files (x86)\gmsd_fr_005010035\gmsd_fr_005010035.exe =>PUP.Optional.CrossRider O4 - HKLM\..\Wow6432Node\RunOnce: [Rutukabamalut] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\SysWOW64\wscript.exe O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_005010035.exe] . (...) -- C:\Users\rémi\AppData\Local\gmsd_fr_005010035\upgmsd_fr_005010035.exe =>PUP.Optional.CrossRider O4 - HKUS\S-1-5-21-552799243-1784283655-2781718289-1001\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper.) -- E:\Program Files (x86)\Steam\Steam.exe O4 - HKUS\S-1-5-21-552799243-1784283655-2781718289-1001\..\Run: [DAEMON Tools Ultra Agent] . (.Disc Soft Ltd - DAEMON Tools Ultra Agent.) -- E:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe O4 - HKUS\S-1-5-21-552799243-1784283655-2781718289-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe O4 - HKUS\S-1-5-21-552799243-1784283655-2781718289-1001\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\rémi\AppData\Local\FluxSoftware\Flux\flux.exe O4 - HKUS\S-1-5-21-552799243-1784283655-2781718289-1001\..\Run: [GoogleChromeAutoLaunch_E514E5854911243E930B697E867D1C4D] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse ---\\ Raccourcis Global Startup (O4G) (10) - 12s O4 - GS\Quicklaunch [Administrateur]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\TaskBar [Administrateur]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\Startup [Administrateur]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\Quicklaunch [Invité]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\TaskBar [Invité]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\Startup [Invité]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\Quicklaunch [rémi]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\TaskBar [rémi]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\Startup [rémi]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O4 - GS\CommonDesktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse ---\\ Winsock hijacker (Layered Service Provider) (O10) (10) - 0s O10 - WLSP:\Catalog_Entries\000000000001\Winsock LSP File . (...) -- C:\Windows\System32\acengine.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries\000000000002\Winsock LSP File . (...) -- C:\Windows\System32\acengine.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries\000000000003\Winsock LSP File . (...) -- C:\Windows\System32\acengine.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries\000000000004\Winsock LSP File . (...) -- C:\Windows\System32\acengine.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries\000000000015\Winsock LSP File . (...) -- C:\Windows\System32\acengine.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries64\000000000001\Winsock LSP File . (.Abengine.) -- C:\Windows\system32\acengine64.dll (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries64\000000000002\Winsock LSP File . (.Abengine.) -- C:\Windows\system32\acengine64.dll (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries64\000000000003\Winsock LSP File . (.Abengine.) -- C:\Windows\system32\acengine64.dll (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries64\000000000004\Winsock LSP File . (.Abengine.) -- C:\Windows\system32\acengine64.dll (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries64\000000000015\Winsock LSP File . (.Abengine.) -- C:\Windows\system32\acengine64.dll (Hijacker.Winsock) ---\\ Modification Domaine/Adresses DNS (O17) (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) (1) - 0s O20 - AppInit_DLLs: . (.Auteurs - .) - C:\Windows\System32\ ---\\ Liste des services NT non Microsoft et non désactivés (O23) (25) - 1s O23 - Service: acengine (acengine) . (.Abengine - .) - C:\Program Files (x86)\FastSearch\acengine.exe =>PUP.Optional.FastSearch O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) . (.Hi-Rez Studios - HiPatchService.) - E:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) . (.Copyright© 2011-2013 Intel Corporation - ISCT Agent Application.) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe O23 - Service: MSICTL_CC (MSICTL_CC) . (...) - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe O23 - Service: (MSIFileSyncMonitor) . (.Micro-Star Int'l Co., Ltd. - MSIFileSyncMonitor.) - C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe O23 - Service: MSI_FastBoot (MSI_FastBoot) . (.MSI - FastBootService.) - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe O23 - Service: MSI_LiveUpdate_Service (MSI_LiveUpdate_Service) . (.Micro-Star INT'L CO., LTD. - MSI Live Update Service.) - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe O23 - Service: MSI_SuiteCharger (MSI_SuiteCharger) . (.MSI - Suite Charger Service.) - C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe O23 - Service: MSI_SuiteComCen (MSI_SuiteComCen) . (.MSI - ComCenService.) - C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe O23 - Service: MSI_SuiteFastBoot (MSI_SuiteFastBoot) . (.MSI - SuiteFastBoot Service.) - C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe O23 - Service: MSI_SuperCharger (MSI_SuperCharger) . (.MSI - Super Charger Service.) - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe O23 - Service: mtnr (mtnr) . (...) - c:\Windows\mtnr.exe O23 - Service: NIHardwareService (NIHardwareService) . (.Native Instruments GmbH - NIHardwareService.) - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: High Resolution Log-in Name (puwehevo) . (...) - C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\knsw6741.tmpfs =>PUP.Optional.CrossRider O23 - Service: Service KMSELDI (Service KMSELDI) . (. - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico O23 - Service: SuperRAIDSvc (SuperRAIDSvc) . (.Micro-Star INT'L CO., LTD. - SuperRAIDSvc.) - C:\MSI\Smart Utilities\SuperRAIDSvc.exe O23 - Service: tnr (tnr) . (...) - c:\Windows\tnr.exe O23 - Service: Encyclopaedia Enter (vicoqudu) . (...) - C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\hnsyABF3.tmp =>PUP.Optional.CrossRider O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) . (.Intel(R) Corporation - XtuService.) - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe O23 - Service: Typewriter High Resolution (zejytose) . (...) - C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\jnso924F.tmp =>PUP.Optional.CrossRider ---\\ Tâches planifiées en automatique (O39) (42) - 5s [MD5.9B3355B29942AF67F014EA90CE1EA960] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976] [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect [MD5.DD3A4BEBE7EA3E75F71F3D9E9E2AA016] [APT] [AutoKMS] (.CODYQX4.) -- C:\Windows\AutoKMS\AutoKMS.exe [3798528] =>HackTool.AutoKMS [MD5.E3FEA8060978EAB6FA5D40E74DE6308B] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe [1051416] =>PUA.KMSpico [MD5.EE526B0428581B57FFC571FF57309E28] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6369048] [MD5.B57D60CD390792DC0650178631380918] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [1967696] =>PUP.Optional.CrossBrowse [MD5.B2D828A68F9AFCFDEFA7FCFA8BE21F93] [APT] [FitBits] (...) -- c:\programdata\{ab046494-0518-7dd6-ab04-464940519250}\nsn2d03.tmp.exe [227328] [MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.Optional.GlobalUpdate [MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.Optional.GlobalUpdate [MD5.A9D556F96B3E7AB0539A064DAA82B596] [APT] [RtlNetworkGenieVistaStart] (.Realtek Semiconductor.) -- C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe [2039808] [MD5.60AC474F017C6E17C4A88839F02188E8] [APT] [sab3009] (...) -- C:\Program Files (x86)\FastSearch\sab3009.exe [60036] =>PUP.Optional.FastSearch [MD5.67B9C9B21590E3DAB8468AC79CDD2148] [APT] [Intel\Intel Telemetry 2 (x86)] (.Intel Corporation.) -- C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1285928] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\Binkiland disa.job [780] =>PUP.Optional.Binkiland O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1072] =>PUP.Optional.CrossBrowse O39 - APT: FitBits - (...) -- C:\Windows\Tasks\FitBits.job [352] O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [986] =>PUP.Optional.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [990] =>PUP.Optional.GlobalUpdate O39 - APT: RtlNetworkGenieVistaStart - (.Realtek Semiconductor.) -- C:\Windows\Tasks\RtlNetworkGenieVistaStart.job [304] O39 - APT: RtlNetworkGenieVistaStart - (.Realtek Semiconductor.) -- C:\Windows\Tasks\Yv9Pd7wNRiBGxXyjpKOLaXYS2.job [1036] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3890] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\amiupdaterExd [3720] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\amiupdaterExi [3928] O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [2806] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [2804] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [2804] =>PUP.Optional.AnyProtect O39 - APT: AutoKMS - (.CODYQX4.) -- C:\Windows\System32\Tasks\AutoKMS [3758] =>HackTool.AutoKMS O39 - APT: AutoPico Daily Restart - (...) -- C:\Windows\System32\Tasks\AutoPico Daily Restart [3702] =>PUA.KMSpico O39 - APT: AutoPico Daily Restart - (...) -- C:\Windows\System32\Tasks\Binkiland disa [3780] =>PUP.Optional.Binkiland O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2788] O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [4070] =>PUP.Optional.CrossBrowse O39 - APT: FitBits - (...) -- C:\Windows\System32\Tasks\FitBits [3236] O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [3726] =>PUP.Optional.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [3962] =>PUP.Optional.GlobalUpdate O39 - APT: RtlNetworkGenieVistaStart - (.Realtek Semiconductor.) -- C:\Windows\System32\Tasks\RtlNetworkGenieVistaStart [2562] O39 - APT: sab3009 - (...) -- C:\Windows\System32\Tasks\sab3009 [3086] =>PUP.Optional.FastSearch O39 - APT: sab3009 - (...) -- C:\Windows\System32\Tasks\{CEE4C6E2-ED3E-492B-8146-B1B4AF962342} [3154] ---\\ Logiciels installés (O42) (132) - 7s O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Package de pilotes Windows - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5 - (.Focusrite.) [HKLM][64Bits] -- CF1FC201D237269A9CD51A3A6B14ADBF67175C32 O42 - Logiciel: Focusrite USB 2.0 Audio Driver 2.5.1 - (.Focusrite Audio Engineering Limited..) [HKLM][64Bits] -- Focusrite USB 2.0 Audio Driver_is1 O42 - Logiciel: Trend Micro SafeSync - (.Trend Micro.) [HKLM][64Bits] -- HFRS_is1 O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1 =>PUA.KMSpico O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM][64Bits] -- TeamSpeak 3 Client O42 - Logiciel: Akai EIE Pro USB Audio driver - (...) [HKLM][64Bits] -- USB_AUDIO_DEusb-audio.deAkaiEIE O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {1B444AF9-1DBE-4884-8F35-969BEFCF69A8} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {1D1CB210-D05E-5BF4-F998-2B1903EE4323} O42 - Logiciel: Intel(R) Smart Connect Technology - (.Intel Corporation.) [HKLM][64Bits] -- {33013669-7557-430E-9153-3C025284E623} O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {43A76F9B-48F1-4E0D-A9B4-8E4F6C42E28C} O42 - Logiciel: Intel(R) Chipset Device Software - (.Intel Corporation.) [HKLM][64Bits] -- {5CA7FC9B-8508-4494-B365-6FBCBAEB8E89} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {5F6F9FDB-4B94-4912-8966-77356C01303C} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {74541060-2DB1-4E8C-B239-3A78EA50F2F6} O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2} O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-040C-1000-0000000FF1CE} O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2} O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE} O42 - Logiciel: Update for Skype for Business 2015 (KB3054946) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2} O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.PROPLUS_{DD51BA84-F589-4939-B5FE-5538B3DCC12E} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {CA07FCB1-DAE9-4F8A-8698-F9C30D1E375F} O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM][64Bits] -- {DD5AE3C7-B242-4964-A173-1B9752457838} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F2A7CE36-57BF-5C86-952D-90DBF3746D82} O42 - Logiciel: Intel® Watchdog Timer Driver (Intel® WDT) - (.Intel Corporation.) [HKLM][64Bits] -- 3FD0C489-0F02-481a-A3E1-9754CD396761 O42 - Logiciel: ACPI Driver Installer - (.Intel Corporation.) [HKLM][64Bits] -- 553E35CD-0415-41bc-B39A-410375E88534 O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Audacity 2.1.0 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 O42 - Logiciel: Battle.net - (.Blizzard Entertainment.) [HKLM][64Bits] -- Battle.net O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.Optional.CrossBrowse O42 - Logiciel: DAEMON Tools Ultra - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Ultra O42 - Logiciel: DiRT 3: Complete Edition - (...) [HKLM][64Bits] -- DiRT 3: Complete Edition_is1 O42 - Logiciel: FastSearch - (.FastSearch.) [HKLM][64Bits] -- FastSearch =>PUP.Optional.FastSearch O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory O42 - Logiciel: Foxit Reader - (...) [HKLM][64Bits] -- Foxit Reader O42 - Logiciel: GamesDesktop 001.005010035 - (.GAMESDESKTOP.) [HKLM][64Bits] -- gmsd_fr_005010035_is1 =>PUP.Optional.GamesDesktop O42 - Logiciel: Hearthstone - (.Blizzard Entertainment.) [HKLM][64Bits] -- Hearthstone O42 - Logiciel: Heroes of the Storm - (.Blizzard Entertainment.) [HKLM][64Bits] -- Heroes of the Storm O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.5 (x86 en-US) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: Native Instruments Controller Editor - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Controller Editor O42 - Logiciel: Native Instruments Guitar Rig 5 - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Guitar Rig 5 O42 - Logiciel: Native Instruments Guitar Rig Mobile I/O - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Guitar Rig Mobile I/O O42 - Logiciel: Native Instruments Guitar Rig Session I/O - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Guitar Rig Session I/O O42 - Logiciel: Native Instruments Rig Kontrol 3 - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Rig Kontrol 3 O42 - Logiciel: Native Instruments Service Center - (.Native Instruments.) [HKLM][64Bits] -- Native Instruments Service Center O42 - Logiciel: OpenAL - (...) [HKLM][64Bits] -- OpenAL O42 - Logiciel: Ori and the Blind Forest - (...) [HKLM][64Bits] -- Ori and the Blind Forest_is1 O42 - Logiciel: qBittorrent 3.1.11 - (.The qBittorrent project.) [HKLM][64Bits] -- qBittorrent O42 - Logiciel: Hatred - (...) [HKLM][64Bits] -- SGF0cmVk_is1 O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam O42 - Logiciel: Terraria - (.Re-Logic.) [HKLM][64Bits] -- Steam App 105600 O42 - Logiciel: Arma 3 - (.Bohemia Interactive.) [HKLM][64Bits] -- Steam App 107410 O42 - Logiciel: XCOM: Enemy Unknown - (.Firaxis Games.) [HKLM][64Bits] -- Steam App 200510 O42 - Logiciel: Chivalry: Medieval Warfare - (.Torn Banner Studios.) [HKLM][64Bits] -- Steam App 219640 O42 - Logiciel: DayZ - (.Bohemia Interactive.) [HKLM][64Bits] -- Steam App 221100 O42 - Logiciel: Path of Exile - (.Grinding Gear Games.) [HKLM][64Bits] -- Steam App 238960 O42 - Logiciel: GunZ 2: The Second Duel - (.MAIET Entertainment.) [HKLM][64Bits] -- Steam App 242720 O42 - Logiciel: METAL SLUG 3 - (.DotEmu.) [HKLM][64Bits] -- Steam App 250180 O42 - Logiciel: Garry's Mod - (.Facepunch Studios.) [HKLM][64Bits] -- Steam App 4000 O42 - Logiciel: Dead Space 2 - (.Visceral Games.) [HKLM][64Bits] -- Steam App 47780 O42 - Logiciel: Counter-Strike: Global Offensive - (.Valve.) [HKLM][64Bits] -- Steam App 730 O42 - Logiciel: The Witcher 2 - Assassins of Kings Enhanced Edition - (.GOG.com.) [HKLM][64Bits] -- The Witcher 2 - Assassins of Kings Enhanced Edition_is1 O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player O42 - Logiciel: WinRAR 5.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: MSI Smart Utilities - (.MSI.) [HKLM][64Bits] -- {009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1 O42 - Logiciel: MSI Fast Boot - (.MSI.) [HKLM][64Bits] -- {0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1 O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {11087D24-567D-7D88-69C6-D7A08B5F4C47} O42 - Logiciel: Batch Converter Plug-In - (.Screaming Bee.) [HKLM][64Bits] -- {11BEA44C-BCFE-405E-9C76-33EF407A4354} O42 - Logiciel: Support PL 1.1 - (.riceLes.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{9617fb41} O42 - Logiciel: Workplace Backgrounds - (.Screaming Bee.) [HKLM][64Bits] -- {13304708-E115-4044-82DA-88A6F5424359} O42 - Logiciel: MorphVOX Pro - (.Screaming Bee.) [HKLM][64Bits] -- {1DDBB040-3BEB-4057-90BB-B38B5E081D1B} O42 - Logiciel: MSI SUITE - (.MSI.) [HKLM][64Bits] -- {1F025E3A-3074-48A3-A8F3-78E735739491}_is1 O42 - Logiciel: Furry Voices for Second Life - (.Screaming Bee.) [HKLM][64Bits] -- {2032DA39-C844-43AE-B638-6A4F7496686E} O42 - Logiciel: FTL version 1.5.10 - (.Subset Games.) [HKLM][64Bits] -- {20E23A40-38E5-4DD6-B738-BC8097AE66B6}_is1 O42 - Logiciel: RomStation - (.RomStation.) [HKLM][64Bits] -- {223B62A8-F6FF-4BEB-BC17-230D12723CD0}_is1 O42 - Logiciel: MSI Intel Extreme Tuning Utility - (.Intel Corporation.) [HKLM][64Bits] -- {236e0932-2039-4fba-9df8-2d67de8f730f} O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} O42 - Logiciel: Male Voice Pack - (.Screaming Bee.) [HKLM][64Bits] -- {2CC32E0E-9A10-4BCC-94F0-614F85375F59} O42 - Logiciel: Smite - (.Hi-Rez Studios.) [HKLM][64Bits] -- {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017} O42 - Logiciel: Hi-Rez Studios Authenticate and Update Service - (.Hi-Rez Studios.) [HKLM][64Bits] -- {3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC} O42 - Logiciel: Intel® Watchdog Timer Driver (Intel® WDT) - (.Intel Corporation.) [HKLM][64Bits] -- {3FD0C489-0F02-481a-A3E1-9754CD396761} O42 - Logiciel: MorphVOX Effects Rack - (.Screaming Bee.) [HKLM][64Bits] -- {4439ED25-D9ED-4E78-A41E-6C6C5DCEDE62} O42 - Logiciel: youtubeadblocker - (...) [HKLM][64Bits] -- {4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.Optional.Multiplug O42 - Logiciel: Personality Voices - (.Screaming Bee.) [HKLM][64Bits] -- {4B886E97-AF5B-46F0-9F48-6BE03149D972} O42 - Logiciel: MSI Live Update 6 - (.MSI.) [HKLM][64Bits] -- {4F46CF54-47D2-41F4-B230-B0954C544420}}_is1 O42 - Logiciel: Creatures of Darkness - (.Screaming Bee.) [HKLM][64Bits] -- {573F9269-A022-4C6F-97BD-CF1316A76369} O42 - Logiciel: Voice Splicer Plug-In - (.Screaming Bee.) [HKLM][64Bits] -- {5A53F620-6A7A-4362-94AD-12D9FCB856E1} O42 - Logiciel: Fantasy Voice Pack - (.Screaming Bee.) [HKLM][64Bits] -- {5F4C3E1F-87FC-41BD-B219-E4156BBD8AE5} O42 - Logiciel: Intel(R) Update Manager - (.Intel Corporation.) [HKLM][64Bits] -- {608E1B9B-A2E8-4A1F-8BAB-874EB0DD25E3} O42 - Logiciel: Sci-Fi 2 Sound Pack - (.Screaming Bee.) [HKLM][64Bits] -- {62DC2D57-7AB8-4181-994B-C62D55FCE6F4} O42 - Logiciel: Deep Space Voices - (.Screaming Bee.) [HKLM][64Bits] -- {67CEC218-B250-4B4C-B23F-A597EC8DB153} O42 - Logiciel: Intel(R) Small Business Advantage - (.Intel(R) Corporation.) [HKLM][64Bits] -- {6A6D86CD-B004-46b7-8951-7BB75A776F8C} O42 - Logiciel: PriceLesas - (...) [HKLM][64Bits] -- {75F9BF4A-AF67-A478-A37B-31D73186D3F3} =>PUP.Optional.Multiplug O42 - Logiciel: MSI Super Charger - (.MSI.) [HKLM][64Bits] -- {7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1 O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {80407BA7-7763-4395-AB98-5233F1B34E65} O42 - Logiciel: MSI Command Center - (.MSI.) [HKLM][64Bits] -- {85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1 O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: Galactic Voices - (.Screaming Bee.) [HKLM][64Bits] -- {891D8FC9-726D-46F2-ADC0-E060A6EB1DC3} O42 - Logiciel: Special Effects Voices - (.Screaming Bee.) [HKLM][64Bits] -- {913C4C4F-9E3E-41A6-A614-1BDC1352A225} O42 - Logiciel: Comic Sound Pack - (.Screaming Bee.) [HKLM][64Bits] -- {91C78DA1-800F-4ACE-B6F6-206F7617D69E} O42 - Logiciel: DJ Streaming Plug-In - (.Screaming Bee.) [HKLM][64Bits] -- {956F54F5-0AA4-441D-8933-7B45F4F56F74} O42 - Logiciel: Logiciel pour périphérique à chipset Intel® - (.Intel(R) Corporation.) [HKLM][64Bits] -- {98f335cd-0a32-4b3f-b74c-ef9480e834f0} O42 - Logiciel: Gameforge Live 2.0.8 - (.Gameforge.) [HKLM][64Bits] -- {9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1 O42 - Logiciel: TERA - (.Gameforge Productions GmbH.) [HKLM][64Bits] -- {A2F166A0-F031-4E27-A057-C69733219434}_is1 O42 - Logiciel: Modern War Sounds - (.Screaming Bee.) [HKLM][64Bits] -- {A514E94F-C436-44C3-A1E9-1F58CD352669} O42 - Logiciel: Linkclump - (...) [HKLM][64Bits] -- {AD11DADE-C597-45D9-D8C5-1D2EB0B89613} O42 - Logiciel: NetworkGenie - (.MSI.) [HKLM][64Bits] -- {B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E} O42 - Logiciel: Fantasy Sound Pack - (.Screaming Bee.) [HKLM][64Bits] -- {B53415F5-4060-48DA-ABB8-00F768158F47} O42 - Logiciel: Sci-Fi Voice Pack - (.Screaming Bee.) [HKLM][64Bits] -- {BC038C91-D3C6-4E43-8439-B65976FE7937} O42 - Logiciel: Text-To-VoIP Plug-in - (.Screaming Bee.) [HKLM][64Bits] -- {C1A6E1A4-B337-41B5-B580-30EB1FF76D56} O42 - Logiciel: Translator Fun Voice Pack - (.Screaming Bee.) [HKLM][64Bits] -- {C39768C1-82E7-4466-8526-2D8AC44B768F} O42 - Logiciel: Sci-Fi Sound Pack - (.Screaming Bee.) [HKLM][64Bits] -- {D16C611D-CA6F-402B-9EDA-9862CF4A701B} O42 - Logiciel: Female Voice Pack - (.Screaming Bee.) [HKLM][64Bits] -- {D947A225-8C23-4E52-866E-CF3967476BFC} O42 - Logiciel: Ancient Weapon Sounds - (.Screaming Bee.) [HKLM][64Bits] -- {E00A5837-482C-4DCE-B4CC-D16B343374E1} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Farm Animal Sounds - (.Screaming Bee.) [HKLM][64Bits] -- {F290F841-044D-44EF-9E51-FFFEA7FEE2D7} O42 - Logiciel: Spooky Sounds - (.Screaming Bee.) [HKLM][64Bits] -- {F71EBF86-9A73-44C0-A674-55FA3E4A8428} O42 - Logiciel: Blue Satin Skin - (.Screaming Bee.) [HKLM][64Bits] -- {FB7D6550-9260-42E6-83C8-BF3A7E54442F} O42 - Logiciel: «Mortal Kombat X» 1.0.22459.0 - (.Warner Bros. Interactive Entertainment.) [HKLM][64Bits] -- «Mortal Kombat X»_is1 O42 - Logiciel: f.lux - (...) [HKCU][64Bits] -- Flux O42 - Logiciel: GameRanger - (.GameRanger Technologies.) [HKCU][64Bits] -- GameRanger O42 - Logiciel: Mozilla Firefox 39.0 (x86 en-US) - (.Mozilla.) [HKCU][64Bits] -- Mozilla Firefox 39.0 (x86 en-US) ---\\ HKCU & HKLM Software Keys (146) - 7s HKLM\SOFTWARE\Wow6432Node\723f59e5-e8dc-54ad-6f40-64c94f1f8016 =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\ASIO HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\ATI Technologies HKLM\SOFTWARE\Wow6432Node\AviSynth HKLM\SOFTWARE\Wow6432Node\Blizzard Entertainment HKLM\SOFTWARE\Wow6432Node\bohemia interactive HKLM\SOFTWARE\Wow6432Node\Boxore =>PUP.Optional.Boxore HKLM\SOFTWARE\Wow6432Node\CD