cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.8.9.114 Par Nicolas Coolman (2015/08/8)
~ Démarré par NATHALIE (Administrator) (2015/08/10 14:14:07)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Pas de fichier réseau
~ Mode: Scanner
~ Rapport: C:\Documents and Settings\NATHALIE\Bureau\ZHPDiag.txt
~ Rapport: C:\Documents and Settings\NATHALIE\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
WIN_XP, 32-bit Service Pack 3 (Build 2600)

---\\ Navigateurs Internet (1) - 0s
MSIE: Internet Explorer v8.0.6001.18702

---\\ Logiciels d'optimisation (1) - 8s
CCleaner v3.02

---\\ Surveillance de Logiciels (2) - 8s
Adobe Flash Player 18 NPAPI
Adobe Reader XI

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 6 Model 28 Stepping 2, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2087.116 MB (43% free)
~ System Restore: Activé (Enable)
~ System drive C: has 93 GB free of 142 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: ACER-03915B3F31
~ User Name: NATHALIE
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 93 GB free of 142 GB (System)
~ Drive D: has 438 GB free of 953 GB

---\\ Etat du Centre de Sécurité Windows (9) - 1s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (22) - 0s
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) () -- C:\WINDOWS\System32\rundll32.exe [33792]
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744]
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) () -- C:\WINDOWS\System32\drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [53376]

---\\ Processus lancés (6) - 1s
[MD5.812400977140134B25074657B0C4F06A] - (...) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\2B54BCE0-1439073337-11DE-952A-00269E11D6C6\snse284.tmp [120832] [PID.2012] =>PUP.Optional.CrossRider
[MD5.B631A9ACCAB529C7AC23FC505AED156A] - (...) -- C:\Program Files\shopperz04082015\KomeUfuwe.exe [171872] [PID.176] =>PUP.Optional.Shopperz
[MD5.45C1AF2E053604D0034382CF7A2AD1A4] - (...) -- C:\Documents and Settings\NATHALIE\Application Data\Outraged Team\Outraged Team.exe [66048] [PID.312]
[MD5.7DA7B7B7D970BBC5C96A9EFED6F9A084] - (.Copyright © 2014 - WindowsUpdater.) -- C:\WINDOWS\Microsoft\sogrMed\Media Player ZUpdater.exe [19968] [PID.752] =>PUP.Optional.CrossRider
[MD5.FA9452CE2BFC4DCF90D7FD810BFB9BD6] - (.Copyright © 2014 - NewVersionUploader.) -- C:\WINDOWS\Microsoft\UpdatingServiceMed\Media Player ZNewVersionDownloader.exe [13824] [PID.1392] =>PUP.Optional.CrossRider
[MD5.C228DDE8F345D1B8993E0A8D8697A73C] - (.Acer Incoporated - Acer Video Quality Enhancement.) -- C:\Program Files\Acer\Acer VCM\VC.exe [1675264] [PID.1196]

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (9) - 1s
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [engaigpbgdjjmanonjcjkcmomgibneba] Boxore =>PUP.Optional.Boxore
G2 - GCE: Preference [User Data\Default] [jecgbfoconhopjngaaijjgffhokohlac] MedPlayvidV3.1 =>PUP.Optional.CrossRider
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (21) - 5s
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
P2 - EXT: (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.FRA
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\QuickTimePlugin.class
P2 - EXT FILE: (...) -- C:\Documents and Settings\NATHALIE\Application Data\Mozilla\Firefox\Profiles\v6vz1z61.default-1439064453781\extensions\jid1-f3mYMbCpz2AZYl@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\NATHALIE\Application Data\Mozilla\Firefox\Profiles\v6vz1z61.default-1439064453781\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\NATHALIE\Application Data\Mozilla\Firefox\Profiles\v6vz1z61.default-1439064453781\searchplugins\google-default.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Microsoft.com/DownloadManager,version=1.1] - (.Genre.) -- C:\WINDOWS\
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (15) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://wikipedia.fr/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/ =>PUP.Optional.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/ =>PUP.Optional.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/ =>PUP.Optional.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (20)

---\\ Browser Helper Object de navigateur (BHO) (O2) (6) - 1s
O2 - BHO: shopperz04082015 Helper - {0a0e29f6-0ab0-44e1-a98e-bd050ee692ec} (Orphean) =>PUP.Optional.Shopperz
O2 - BHO: PriceLess - {1C96F985-C6FC-4AFB-B644-869C24BF303F} (Orphean) =>PUP.Optional.Multiplug
O2 - BHO: (no name) - {1F91A9A1-01BA-4c81-863D-3BA0751E1419} (Orphean)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} (Orphean)
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} (Orphean)
O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\Documents and Settings\All Users\Application Data\ShopperPro\ShopperPro.dll =>PUP.Optional.ShopperPro

---\\ Internet Explorer Toolbars (O3) (1) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.)

---\\ Applications lancées au démarrage du sytème (O4) (26) - 3s
O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
O4 - HKLM\..\Run: [NotificationCenterLauncher] . (.Acer - X86 Version.) -- C:\Program Files\Acer\Acer eRecovery Management\NotificationLauncher.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe
O4 - HKCU\..\Run: [WinThrusterReminder] . (.Solvusoft Corporation - WinThruster.) -- C:\Program Files\WinThruster\WinThruster.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe
O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [WinThrusterReminder] . (.Solvusoft Corporation - WinThruster.) -- C:\Program Files\WinThruster\WinThruster.exe

---\\ Winsock hijacker (Layered Service Provider) (O10) (3) - 0s
O10 - WLSP:\Catalog_Entries\000000000001\Winsock LSP File . (...) -- C:\WINDOWS\system32\Peakoar.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000002\Winsock LSP File . (...) -- C:\WINDOWS\system32\Peakoar.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000022\Winsock LSP File . (...) -- C:\WINDOWS\system32\Peakoar.dll =>Hijacker.Winsock

---\\ Modification Domaine/Adresses DNS (O17) (9) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 52.17.204.69
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 52.17.204.69
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 52.17.204.69
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) (1) - 0s
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll

---\\ Liste des services NT non Microsoft et non désactivés (O23) (21) - 1s
O23 - Service: a34dfee7-ea86-4e1d-88fb-46171610240f (a34dfee7-ea86-4e1d-88fb-46171610240f) . (...) - C:\Program Files\shopperz04082015\Dmxkbb.exe (.not file.) =>PUP.Optional.Shopperz
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: (BrsHelper) . (...) - C:\PROGRA~1\YTDOWN~1\BROWSE~2.EXE (.not file.) =>PUP.Optional.YTDownloader
O23 - Service: Wire Professional Version (comyninu) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\hnsd232.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: csrcc (csrcc) . (...) - C:\Program Files\shopperz04082015\csrcc.exe (.not file.) =>PUP.Optional.Shopperz
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate
O23 - Service: Kerning Down (gopibeko) . (...) - C:\Documents and Settings\NATHALIE\Local Settings\Application Data\2B54BCE0-1439073337-11DE-952A-00269E11D6C6\snse284.tmp =>PUP.Optional.CrossRider
O23 - Service: Service Google Update (gupdate) (gupdate) . (...) - C:\Program Files\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: Key In Bold Italic (hyverumu) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\jnsi230.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: Convert Footer (kepelizy) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\knsb2F1.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: Page Orientation Footnote (mosetihe) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\knsn226.tmpfs (.not file.) =>PUP.Optional.CrossRider
O23 - Service: MyrwewNebg (MyrwewNebg) . (...) - C:\Program Files\shopperz04082015\KomeUfuwe.exe =>PUP.Optional.Shopperz
O23 - Service: Outraged Team (Outraged Team) . (...) - C:\Documents and Settings\NATHALIE\Application Data\Outraged Team\Outraged Team.exe
O23 - Service: Raw Socket Service (RS_Service) . (.Acer Incorporated - Raw Socket Service.) - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: shopperz04082015 Updater (shopperz04082015 Updater) . (...) - C:\Program Files\shopperz04082015\Qeeoozeou.exe (.not file.) =>PUP.Optional.Shopperz
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: sogrMed (sogrMed) . (.Copyright © 2014 - WindowsUpdater.) - C:\WINDOWS\Microsoft\sogrMed\Media Player ZUpdater.exe =>PUP.Optional.CrossRider
O23 - Service: ShopperPro Update (SPBIUpd) . (...) - C:\Program Files\Common Files\ShopperPro\spbiu.exe (.not file.) =>PUP.Optional.ShopperPro
O23 - Service: UpdatingServiceMed (UpdatingServiceMed) . (.Copyright © 2014 - NewVersionUploader.) - C:\WINDOWS\Microsoft\UpdatingServiceMed\Media Player ZNewVersionDownloader.exe =>PUP.Optional.Proxomoto
O23 - Service: Home Page Megahertz (wusykefy) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\knsp39A.tmp (.not file.) =>PUP.Optional.CrossRider
O23 - Service: Educational Signal (zehyqefe) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\knsb2B5.tmp (.not file.) =>PUP.Optional.CrossRider

---\\ Tâches planifiées en automatique (O39) (43) - 4s
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\6zdjWZu4T.job [1038]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-1-6.job [3118] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-1-7.job [3118] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-4.job [4474] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-5.job [2426] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-6.job [5498] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-7.job [5498] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\aMcZxhF.job [1034]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\AmiUpdXp.job [428] =>PUP.Optional.SoftwareUpdater
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\APSnotifierPP1.job [366] =>PUP.Optional.AnyProtect
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\APSnotifierPP2.job [364] =>PUP.Optional.AnyProtect
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\APSnotifierPP3.job [364] =>PUP.Optional.AnyProtect
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\BUbyuYVKyaMnOhKMKvLXt2IQ3f.job [1072]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\CaffeineFix.job [432]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\ccd25dc2-db54-41a4-a1cd-9349ed85a7aa-10_user.job [2106] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005Core.job [1226]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005UA.job [1278]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\DyiSY265xGbEV1p4oxddhw7U70c.job [1074]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005Core.job [1156]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005UA.job [1178]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job [892] =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job [896] =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005Core.job [1108]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005UA.job [1160]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\MAXDriverUpdater_UPDATES.job [278] =>PUP.Optional.MaxDriverUpdater
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [228]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [222]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\QnkFOgdrctX.job [1042]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\ShopperPro.job [788] =>PUP.Optional.ShopperPro
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\ShopperProJSUpd.job [346] =>PUP.Optional.ShopperPro
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\sMsql4I5d3.job [1040]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\SMupdate1.job [358]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\SMupdate2.job [358]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\SMupdate3.job [358]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\SPBIW_UpdateTask_Time_323436333234343432342d345b413455412a45235a6c6c.job [956]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\WinThruster_DEFAULT.job [268]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\WinThruster_UPDATES.job [276]
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\YTDownloader.job [364] =>PUP.Optional.YTDownloader
O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\YTDownloaderUpd.job [354] =>PUP.Optional.YTDownloader

---\\ Logiciels installés (O42) (64) - 32s
O42 - Logiciel: Acer ScreenSaver - (.Acer.) [HKLM] -- Acer Screensaver
O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130
O42 - Logiciel: Windows Desktop Search 3.01 - (.Microsoft Corporation.) [HKLM] -- KB917013
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5
O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5
O42 - Logiciel: Intel(R) Graphics Media Accelerator 500 - (...) [HKLM] -- LPCO
O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 39.0.3 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3
O42 - Logiciel: Forum Terminal - (.Forum Terminal.) [HKLM] -- SoftwareUpdater =>PUP.Optional.SoftwareUpdater
O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007
O42 - Logiciel: Windows Media Format Runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Lecteur Windows Media 10 - (...) [HKLM] -- Windows Media Player
O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: WinThruster - (.solvusoft Corporation.) [HKLM] -- WinThruster_is1
O42 - Logiciel: Acer VCM - (.Acer Incorporated.) [HKLM] -- {047F790A-7A2A-4B6A-AD02-38092BA63DAC}
O42 - Logiciel: JavaFX 2.1.0 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-210328764D10}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Java 8 Update 40 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218040F0}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Microsoft Download Manager - (.Microsoft Corporation.) [HKLM] -- {654977DB-0001-0002-0001-EABD228DDE8B}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Zuma Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}
O42 - Logiciel: Tradewinds 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}
O42 - Logiciel: Rainbow Web - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111125700}
O42 - Logiciel: Tri-Peaks Solitaire To Go - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}
O42 - Logiciel: Peggle - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11231247}
O42 - Logiciel: Star Defender 4 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}
O42 - Logiciel: Cooking Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Choice Guard - (.Microsoft Corporation.) [HKLM] -- {8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
O42 - Logiciel: Media Player Z - (.SurfProtect.) [HKLM] -- {91413148-5A27-4C82-9F77-B55DD63FFAE9} =>PUP.Optional.CrossRider
O42 - Logiciel: Software Version Updater - (...) [HKLM] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: Acer Crystal Eye webcam 2.2.0.2 - (.SuYin.) [HKLM] -- {A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}
O42 - Logiciel: globalupdate Helper - (.globalupdate Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Optional.GlobalUpdate
O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe Reader XI (11.0.08) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC}
O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {CE1F04C7-79BC-4219-BE6A-BA490224D4B5}
O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {E1DB0812-2D60-43DB-AE09-6C7027D93B28}
O42 - Logiciel: Windows Desktop Search 3.01 - (.Microsoft Corporation.) [HKLM] -- {E72019B8-1287-4093-BE9B-1CFA7BA1A8D2}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox
O42 - Logiciel: Google Photos Backup - (.Google, Inc..) [HKCU] -- Google Photos Backup