Projekt RED HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\Disc Soft HKLM\SOFTWARE\Wow6432Node\ea games HKLM\SOFTWARE\Wow6432Node\electronic arts HKLM\SOFTWARE\Wow6432Node\FastSearch =>PUP.Optional.FastSearch HKLM\SOFTWARE\Wow6432Node\Foxit Software HKLM\SOFTWARE\Wow6432Node\Gameforge HKLM\SOFTWARE\Wow6432Node\Gameforge4d HKLM\SOFTWARE\Wow6432Node\GAMESDESKTOP =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\GOG.com HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Hi-Rez Studios HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\HiRez Studios HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Metin2_FR HKLM\SOFTWARE\Wow6432Node\MimarSinan HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\MSI HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\Native Instruments HKLM\SOFTWARE\Wow6432Node\NetworkGenie HKLM\SOFTWARE\Wow6432Node\Nostale_FR HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OpenAL HKLM\SOFTWARE\Wow6432Node\ORBTR =>PUP.Optional.Conduit HKLM\SOFTWARE\Wow6432Node\Overwolf HKLM\SOFTWARE\Wow6432Node\PowerPivot HKLM\SOFTWARE\Wow6432Node\qBittorrent HKLM\SOFTWARE\Wow6432Node\re-logic HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Runes of Magic HKLM\SOFTWARE\Wow6432Node\Screaming Bee HKLM\SOFTWARE\Wow6432Node\SoftEther Project HKLM\SOFTWARE\Wow6432Node\Software HKLM\SOFTWARE\Wow6432Node\SpaceSondPro =>PUP.Optional.SpaceSondPro HKLM\SOFTWARE\Wow6432Node\TeamViewer HKLM\SOFTWARE\Wow6432Node\TERA HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.19 =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Zemi Interactive HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Acrok Software HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\ATI HKCU\SOFTWARE\Blizzard Entertainment HKCU\SOFTWARE\Bohemia Interactive HKCU\SOFTWARE\Boxore =>PUP.Optional.Boxore HKCU\SOFTWARE\CD Projekt RED HKCU\SOFTWARE\ChilliTorrent HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Clubic HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser HKCU\SOFTWARE\Cryptic HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\EA Games HKCU\SOFTWARE\Epic Games HKCU\SOFTWARE\epsxe HKCU\SOFTWARE\Foxit Software HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\Gameforge4d HKCU\SOFTWARE\GameRanger HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\HQ.Video_f4V19.07-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Humyo HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Imagination Technologies HKCU\SOFTWARE\Intel HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MAIET Entertainment HKCU\SOFTWARE\Michael Herf HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Native Instruments HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Norton HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Perfect World Platform Client HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\RapidMediaConverterApp =>PUP.Optional.RapidMediaConverter HKCU\SOFTWARE\Raptr HKCU\SOFTWARE\Razer HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Red Hook Studios HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\SoftEther Project HKCU\SOFTWARE\Software HKCU\SOFTWARE\TeamViewer HKCU\SOFTWARE\TeleCharger HKCU\SOFTWARE\Terraria HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\Unity HKCU\SOFTWARE\Valve HKCU\SOFTWARE\Vision Thing HKCU\SOFTWARE\WebApp HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) (246) - 4s O43 - CFD: 2015/07/20 17:50:16 - [] D -- C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452 =>PUP.Optional.CrossRider O43 - CFD: 2015/07/20 17:53:28 - [] D -- C:\Program Files (x86)\00000000-1437407608-0000-0000-D43D7EDCD452 =>PUP.Optional.CrossRider O43 - CFD: 2015/07/20 17:57:03 - [] D -- C:\Program Files (x86)\00000000-1437407823-0000-0000-D43D7EDCD452 =>PUP.Optional.CrossRider O43 - CFD: 2015/07/16 16:18:32 - [0] D -- C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 2015/03/17 01:04:11 - [] D -- C:\Program Files (x86)\AMD O43 - CFD: 2015/03/17 01:04:22 - [] D -- C:\Program Files (x86)\AMD AVT O43 - CFD: 2015/07/20 18:30:34 - [0] D -- C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect O43 - CFD: 2015/07/20 17:56:26 - [0] D -- C:\Program Files (x86)\Boxore =>PUP.Optional.Boxore O43 - CFD: 2015/07/20 17:57:31 - [] D -- C:\Program Files (x86)\ChilliTorrent O43 - CFD: 2015/06/13 21:19:14 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2015/07/20 18:21:19 - [] D -- C:\Program Files (x86)\Crossbrowse =>PUP.Optional.CrossBrowse O43 - CFD: 2015/07/20 18:29:59 - [] D -- C:\Program Files (x86)\FastSearch =>PUP.Optional.FastSearch O43 - CFD: 2015/05/20 23:23:00 - [] D -- C:\Program Files (x86)\Foxit Software O43 - CFD: 2015/07/20 17:52:14 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2015/07/20 18:21:52 - [] D -- C:\Program Files (x86)\gmsd_fr_005010035 =>PUP.Optional.CrossRider O43 - CFD: 2015/06/13 21:20:09 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 2015/07/20 17:53:06 - [] D -- C:\Program Files (x86)\GUPlayer =>PUP.Optional.GUPlayer O43 - CFD: 2015/06/15 11:18:37 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2015/06/11 12:27:07 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 2015/07/15 14:10:37 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2015/07/20 18:22:01 - [] D -- C:\Program Files (x86)\Linkclump O43 - CFD: 2015/05/26 11:30:03 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 2015/05/26 11:30:01 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2015/05/26 11:32:43 - [] D -- C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 2015/06/11 12:27:01 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 2015/06/11 12:27:01 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 2015/06/30 23:52:40 - [] D -- C:\Program Files (x86)\Microsoft XNA O43 - CFD: 2015/05/27 12:48:50 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2015/05/29 12:14:38 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2015/06/03 15:08:27 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 2015/03/19 00:01:22 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2015/05/07 09:37:29 - [] D -- C:\Program Files (x86)\MSECache O43 - CFD: 2015/06/11 12:08:36 - [] D -- C:\Program Files (x86)\MSI O43 - CFD: 2015/07/16 16:18:32 - [] D -- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 2015/05/03 02:27:01 - [] D -- C:\Program Files (x86)\OpenAL O43 - CFD: 2015/07/20 17:56:40 - [0] D -- C:\Program Files (x86)\predm =>PUP.Optional.Downware O43 - CFD: 2015/07/20 18:21:49 - [] D -- C:\Program Files (x86)\PriceLesas =>PUP.Optional.Multiplug O43 - CFD: 2015/05/19 22:48:25 - [] D -- C:\Program Files (x86)\Raptr O43 - CFD: 2015/06/11 12:24:57 - [] D -- C:\Program Files (x86)\Realtek O43 - CFD: 2015/03/19 00:01:22 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2015/04/26 23:12:38 - [] D -- C:\Program Files (x86)\Screaming Bee O43 - CFD: 2015/06/09 23:52:09 - [] D -- C:\Program Files (x86)\Setup Files O43 - CFD: 2015/07/20 17:57:14 - [] D -- C:\Program Files (x86)\Software O43 - CFD: 2015/07/20 18:22:35 - [] D -- C:\Program Files (x86)\SystemContinue =>PUP.Optional.Graftor O43 - CFD: 2015/06/15 11:16:16 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 2015/03/20 19:49:55 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 2014/11/21 02:01:00 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2014/11/21 02:01:00 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2014/11/21 02:01:00 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 2013/08/22 17:36:30 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2014/11/21 02:01:00 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2014/11/21 02:01:00 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2013/08/22 17:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2013/08/22 17:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 2015/07/20 18:22:04 - [] D -- C:\Program Files (x86)\youtubeadblocker =>PUP.Optional.YouTubeAdBlock O43 - CFD: 2014/11/21 02:01:18 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2015/03/19 13:15:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/06/10 22:51:24 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/04/17 21:13:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKAI PROFESSIONAL O43 - CFD: 2015/03/17 01:04:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center O43 - CFD: 2015/03/17 19:59:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net O43 - CFD: 2015/06/07 12:57:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 2015/07/20 17:52:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChilliTorrent O43 - CFD: 2015/07/20 18:21:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.Optional.CrossBrowse O43 - CFD: 2015/03/27 14:35:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite O43 - CFD: 2015/05/20 23:23:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader O43 - CFD: 2015/06/29 17:58:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FTL Faster Than Light O43 - CFD: 2015/06/04 20:04:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live O43 - CFD: 2015/07/20 18:21:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP =>PUP.Optional.GamesDesktop O43 - CFD: 2015/05/20 22:06:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com O43 - CFD: 2015/03/17 20:01:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone O43 - CFD: 2015/04/23 22:35:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm O43 - CFD: 2015/06/29 11:56:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios O43 - CFD: 2015/03/18 17:04:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 2015/03/18 14:32:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico O43 - CFD: 2015/07/16 10:40:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com O43 - CFD: 2013/08/22 17:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/07/19 10:02:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 O43 - CFD: 2015/06/11 12:25:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI O43 - CFD: 2015/06/11 12:27:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Intel Extreme Tuning Utility O43 - CFD: 2015/03/27 14:26:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments O43 - CFD: 2015/04/04 13:46:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ori and the Blind Forest O43 - CFD: 2015/07/20 17:49:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip =>PUP.Optional.PepperZip O43 - CFD: 2015/06/03 01:37:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent O43 - CFD: 2015/06/04 18:57:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst O43 - CFD: 2015/06/11 20:24:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RomStation O43 - CFD: 2015/04/26 23:00:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee O43 - CFD: 2015/07/01 11:50:56 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 2015/03/18 14:36:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam O43 - CFD: 2014/11/21 02:01:18 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2014/11/20 21:09:19 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2015/03/17 00:46:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client O43 - CFD: 2015/06/11 12:28:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro SafeSync O43 - CFD: 2015/03/19 12:58:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 2015/04/24 16:26:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2015/07/20 