---\\ HKCU & HKLM Software Keys (195) - 33s
HKLM\SOFTWARE\781
HKLM\SOFTWARE\ACD Systems
HKLM\SOFTWARE\Acer
HKLM\SOFTWARE\Acer Incorporated
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Alien Skin
HKLM\SOFTWARE\America Online
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar
HKLM\SOFTWARE\Boxore =>PUP.Optional.Boxore
HKLM\SOFTWARE\BrowserChoice
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Canon
HKLM\SOFTWARE\Creative Tech
HKLM\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Crossrider =>PUP.Optional.CrossRider
HKLM\SOFTWARE\csdimedia =>PUP.Optional.MaxDriverUpdater
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\dck
HKLM\SOFTWARE\Digital River
HKLM\SOFTWARE\DivXNetworks
HKLM\SOFTWARE\Dropbox
HKLM\SOFTWARE\DRWNewFree
HKLM\SOFTWARE\ff7e79ac-48ff-4fd0-ba4e-1e8392321d53 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\GameHouse
HKLM\SOFTWARE\GAMESDESKTOP =>PUP.Optional.GamesDesktop
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\IHProtect =>PUP.Optional.AgentODR
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\istartsurfSoftware =>PUP.Optional.IsStart
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\KasperskyLab
HKLM\SOFTWARE\Lake
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\MaxPower
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\NetCrawl =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Oberon Media
HKLM\SOFTWARE\Object Browser =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Object Browser-nv =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Object Browser-nv-ie =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\OEM
HKLM\SOFTWARE\OemSetup
HKLM\SOFTWARE\Oracle
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Reason
HKLM\SOFTWARE\Reflexive Entertainment
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\RocketTab =>PUP.Optional.RocketTab
HKLM\SOFTWARE\RTLSetup
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\searchult =>PUP.Optional.Generic
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\ShopperPro =>PUP.Optional.ShopperPro
HKLM\SOFTWARE\shopperz04082015 =>PUP.Optional.Shopperz
HKLM\SOFTWARE\Skunkstudios
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Solvusoft
HKLM\SOFTWARE\SupDp =>PUP.Optional.SupTab
HKLM\SOFTWARE\supTab =>PUP.Optional.SupTab
HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Optional.Fuyu
HKLM\SOFTWARE\SuYin
HKLM\SOFTWARE\Synaptics
HKLM\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\WaInterEnhancer =>PUP.Optional.Multiplug
HKLM\SOFTWARE\WebBar =>PUP.Optional.WebBar
HKLM\SOFTWARE\Windows
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer
HKLM\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader
HKLM\SOFTWARE\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider
HKCU\SOFTWARE\6zdjWZu4T
HKCU\SOFTWARE\70121InstEnd
HKCU\SOFTWARE\ACD Systems
HKCU\SOFTWARE\Acer
HKCU\SOFTWARE\AcerUtil
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\aMcZxhF
HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\apple
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar
HKCU\SOFTWARE\Boxore =>PUP.Optional.Boxore
HKCU\SOFTWARE\BrowserV30.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\BUbyuYVKyaMnOhKMKvLXt2IQ3f
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Cinema PlusV09.08-ntf =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Cinema PlusV09.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\csdimedia =>PUP.Optional.MaxDriverUpdater
HKCU\SOFTWARE\Cyberlink
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\DropboxUpdate
HKCU\SOFTWARE\DSP-worx
HKCU\SOFTWARE\DyiSY265xGbEV1p4oxddhw7U70c
HKCU\SOFTWARE\DynConIE =>PUP.Optional.DynConIE
HKCU\SOFTWARE\eSobi
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\GameHouse
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\IM
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\ImInstaller =>Toolbar.IncrediMail
HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\iWebar-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KMPlayer
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MedPlayvidV3.1-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\NetCrawl =>PUP.Optional.Sambreel
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Northcode Inc
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\Oberon Media
HKCU\SOFTWARE\Object Browser-nv =>PUP.Optional.ObjectBrowser
HKCU\SOFTWARE\Object Browser-nv-ie =>PUP.Optional.ObjectBrowser
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\OperaOB
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Pyrogon
HKCU\SOFTWARE\QnkFOgdrctX
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\RocketTabInstalled =>PUP.Optional.RocketTab
HKCU\SOFTWARE\Search Extensions =>PUP.Optional.RocketTab
HKCU\SOFTWARE\ShopperPro =>PUP.Optional.ShopperPro
HKCU\SOFTWARE\shopperz04082015 =>PUP.Optional.Shopperz
HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\sMsql4I5d3
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\Solvusoft
HKCU\SOFTWARE\Stellar
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\TNT2 =>PUP.Optional.TidyNetwork
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\URSoft
HKCU\SOFTWARE\Viber
HKCU\SOFTWARE\WaInterEnhancer =>PUP.Optional.Multiplug
HKCU\SOFTWARE\WajIEnhance =>PUP.Optional.Wajam
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Windows Live Writer
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contenu des dossiers Programmes (O43) (203) - 22s
O43 - CFD: 2015/08/08 20:05:20 - [] D -- C:\Program Files\Acer
O43 - CFD: 2015/08/09 19:58:25 - [] D -- C:\Program Files\Acer GameZone
O43 - CFD: 2009/08/04 16:40:15 - [] D -- C:\Program Files\ACER PATCH LTV2016
O43 - CFD: 2012/12/15 06:59:37 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2012/05/18 06:03:54 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2011/01/23 03:08:36 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2011/01/23 02:06:13 - [] D -- C:\Program Files\CyberLink
O43 - CFD: 2013/05/31 13:24:06 - [] D -- C:\Program Files\Dropbox
O43 - CFD: 2009/08/04 16:30:49 - [] D -- C:\Program Files\eSobi
O43 - CFD: 2015/03/30 10:22:19 - [] D -- C:\Program Files\Fichiers communs
O43 - CFD: 2015/08/08 17:52:17 - [] D -- C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/09 19:34:50 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/08/08 21:59:49 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2009/08/04 15:08:12 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/08/09 21:51:50 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/06/16 09:12:09 - [] D -- C:\Program Files\iPod
O43 - CFD: 2015/06/16 09:13:30 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2015/03/30 10:19:15 - [] D -- C:\Program Files\Java
O43 - CFD: 2009/08/04 15:42:24 - [] D -- C:\Program Files\Microsoft
O43 - CFD: 2014/06/20 04:26:01 - [] D -- C:\Program Files\Microsoft Download Manager
O43 - CFD: 2009/08/04 12:44:21 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 2014/10/21 02:35:56 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2014/10/18 10:44:56 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2009/08/04 15:43:17 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 2011/01/23 04:13:11 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 2014/10/20 03:44:52 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 2015/08/08 18:03:13 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2012/05/04 11:34:30 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 2015/08/07 13:57:49 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/08/08 19:24:12 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2012/05/04 13:19:14 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2009/08/04 12:39:41 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 2015/08/09 21:52:00 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 2012/05/04 11:35:26 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 2015/08/09 19:25:38 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 2015/08/08 21:59:49 - [] D -- C:\Program Files\Realtek
O43 - CFD: 2015/08/10 14:08:36 - [] D -- C:\Program Files\Reason
O43 - CFD: 2012/05/04 13:18:59 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2009/08/04 12:41:58 - [] D -- C:\Program Files\Services en ligne
O43 - CFD: 2015/08/09 21:51:03 - [] D -- C:\Program Files\shopperz04082015 =>PUP.Optional.Shopperz
O43 - CFD: 2015/07/19 09:41:32 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2015/08/08 17:45:38 - [] D -- C:\Program Files\Software =>PUP.Optional.Boxore
O43 - CFD: 2009/08/04 12:48:11 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2011/01/23 03:12:13 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2014/06/20 04:29:11 - [] D -- C:\Program Files\Windows Desktop Search
O43 - CFD: 2009/08/04 15:44:10 - [] D -- C:\Program Files\Windows Live
O43 - CFD: 2009/08/04 15:42:05 - [] D -- C:\Program Files\Windows Live SkyDrive
O43 - CFD: 2009/08/04 15:22:55 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2009/08/04 12:39:38 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2009/08/04 12:42:05 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 2011/01/23 03:12:51 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/08/10 14:02:16 - [] D -- C:\Program Files\WinThruster
O43 - CFD: 2009/08/04 12:44:21 - [] D -- C:\Program Files\xerox
O43 - CFD: 2009/08/04 12:43:41 - [] RDC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 2011/01/23 02:08:03 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Acer
O43 - CFD: 2011/01/23 02:00:31 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Acer Crystal Eye webcam
O43 - CFD: 2012/09/09 05:53:39 - [0] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Acer GameZone
O43 - CFD: 2009/08/04 16:43:44 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AcerSystem
O43 - CFD: 2011/01/23 03:36:33 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ADOBE
O43 - CFD: 2011/01/23 03:08:35 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner
O43 - CFD: 2015/08/08 21:17:10 - [] RDC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 2009/08/04 16:30:53 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\eSobi v2
O43 - CFD: 2015/08/09 18:50:21 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GAMESDESKTOP =>PUP.Optional.GamesDesktop
O43 - CFD: 2009/08/04 15:21:35 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Desktop
O43 - CFD: 2015/06/16 09:13:40 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes
O43 - CFD: 2015/03/30 10:21:10 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java
O43 - CFD: 2009/08/04 12:39:56 - [] RDC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 2014/06/20 04:26:01 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Download Manager
O43 - CFD: 2011/01/23 04:14:22 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office
O43 - CFD: 2014/10/17 19:02:40 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight
O43 - CFD: 2015/03/30 11:00:09 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox
O43 - CFD: 2009/08/04 12:44:15 - [] RDC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 2011/02/25 13:14:06 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Picasa 3
O43 - CFD: 2015/06/16 08:48:12 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime
O43 - CFD: 2014/10/19 05:56:31 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype
O43 - CFD: 2015/03/30 11:25:57 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN
O43 - CFD: 2015/08/08 22:50:00 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WaInterEnhancer =>PUP.Optional.Multiplug
O43 - CFD: 2015/08/10 13:48:14 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live
O43 - CFD: 2012/09/07 05:59:00 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 2015/08/10 14:02:16 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinThruster
O43 - CFD: 2011/01/23 02:24:38 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Your Uninstaller 2010
O43 - CFD: 2015/06/16 09:11:22 - [] DC -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 2015/08/08 22:43:47 - [] DC -- C:\Documents and Settings\All Users\Application Data\3215589157971400341
O43 - CFD: 2012/12/15 06:53:07 - [] DC -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 2015/08/08 17:54:15 - [] DC -- C:\Documents and Settings\All Users\Application Data\Ahjukesrop
O43 - CFD: 2014/07/03 08:57:17 - [] DC -- C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 2011/02/12 07:38:38 - [] DC -- C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 2015/07/11 12:30:13 - [] DC -- C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 2015/06/16 09:13:31 - [] DC -- C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 2015/08/09 12:18:33 - [] DC -- C:\Documents and Settings\All Users\Application Data\Browser =>PUP.Optional.SpeedBrowser
O43 - CFD: 2015/08/09 18:46:44 - [] DC -- C:\Documents and Settings\All Users\Application Data\BWinManProB
O43 - CFD: 2011/02/08 04:20:38 - [] DC -- C:\Documents and Settings\All Users\Application Data\CyberLink
O43 - CFD: 2015/07/11 18:24:44 - [] DC -- C:\Documents and Settings\All Users\Application Data\DatacardService
O43 - CFD: 2015/06/20 06:05:24 - [] DC -- C:\Documents and Settings\All Users\Application Data\Dropbox
O43 - CFD: 2009/08/04 16:30:58 - [] DC -- C:\Documents and Settings\All Users\Application Data\eSobi
O43 - CFD: 2014/11/25 16:02:51 - [] DC -- C:\Documents and Settings\All Users\Application Data\fast connect
O43 - CFD: 2014/01/13 12:06:53 - [] DC -- C:\Documents and Settings\All Users\Application Data\Google
O43 - CFD: 2015/08/08 22:35:57 - [] DC -- C:\Documents and Settings\All Users\Application Data\hjpeccfplbohjkpmpgmpaenebmhjibka
O43 - CFD: 2015/08/08 17:51:54 - [] DC -- C:\Documents and Settings\All Users\Application Data\IHProtectUpDate =>PUP.Optional.AgentODR
O43 - CFD: 2015/08/08 22:44:21 - [] DC -- C:\Documents and Settings\All Users\Application Data\kpmbgcglelimnpaelngaladelmlldcnl
O43 - CFD: 2011/03/31 12:40:06 - [] DC -- C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 2014/06/20 04:29:10 - [] SDC -- C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 2015/07/15 17:49:23 - [] DC -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 2015/03/31 11:11:52 - [] DC -- C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 2015/03/30 10:33:15 - [] DC -- C:\Documents and Settings\All Users\Application Data\Oracle
O43 - CFD: 2015/08/08 17:50:51 - [] DC -- C:\Documents and Settings\All Users\Application Data\rWinManPror
O43 - CFD: 2015/08/09 18:45:25 - [] DC -- C:\Documents and Settings\All Users\Application Data\ShopperPro =>PUP.Optional.ShopperPro
O43 - CFD: 2015/07/19 09:41:58 - [] DC -- C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 2012/05/02 12:19:47 - [] DC -- C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 2015/03/30 13:06:41 - [] ADC -- C:\Documents and Settings\All Users\Application Data\Temp
O43 - CFD: 2015/08/09 18:46:43 - [0] DC -- C:\Documents and Settings\All Users\Application Data\UWinManProU
O43 - CFD: 2015/03/30 10:31:50 - [] DC -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
O43 - CFD: 2015/08/08 22:34:17 - [] DC -- C:\Documents and Settings\All Users\Application Data\{1186e7b8-1372-2dc8-1186-6e7b81379ee0}
O43 - CFD: 2011/02/12 07:39:46 - [] DC -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 2012/12/15 06:59:38 - [] D -- C:\Program Files\Fichiers communs\Adobe
O43 - CFD: 2015/06/16 09:12:07 - [] D -- C:\Program Files\Fichiers communs\Apple
O43 - CFD: 2011/01/23 02:06:14 - [] D -- C:\Program Files\Fichiers communs\CyberLink
O43 - CFD: 2014/10/21 00:53:43 - [] D -- C:\Program Files\Fichiers communs\DESIGNER
O43 - CFD: 2009/08/04 15:17:48 - [] D -- C:\Program Files\Fichiers communs\InstallShield
O43 - CFD: 2015/03/30 10:22:19 - [] D -- C:\Program Files\Fichiers communs\Java
O43 - CFD: 2014/10/20 03:45:09 - [] D -- C:\Program Files\Fichiers communs\Microsoft Shared
O43 - CFD: 2009/08/04 12:41:38 - [] D -- C:\Program Files\Fichiers communs\MSSoap
O43 - CFD: 2009/08/04 16:12:09 - [] D -- C:\Program Files\Fichiers communs\Oberon Media
O43 - CFD: 2009/08/04 14:34:26 - [] D -- C:\Program Files\Fichiers communs\ODBC
O43 - CFD: 2009/08/04 12:41:40 - [] D -- C:\Program Files\Fichiers communs\Services
O43 - CFD: 2014/10/19 05:56:31 - [] D -- C:\Program Files\Fichiers communs\Skype
O43 - CFD: 2009/08/04 14:34:23 - [] D -- C:\Program Files\Fichiers communs\SpeechEngines
O43 - CFD: 2011/02/08 04:21:11 - [0] D -- C:\Program Files\Fichiers communs\SWF Studio
O43 - CFD: 2011/01/23 04:10:31 - [] D -- C:\Program Files\Fichiers communs\System
O43 - CFD: 2009/08/04 15:39:40 - [] D -- C:\Program Files\Fichiers communs\Windows Live
O43 - CFD: 2011/02/08 04:21:30 - [0] SHDC -- C:\Documents and Settings\NATHALIE\Application Data\.#
O43 - CFD: 2015/08/09 18:53:19 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\3775
O43 - CFD: 2015/08/09 18:53:19 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\3778
O43 - CFD: 2011/01/23 03:34:22 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\ACD Systems
O43 - CFD: 2009/08/04 16:31:50 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Acer
O43 - CFD: 2009/08/04 15:47:02 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Acer GameZone Console
O43 - CFD: 2011/03/31 12:50:54 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Adobe
O43 - CFD: 2012/08/10 05:32:20 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\AdSigner_Certificate
O43 - CFD: 2015/08/09 18:54:56 - [] SHDC -- C:\Documents and Settings\NATHALIE\Application Data\AnyProtectEx =>PUP.Optional.AnyProtect
O43 - CFD: 2012/01/02 02:41:44 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Apple Computer
O43 - CFD: 2015/08/09 18:57:31 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Company
O43 - CFD: 2015/08/08 17:48:31 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\csdimedia =>PUP.Optional.MaxDriverUpdater
O43 - CFD: 2011/02/08 04:20:29 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\CyberLink
O43 - CFD: 2015/08/09 18:11:28 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox
O43 - CFD: 2011/01/23 09:24:30 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\eSobi
O43 - CFD: 2011/01/23 03:13:17 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Google
O43 - CFD: 2009/08/04 12:48:15 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Identities
O43 - CFD: 2011/01/23 02:00:17 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\InstallShield
O43 - CFD: 2011/01/23 02:09:42 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Macromedia
O43 - CFD: 2015/04/27 14:25:03 - [0] DC -- C:\Documents and Settings\NATHALIE\Application Data\Media Player Classic
O43 - CFD: 2015/08/07 14:06:16 - [] SDC -- C:\Documents and Settings\NATHALIE\Application Data\Microsoft
O43 - CFD: 2011/01/23 03:28:25 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Mozilla
O43 - CFD: 2012/05/23 11:35:06 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Oracle
O43 - CFD: 2015/08/08 22:34:18 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Outraged Team
O43 - CFD: 2015/08/10 14:09:15 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Skype
O43 - CFD: 2015/08/10 14:02:22 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Solvusoft
O43 - CFD: 2012/05/02 12:10:58 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Sun
O43 - CFD: 2013/09/06 06:56:53 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\U3
O43 - CFD: 2011/01/23 02:24:45 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\URSoft
O43 - CFD: 2014/11/23 15:09:19 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\uTorrent
O43 - CFD: 2015/08/09 23:11:28 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\vlc
O43 - CFD: 2014/06/20 04:33:57 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Windows Desktop Search
O43 - CFD: 2011/04/16 05:11:49 - [0] DC -- C:\Documents and Settings\NATHALIE\Application Data\Windows Live Writer
O43 - CFD: 2011/01/23 04:09:03 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\WinRAR
O43 - CFD: 2015/08/10 14:14:25 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\ZHP
O43 - CFD: 2015/08/09 18:57:31 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
O43 - CFD: 2015/08/10 13:51:35 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\2B54BCE0-1439073337-11DE-952A-00269E11D6C6
O43 - CFD: 2015/07/06 14:20:02 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Adobe
O43 - CFD: 2011/02/12 07:36:10 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Apple
O43 - CFD: 2011/06/17 08:49:46 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Apple Computer
O43 - CFD: 2015/08/08 17:53:17 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Boxore =>PUP.Optional.Boxore
O43 - CFD: 2015/08/09 19:52:50 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\BrowserHelper =>PUP.Optional.BrowserHelper
O43 - CFD: 2015/08/09 18:41:23 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\CrashRpt =>.Legitimate.CrashReports
O43 - CFD: 2015/08/08 17:57:30 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Crossbrowse =>PUP.Optional.CrossBrowse
O43 - CFD: 2015/01/27 01:56:04 - [0] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Deployment
O43 - CFD: 2015/06/20 06:05:25 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Dropbox
O43 - CFD: 2014/10/13 16:38:00 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Facebook
O43 - CFD: 2015/08/08 17:52:15 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/09 20:20:26 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_005010055 =>PUP.Optional.CrossRider
O43 - CFD: 2015/07/22 19:48:03 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google
O43 - CFD: 2011/10/08 11:40:56 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Identities
O43 - CFD: 2015/08/09 18:42:30 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Installer =>PUP.Optional.InstallPedia
O43 - CFD: 2015/05/30 16:59:55 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Microsoft
O43 - CFD: 2009/08/04 15:28:10 - [0] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Microsoft Help
O43 - CFD: 2011/01/23 03:28:18 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Mozilla
O43 - CFD: 2014/10/18 07:04:04 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Programs
O43 - CFD: 2014/10/19 05:57:16 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Skype
O43 - CFD: 2015/08/09 21:51:56 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\SmartWeb =>PUP.Optional.SmartWebSearch
O43 - CFD: 2012/05/24 02:55:11 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Sun
O43 - CFD: 2015/07/06 18:14:57 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Temp
O43 - CFD: 2011/04/16 05:11:36 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Windows Live Writer
O43 - CFD: 2012/01/16 13:23:22 - [0] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\WMTools Downloaded Files
O43 - CFD: 2009/08/04 15:27:06 - [] RD -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Accessoires
O43 - CFD: 2015/08/09 19:03:23 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\AnyProtect PC Backup =>PUP.Optional.AnyProtect
O43 - CFD: 2011/01/23 02:15:06 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\CyberLink PowerDVD 8
O43 - CFD: 2015/08/08 02:19:45 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Dropbox
O43 - CFD: 2015/08/09 20:43:57 - [] RD -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Démarrage
O43 - CFD: 2015/07/22 19:48:06 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Google Photos Backup
O43 - CFD: 2015/08/08 22:34:29 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\GUPlayer =>PUP.Optional.GUPlayer
O43 - CFD: 2011/04/20 04:57:54 - [] RD -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Outils d'administration
O43 - CFD: 2011/01/23 03:11:16 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\The KMPlayer
O43 - CFD: 2012/09/07 05:59:00 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\WinRAR
O43 - CFD: 2015/08/09 18:52:35 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\YTDownloader =>PUP.Optional.YTDownloader