18:22:06 - [] D -- C:\ProgramData\2833599040638085186 O43 - CFD: 2015/03/17 01:04:22 - [] D -- C:\ProgramData\AMD O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2015/03/17 19:17:28 - [] D -- C:\ProgramData\ATI O43 - CFD: 2015/04/15 21:27:12 - [] D -- C:\ProgramData\Baidu O43 - CFD: 2015/03/17 19:56:40 - [] D -- C:\ProgramData\Battle.net O43 - CFD: 2015/04/23 23:01:13 - [] D -- C:\ProgramData\Blizzard Entertainment O43 - CFD: 2015/04/22 22:13:51 - [] D -- C:\ProgramData\Bohemia Interactive O43 - CFD: 2015/03/17 00:08:40 - [0] SHD -- C:\ProgramData\Bureau O43 - CFD: 2015/05/03 02:27:20 - [] D -- C:\ProgramData\Codemasters O43 - CFD: 2015/03/23 16:34:41 - [] D -- C:\ProgramData\CODEX O43 - CFD: 2015/03/27 14:09:23 - [0] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 2015/03/27 14:17:38 - [0] D -- C:\ProgramData\DAEMON Tools Ult O43 - CFD: 2015/03/27 14:17:39 - [] D -- C:\ProgramData\DAEMON Tools Ultra O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2015/05/08 20:07:51 - [] D -- C:\ProgramData\Hi-Rez Studios O43 - CFD: 2015/06/11 18:26:40 - [] D -- C:\ProgramData\Intel O43 - CFD: 2015/05/28 00:00:45 - [] D -- C:\ProgramData\LogMeIn O43 - CFD: 2015/07/16 10:40:32 - [] D -- C:\ProgramData\ma-config.com O43 - CFD: 2015/03/17 00:08:40 - [0] SHD -- C:\ProgramData\Menu Démarrer O43 - CFD: 2015/06/14 16:37:23 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2015/07/19 10:02:47 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2015/05/26 11:23:52 - [] D -- C:\ProgramData\Microsoft Toolkit O43 - CFD: 2015/03/17 00:08:40 - [0] SHD -- C:\ProgramData\Modèles O43 - CFD: 2015/03/17 00:40:44 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 2015/03/27 14:24:51 - [] D -- C:\ProgramData\Native Instruments O43 - CFD: 2015/06/11 17:51:34 - [] D -- C:\ProgramData\Norton O43 - CFD: 2015/06/11 12:27:58 - [] D -- C:\ProgramData\NortonInstaller O43 - CFD: 2015/06/11 12:27:00 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 2015/05/26 11:32:37 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 2015/04/26 23:08:00 - [] D -- C:\ProgramData\Screaming Bee O43 - CFD: 2015/04/02 17:18:57 - [] D -- C:\ProgramData\Solidshield O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2015/06/04 18:57:38 - [] D -- C:\ProgramData\Steam O43 - CFD: 2015/04/17 21:09:34 - [] D -- C:\ProgramData\Steinberg O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2015/07/20 17:53:36 - [] HD -- C:\ProgramData\tnr O43 - CFD: 2015/06/11 12:28:49 - [] D -- C:\ProgramData\Trend Micro O43 - CFD: 2015/03/17 00:39:20 - [] D -- C:\ProgramData\{29EAC129-7968-10AF-C8EE-602D186CB3A3} O43 - CFD: 2015/03/27 14:24:51 - [] HDC -- C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704} O43 - CFD: 2015/03/27 14:24:58 - [] HDC -- C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325} O43 - CFD: 2015/03/27 14:24:42 - [] HDC -- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14} O43 - CFD: 2015/07/20 18:21:23 - [] D -- C:\ProgramData\{ab046494-0518-7dd6-ab04-464940519250} O43 - CFD: 2015/03/27 14:26:02 - [] HDC -- C:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D} O43 - CFD: 2015/03/27 14:26:42 - [] HDC -- C:\ProgramData\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418} O43 - CFD: 2015/03/27 14:25:56 - [] HDC -- C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9} O43 - CFD: 2015/03/17 01:04:22 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 2015/03/27 14:26:06 - [] D -- C:\Program Files (x86)\Common Files\Avid O43 - CFD: 2015/07/05 11:57:22 - [] D -- C:\Program Files (x86)\Common Files\BattlEye O43 - CFD: 2015/03/17 20:01:56 - [0] D -- C:\Program Files (x86)\Common Files\Blizzard Entertainment O43 - CFD: 2015/03/27 14:26:06 - [] D -- C:\Program Files (x86)\Common Files\Digidesign O43 - CFD: 2015/06/13 21:19:14 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 2015/06/30 23:52:40 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 2015/03/17 01:49:00 - [] D -- C:\Program Files (x86)\Common Files\PostureAgent O43 - CFD: 2013/08/22 17:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2015/06/07 20:35:32 - [] D -- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 2014/11/21 02:01:00 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2015/06/17 22:52:27 - [] D -- C:\Users\rémi\AppData\Roaming\.dvdcss O43 - CFD: 2015/06/17 22:49:53 - [] D -- C:\Users\rémi\AppData\Roaming\Acrok O43 - CFD: 2015/03/17 00:21:17 - [] D -- C:\Users\rémi\AppData\Roaming\Adobe O43 - CFD: 2015/03/17 19:59:57 - [] D -- C:\Users\rémi\AppData\Roaming\AMD O43 - CFD: 2015/07/20 18:23:33 - [] SHD -- C:\Users\rémi\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect O43 - CFD: 2015/03/17 19:17:28 - [] D -- C:\Users\rémi\AppData\Roaming\ATI O43 - CFD: 2015/06/12 20:54:18 - [] D -- C:\Users\rémi\AppData\Roaming\Audacity O43 - CFD: 2015/05/08 20:08:13 - [0] D -- C:\Users\rémi\AppData\Roaming\Awesomium O43 - CFD: 2015/04/23 22:28:03 - [] D -- C:\Users\rémi\AppData\Roaming\Battle.net O43 - CFD: 2015/03/19 00:03:26 - [] D -- C:\Users\rémi\AppData\Roaming\Curse Advertising O43 - CFD: 2015/03/27 14:17:38 - [0] D -- C:\Users\rémi\AppData\Roaming\DAEMON Tools Ult O43 - CFD: 2015/03/27 14:20:08 - [] D -- C:\Users\rémi\AppData\Roaming\DAEMON Tools Ultra O43 - CFD: 2015/06/17 22:45:03 - [] D -- C:\Users\rémi\AppData\Roaming\dvdcss O43 - CFD: 2015/04/24 16:18:21 - [] D -- C:\Users\rémi\AppData\Roaming\GameRanger O43 - CFD: 2015/07/20 18:29:25 - [] D -- C:\Users\rémi\AppData\Roaming\Identities O43 - CFD: 2015/03/17 01:05:07 - [] D -- C:\Users\rémi\AppData\Roaming\library_dir O43 - CFD: 2015/03/17 00:26:55 - [] D -- C:\Users\rémi\AppData\Roaming\Macromedia O43 - CFD: 2015/06/24 15:01:23 - [] SD -- C:\Users\rémi\AppData\Roaming\Microsoft O43 - CFD: 2015/06/04 18:57:38 - [] D -- C:\Users\rémi\AppData\Roaming\MK10 O43 - CFD: 2015/03/17 00:40:55 - [] D -- C:\Users\rémi\AppData\Roaming\Mozilla O43 - CFD: 2015/07/20 18:28:57 - [0] D -- C:\Users\rémi\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch O43 - CFD: 2015/06/03 01:37:50 - [] D -- C:\Users\rémi\AppData\Roaming\qBittorrent O43 - CFD: 2015/05/19 22:48:25 - [] D -- C:\Users\rémi\AppData\Roaming\Raptr O43 - CFD: 2015/04/26 23:14:42 - [] D -- C:\Users\rémi\AppData\Roaming\Screaming Bee O43 - CFD: 2015/07/04 22:32:20 - [] D -- C:\Users\rémi\AppData\Roaming\Shooter O43 - CFD: 2015/04/04 13:47:48 - [] D -- C:\Users\rémi\AppData\Roaming\Steam O43 - CFD: 2015/04/17 21:09:34 - [] D -- C:\Users\rémi\AppData\Roaming\Steinberg O43 - CFD: 2015/06/07 12:59:20 - [] D -- C:\Users\rémi\AppData\Roaming\TeamViewer O43 - CFD: 2015/05/09 15:05:23 - [] D -- C:\Users\rémi\AppData\Roaming\TERA O43 - CFD: 2015/03/18 14:20:44 - [] D -- C:\Users\rémi\AppData\Roaming\uTorrent O43 - CFD: 2015/07/20 01:51:58 - [] D -- C:\Users\rémi\AppData\Roaming\vlc O43 - CFD: 2015/04/17 21:09:34 - [0] D -- C:\Users\rémi\AppData\Roaming\VST3 Presets O43 - CFD: 2015/04/24 16:26:58 - [] D -- C:\Users\rémi\AppData\Roaming\WinRAR O43 - CFD: 2015/07/20 18:33:05 - [] D -- C:\Users\rémi\AppData\Roaming\ZHP O43 - CFD: 2015/07/20 17:55:51 - [] D -- C:\Users\rémi\AppData\Local\00000000-1437414631-0000-0000-D43D7EDCD452 O43 - CFD: 2015/04/01 00:39:04 - [] HD -- C:\Users\rémi\AppData\Local\3069b6b139d4597a O43 - CFD: 2015/06/19 10:28:31 - [0] D -- C:\Users\rémi\AppData\Local\Adobe O43 - CFD: 2015/03/17 00:21:01 - [0] SHD -- C:\Users\rémi\AppData\Local\Application Data O43 - CFD: 2015/03/19 00:01:44 - [] D -- C:\Users\rémi\AppData\Local\Apps O43 - CFD: 2015/05/06 19:00:35 - [] D -- C:\Users\rémi\AppData\Local\Arma 3 O43 - CFD: 2015/05/06 18:59:45 - [] D -- C:\Users\rémi\AppData\Local\Arma 3 Launcher O43 - CFD: 2015/03/17 19:17:28 - [] D -- C:\Users\rémi\AppData\Local\ATI O43 - CFD: 2015/07/20 14:52:45 - [] D -- C:\Users\rémi\AppData\Local\Battle.net O43 - CFD: 2015/03/18 14:42:59 - [] D -- C:\Users\rémi\AppData\Local\Blizzard O43 - CFD: 2015/03/17 19:59:57 - [] D -- C:\Users\rémi\AppData\Local\Blizzard Entertainment O43 - CFD: 2015/04/20 20:09:38 - [] D -- C:\Users\rémi\AppData\Local\Bohemia_Interactive O43 - CFD: 2015/07/20 17:52:10 - [] D -- C:\Users\rémi\AppData\Local\Boxore =>PUP.Optional.Boxore O43 - CFD: 2015/07/20 18:23:23 - [] D -- C:\Users\rémi\AppData\Local\CrashDumps O43 - CFD: 2015/07/20 18:29:40 - [] D -- C:\Users\rémi\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse O43 - CFD: 2015/04/05 23:32:43 - [] D -- C:\Users\rémi\AppData\Local\DayZ O43 - CFD: 2015/07/20 17:51:10 - [0] D -- C:\Users\rémi\AppData\Local\Deployment O43 - CFD: 2015/07/06 13:03:10 - [] D -- C:\Users\rémi\AppData\Local\Diagnostics O43 - CFD: 2015/03/27 14:19:24 - [] D -- C:\Users\rémi\AppData\Local\Disc_Soft_Ltd O43 - CFD: 2015/04/02 17:19:19 - [] D -- C:\Users\rémi\AppData\Local\EA Games O43 - CFD: 2015/07/13 12:26:07 - [0] D -- C:\Users\rémi\AppData\Local\ElevatedDiagnostics O43 - CFD: 2015/06/11 17:50:36 - [0] SHD -- C:\Users\rémi\AppData\Local\EmieBrowserModeList O43 - CFD: 2015/06/11 17:50:36 - [0] SHD -- C:\Users\rémi\AppData\Local\EmieSiteList O43 - CFD: 2015/06/11 17:50:36 - [0] SHD -- C:\Users\rémi\AppData\Local\EmieUserList O43 - CFD: 2015/06/15 11:33:34 - [] D -- C:\Users\rémi\AppData\Local\FluxSoftware O43 - CFD: 2015/05/11 20:49:20 - [] D -- C:\Users\rémi\AppData\Local\Gameforge4d O43 - CFD: 2015/07/20 17:52:14 - [] D -- C:\Users\rémi\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2015/07/20 18:32:26 - [] D -- C:\Users\rémi\AppData\Local\gmsd_fr_005010035 =>PUP.Optional.CrossRider O43 - CFD: 2015/06/11 17:50:55 - [] D -- C:\Users\rémi\AppData\Local\Google O43 - CFD: 2015/06/01 13:11:10 - [] D -- C:\Users\rémi\AppData\Local\GWX O43 - CFD: 2015/03/17 00:21:01 - [0] SHD -- C:\Users\rémi\AppData\Local\Historique O43 - CFD: 2015/03/18 13:40:52 - [] D -- C:\Users\rémi\AppData\Local\Intel_Corporation O43 - CFD: 2015/05/28 00:00:45 - [] D -- C:\Users\rémi\AppData\Local\LogMeIn O43 - CFD: 2015/03/17 02:06:31 - [] D -- C:\Users\rémi\AppData\Local\Macromedia O43 - CFD: 2015/07/20 18:29:25 - [] D -- C:\Users\rémi\AppData\Local\Microsoft O43 - CFD: 2015/05/26 11:08:58 - [0] D -- C:\Users\rémi\AppData\Local\Microsoft Help O43 - CFD: 2015/03/17 00:40:55 - [] D -- C:\Users\rémi\AppData\Local\Mozilla O43 - CFD: 2015/03/23 21:26:47 - [] D -- C:\Users\rémi\AppData\Local\mslug3 O43 - CFD: 2015/03/27 14:28:38 - [] D -- C:\Users\rémi\AppData\Local\Native Instruments O43 - CFD: 2015/04/19 22:17:49 - [] D -- C:\Users\rémi\AppData\Local\Ori and the Blind Forest O43 - CFD: 2015/07/15 10:34:53 - [] D -- C:\Users\rémi\AppData\Local\Packages O43 - CFD: 2015/03/18 14:31:24 - [] D -- C:\Users\rémi\AppData\Local\Programs O43 - CFD: 2015/03/18 14:28:13 - [] D -- C:\Users\rémi\AppData\Local\qBittorrent O43 - CFD: 2015/07/20 18:24:01 - [] D -- C:\Users\rémi\AppData\Local\SmartWeb =>PUP.Optional.SmartWebSearch O43 - CFD: 2015/03/18 14:39:23 - [] D -- C:\Users\rémi\AppData\Local\Steam O43 - CFD: 2015/07/20 18:32:59 - [] D -- C:\Users\rémi\AppData\Local\Temp O43 - CFD: 2015/03/17 00:21:01 - [0] SHD -- C:\Users\rémi\AppData\Local\Temporary Internet Files O43 - CFD: 2015/05/20 23:23:18 - [] D -- C:\Users\rémi\AppData\Local\The Witcher 2 O43 - CFD: 2015/03/17 00:21:17 - [0] D -- C:\Users\rémi\AppData\Local\VirtualStore O43 - CFD: 2014/11/21 02:01:18 - [] RD -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2014/11/21 02:01:18 - [] RD -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/07/20 18:29:26 - [] RD -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/06/15 11:33:36 - [] D -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux O43 - CFD: 2015/04/15 21:26:36 - [] D -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 2013/08/22 17:36:32 - [] D -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/07/20 18:29:26 - [] RD -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2014/11/21 02:01:20 - [] RD -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2015/07/20 17:49:51 - [] D -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>PUP.Optional.Downware O43 - CFD: 2015/04/24 16:26:13 - [] D -- C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (42) - 10s O45 - LFCP:[MD5.DCA9EE8653A1DDC772B304B52D189656] 2015/07/20 18:24:09 A -- C:\Windows\Prefetch\ANYPROTECT.EXE-3685BDD1.pf =>PUP.Optional.AnyProtect O45 - LFCP:[MD5.1D63A7BE413EB861E2769461F6805313] 2015/07/20 17:56:08 A -- C:\Windows\Prefetch\BOXORE.EXE-E57564D6.pf =>PUP.Optional.Boxore O45 - LFCP:[MD5.0FCE7F4D057EF109E776E32E643E1E89] 2015/07/20 17:52:08 A -- C:\Windows\Prefetch\BOXORE_20_05--00719836.EXE-FA0AF290.pf =>PUP.Optional.Boxore O45 - LFCP:[MD5.B5AE82FD7990B7F316FD3B04BC85B43B] 2015/07/20 17:53:22 A -- C:\Windows\Prefetch\BREAKINGNEWSALERTUNINSTALL.EX-7D81AC1E.pf =>PUP.Optional.BreakingNewsAlert O45 - LFCP:[MD5.EFFBC5940D6B0A9FD2DAC6837418F7CA] 2015/07/20 18:30:41 A -- C:\Windows\Prefetch\CROSSBROWSE.EXE-9D619136.pf =>PUP.Optional.CrossBrowse O45 - LFCP:[MD5.D0B912B977388D6427EA1391EA6AA3DB] 2015/07/20 17:54:04 A -- C:\Windows\Prefetch\FASTSEARCH_4435.EXE-B07923C8.pf =>PUP.Optional.FastSearch O45 - LFCP:[MD5.1641118C58E167EF252AD12E31F38804] 2015/07/20 17:49:53 A -- C:\Windows\Prefetch\GAMESDESKTOP3-FRINSTALLER.EXE-AEC2F14E.pf =>PUP.Optional.GamesDesktop O45 - LFCP:[MD5.83E64DBC59B24132563A35A86524BB54] 2015/07/20 17:49:56 A -- C:\Windows\Prefetch\GAMESDESKTOP3-FRINSTALLER.TMP-78AE9638.pf =>PUP.Optional.GamesDesktop O45 - LFCP:[MD5.FDAFC240154D5D308BC6C8A512EEC67C] 2015/07/20 18:31:23 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-AFA6DA21.pf =>PUP.Optional.GlobalUpdate O45 - LFCP:[MD5.631795BF477550776F4C61854D7C2012] 2015/07/20 17:52:16 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-BB7E3858.pf =>PUP.Optional.GlobalUpdate O45 - LFCP:[MD5.4EF512C298EED5338CD75EFA237361CA] 2015/07/20 18:31:24 A -- C:\Windows\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-3B319581.pf =>PUP.Optional.GlobalUpdate O45 - LFCP:[MD5.63A8EF01FD82B4AB385AA44B18EF5A41] 2015/07/20 17:50:08 A -- C:\Windows\Prefetch\GMSD_FR_002030035.EXE-4B4F6A7A.pf =>PUP.Optional.CrossRider O45 - LFCP:[MD5.9AE7DBA8BBC6C7C98858A274AA97FBB0] 2015/07/20 18:22:02 A -- C:\Windows\Prefetch\GMSD_FR_005010035.EXE-87139394.pf =>PUP.Optional.CrossRider O45 - LFCP:[MD5.77B79BCF09BF056D7AC416685FA394A0] 2015/07/20 17:53:08 A -- C:\Windows\Prefetch\GUPLAYERUNINSTALLER.EXE-D2C46FED.pf =>PUP.Optional.GUPlayer O45 - LFCP:[MD5.D2D6900C7E3E4B925CFFD606310A4326] 2015/07/20 17:49:46 A -- C:\Windows\Prefetch\MYSTARTSEARCHSLBNEW_1607--37F-FD2AA2E2.pf =>PUP.Optional.StartSearch O45 - LFCP:[MD5.5BDC96E9576259EADFEC2B2090568CE8] 2015/07/20 17:56:41 A -- C:\Windows\Prefetch\PACKAGE_ANYSEND_INSTALLER_MUL-DBAECBE1.pf =>PUP.Optional.ASPackage O45 - LFCP:[MD5.E1C6E53B0852F9A7008147EC8E31AAC6] 2015/07/20 17:56:41 A -- C:\Windows\Prefetch\PACKAGE_ANYSEND_INSTALLER_MUL-E98B5D59.pf =>PUP.Optional.ASPackage O45 - LFCP:[MD5.C532DA62349581A73335A2D83737C453] 2015/07/20 17:54:54 A -- C:\Windows\Prefetch\PREDM.EXE-4AB9A264.pf =>PUP.Optional.Downware O45 - LFCP:[MD5.E240ACA3037081C0BC87FD2615D8EA39] 2015/07/20 17:54:54 A -- C:\Windows\Prefetch\PREDM.TMP-916E1382.pf =>PUP.Optional.Downware O45 - LFCP:[MD5.D7FEB4DB31CC7992B3E4182618DDF512] 2015/07/20 17:56:13 A -- C:\Windows\Prefetch\PRODUCTDEALS.BROWSERADAPTER.E-46D558B2.pf =>PUP.Optional.ProductDeals O45 - LFCP:[MD5.BB8F89A85ADB692F6FFB539F6238C428] 2015/07/20 17:56:13 A -- C:\Windows\Prefetch\PRODUCTDEALS.BROWSERADAPTER64-9E21E074.pf =>PUP.Optional.ProductDeals O45 - LFCP:[MD5.64A2627A3B6AF304893A29F7DF0A4B32] 2015/07/20 17:56:10 A -- C:\Windows\Prefetch\PRODUCTDEALS.EXPEXT.EXE-6559BD7F.pf =>PUP.Optional.ProductDeals O45 - LFCP:[MD5.0ABEE03934A1FF70A5D7F87A68CF9448] 2015/07/20 17:56:12 A -- C:\Windows\Prefetch\PRODUCTDEALS.PURBROWSE64.EXE-01C4BE40.pf =>PUP.Optional.ProductDeals O45 - LFCP:[MD5.05B6AE39BF38C8F9429F3117200C40EC] 2015/07/20 18:18:38 A -- C:\Windows\Prefetch\PRODUCTDEALSUNINSTALL.EXE-24BB9B3C.pf =>PUP.Optional.ProductDeals O45 - LFCP:[MD5.A52E38B8867A1AD302A068D00459EAFD] 2015/07/20 17:54:26 A -- C:\Windows\Prefetch\PRODUCTDEALS_SETUP.EXE-69771679.pf =>PUP.Optional.ProductDeals O45 - LFCP:[MD5.0982ED3196F597C5A16CD7C590C19649] 2015/07/20 17:54:33 A -- C:\Windows\Prefetch\RAPIDMEDIACONVERTERAPP.EXE-B395E573.pf =>PUP.Optional.RapidMediaConverter O45 - LFCP:[MD5.CA6C9720EA439983D57ECD3AC82AB55B] 2015/07/20 18:19:06 A -- C:\Windows\Prefetch\RAPIDMEDIACONVERTERAPPUNINSTA-1C75427D.pf =>PUP.Optional.RapidMediaConverter O45 - LFCP:[MD5.D9EF3AAFD5BADCC30144738BE616FD59] 2015/07/20 17:54:23 A -- C:\Windows\Prefetch\RAPIDMEDIACONVERTERSETUP.EXE-E77FB521.pf =>PUP.Optional.RapidMediaConverter O45 - LFCP:[MD5.CFF7EA9243CDD6662DB09856816D7811] 2015/07/20 18:21:24 A -- C:\Windows\Prefetch\SMARTWEBAPP.EXE-7F2538DC.pf =>PUP.Optional.SmartWebSearch O45 - LFCP:[MD5.9CDEFF906D1A884BC4433CD9429699A7] 2015/07/20 18:21:22 A -- C:\Windows\Prefetch\SMARTWEBHELPER.EXE-185E2097.pf =>PUP.Optional.SmartWebSearch O45 - LFCP:[MD5.9F4F46915F2A8B23EE15DF984D30022D] 2015/07/20 17:49:49 A -- C:\Windows\Prefetch\SPACESONDPRO_1507--EF1356E6.E-0268D3C9.pf =>PUP.Optional.SpaceSondPro O45 - LFCP:[MD5.865DC6852D953334BA834A00C04348E6] 2015/07/20 18:18:55 A -- C:\Windows\Prefetch\UPDATEPRODUCTDEALS.EXE-5A36FD61.pf =>PUP.Optional.ProductDeals O45 - LFCP:[MD5.C2D85D6CC5E7DDB83157A2985B1D3CBD] 2015/07/20 17:53:09 A -- C:\Windows\Prefetch\UPGMSD_FR_002030035.EXE-3FCC53BA.pf =>PUP.Optional.CrossRider O45 - LFCP:[MD5.116E7639A9DE58055E5D373C84565CCA] 2015/07/20 18:32:35 A -- C:\Windows\Prefetch\UPGMSD_FR_005010035.EXE-26675784.pf =>PUP.Optional.CrossRider O45 - LFCP:[MD5.C1AE7D879DEDEC3F6AB33EB0E0995B50] 2015/07/20 18:18:48 A -- C:\Windows\Prefetch\UTILPRODUCTDEALS.EXE-C2601A59.pf =>PUP.Optional.ProductDeals O45 - LFCP:[MD5.CDAA37A0B6A33337609A8C615E691CF7] 2015/07/20 17:49:43 A -- C:\Windows\Prefetch\WEBBAR_1404--6B0A5844.EXE-BCCCA544.pf =>PUP.Optional.WebBar O45 - LFCP:[MD5.97B6FA909600D1D91002D8676D40BF9C] 2015/07/20 17:49:43 A -- C:\Windows\Prefetch\WEBBAR_1404--6B0A5844.TMP-7530ABD9.pf =>PUP.Optional.WebBar O45 - LFCP:[MD5.A70F4EF4FAD0A66B01C40109066D0118] 2015/07/20 17:54:07 A -- C:\Windows\Prefetch\WORDSHARK.EXE-5DD2A658.pf =>PUP.Optional.WordShark O45 - LFCP:[MD5.A8A708B144BD287A6C59E6C3E5465CAE] 2015/07/20 18:01:55 A -- C:\Windows\Prefetch\WORDSHARKAUTOUPDATECLIENT.EXE-8ACA4933.pf =>PUP.Optional.WordShark O45 - LFCP:[MD5.2D4C1C92F774BA4CA62C362ED6AA89D8] 2015/07/20 18:27:41 A -- C:\Windows\Prefetch\WORDSURFERAUTOUPDATECLIENT.EX-72797FB7.pf =>PUP.Optional.WordSurfer O45 - LFCP:[MD5.30B959C18F7C7FE92552435DF0E50B70] 2015/07/20 17:56:44 A -- C:\Windows\Prefetch\ZOMBIENEWSINSTALL.EXE-21C3F427.pf =>PUP.Optional.ZombieNews O45 - LFCP:[MD5.01B22C9DD3470C4841F7F7F9E09B50FF] 2015/07/20 18:06:58 A -- C:\Windows\Prefetch\ZOMBIENEWSUNINSTALL.EXE-F54BBF9F.pf =>PUP.Optional.ZombieNews ---\\ Liste des pilotes du système (SDL) (O58) (57) - 2s O58 - SDL:2013/08/22 14:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896] O58 - SDL:2012/07/17 10:07:22 A . (.Intel Corporation - Intel(R) Acpi Control Driver.) -- C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880] O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176] O58 - SDL:2013/05/15 18:31:48 A . (.Numark - Numark USB Audio WDM Driver.) -- C:\Windows\System32\drivers\akaieiea.sys [55552] O58 - SDL:2013/05/15 18:31:48 A . (.Numark - Numark WDM MIDI Driver.) -- C:\Windows\System32\drivers\akaieiem.sys [33536] O58 - SDL:2013/05/15 18:31:48 A . (.Ploytec GmbH - Ploytec USB Audio driver.) -- C:\Windows\System32\drivers\akaieieu.sys [466688] O58 - SDL:2014/11/21 04:41:36 A . (.Advanced Micro Devices - AMD ACP Binaries.) -- C:\Windows\System32\drivers\amdacpksd.sys [294600] O58 - SDL:2014/06/21 19:01:44 A . (.Windows (R) Win 7 DDK provider - KSL Kernel-Mode Dll.) -- C:\Windows\System32\drivers\amdacpksl.sys [142848] O58 - SDL:2012/09/23 01:17:24 A . (.Advanced Micro Devices, Inc. - AMD Audio Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmafd.sys [21160] O58 - SDL:2013/08/22 14:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200] O58 - SDL:2013/08/22 14:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] O58 - SDL:2013/08/22 14:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952] O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016] O58 - SDL:2013/06/18 16:45:05 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athwnx.sys [3680256] O58 - SDL:2014/06/21 19:02:02 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdWB6.sys [223232] O58 - SDL:2014/11/21 04:40:00 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [18959360] O58 - SDL:2014/11/21 04:08:54 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [589312] O58 - SDL:2013/08/13 01:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] O58 - SDL:2013/08/22 14:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] O58 - SDL:2015/03/27 14:12:26 A . (.Disc Soft Ltd - DAEMON Tools Virtual SCSI Bus Driver.) -- C:\Windows\System32\drivers\dtscsibus.sys [29696] O58 - SDL:2013/08/22 14:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024] O58 - SDL:2013/09/25 15:40:54 A . (.Focusrite Audio Engineering Limited. - Focusrite USB 2.0 Audio Driver.) -- C:\Windows\System32\drivers\ffusb2audio.sys [127280] O58 - SDL:2015/03/30 15:28:52 AH . (.LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) -- C:\Windows\System32\drivers\Hamdrv.sys [44296] O58 - SDL:2013/08/22 14:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] O58 - SDL:2013/07/30 20:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] O58 - SDL:2013/07/25 21:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] O58 - SDL:2013/08/10 02:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248] O58 - SDL:2013/08/22 14:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] O58 - SDL:2013/08/13 01:01:22 A . (.Intel Corporation - Intel(R) Watchdog Timer Driver (Intel(R) WD.) -- C:\Windows\System32\drivers\ICCWDT.sys [27608] O58 - SDL:2014/05/27 12:21:04 A . (...) -- C:\Windows\System32\drivers\ikbevent.sys [22216] O58 - SDL:2014/05/27 12:21:08 A . (...) -- C:\Windows\System32\drivers\imsevent.sys [22728] O58 - SDL:2014/05/27 12:21:06 A . (...) -- C:\Windows\System32\drivers\INETMON.sys [25800] O58 - SDL:2014/05/27 12:21:08 A . (.Copyright (C) 2011-2012 - Intel(R) Smart Connect Technology Device Dr.) -- C:\Windows\System32\drivers\ISCTD.sys [44744] O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408] O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536] O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760] O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] O58 - SDL:2009/11/18 07:12:00 A . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\Windows\System32\drivers\MBfilt64.sys [32344] O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672] O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] O58 - SDL:2013/08/22 14:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] O58 - SDL:2011/09/14 19:16:12 A . (.NT Kernel Resources - NDISRD helper driver.) -- C:\Windows\System32\drivers\ndisrd.sys [32360] O58 - SDL:2013/08/22 14:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] O58 - SDL:2013/08/22 14:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288] O58 - SDL:2015/01/15 14:42:42 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [881368] O58 - SDL:2015/05/05 19:24:16 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4467928] O58 - SDL:2010/07/01 15:21:50 A . (.Screaming Bee LLC - Screaming Bee Audio Driver.) -- C:\Windows\System32\drivers\ScreamingBAudio64.sys [38992] O58 - SDL:2013/08/22 17:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] O58 - SDL:2015/07/01 11:49:08 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\Windows\System32\drivers\SeLow_x64.sys [48896] O58 - SDL:2013/08/22 14:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] O58 - SDL:2013/08/22 14:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] O58 - SDL:2013/08/22 14:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] O58 - SDL:2014/11/10 13:12:38 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [129312] O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808] O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800] O58 - SDL:2013/08/22 14:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] O58 - SDL:2015/07/20 03:00:10 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys [48784] =>PUP.Optional.LinkiDoo ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (28) - 40s O61 - LFC: 2015/07/20 17:49:47 A . (..) -- C:\Users\rémi\Desktop\File Downloader.exe [6972431] O61 - LFC: 2015/07/20 18:21:12 A . (.SoftBrain Technologies Ltd..) -- C:\Users\rémi\AppData\Local\SmartWeb\__u.exe [172673] =>PUP.Optional.SmartWebSearch O61 - LFC: 2015/07/18 14:02:07 A . (..) -- C:\Users\rémi\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\SqliteWrapper\99fa190c50aa9d06da5fb90ed0d8b8f7\SqliteWrapper.ni.dll [117248] O61 - LFC: 2015/07/18 14:02:07 A . (..) -- C:\Users\rémi\AppData\Local\Packages\Microsoft.BingWeather_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\Microsoft.PerfTrack\10ead687afca927bd7b22ad8d20e1de3\Microsoft.PerfTrack.ni.dll [28160] O61 - LFC: 2015/07/20 18:21:18 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\4e4454ea6d4e491278aca3372a1c2062[1].exe [375463] O61 - LFC: 2015/07/20 18:21:24 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\fswr[1].exe [73744] O61 - LFC: 2015/07/20 18:21:01 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\setup[1].exe [1967696] O61 - LFC: 2015/07/20 18:21:41 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\setup_gmsd_fr[1].exe [5782544] O61 - LFC: 2015/07/20 18:21:06 A . (.SoftBrain Technologies Ltd..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\SmartWebInstaller[1].exe [759544] =>PUP.Optional.SmartWebSearch O61 - LFC: 2015/07/20 18:32:49 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\urlblockindex[1].bin [16] O61 - LFC: 2015/07/20 18:20:58 A . (.Copyright 2013.) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\Validate[1].exe [61981] O61 - LFC: 2015/07/20 18:22:24 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\VuuPC_VO2_8907[1].exe [229097] =>PUP.Optional.VuuPC O61 - LFC: 2015/07/20 18:21:26 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\PBUSTALU\3115[1].exe [426517] O61 - LFC: 2015/07/20 18:21:14 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\PBUSTALU\bxwr[1].exe [70772] O61 - LFC: 2015/07/20 18:21:26 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\PBUSTALU\FriendlyError_s3[1].exe [263680] O61 - LFC: 2015/07/20 18:23:22 A . (.CMI Limited.) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\3DP8M92T\AnyProtectSetup[1].exe [613255] =>PUP.Optional.AnyProtect O61 - LFC: 2015/07/20 18:21:21 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\3DP8M92T\Download[1].exe [227328] O61 - LFC: 2015/07/20 18:22:01 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\3DP8M92T\setup_362[1].exe [254464] O61 - LFC: 2015/07/20 18:21:25 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\3DP8M92T\tiwr[1].exe [64813] O61 - LFC: 2015/07/20 18:23:45 A . (.AnyProtect.com.) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\14WY7F1D\AnyProtect[1].exe [6434816] =>PUP.Optional.AnyProtect O61 - LFC: 2015/07/20 18:22:05 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\14WY7F1D\FinalInstaller_dotnet4[1].exe [3001344] O61 - LFC: 2015/07/20 18:22:20 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\14WY7F1D\policyname[1].exe [57110] O61 - LFC: 2015/07/20 18:20:56 A . (..) -- C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\14WY7F1D\SearchUpdater[1].exe [97243] O61 - LFC: 2015/07/19 11:52:31 A . (..) -- C:\Users\rémi\AppData\Local\gmsd_fr_005010035\upgmsd_fr_005010035.exe [3298448] =>PUP.Optional.CrossRider O61 - LFC: 2015/07/20 18:32:28 A . (..) -- C:\Users\rémi\AppData\Local\gmsd_fr_005010035\Download\myoffergroup_fr.exe [3725856] =>PUP.Optional.CrossRider O61 - LFC: 2015/07/20 18:29:41 A . (..) -- C:\Users\rémi\AppData\Local\ATI\ACE\Manifest.Bin [30042] O61 - LFC: 2015/07/20 17:50:36 A . (..) -- C:\Users\rémi\AppData\Local\00000000-1437414631-0000-0000-D43D7EDCD452\rnspF9F6.exe [396800] O61 - LFC: 2015/07/20 17:50:48 A . (..) -- C:\Users\rémi\AppData\Local\00000000-1437414631-0000-0000-D43D7EDCD452\Uninstall.exe [51000] ---\\ Associations Shell Spawning (O67) (1) - 0s O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe ---\\ Menu de démarrage Internet (SMI) (O68) (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- E:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- E:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- E:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- E:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (7) - 4s O69 - SBI: prefs.js [rémi - kirk93i3.default] user_pref("extensions.crossrider.bic", "14eac338c3e6d6be9da352a926893366"); =>PUP.Optional.CrossRider O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKCU] {A9E167D8-0607-4CC5-A103-8A696EF46031} - (Bing.com) - http://search.conduit.com/ =>PUP.Optional.Conduit O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ ---\\ Enumère les services démarrés par Svchost (SSS) (O83) (36) - 0s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [214528] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [156160] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [156160] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [329216] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1360896] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1084416] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [926208] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll [31744] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [110080] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [151040] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [110592] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1265152] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [230400] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll [71168] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [135168] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [227328] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [339968] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [101376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [348672] O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Wi.) -- C:\Windows\System32\GeofenceMonitorService.dll [522240] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\system32\wlidsvc.dll [1639424] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [59392] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [206848] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\Windows\System32\ncasvc.dll [166400] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [102912] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\Windows\System32\rasmans.dll [542208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [226816] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\sens.dll [73728] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [452608] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [313344] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll [3701760] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [933376] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [640000] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [187904] O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [92992] ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (64) - 8s O87 - FAEL: "{544FB1EE-DBD7-45AD-92C9-D9833FA29E44}" [In-None-P6-TRUE] .(.Blizzard Entertainment - Blizzard File Switcher.) -- E:\Program Files (x86)\Battle.net\Battle.net.exe O87 - FAEL: "{659B33B2-7155-4759-AC01-FD9BA19E22A4}" [In-None-P17-TRUE] .(.Blizzard Entertainment - Blizzard File Switcher.) -- E:\Program Files (x86)\Battle.net\Battle.net.exe O87 - FAEL: "{9BC192BB-C2F2-4CD6-9608-6D99DD22A93F}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Hearthstone\Hearthstone.exe O87 - FAEL: "{7BFB646E-B068-426A-A471-1914AA91527C}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Hearthstone\Hearthstone.exe O87 - FAEL: "{9E328074-3DA4-415A-A6E6-7BC985562843}" [In-None-P6-TRUE] .(. - KMS GUI ELDI.) -- C:\Program Files\KMSpico\KMSELDI.exe =>PUA.KMSpico O87 - FAEL: "{92C59BBF-3A7C-4BDA-B70F-8FF8D39E2510}" [In-None-P17-TRUE] .(. - KMS GUI ELDI.) -- C:\Program Files\KMSpico\KMSELDI.exe =>PUA.KMSpico O87 - FAEL: "{07FAB480-6296-4E9E-932C-8474DDA74866}" [In-None-P6-TRUE] .(. - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico O87 - FAEL: "{5A3B803C-33D7-4B1D-B75E-CA4D7A65F627}" [In-None-P17-TRUE] .(. - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico O87 - FAEL: "{46E2D485-9B01-49FC-A428-C8D82C63E50B}" [In-None-P6-TRUE] .(.Valve Corporation - Steam Client Bootstrapper.) -- E:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{C04967E9-9494-45AA-9BE0-01E79822B55A}" [In-None-P17-TRUE] .(.Valve Corporation - Steam Client Bootstrapper.) -- E:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{AD02F419-4D50-4C92-8035-E172C10CDAD9}" [In-None-P6-TRUE] .(.Valve Corporation - Steam Client WebHelper.) -- E:\Program Files (x86)\Steam\bin\steamwebhelper.exe O87 - FAEL: "{A7429B67-5CC0-4336-9345-6731B0E49FE0}" [In-None-P17-TRUE] .(.Valve Corporation - Steam Client WebHelper.) -- E:\Program Files (x86)\Steam\bin\steamwebhelper.exe O87 - FAEL: "{AAF03A0A-D872-424B-8B0A-AB933DB6CC6E}" [In-None-P6-TRUE] .(. - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico O87 - FAEL: "{43A35937-1E32-47A8-B021-3FFA2A3E14F2}" [In-None-P17-TRUE] .(. - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico O87 - FAEL: "{DEEB046A-4FE7-4AAB-855A-65D34ED152A1}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe O87 - FAEL: "{BCD97843-C2A4-4228-B4EC-64D6795F4001}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe O87 - FAEL: "{D68313CB-5221-4ACF-AA3E-1E959231999B}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe O87 - FAEL: "{EF0CC131-559D-499F-B994-5B5DE8DFD9A0}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe O87 - FAEL: "TCP Query User{BA80FC6A-00E2-4ED1-95F4-F61BA63CFABB}E:\program files (x86)\qbittorrent\qbittorrent.