---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (1) - 8s
O45 - LFCP:[MD5.BA2F985A5E6BF2228BBB0DEFF31E936C] 2015/08/09 22:34:01 A -- C:\WINDOWS\Prefetch\PRICELESSINSTALLER.EXE-2C87BCC0.pf =>PUP.Optional.PriceLess

---\\ Enumération des clés de registre StartupReg (SMSR) (O53) (24) - 2s
O53 - SMSR:HKLM\...\startupreg\CTFMON.EXE [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O53 - SMSR:HKLM\...\startupreg\gmsd_fr_005010055 [Key] . (...) -- C:\Program Files\gmsd_fr_005010055\gmsd_fr_005010055.exe (.not file.) =>PUP.Optional.CrossRider
O53 - SMSR:HKLM\...\startupreg\Google Desktop Search [Key] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\IMJPMIG8.1 [Key] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\ime\imjp8_1\imjpmig.exe
O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MSPY2002 [Key] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE
O53 - SMSR:HKLM\...\startupreg\PDVD8LanguageShortcut [Key] . (.Copyright (C) 2006 - Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe
O53 - SMSR:HKLM\...\startupreg\PersistenceThread [Key] . (.Intel Corporation - PersistenceThread Background App for Intel(.) -- C:\WINDOWS\system32\PersistenceThread.exe
O53 - SMSR:HKLM\...\startupreg\PHIME2002A [Key] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
O53 - SMSR:HKLM\...\startupreg\PHIME2002ASync [Key] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
O53 - SMSR:HKLM\...\startupreg\ProductReg [Key] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (...) -- C:\Program Files\PowerISO\PWRISOVM.EXE (.not file.)
O53 - SMSR:HKLM\...\startupreg\RemoteControl8 [Key] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
O53 - SMSR:HKLM\...\startupreg\RTHDCPL [Key] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- RTHDCPL.EXE (.not file.)
O53 - SMSR:HKLM\...\startupreg\shopperz04082015 [Key] . (...) -- C:\Program Files\shopperz04082015\Sfval.exe (.not file.) =>PUP.Optional.Shopperz
O53 - SMSR:HKLM\...\startupreg\shopperz04082015XP [Key] . (...) -- C:\Program Files\shopperz04082015\Qhgvel.bat (.not file.) =>PUP.Optional.Shopperz
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\swg [Key] . (...) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (...) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\upgmsd_fr_004010054.exe [Key] . (...) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_004010054\upgmsd_fr_004010054.exe (.not file.) =>PUP.Optional.CrossRider
O53 - SMSR:HKLM\...\startupreg\upgmsd_fr_005010055.exe [Key] . (...) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_005010055\upgmsd_fr_005010055.exe =>PUP.Optional.CrossRider
O53 - SMSR:HKLM\...\startupreg\YTDownloader [Key] . (...) -- C:\Program Files\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader

---\\ Liste des pilotes du système (SDL) (O58) (57) - 7s
O58 - SDL:2008/04/14 14:00:00 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\System32\drivers\aliide.sys [5248]
O58 - SDL:2008/08/05 14:10:12 A . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736]
O58 - SDL:2008/04/13 11:36:40 A . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\System32\drivers\AMDAGP.SYS [43008]
O58 - SDL:2008/04/14 14:00:00 A . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\System32\drivers\asc.sys [26496]
O58 - SDL:2008/04/14 14:00:00 A . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\System32\drivers\asc3550.sys [14848]
O58 - SDL:2009/02/20 10:53:18 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS [1952512]
O58 - SDL:2015/06/18 12:10:14 A . (.Cherimoya Ltd - Cherimoya Ltd.) -- C:\WINDOWS\System32\drivers\cherimoya.sys [56344] =>PUP.Optional.Shopperz
O58 - SDL:2008/04/14 14:00:00 A . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528]
O58 - SDL:2008/04/14 14:00:00 A . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\System32\drivers\cmdide.sys [6656]
O58 - SDL:2008/04/14 14:00:00 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776]
O58 - SDL:2008/04/14 14:00:00 A . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\System32\drivers\dac2w2k.sys [179584]
O58 - SDL:2008/04/14 14:00:00 A . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800256]
O58 - SDL:2008/04/14 14:00:00 A . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys [154496]
O58 - SDL:2008/04/14 14:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888]
O58 - SDL:2012/08/21 08:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [26840]
O58 - SDL:2008/04/14 14:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2009/04/28 05:44:18 A . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\igxpmp32.sys [5096544]
O58 - SDL:2006/01/04 09:41:48 A . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\System32\drivers\Monfilt.sys [1389056]
O58 - SDL:2008/04/14 14:00:00 A . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\mraid35x.sys [17280]
O58 - SDL:2014/12/03 19:45:30 A . (.Windows (R) Win 7 DDK provider - TDI driver platform.) -- C:\WINDOWS\System32\drivers\netmon_tdi.sys [57176]
O58 - SDL:2008/04/14 14:00:00 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032]
O58 - SDL:2008/04/14 14:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792]
O58 - SDL:2008/04/14 14:00:00 A . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\System32\drivers\ql1080.sys [40320]
O58 - SDL:2008/04/14 14:00:00 A . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\System32\drivers\ql12160.sys [45312]
O58 - SDL:2008/04/14 14:00:00 A . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\System32\drivers\ql1280.sys [49024]
O58 - SDL:2008/04/14 14:00:00 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032]
O58 - SDL:2008/04/14 14:00:00 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032]
O58 - SDL:2009/04/16 05:10:06 A . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys [132480]
O58 - SDL:2009/03/24 13:35:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [5056000]
O58 - SDL:2008/04/14 14:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480]
O58 - SDL:2008/04/13 11:36:40 A . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\System32\drivers\SISAGP.SYS [40960]
O58 - SDL:2008/04/14 14:00:00 A . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\System32\drivers\sparrow.sys [19072]
O58 - SDL:2008/04/14 14:00:00 A . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\symc810.sys [16256]
O58 - SDL:2008/04/14 14:00:00 A . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\symc8xx.sys [32640]
O58 - SDL:2008/04/14 14:00:00 A . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\sym_hi.sys [28384]
O58 - SDL:2008/04/14 14:00:00 A . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\sym_u3.sys [30688]
O58 - SDL:2009/02/27 10:21:52 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [205360]
O58 - SDL:2008/04/14 14:00:00 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376]
O58 - SDL:2008/04/14 14:00:00 A . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\System32\drivers\ultra.sys [36736]
O58 - SDL:2013/03/18 11:51:08 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl.sys [45056]
O58 - SDL:2008/04/14 14:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9037]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2002/03/20 23:01:06 RA . (...) -- C:\WINDOWS\System32\Digita.sys [6688]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4912]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27916]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [34000]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (12) - 17s
O61 - LFC: 2015/08/08 22:34:17 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Outraged Team\Outraged Team.exe [66048]
O61 - LFC: 2015/08/05 22:49:14 AC . (.The ICU Project.) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\icudt55.dll [25911296]
O61 - LFC: 2015/08/05 22:49:14 AC . (.The ICU Project.) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\icuin55.dll [1675776]
O61 - LFC: 2015/08/05 22:49:14 AC . (.The ICU Project.) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\icuuc55.dll [1157632]
O61 - LFC: 2015/08/05 22:49:16 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\libEGL.dll [56320]
O61 - LFC: 2015/08/05 22:49:16 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\libGLESv2.dll [1128448]
O61 - LFC: 2015/08/05 22:49:56 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\QtQuick.2\qtquick2plugin.dll [12800]
O61 - LFC: 2015/08/05 22:49:56 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\QtQuick\Window.2\windowplugin.dll [12288]
O61 - LFC: 2015/08/05 22:49:56 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll [56320]
O61 - LFC: 2015/08/05 22:49:54 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll [779776]
O61 - LFC: 2015/08/09 18:52:55 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\3778\Updater.exe [641024]
O61 - LFC: 2015/08/09 18:52:55 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\3775\Updater.exe [641024]

---\\ Associations Shell Spawning (O67) (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

---\\ Menu de démarrage Internet (SMI) (O68) (9) - 0s
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.istartsurf.com/ =>PUP.Optional.IsStart
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (20) - 15s
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.newtab.url", "http://www.mystartsearch.com/newtab/?type=nt&ts=1439138440&z=2ecda6f3047d2f72b143aacg5zecet5g0cbb[...] =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.alias", "mystartsearch"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/favicon.ico"); =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.name", "mystartsearch"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.uid", "ST9160310AS_5SV8YL9YXXXX5SV8YL9Y"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=ds&ts=1439138440&z=2ecda6f3047d2f72b143aacg5z[...] =>PUP.Optional.StartSearch
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.selectedEngine", "istartsurf"); =>PUP.Optional.IsStart
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("extensions.crossrider.bic", "14f114ab56991c2cb5f25c30a2e009c1"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}.ScriptData_product_name", "shopperz04082015"); =>PUP.Optional.Shopperz
O69 - SBI: SearchScopes [HKCU] 52CF5E5A49DD4D22B56EBAABD42DBB13 - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {05E304E7-C2BD-4116-959A-7E42D9C728D3} - (Bing.com) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (istartsurf) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Bing) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {7C3449A2-72B5-4C52-938A-5D724A13E765} - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch

---\\ Enumère les services démarrés par Svchost (SSS) (O83) (39) - 3s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (...) -- C:\WINDOWS\System32\appmgmts.dll [0]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\system32\mswsock.dll [247808]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à.) -- C:\WINDOWS\system32\ipnathlp.dll [332800]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\WINDOWS\system32\tapisrv.dll [249856]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [145408]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024]
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll [409088]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [25088]

---\\ Enumère les codes produits des logiciels (PUC) (O90) (2) - 3s
O90 - PUC: "8413141972A528C4F9775BD56DF3AF9E" . (.Media Player Z.) -- C:\WINDOWS\Installer\{91413148-5A27-4C82-9F77-B55DD63FFAE9}\producticon =>PUP.Optional.CrossRider
O90 - PUC: "93BAD29AC2E44034A96BCB446EB8552E" . (.globalupdate Helper.) =>PUP.Optional.GlobalUpdate