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\qbittorrent\qbittorrent.exe O87 - FAEL: "UDP Query User{41E86D7A-2706-4E2C-BD64-C7B86CC96198}E:\program files (x86)\qbittorrent\qbittorrent.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\qbittorrent\qbittorrent.exe O87 - FAEL: "{F92D7684-1374-4091-AAC0-AB6F600BF4D1}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Metal Slug 3\mslug3.exe O87 - FAEL: "{7E681B28-CF37-4821-8166-CC45BD72C9D8}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\Steam\steamapps\common\Metal Slug 3\mslug3.exe O87 - FAEL: "{AF6B7C42-3E88-48E8-83E6-3AEA3AD45807}" [In-None-P6-TRUE] .(.Firaxis Games - XCOM: Enemy Unknown.) -- E:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe O87 - FAEL: "{EE940332-40C5-4DED-B0E4-B5FAF2468D25}" [In-None-P17-TRUE] .(.Firaxis Games - XCOM: Enemy Unknown.) -- E:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe O87 - FAEL: "TCP Query User{F908C152-15A4-4975-B12F-BB42F40E7CFB}E:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" [In-None-P6-TRUE] .(.Firaxis Games - XCOM: Enemy Within.) -- E:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe O87 - FAEL: "UDP Query User{38A17895-FF5E-43E3-B0B3-C1BF3E1EF767}E:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" [In-None-P17-TRUE] .(.Firaxis Games - XCOM: Enemy Within.) -- E:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe O87 - FAEL: "TCP Query User{C8EB76A2-29F3-49CD-97F5-96DB577442B3}E:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" [In-None-P6-TRUE] .(.Firaxis Games - XCOM: Enemy Within.) -- E:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe O87 - FAEL: "UDP Query User{FBF3B4E6-026D-4268-BE0F-C9F9119B37D6}E:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe" [In-None-P17-TRUE] .(.Firaxis Games - XCOM: Enemy Within.) -- E:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe O87 - FAEL: "{8596CA9E-8888-4FC4-AA97-087F428302A9}" [In-None-P6-TRUE] .(. - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico O87 - FAEL: "{98CD0059-E312-43A6-8972-6A5FC3F955DF}" [In-None-P17-TRUE] .(. - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico O87 - FAEL: "{04E6A07C-E1F8-4804-9047-336D8E117492}" [In-None-P6-TRUE] .(.BattlEye Innovations - BattlEye Launcher.) -- E:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe O87 - FAEL: "{0250DEF5-D259-4751-8716-113B4387EDCF}" [In-None-P17-TRUE] .(.BattlEye Innovations - BattlEye Launcher.) -- E:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe O87 - FAEL: "{94F0DAF8-E69D-4320-9658-E30F15801A3D}" [In-None-P6-TRUE] .(.Electronic Arts Inc. - Dead Space™ 2.) -- E:\Program Files (x86)\Steam\steamapps\common\Dead Space 2\deadspace2.exe O87 - FAEL: "{2AFD3899-3F78-4E10-B982-CFE088700868}" [In-None-P17-TRUE] .(.Electronic Arts Inc. - Dead Space™ 2.) -- E:\Program Files (x86)\Steam\steamapps\common\Dead Space 2\deadspace2.exe O87 - FAEL: "TCP Query User{FF6CD36A-46D4-4105-B235-C3319AEFBA73}E:\program files (x86)\steam\steamapps\common\dayz\dayz.exe" [In-None-P6-TRUE] .(.Bohemia Interactive - DayZ.) -- E:\program files (x86)\steam\steamapps\common\dayz\dayz.exe O87 - FAEL: "UDP Query User{54841A6B-5840-4EA0-B449-51C6E2DBA54D}E:\program files (x86)\steam\steamapps\common\dayz\dayz.exe" [In-None-P17-TRUE] .(.Bohemia Interactive - DayZ.) -- E:\program files (x86)\steam\steamapps\common\dayz\dayz.exe O87 - FAEL: "{410B3B83-29B2-4E34-B596-44111EA85978}" [In-None-P6-TRUE] .(. - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico O87 - FAEL: "{6E982D10-2CF0-45D6-A521-8FE059CE2680}" [In-None-P17-TRUE] .(. - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico O87 - FAEL: "{2E08E093-CF00-4382-89B1-A939FA47C22C}" [In-None-P6-TRUE] .(.Bohemia Interactive - Arma 3 Launcher.) -- E:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe O87 - FAEL: "{8AD1037E-AF8F-4C7B-B4BA-D158AAD6FF3A}" [In-None-P17-TRUE] .(.Bohemia Interactive - Arma 3 Launcher.) -- E:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe O87 - FAEL: "TCP Query User{C030019E-463F-44CE-A85F-980EAF372153}E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe" [In-None-P6-TRUE] .(.Bohemia Interactive - Arma 3.) -- E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe O87 - FAEL: "UDP Query User{1A1B9B58-77EA-4562-858D-828A7D344FF9}E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe" [In-None-P17-TRUE] .(.Bohemia Interactive - Arma 3.) -- E:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe O87 - FAEL: "TCP Query User{AC73AA36-2D55-4B5A-8A44-BDC0AF8258C3}C:\users\rémi\appdata\roaming\gameranger\gameranger\gameranger.exe" [In-None-P6-TRUE] .(.GameRanger Technologies - GameRanger.) -- C:\users\rémi\appdata\roaming\gameranger\gameranger\gameranger.exe O87 - FAEL: "UDP Query User{06B00D11-2781-4BC8-B4B7-BB645DE5D815}C:\users\rémi\appdata\roaming\gameranger\gameranger\gameranger.exe" [In-None-P17-TRUE] .(.GameRanger Technologies - GameRanger.) -- C:\users\rémi\appdata\roaming\gameranger\gameranger\gameranger.exe O87 - FAEL: "TCP Query User{314786A9-6F5A-4ED4-93BF-E2848F7F777D}E:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" [In-None-P6-TRUE] .(.Hirez Studios, Inc. - .) -- E:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe O87 - FAEL: "UDP Query User{ED9E26C5-2826-4E25-8F7B-1C24CD7DCECC}E:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe" [In-None-P17-TRUE] .(.Hirez Studios, Inc. - .) -- E:\program files (x86)\hi-rez studios\hirezgames\smite\binaries\win32\smite.exe O87 - FAEL: "TCP Query User{68407649-D70D-41BA-BD91-902437AF9E7E}E:\program files (x86)\gameforgelive\games\fra_fra\tera\tera-launcher.exe" [In-None-P6-TRUE] .(.Solid State Networks - TERA.) -- E:\program files (x86)\gameforgelive\games\fra_fra\tera\tera-launcher.exe O87 - FAEL: "UDP Query User{9E8D107E-4B31-4C73-AC45-D9E811ECE43C}E:\program files (x86)\gameforgelive\games\fra_fra\tera\tera-launcher.exe" [In-None-P17-TRUE] .(.Solid State Networks - TERA.) -- E:\program files (x86)\gameforgelive\games\fra_fra\tera\tera-launcher.exe O87 - FAEL: "TCP Query User{3567B8C6-D1D1-42D0-B555-B5BF4ADDC08F}E:\program files (x86)\diablo iii\diablo iii.exe" [In-None-P6-TRUE] .(.Blizzard Entertainment - Diablo III Retail.) -- E:\program files (x86)\diablo iii\diablo iii.exe O87 - FAEL: "UDP Query User{2D5A426F-BF67-456A-8567-2ECD0606F754}E:\program files (x86)\diablo iii\diablo iii.exe" [In-None-P17-TRUE] .(.Blizzard Entertainment - Diablo III Retail.) -- E:\program files (x86)\diablo iii\diablo iii.exe O87 - FAEL: "TCP Query User{21FA26B3-C0D3-4CD8-BACD-15FE049DCAD0}E:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe" [In-None-P6-TRUE] .(.Copyright © 2011 CD Projekt Red - Changelist: 1.) -- E:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe O87 - FAEL: "UDP Query User{E6B83E36-637C-4784-8988-C6650F272BF7}E:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe" [In-None-P17-TRUE] .(.Copyright © 2011 CD Projekt Red - Changelist: 1.) -- E:\program files (x86)\gog.com\the witcher 2 enhanced edition\bin\witcher2.exe O87 - FAEL: "{DC5EE3FE-2C5E-4996-9A28-7627AD6B47BA}" [In-None-P6-TRUE] .(.Epic Games, Inc. - .) -- E:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe O87 - FAEL: "{901AD11A-177F-4F15-9FC2-9A1EE8917D82}" [In-None-P17-TRUE] .(.Epic Games, Inc. - .) -- E:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe O87 - FAEL: "{746880D4-EB3A-4B36-B663-6E1AC299BCEC}" [In-None-P6-TRUE] .(.Epic Games, Inc. - .) -- E:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe O87 - FAEL: "{FC2CBD20-82F3-4854-A238-D4E8966E6171}" [In-None-P17-TRUE] .(.Epic Games, Inc. - .) -- E:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe O87 - FAEL: "{8E285A6C-FBDD-4623-B7C7-70EFB1FBBCFA}" [In-None-P6-TRUE] .(.Copyright © 2013 - CDWLauncher.) -- E:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe O87 - FAEL: "{EFC03C52-357B-4EAF-B2ED-AD028A569A6A}" [In-None-P17-TRUE] .(.Copyright © 2013 - CDWLauncher.) -- E:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe O87 - FAEL: "{836CFB23-EDDE-4522-B6BF-E25875B3A531}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\qBittorrent\qbittorrent.exe O87 - FAEL: "{59741AA0-4448-41DC-B849-F7E8B380DB0E}" [In-None-P17-TRUE] .(...) -- E:\Program Files (x86)\qBittorrent\qbittorrent.exe O87 - FAEL: "{1128C4A3-9E04-41F8-B2BE-4B79028E7FEE}" [In-None-P6-TRUE] .(...) -- E:\Program Files (x86)\GameforgeLive\gfl_client.exe O87 - FAEL: "TCP Query User{C036E333-9231-4D29-BE39-6A40B9BE2F9F}E:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" [In-None-P6-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe O87 - FAEL: "UDP Query User{C97E411B-9E40-4F4C-8C43-9BCB9A6EC587}E:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe" [In-None-P17-TRUE] .(...) -- E:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe O87 - FAEL: "{1E36B61C-CB41-4BA8-94B4-43EB6713D32E}" [In-None-P6-TRUE] .(.Re-Logic - Terraria.) -- E:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe ---\\ Recherche de clés de registre Tracing (O100) (8) - 0s HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateProductDeals_RASAPI32 =>PUP.Optional.ProductDeals HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateProductDeals_RASMANCS =>PUP.Optional.ProductDeals HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilProductDeals_RASAPI32 =>PUP.Optional.ProductDeals HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilProductDeals_RASMANCS =>PUP.Optional.ProductDeals HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSharkAutoUpdateClient_RASAPI32 =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSharkAutoUpdateClient_RASMANCS =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSurferAutoUpdateClient_RASAPI32 =>PUP.Optional.WordSurfer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSurferAutoUpdateClient_RASMANCS =>PUP.Optional.WordSurfer ---\\ Scan Additionnel (O88) (162) - 0s C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\knsw6741.tmpfs =>PUP.Optional.CrossRider C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\hnsyABF3.tmp =>PUP.Optional.CrossRider C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452\jnso924F.tmp =>PUP.Optional.CrossRider C:\Users\rémi\AppData\Local\gmsd_fr_005010035\upgmsd_fr_005010035.exe =>PUP.Optional.CrossRider C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.Optional.CrossBrowse C:\Program Files (x86)\gmsd_fr_005010035\gmsd_fr_005010035.exe =>PUP.Optional.CrossRider C:\Program Files (x86)\FastSearch\acengine.exe =>PUP.Optional.FastSearch C:\Users\rémi\AppData\Local\gmsd_fr_005010035\Download\myoffergroup_fr.exe =>PUP.Optional.CrossRider C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate C:\Windows\system32\acengine64.dll =>Hijacker.Winsock HKLM\SYSTEM\CurrentControlSet\Services\acengine =>PUP.Optional.FastSearch HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate =>PUP.Optional.GlobalUpdate C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate HKLM\SYSTEM\CurrentControlSet\Services\puwehevo =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>PUA.KMSpico C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico HKLM\SYSTEM\CurrentControlSet\Services\vicoqudu =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\zejytose =>PUP.Optional.CrossRider C:\Windows\AutoKMS\AutoKMS.exe =>HackTool.AutoKMS C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe =>PUP.Optional.CrossBrowse C:\Program Files (x86)\FastSearch\sab3009.exe =>PUP.Optional.FastSearch C:\Windows\Tasks\APSnotifierPP1.job =>PUP.Optional.AnyProtect C:\Windows\Tasks\APSnotifierPP2.job =>PUP.Optional.AnyProtect C:\Windows\Tasks\APSnotifierPP3.job =>PUP.Optional.AnyProtect C:\Windows\Tasks\Binkiland disa.job =>PUP.Optional.Binkiland C:\Windows\Tasks\Crossbrowse.job =>PUP.Optional.CrossBrowse C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\amiupdaterExd =>PUP.Optional.Dealply C:\Windows\System32\Tasks\amiupdaterExi =>PUP.Optional.Dealply C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.Optional.AnyProtect C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.Optional.AnyProtect C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.Optional.AnyProtect C:\Windows\System32\Tasks\AutoKMS =>HackTool.AutoKMS C:\Windows\System32\Tasks\AutoPico Daily Restart =>PUA.KMSpico C:\Windows\System32\Tasks\Binkiland disa =>PUP.Optional.Binkiland C:\Windows\System32\Tasks\Crossbrowse =>PUP.Optional.CrossBrowse C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\sab3009 =>PUP.Optional.FastSearch HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>PUA.KMSpico HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FastSearch =>PUP.Optional.FastSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_fr_005010035_is1 =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.Optional.Multiplug HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3} =>PUP.Optional.Multiplug HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Boxore =>PUP.Optional.Boxore HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\FastSearch =>PUP.Optional.FastSearch HKLM\SOFTWARE\Wow6432Node\GAMESDESKTOP =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\ORBTR =>PUP.Optional.Conduit HKLM\SOFTWARE\Wow6432Node\SpaceSondPro =>PUP.Optional.SpaceSondPro HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.19 =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\Boxore =>PUP.Optional.Boxore HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\HQ.Video_f4V19.07-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore HKCU\SOFTWARE\RapidMediaConverterApp =>PUP.Optional.RapidMediaConverter HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE =>PUP.Optional.DynConIE C:\Program Files (x86)\00000000-1437407388-0000-0000-D43D7EDCD452 =>PUP.Optional.CrossRider C:\Program Files (x86)\00000000-1437407608-0000-0000-D43D7EDCD452 =>PUP.Optional.CrossRider C:\Program Files (x86)\00000000-1437407823-0000-0000-D43D7EDCD452 =>PUP.Optional.CrossRider C:\Program Files (x86)\AnyProtectEx =>PUP.Optional.AnyProtect C:\Program Files (x86)\Boxore =>PUP.Optional.Boxore C:\Program Files (x86)\Crossbrowse =>PUP.Optional.CrossBrowse C:\Program Files (x86)\FastSearch =>PUP.Optional.FastSearch C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate C:\Program Files (x86)\gmsd_fr_005010035 =>PUP.Optional.CrossRider C:\Program Files (x86)\GUPlayer =>PUP.Optional.GUPlayer C:\Program Files (x86)\predm =>PUP.Optional.Downware C:\Program Files (x86)\PriceLesas =>PUP.Optional.Multiplug C:\Program Files (x86)\SystemContinue =>PUP.Optional.Graftor C:\Program Files (x86)\youtubeadblocker =>PUP.Optional.YouTubeAdBlock C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.Optional.CrossBrowse C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP =>PUP.Optional.GamesDesktop C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip =>PUP.Optional.PepperZip C:\Users\rémi\AppData\Roaming\AnyProtectEx =>PUP.Optional.AnyProtect C:\Users\rémi\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch C:\Users\rémi\AppData\Local\Boxore =>PUP.Optional.Boxore C:\Users\rémi\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse C:\Users\rémi\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate C:\Users\rémi\AppData\Local\gmsd_fr_005010035 =>PUP.Optional.CrossRider C:\Users\rémi\AppData\Local\SmartWeb =>PUP.Optional.SmartWebSearch C:\Users\rémi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>PUP.Optional.Downware C:\Windows\Prefetch\ANYPROTECT.EXE-3685BDD1.pf =>PUP.Optional.AnyProtect C:\Windows\Prefetch\BOXORE.EXE-E57564D6.pf =>PUP.Optional.Boxore C:\Windows\Prefetch\BOXORE_20_05--00719836.EXE-FA0AF290.pf =>PUP.Optional.Boxore C:\Windows\Prefetch\BREAKINGNEWSALERTUNINSTALL.EX-7D81AC1E.pf =>PUP.Optional.BreakingNewsAlert C:\Windows\Prefetch\CROSSBROWSE.EXE-9D619136.pf =>PUP.Optional.CrossBrowse C:\Windows\Prefetch\FASTSEARCH_4435.EXE-B07923C8.pf =>PUP.Optional.FastSearch C:\Windows\Prefetch\GAMESDESKTOP3-FRINSTALLER.EXE-AEC2F14E.pf =>PUP.Optional.GamesDesktop C:\Windows\Prefetch\GAMESDESKTOP3-FRINSTALLER.TMP-78AE9638.pf =>PUP.Optional.GamesDesktop C:\Windows\Prefetch\GLOBALUPDATE.EXE-AFA6DA21.pf =>PUP.Optional.GlobalUpdate C:\Windows\Prefetch\GLOBALUPDATE.EXE-BB7E3858.pf =>PUP.Optional.GlobalUpdate C:\Windows\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-3B319581.pf =>PUP.Optional.GlobalUpdate C:\Windows\Prefetch\GMSD_FR_002030035.EXE-4B4F6A7A.pf =>PUP.Optional.CrossRider C:\Windows\Prefetch\GMSD_FR_005010035.EXE-87139394.pf =>PUP.Optional.CrossRider C:\Windows\Prefetch\GUPLAYERUNINSTALLER.EXE-D2C46FED.pf =>PUP.Optional.GUPlayer C:\Windows\Prefetch\MYSTARTSEARCHSLBNEW_1607--37F-FD2AA2E2.pf =>PUP.Optional.StartSearch C:\Windows\Prefetch\PACKAGE_ANYSEND_INSTALLER_MUL-DBAECBE1.pf =>PUP.Optional.ASPackage C:\Windows\Prefetch\PACKAGE_ANYSEND_INSTALLER_MUL-E98B5D59.pf =>PUP.Optional.ASPackage C:\Windows\Prefetch\PREDM.EXE-4AB9A264.pf =>PUP.Optional.Downware C:\Windows\Prefetch\PREDM.TMP-916E1382.pf =>PUP.Optional.Downware C:\Windows\Prefetch\PRODUCTDEALS.BROWSERADAPTER.E-46D558B2.pf =>PUP.Optional.ProductDeals C:\Windows\Prefetch\PRODUCTDEALS.BROWSERADAPTER64-9E21E074.pf =>PUP.Optional.ProductDeals C:\Windows\Prefetch\PRODUCTDEALS.EXPEXT.EXE-6559BD7F.pf =>PUP.Optional.ProductDeals C:\Windows\Prefetch\PRODUCTDEALS.PURBROWSE64.EXE-01C4BE40.pf =>PUP.Optional.ProductDeals C:\Windows\Prefetch\PRODUCTDEALSUNINSTALL.EXE-24BB9B3C.pf =>PUP.Optional.ProductDeals C:\Windows\Prefetch\PRODUCTDEALS_SETUP.EXE-69771679.pf =>PUP.Optional.ProductDeals C:\Windows\Prefetch\RAPIDMEDIACONVERTERAPP.EXE-B395E573.pf =>PUP.Optional.RapidMediaConverter C:\Windows\Prefetch\RAPIDMEDIACONVERTERAPPUNINSTA-1C75427D.pf =>PUP.Optional.RapidMediaConverter C:\Windows\Prefetch\RAPIDMEDIACONVERTERSETUP.EXE-E77FB521.pf =>PUP.Optional.RapidMediaConverter C:\Windows\Prefetch\SMARTWEBAPP.EXE-7F2538DC.pf =>PUP.Optional.SmartWebSearch C:\Windows\Prefetch\SMARTWEBHELPER.EXE-185E2097.pf =>PUP.Optional.SmartWebSearch C:\Windows\Prefetch\SPACESONDPRO_1507--EF1356E6.E-0268D3C9.pf =>PUP.Optional.SpaceSondPro C:\Windows\Prefetch\UPDATEPRODUCTDEALS.EXE-5A36FD61.pf =>PUP.Optional.ProductDeals C:\Windows\Prefetch\UPGMSD_FR_002030035.EXE-3FCC53BA.pf =>PUP.Optional.CrossRider C:\Windows\Prefetch\UPGMSD_FR_005010035.EXE-26675784.pf =>PUP.Optional.CrossRider C:\Windows\Prefetch\UTILPRODUCTDEALS.EXE-C2601A59.pf =>PUP.Optional.ProductDeals C:\Windows\Prefetch\WEBBAR_1404--6B0A5844.EXE-BCCCA544.pf =>PUP.Optional.WebBar C:\Windows\Prefetch\WEBBAR_1404--6B0A5844.TMP-7530ABD9.pf =>PUP.Optional.WebBar C:\Windows\Prefetch\WORDSHARK.EXE-5DD2A658.pf =>PUP.Optional.WordShark C:\Windows\Prefetch\WORDSHARKAUTOUPDATECLIENT.EXE-8ACA4933.pf =>PUP.Optional.WordShark C:\Windows\Prefetch\WORDSURFERAUTOUPDATECLIENT.EX-72797FB7.pf =>PUP.Optional.WordSurfer C:\Windows\Prefetch\ZOMBIENEWSINSTALL.EXE-21C3F427.pf =>PUP.Optional.ZombieNews C:\Windows\Prefetch\ZOMBIENEWSUNINSTALL.EXE-F54BBF9F.pf =>PUP.Optional.ZombieNews C:\Windows\System32\drivers\{b9ef2fca-9fe6-4589-b97a-90379e9f2f5e}Gw64.sys =>PUP.Optional.LinkiDoo C:\Users\rémi\AppData\Local\SmartWeb\__u.exe =>PUP.Optional.SmartWebSearch C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\SmartWebInstaller[1].exe =>PUP.Optional.SmartWebSearch C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\Z308NWM4\VuuPC_VO2_8907[1].exe =>PUP.Optional.VuuPC C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\3DP8M92T\AnyProtectSetup[1].exe =>PUP.Optional.AnyProtect C:\Users\rémi\AppData\Local\Microsoft\Windows\INetCache\IE\14WY7F1D\AnyProtect[1].exe =>PUP.Optional.AnyProtect C:\Program Files\KMSpico\KMSELDI.exe =>PUA.KMSpico HKLM\SYSTEM\CurrentControlSet\Services\globalUpdatem =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateProductDeals_RASAPI32 =>PUP.Optional.ProductDeals HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateProductDeals_RASMANCS =>PUP.Optional.ProductDeals HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilProductDeals_RASAPI32 =>PUP.Optional.ProductDeals HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilProductDeals_RASMANCS =>PUP.Optional.ProductDeals HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSharkAutoUpdateClient_RASAPI32 =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSharkAutoUpdateClient_RASMANCS =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSurferAutoUpdateClient_RASAPI32 =>PUP.Optional.WordSurfer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WordSurferAutoUpdateClient_RASMANCS =>PUP.Optional.WordSurfer ---\\ Récapitulatif des éléments trouvées sur votre station (36) - 0s http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse http://www.nicolascoolman.fr/blog =>PUP.Optional.FastSearch http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate http://www.nicolascoolman.fr/pup-startsearch/ =>PUP.Optional.StartSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.SpaceSondPro http://www.nicolascoolman.fr/pup-kmspico/ =>PUA.KMSpico http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS http://www.nicolascoolman.fr/blog =>PUP.Optional.Binkiland http://www.nicolascoolman.fr/pup-dealply/ =>PUP.Optional.Dealply http://www.nicolascoolman.fr/blog =>PUP.Optional.GamesDesktop http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug http://www.nicolascoolman.fr/adware-boxore/ =>PUP.Optional.Boxore http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive http://www.nicolascoolman.fr/pup-wordshark/ =>PUP.Optional.WordShark http://www.nicolascoolman.fr/blog =>PUP.Optional.WordSurfer http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowser http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore http://www.nicolascoolman.fr/blog =>PUP.Optional.RapidMediaConverter http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxComputerCleaner http://www.nicolascoolman.fr/blog =>PUP.Optional.DynConIE http://www.nicolascoolman.fr/blog =>PUP.Optional.GUPlayer http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware http://www.nicolascoolman.fr/blog =>PUP.Optional.Graftor http://www.nicolascoolman.fr/blog =>PUP.Optional.YouTubeAdBlock http://www.nicolascoolman.fr/blog =>PUP.Optional.PepperZip http://www.nicolascoolman.fr/pup-smartwebsearch/ =>PUP.Optional.SmartWebSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.BreakingNewsAlert http://www.nicolascoolman.fr/blog =>PUP.Optional.ASPackage http://www.nicolascoolman.fr/pup-product-deals/ =>PUP.Optional.ProductDeals http://www.nicolascoolman.fr/blog =>PUP.Optional.WebBar http://www.nicolascoolman.fr/blog =>PUP.Optional.ZombieNews http://www.nicolascoolman.fr/pup-linkidoo/ =>PUP.Optional.LinkiDoo http://www.nicolascoolman.fr/pup-vuupc/ =>PUP.Optional.VuuPC ~ End of the scan, 39754 items in 137 seconds (1271)(0)()