---\\ Scan Additionnel (O88) (152) - 1s
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\2B54BCE0-1439073337-11DE-952A-00269E11D6C6\snse284.tmp =>PUP.Optional.CrossRider
C:\Program Files\shopperz04082015\KomeUfuwe.exe =>PUP.Optional.Shopperz
C:\WINDOWS\Microsoft\sogrMed\Media Player ZUpdater.exe =>PUP.Optional.CrossRider
C:\WINDOWS\Microsoft\UpdatingServiceMed\Media Player ZNewVersionDownloader.exe =>PUP.Optional.CrossRider
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\engaigpbgdjjmanonjcjkcmomgibneba
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac
C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec} =>PUP.Optional.Shopperz
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C96F985-C6FC-4AFB-B644-869C24BF303F} =>PUP.Optional.Multiplug
C:\Documents and Settings\All Users\Application Data\ShopperPro\ShopperPro.dll =>PUP.Optional.ShopperPro
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} =>PUP.Optional.ShopperPro
C:\WINDOWS\system32\Peakoar.dll =>Hijacker.Winsock
HKLM\SYSTEM\CurrentControlSet\Services\a34dfee7-ea86-4e1d-88fb-46171610240f =>PUP.Optional.Shopperz
HKLM\SYSTEM\CurrentControlSet\Services\BrsHelper =>PUP.Optional.YTDownloader
HKLM\SYSTEM\CurrentControlSet\Services\comyninu =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\csrcc =>PUP.Optional.Shopperz
HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate
HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\hyverumu =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\kepelizy =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\mosetihe =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\MyrwewNebg =>PUP.Optional.Shopperz
HKLM\SYSTEM\CurrentControlSet\Services\shopperz04082015 Updater =>PUP.Optional.Shopperz
HKLM\SYSTEM\CurrentControlSet\Services\sogrMed =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\SPBIUpd =>PUP.Optional.ShopperPro
HKLM\SYSTEM\CurrentControlSet\Services\UpdatingServiceMed =>PUP.Optional.Proxomoto
C:\WINDOWS\Microsoft\UpdatingServiceMed\Media Player ZNewVersionDownloader.exe =>PUP.Optional.Proxomoto
HKLM\SYSTEM\CurrentControlSet\Services\wusykefy =>PUP.Optional.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\zehyqefe =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-1-6.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-1-7.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-4.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-5.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-6.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-7.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\AmiUpdXp.job =>PUP.Optional.SoftwareUpdater
C:\WINDOWS\Tasks\APSnotifierPP1.job =>PUP.Optional.AnyProtect
C:\WINDOWS\Tasks\APSnotifierPP2.job =>PUP.Optional.AnyProtect
C:\WINDOWS\Tasks\APSnotifierPP3.job =>PUP.Optional.AnyProtect
C:\WINDOWS\Tasks\ccd25dc2-db54-41a4-a1cd-9349ed85a7aa-10_user.job =>PUP.Optional.CrossRider
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate
C:\WINDOWS\Tasks\MAXDriverUpdater_UPDATES.job =>PUP.Optional.MaxDriverUpdater
C:\WINDOWS\Tasks\ShopperPro.job =>PUP.Optional.ShopperPro
C:\WINDOWS\Tasks\ShopperProJSUpd.job =>PUP.Optional.ShopperPro
C:\WINDOWS\Tasks\YTDownloader.job =>PUP.Optional.YTDownloader
C:\WINDOWS\Tasks\YTDownloaderUpd.job =>PUP.Optional.YTDownloader
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater =>PUP.Optional.SoftwareUpdater
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{91413148-5A27-4C82-9F77-B55DD63FFAE9} =>PUP.Optional.CrossRider
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar
HKLM\SOFTWARE\Boxore =>PUP.Optional.Boxore
HKLM\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKLM\SOFTWARE\Crossrider =>PUP.Optional.CrossRider
HKLM\SOFTWARE\csdimedia =>PUP.Optional.MaxDriverUpdater
HKLM\SOFTWARE\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\GAMESDESKTOP =>PUP.Optional.GamesDesktop
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\IHProtect =>PUP.Optional.AgentODR
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\istartsurfSoftware =>PUP.Optional.IsStart
HKLM\SOFTWARE\mystartsearchSoftware =>PUP.Optional.StartSearch
HKLM\SOFTWARE\NetCrawl =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Object Browser =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Object Browser-nv =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Object Browser-nv-ie =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\RocketTab =>PUP.Optional.RocketTab
HKLM\SOFTWARE\searchult =>PUP.Optional.Generic
HKLM\SOFTWARE\ShopperPro =>PUP.Optional.ShopperPro
HKLM\SOFTWARE\shopperz04082015 =>PUP.Optional.Shopperz
HKLM\SOFTWARE\SupDp =>PUP.Optional.SupTab
HKLM\SOFTWARE\supTab =>PUP.Optional.SupTab
HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Optional.Fuyu
HKLM\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKLM\SOFTWARE\WaInterEnhancer =>PUP.Optional.Multiplug
HKLM\SOFTWARE\WebBar =>PUP.Optional.WebBar
HKLM\SOFTWARE\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer
HKLM\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKLM\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader
HKLM\SOFTWARE\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar
HKCU\SOFTWARE\Boxore =>PUP.Optional.Boxore
HKCU\SOFTWARE\BrowserV30.07-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Cinema PlusV09.08-ntf =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Cinema PlusV09.08-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\csdimedia =>PUP.Optional.MaxDriverUpdater
HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean
HKCU\SOFTWARE\DynConIE =>PUP.Optional.DynConIE
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ImInstaller =>Toolbar.IncrediMail
HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\iWebar-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\MedPlayvidV3.1-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\NetCrawl =>PUP.Optional.Sambreel
HKCU\SOFTWARE\Object Browser-nv =>PUP.Optional.ObjectBrowser
HKCU\SOFTWARE\Object Browser-nv-ie =>PUP.Optional.ObjectBrowser
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\RocketTabInstalled =>PUP.Optional.RocketTab
HKCU\SOFTWARE\Search Extensions =>PUP.Optional.RocketTab
HKCU\SOFTWARE\ShopperPro =>PUP.Optional.ShopperPro
HKCU\SOFTWARE\shopperz04082015 =>PUP.Optional.Shopperz
HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech
HKCU\SOFTWARE\TNT2 =>PUP.Optional.TidyNetwork
HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner
HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive
HKCU\SOFTWARE\WaInterEnhancer =>PUP.Optional.Multiplug
HKCU\SOFTWARE\WajIEnhance =>PUP.Optional.Wajam
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider
C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files\shopperz04082015 =>PUP.Optional.Shopperz
C:\Program Files\Software =>PUP.Optional.Boxore
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GAMESDESKTOP =>PUP.Optional.GamesDesktop
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WaInterEnhancer =>PUP.Optional.Multiplug
C:\Documents and Settings\All Users\Application Data\Browser =>PUP.Optional.SpeedBrowser
C:\Documents and Settings\All Users\Application Data\IHProtectUpDate =>PUP.Optional.AgentODR
C:\Documents and Settings\All Users\Application Data\ShopperPro =>PUP.Optional.ShopperPro
C:\Documents and Settings\NATHALIE\Application Data\AnyProtectEx =>PUP.Optional.AnyProtect
C:\Documents and Settings\NATHALIE\Application Data\csdimedia =>PUP.Optional.MaxDriverUpdater
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Boxore =>PUP.Optional.Boxore
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\BrowserHelper =>PUP.Optional.BrowserHelper
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\CrashRpt =>.Legitimate.CrashReports
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Crossbrowse =>PUP.Optional.CrossBrowse
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_005010055 =>PUP.Optional.CrossRider
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Installer =>PUP.Optional.InstallPedia
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\SmartWeb =>PUP.Optional.SmartWebSearch
C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\AnyProtect PC Backup =>PUP.Optional.AnyProtect
C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\GUPlayer =>PUP.Optional.GUPlayer
C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\YTDownloader =>PUP.Optional.YTDownloader
C:\WINDOWS\Prefetch\PRICELESSINSTALLER.EXE-2C87BCC0.pf =>PUP.Optional.PriceLess
C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_005010055\upgmsd_fr_005010055.exe =>PUP.Optional.CrossRider
C:\WINDOWS\System32\drivers\cherimoya.sys =>PUP.Optional.Shopperz
C:\WINDOWS\Installer\{91413148-5A27-4C82-9F77-B55DD63FFAE9}\producticon =>PUP.Optional.CrossRider
HKLM\Software\Classes\Installer\Products\8413141972A528C4F9775BD56DF3AF9E =>PUP.Optional.CrossRider
HKLM\Software\Classes\Installer\Features\8413141972A528C4F9775BD56DF3AF9E =>PUP.Optional.CrossRider
HKLM\Software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E =>PUP.Optional.GlobalUpdate
HKLM\Software\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E =>PUP.Optional.GlobalUpdate
HKLM\SYSTEM\CurrentControlSet\Services\globalUpdatem =>PUP.Optional.GlobalUpdate

---\\ Récapitulatif des éléments trouvées sur votre station (46) - 0s
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.Shopperz
http://www.nicolascoolman.fr/adware-boxore/ =>PUP.Optional.Boxore
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/pup-shopperpro/ =>PUP.Optional.ShopperPro
http://www.nicolascoolman.fr/pup-ytdownloader/ =>PUP.Optional.YTDownloader
http://www.nicolascoolman.fr/blog =>PUP.Optional.Proxomoto
http://www.nicolascoolman.fr/pup-software-updater/ =>PUP.Optional.SoftwareUpdater
http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect
http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxDriverUpdater
http://www.nicolascoolman.fr/blog =>Toolbar.AskBar
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/blog =>PUP.Optional.SweetSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.GamesDesktop
http://www.nicolascoolman.fr/blog =>PUP.Optional.AgentODR
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.Sambreel
http://www.nicolascoolman.fr/pup-objectbrowser/ =>PUP.Optional.ObjectBrowser
http://www.nicolascoolman.fr/rogue-reimagerepair/ =>PUP.Optional.ReImageRepair
http://www.nicolascoolman.fr/blog =>PUP.Optional.RocketTab
http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic
http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab
http://www.nicolascoolman.fr/trojan-fuyu/ =>PUP.Optional.Fuyu
http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebBar
http://www.nicolascoolman.fr/blog =>PUP.Optional.WordSurfer
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/pup-optional-dailypcclean/ =>PUP.Optional.DailyPCClean
http://www.nicolascoolman.fr/blog =>PUP.Optional.DynConIE
http://www.nicolascoolman.fr/blog =>Toolbar.IncrediMail
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/blog =>PUP.Optional.SimplyTech
http://www.nicolascoolman.fr/adware-tidynetwork/ =>PUP.Optional.TidyNetwork
http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxComputerCleaner
http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Optional.Wajam
http://www.nicolascoolman.fr/blog =>PUP.Optional.SpeedBrowser
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserHelper
http://www.nicolascoolman.fr/blog =>.Legitimate.CrashReports
http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia
http://www.nicolascoolman.fr/pup-smartwebsearch/ =>PUP.Optional.SmartWebSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.GUPlayer
http://www.nicolascoolman.fr/blog =>PUP.Optional.PriceLess
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine

~ End of the scan, 70589 items in 207 seconds (1087)(0)()

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !