~ ZHPDiag v2015.8.9.114 Par Nicolas Coolman (2015/08/8) ~ Démarré par NATHALIE (Administrator) (2015/08/10 14:14:07) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Etat de la version: Pas de fichier réseau ~ Mode: Scanner ~ Rapport: C:\Documents and Settings\NATHALIE\Bureau\ZHPDiag.txt ~ Rapport: C:\Documents and Settings\NATHALIE\Application Data\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ Démarrage du système: Normal (Normal boot) WIN_XP, 32-bit Service Pack 3 (Build 2600) ---\\ Navigateurs Internet (1) - 0s MSIE: Internet Explorer v8.0.6001.18702 ---\\ Logiciels d'optimisation (1) - 8s CCleaner v3.02 ---\\ Surveillance de Logiciels (2) - 8s Adobe Flash Player 18 NPAPI Adobe Reader XI ---\\ Informations sur le système (6) - 0s ~ Operating System: x86 Family 6 Model 28 Stepping 2, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 2087.116 MB (43% free) ~ System Restore: Activé (Enable) ~ System drive C: has 93 GB free of 142 GB ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: ACER-03915B3F31 ~ User Name: NATHALIE ~ Logged in as Administrator ---\\ Enumération des unités disques (2) - 0s ~ Drive C: has 93 GB free of 142 GB (System) ~ Drive D: has 438 GB free of 953 GB ---\\ Etat du Centre de Sécurité Windows (9) - 1s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Recherche particulière de fichiers génériques (22) - 0s [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\WINDOWS\Explorer.exe [1037824] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (.Microsoft Corporation - Exécuter une DLL en tant qu'application.) () -- C:\WINDOWS\System32\rundll32.exe [33792] [MD5.E1948B1F45A176FB4A0251446A5AE86D] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [920064] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows.) () -- C:\WINDOWS\System32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] [MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) () -- C:\WINDOWS\System32\drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [53376] ---\\ Processus lancés (6) - 1s [MD5.812400977140134B25074657B0C4F06A] - (...) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\2B54BCE0-1439073337-11DE-952A-00269E11D6C6\snse284.tmp [120832] [PID.2012] =>PUP.Optional.CrossRider [MD5.B631A9ACCAB529C7AC23FC505AED156A] - (...) -- C:\Program Files\shopperz04082015\KomeUfuwe.exe [171872] [PID.176] =>PUP.Optional.Shopperz [MD5.45C1AF2E053604D0034382CF7A2AD1A4] - (...) -- C:\Documents and Settings\NATHALIE\Application Data\Outraged Team\Outraged Team.exe [66048] [PID.312] [MD5.7DA7B7B7D970BBC5C96A9EFED6F9A084] - (.Copyright © 2014 - WindowsUpdater.) -- C:\WINDOWS\Microsoft\sogrMed\Media Player ZUpdater.exe [19968] [PID.752] =>PUP.Optional.CrossRider [MD5.FA9452CE2BFC4DCF90D7FD810BFB9BD6] - (.Copyright © 2014 - NewVersionUploader.) -- C:\WINDOWS\Microsoft\UpdatingServiceMed\Media Player ZNewVersionDownloader.exe [13824] [PID.1392] =>PUP.Optional.CrossRider [MD5.C228DDE8F345D1B8993E0A8D8697A73C] - (.Acer Incoporated - Acer Video Quality Enhancement.) -- C:\Program Files\Acer\Acer VCM\VC.exe [1675264] [PID.1196] ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (9) - 1s G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [engaigpbgdjjmanonjcjkcmomgibneba] Boxore =>PUP.Optional.Boxore G2 - GCE: Preference [User Data\Default] [jecgbfoconhopjngaaijjgffhokohlac] MedPlayvidV3.1 =>PUP.Optional.CrossRider G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (21) - 5s M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru P2 - EXT: (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.FRA P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\QuickTimePlugin.class P2 - EXT FILE: (...) -- C:\Documents and Settings\NATHALIE\Application Data\Mozilla\Firefox\Profiles\v6vz1z61.default-1439064453781\extensions\jid1-f3mYMbCpz2AZYl@jetpack.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\NATHALIE\Application Data\Mozilla\Firefox\Profiles\v6vz1z61.default-1439064453781\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\NATHALIE\Application Data\Mozilla\Firefox\Profiles\v6vz1z61.default-1439064453781\searchplugins\google-default.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@Microsoft.com/DownloadManager,version=1.1] - (.Genre.) -- C:\WINDOWS\ P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (15) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://wikipedia.fr/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (R5) (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Hosts file redirection (O1) (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (20) ---\\ Browser Helper Object de navigateur (BHO) (O2) (6) - 1s O2 - BHO: shopperz04082015 Helper - {0a0e29f6-0ab0-44e1-a98e-bd050ee692ec} (Orphean) =>PUP.Optional.Shopperz O2 - BHO: PriceLess - {1C96F985-C6FC-4AFB-B644-869C24BF303F} (Orphean) =>PUP.Optional.Multiplug O2 - BHO: (no name) - {1F91A9A1-01BA-4c81-863D-3BA0751E1419} (Orphean) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} (Orphean) O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} (Orphean) O2 - BHO: ShopperProBHO - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\Documents and Settings\All Users\Application Data\ShopperPro\ShopperPro.dll =>PUP.Optional.ShopperPro ---\\ Internet Explorer Toolbars (O3) (1) - 0s O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.) ---\\ Applications lancées au démarrage du sytème (O4) (26) - 3s O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe O4 - HKLM\..\Run: [NotificationCenterLauncher] . (.Acer - X86 Version.) -- C:\Program Files\Acer\Acer eRecovery Management\NotificationLauncher.exe O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKCU\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe O4 - HKCU\..\Run: [WinThrusterReminder] . (.Solvusoft Corporation - WinThruster.) -- C:\Program Files\WinThruster\WinThruster.exe O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\.DEFAULT\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Dropbox\Update\DropboxUpdate.exe O4 - HKUS\S-1-5-21-670792205-72185382-2018322775-1005\..\Run: [WinThrusterReminder] . (.Solvusoft Corporation - WinThruster.) -- C:\Program Files\WinThruster\WinThruster.exe ---\\ Winsock hijacker (Layered Service Provider) (O10) (3) - 0s O10 - WLSP:\Catalog_Entries\000000000001\Winsock LSP File . (...) -- C:\WINDOWS\system32\Peakoar.dll =>Hijacker.Winsock O10 - WLSP:\Catalog_Entries\000000000002\Winsock LSP File . (...) -- C:\WINDOWS\system32\Peakoar.dll =>Hijacker.Winsock O10 - WLSP:\Catalog_Entries\000000000022\Winsock LSP File . (...) -- C:\WINDOWS\system32\Peakoar.dll =>Hijacker.Winsock ---\\ Modification Domaine/Adresses DNS (O17) (9) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 52.17.204.69 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 52.17.204.69 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 52.17.204.69 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) (1) - 0s O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll ---\\ Liste des services NT non Microsoft et non désactivés (O23) (21) - 1s O23 - Service: a34dfee7-ea86-4e1d-88fb-46171610240f (a34dfee7-ea86-4e1d-88fb-46171610240f) . (...) - C:\Program Files\shopperz04082015\Dmxkbb.exe (.not file.) =>PUP.Optional.Shopperz O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: (BrsHelper) . (...) - C:\PROGRA~1\YTDOWN~1\BROWSE~2.EXE (.not file.) =>PUP.Optional.YTDownloader O23 - Service: Wire Professional Version (comyninu) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\hnsd232.tmp (.not file.) =>PUP.Optional.CrossRider O23 - Service: csrcc (csrcc) . (...) - C:\Program Files\shopperz04082015\csrcc.exe (.not file.) =>PUP.Optional.Shopperz O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate O23 - Service: Kerning Down (gopibeko) . (...) - C:\Documents and Settings\NATHALIE\Local Settings\Application Data\2B54BCE0-1439073337-11DE-952A-00269E11D6C6\snse284.tmp =>PUP.Optional.CrossRider O23 - Service: Service Google Update (gupdate) (gupdate) . (...) - C:\Program Files\Google\Update\GoogleUpdate.exe (.not file.) O23 - Service: Key In Bold Italic (hyverumu) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\jnsi230.tmp (.not file.) =>PUP.Optional.CrossRider O23 - Service: Convert Footer (kepelizy) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\knsb2F1.tmp (.not file.) =>PUP.Optional.CrossRider O23 - Service: Page Orientation Footnote (mosetihe) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\knsn226.tmpfs (.not file.) =>PUP.Optional.CrossRider O23 - Service: MyrwewNebg (MyrwewNebg) . (...) - C:\Program Files\shopperz04082015\KomeUfuwe.exe =>PUP.Optional.Shopperz O23 - Service: Outraged Team (Outraged Team) . (...) - C:\Documents and Settings\NATHALIE\Application Data\Outraged Team\Outraged Team.exe O23 - Service: Raw Socket Service (RS_Service) . (.Acer Incorporated - Raw Socket Service.) - C:\Program Files\Acer\Acer VCM\RS_Service.exe O23 - Service: shopperz04082015 Updater (shopperz04082015 Updater) . (...) - C:\Program Files\shopperz04082015\Qeeoozeou.exe (.not file.) =>PUP.Optional.Shopperz O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: sogrMed (sogrMed) . (.Copyright © 2014 - WindowsUpdater.) - C:\WINDOWS\Microsoft\sogrMed\Media Player ZUpdater.exe =>PUP.Optional.CrossRider O23 - Service: ShopperPro Update (SPBIUpd) . (...) - C:\Program Files\Common Files\ShopperPro\spbiu.exe (.not file.) =>PUP.Optional.ShopperPro O23 - Service: UpdatingServiceMed (UpdatingServiceMed) . (.Copyright © 2014 - NewVersionUploader.) - C:\WINDOWS\Microsoft\UpdatingServiceMed\Media Player ZNewVersionDownloader.exe =>PUP.Optional.Proxomoto O23 - Service: Home Page Megahertz (wusykefy) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\knsp39A.tmp (.not file.) =>PUP.Optional.CrossRider O23 - Service: Educational Signal (zehyqefe) . (...) - C:\Program Files\2B54BCE0-1439066060-11DE-952A-00269E11D6C6\knsb2B5.tmp (.not file.) =>PUP.Optional.CrossRider ---\\ Tâches planifiées en automatique (O39) (43) - 4s O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\6zdjWZu4T.job [1038] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-1-6.job [3118] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-1-7.job [3118] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-4.job [4474] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-5.job [2426] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-6.job [5498] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-7.job [5498] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\aMcZxhF.job [1034] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\AmiUpdXp.job [428] =>PUP.Optional.SoftwareUpdater O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\APSnotifierPP1.job [366] =>PUP.Optional.AnyProtect O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\APSnotifierPP2.job [364] =>PUP.Optional.AnyProtect O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\APSnotifierPP3.job [364] =>PUP.Optional.AnyProtect O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\BUbyuYVKyaMnOhKMKvLXt2IQ3f.job [1072] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\CaffeineFix.job [432] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\ccd25dc2-db54-41a4-a1cd-9349ed85a7aa-10_user.job [2106] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005Core.job [1226] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005UA.job [1278] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\DyiSY265xGbEV1p4oxddhw7U70c.job [1074] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005Core.job [1156] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005UA.job [1178] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job [892] =>PUP.Optional.GlobalUpdate O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job [896] =>PUP.Optional.GlobalUpdate O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1052] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1056] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005Core.job [1108] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-670792205-72185382-2018322775-1005UA.job [1160] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\MAXDriverUpdater_UPDATES.job [278] =>PUP.Optional.MaxDriverUpdater O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [228] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [222] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\QnkFOgdrctX.job [1042] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\ShopperPro.job [788] =>PUP.Optional.ShopperPro O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\ShopperProJSUpd.job [346] =>PUP.Optional.ShopperPro O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\sMsql4I5d3.job [1040] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\SMupdate1.job [358] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\SMupdate2.job [358] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\SMupdate3.job [358] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\SPBIW_UpdateTask_Time_323436333234343432342d345b413455412a45235a6c6c.job [956] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\WinThruster_DEFAULT.job [268] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\WinThruster_UPDATES.job [276] O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\YTDownloader.job [364] =>PUP.Optional.YTDownloader O39 - APT: Orphean - (...) -- C:\WINDOWS\Tasks\YTDownloaderUpd.job [354] =>PUP.Optional.YTDownloader ---\\ Logiciels installés (O42) (64) - 32s O42 - Logiciel: Acer ScreenSaver - (.Acer.) [HKLM] -- Acer Screensaver O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47} O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Desktop Search 3.01 - (.Microsoft Corporation.) [HKLM] -- KB917013 O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5 O42 - Logiciel: Intel(R) Graphics Media Accelerator 500 - (...) [HKLM] -- LPCO O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 39.0.3 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: Forum Terminal - (.Forum Terminal.) [HKLM] -- SoftwareUpdater =>PUP.Optional.SoftwareUpdater O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007 O42 - Logiciel: Windows Media Format Runtime - (...) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Lecteur Windows Media 10 - (...) [HKLM] -- Windows Media Player O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver O42 - Logiciel: WinThruster - (.solvusoft Corporation.) [HKLM] -- WinThruster_is1 O42 - Logiciel: Acer VCM - (.Acer Incorporated.) [HKLM] -- {047F790A-7A2A-4B6A-AD02-38092BA63DAC} O42 - Logiciel: JavaFX 2.1.0 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-210328764D10} O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} O42 - Logiciel: Java 8 Update 40 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218040F0} O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47} O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Microsoft Download Manager - (.Microsoft Corporation.) [HKLM] -- {654977DB-0001-0002-0001-EABD228DDE8B} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Zuma Deluxe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700} O42 - Logiciel: Tradewinds 2 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623} O42 - Logiciel: Rainbow Web - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111125700} O42 - Logiciel: Tri-Peaks Solitaire To Go - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743} O42 - Logiciel: Peggle - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11231247} O42 - Logiciel: Star Defender 4 - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710} O42 - Logiciel: Cooking Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115443300} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Choice Guard - (.Microsoft Corporation.) [HKLM] -- {8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E} O42 - Logiciel: Media Player Z - (.SurfProtect.) [HKLM] -- {91413148-5A27-4C82-9F77-B55DD63FFAE9} =>PUP.Optional.CrossRider O42 - Logiciel: Software Version Updater - (...) [HKLM] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: Acer Crystal Eye webcam 2.2.0.2 - (.SuYin.) [HKLM] -- {A77255C4-AFCB-44A3-BF0F-2091A71FFD9E} O42 - Logiciel: globalupdate Helper - (.globalupdate Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Optional.GlobalUpdate O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Adobe Reader XI (11.0.08) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC} O42 - Logiciel: REALTEK GbE & FE Ethernet PCI-E NIC Driver - (.Realtek.) [HKLM] -- {C9BED750-1211-4480-B1A5-718A3BE15525} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {CE1F04C7-79BC-4219-BE6A-BA490224D4B5} O42 - Logiciel: Acer Product Registration - (.Acer Incorporated.) [HKLM] -- {DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {E1DB0812-2D60-43DB-AE09-6C7027D93B28} O42 - Logiciel: Windows Desktop Search 3.01 - (.Microsoft Corporation.) [HKLM] -- {E72019B8-1287-4093-BE9B-1CFA7BA1A8D2} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox O42 - Logiciel: Google Photos Backup - (.Google, Inc..) [HKCU] -- Google Photos Backup ---\\ HKCU & HKLM Software Keys (195) - 33s HKLM\SOFTWARE\781 HKLM\SOFTWARE\ACD Systems HKLM\SOFTWARE\Acer HKLM\SOFTWARE\Acer Incorporated HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\Alien Skin HKLM\SOFTWARE\America Online HKLM\SOFTWARE\Apple Computer, Inc. HKLM\SOFTWARE\Apple Inc. HKLM\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar HKLM\SOFTWARE\Boxore =>PUP.Optional.Boxore HKLM\SOFTWARE\BrowserChoice HKLM\SOFTWARE\C07ft5Y HKLM\SOFTWARE\Canon HKLM\SOFTWARE\Creative Tech HKLM\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Crossrider =>PUP.Optional.CrossRider HKLM\SOFTWARE\csdimedia =>PUP.Optional.MaxDriverUpdater HKLM\SOFTWARE\CyberLink HKLM\SOFTWARE\dck HKLM\SOFTWARE\Digital River HKLM\SOFTWARE\DivXNetworks HKLM\SOFTWARE\Dropbox HKLM\SOFTWARE\DRWNewFree HKLM\SOFTWARE\ff7e79ac-48ff-4fd0-ba4e-1e8392321d53 =>PUP.Optional.CrossRider HKLM\SOFTWARE\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\GameHouse HKLM\SOFTWARE\GAMESDESKTOP =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\GEAR Software HKLM\SOFTWARE\Gemplus HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Google HKLM\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\IHProtect =>PUP.Optional.AgentODR HKLM\SOFTWARE\IM Providers HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\InstalledOptions HKLM\SOFTWARE\Intel HKLM\SOFTWARE\InterVideo HKLM\SOFTWARE\istartsurfSoftware =>PUP.Optional.IsStart HKLM\SOFTWARE\JavaSoft HKLM\SOFTWARE\JreMetrics HKLM\SOFTWARE\KasperskyLab HKLM\SOFTWARE\Lake HKLM\SOFTWARE\Licenses HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\MaxPower HKLM\SOFTWARE\McAfee.com HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\NetCrawl =>PUP.Optional.Sambreel HKLM\SOFTWARE\Oberon Media HKLM\SOFTWARE\Object Browser =>PUP.Optional.ObjectBrowser HKLM\SOFTWARE\Object Browser-nv =>PUP.Optional.ObjectBrowser HKLM\SOFTWARE\Object Browser-nv-ie =>PUP.Optional.ObjectBrowser HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\OEM HKLM\SOFTWARE\OemSetup HKLM\SOFTWARE\Oracle HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\Program Groups HKLM\SOFTWARE\Realtek HKLM\SOFTWARE\Reason HKLM\SOFTWARE\Reflexive Entertainment HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair HKLM\SOFTWARE\RocketTab =>PUP.Optional.RocketTab HKLM\SOFTWARE\RTLSetup HKLM\SOFTWARE\Schlumberger HKLM\SOFTWARE\searchult =>PUP.Optional.Generic HKLM\SOFTWARE\Secure HKLM\SOFTWARE\ShopperPro =>PUP.Optional.ShopperPro HKLM\SOFTWARE\shopperz04082015 =>PUP.Optional.Shopperz HKLM\SOFTWARE\Skunkstudios HKLM\SOFTWARE\Skype HKLM\SOFTWARE\Solvusoft HKLM\SOFTWARE\SupDp =>PUP.Optional.SupTab HKLM\SOFTWARE\supTab =>PUP.Optional.SupTab HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Optional.Fuyu HKLM\SOFTWARE\SuYin HKLM\SOFTWARE\Synaptics HKLM\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\VideoLAN HKLM\SOFTWARE\WaInterEnhancer =>PUP.Optional.Multiplug HKLM\SOFTWARE\WebBar =>PUP.Optional.WebBar HKLM\SOFTWARE\Windows HKLM\SOFTWARE\Windows 3.1 Migration Status HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer HKLM\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKLM\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader HKLM\SOFTWARE\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider HKCU\SOFTWARE\6zdjWZu4T HKCU\SOFTWARE\70121InstEnd HKCU\SOFTWARE\ACD Systems HKCU\SOFTWARE\Acer HKCU\SOFTWARE\AcerUtil HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\aMcZxhF HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\apple HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar HKCU\SOFTWARE\Boxore =>PUP.Optional.Boxore HKCU\SOFTWARE\BrowserV30.07-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\BUbyuYVKyaMnOhKMKvLXt2IQ3f HKCU\SOFTWARE\Canon HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Cinema PlusV09.08-ntf =>PUP.Optional.CrossRider HKCU\SOFTWARE\Cinema PlusV09.08-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\csdimedia =>PUP.Optional.MaxDriverUpdater HKCU\SOFTWARE\Cyberlink HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean HKCU\SOFTWARE\Dropbox HKCU\SOFTWARE\DropboxUpdate HKCU\SOFTWARE\DSP-worx HKCU\SOFTWARE\DyiSY265xGbEV1p4oxddhw7U70c HKCU\SOFTWARE\DynConIE =>PUP.Optional.DynConIE HKCU\SOFTWARE\eSobi HKCU\SOFTWARE\Facebook HKCU\SOFTWARE\GameHouse HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\Google HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\IM HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\ImInstaller =>Toolbar.IncrediMail HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\InstallPath HKCU\SOFTWARE\Intel HKCU\SOFTWARE\iWebar-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\KMPlayer HKCU\SOFTWARE\Lake HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MedPlayvidV3.1-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\NetCrawl =>PUP.Optional.Sambreel HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Northcode Inc HKCU\SOFTWARE\OB HKCU\SOFTWARE\Oberon Media HKCU\SOFTWARE\Object Browser-nv =>PUP.Optional.ObjectBrowser HKCU\SOFTWARE\Object Browser-nv-ie =>PUP.Optional.ObjectBrowser HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\OperaOB HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Pyrogon HKCU\SOFTWARE\QnkFOgdrctX HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair HKCU\SOFTWARE\RocketTabInstalled =>PUP.Optional.RocketTab HKCU\SOFTWARE\Search Extensions =>PUP.Optional.RocketTab HKCU\SOFTWARE\ShopperPro =>PUP.Optional.ShopperPro HKCU\SOFTWARE\shopperz04082015 =>PUP.Optional.Shopperz HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech HKCU\SOFTWARE\Skype HKCU\SOFTWARE\sMsql4I5d3 HKCU\SOFTWARE\Software HKCU\SOFTWARE\Solvusoft HKCU\SOFTWARE\Stellar HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\TeleCharger HKCU\SOFTWARE\TNT2 =>PUP.Optional.TidyNetwork HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\URSoft HKCU\SOFTWARE\Viber HKCU\SOFTWARE\WaInterEnhancer =>PUP.Optional.Multiplug HKCU\SOFTWARE\WajIEnhance =>PUP.Optional.Wajam HKCU\SOFTWARE\WebApp HKCU\SOFTWARE\Windows Live Writer HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software ---\\ Contenu des dossiers Programmes (O43) (203) - 22s O43 - CFD: 2015/08/08 20:05:20 - [] D -- C:\Program Files\Acer O43 - CFD: 2015/08/09 19:58:25 - [] D -- C:\Program Files\Acer GameZone O43 - CFD: 2009/08/04 16:40:15 - [] D -- C:\Program Files\ACER PATCH LTV2016 O43 - CFD: 2012/12/15 06:59:37 - [] D -- C:\Program Files\Adobe O43 - CFD: 2012/05/18 06:03:54 - [] D -- C:\Program Files\Apple Software Update O43 - CFD: 2011/01/23 03:08:36 - [] D -- C:\Program Files\CCleaner O43 - CFD: 2011/01/23 02:06:13 - [] D -- C:\Program Files\CyberLink O43 - CFD: 2013/05/31 13:24:06 - [] D -- C:\Program Files\Dropbox O43 - CFD: 2009/08/04 16:30:49 - [] D -- C:\Program Files\eSobi O43 - CFD: 2015/03/30 10:22:19 - [] D -- C:\Program Files\Fichiers communs O43 - CFD: 2015/08/08 17:52:17 - [] D -- C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2015/08/09 19:34:50 - [] D -- C:\Program Files\Google O43 - CFD: 2015/08/08 21:59:49 - [] HD -- C:\Program Files\InstallShield Installation Information O43 - CFD: 2009/08/04 15:08:12 - [] D -- C:\Program Files\Intel O43 - CFD: 2015/08/09 21:51:50 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 2015/06/16 09:12:09 - [] D -- C:\Program Files\iPod O43 - CFD: 2015/06/16 09:13:30 - [] D -- C:\Program Files\iTunes O43 - CFD: 2015/03/30 10:19:15 - [] D -- C:\Program Files\Java O43 - CFD: 2009/08/04 15:42:24 - [] D -- C:\Program Files\Microsoft O43 - CFD: 2014/06/20 04:26:01 - [] D -- C:\Program Files\Microsoft Download Manager O43 - CFD: 2009/08/04 12:44:21 - [] D -- C:\Program Files\microsoft frontpage O43 - CFD: 2014/10/21 02:35:56 - [] D -- C:\Program Files\Microsoft Office O43 - CFD: 2014/10/18 10:44:56 - [] D -- C:\Program Files\Microsoft Silverlight O43 - CFD: 2009/08/04 15:43:17 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 2011/01/23 04:13:11 - [] D -- C:\Program Files\Microsoft Visual Studio O43 - CFD: 2014/10/20 03:44:52 - [] D -- C:\Program Files\Microsoft Works O43 - CFD: 2015/08/08 18:03:13 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 2012/05/04 11:34:30 - [] D -- C:\Program Files\Movie Maker O43 - CFD: 2015/08/07 13:57:49 - [] D -- C:\Program Files\Mozilla Firefox O43 - CFD: 2015/08/08 19:24:12 - [] D -- C:\Program Files\Mozilla Maintenance Service O43 - CFD: 2012/05/04 13:19:14 - [] D -- C:\Program Files\MSBuild O43 - CFD: 2009/08/04 12:39:41 - [] D -- C:\Program Files\MSN Gaming Zone O43 - CFD: 2015/08/09 21:52:00 - [] D -- C:\Program Files\NetMeeting O43 - CFD: 2012/05/04 11:35:26 - [] D -- C:\Program Files\Outlook Express O43 - CFD: 2015/08/09 19:25:38 - [] D -- C:\Program Files\QuickTime O43 - CFD: 2015/08/08 21:59:49 - [] D -- C:\Program Files\Realtek O43 - CFD: 2015/08/10 14:08:36 - [] D -- C:\Program Files\Reason O43 - CFD: 2012/05/04 13:18:59 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 2009/08/04 12:41:58 - [] D -- C:\Program Files\Services en ligne O43 - CFD: 2015/08/09 21:51:03 - [] D -- C:\Program Files\shopperz04082015 =>PUP.Optional.Shopperz O43 - CFD: 2015/07/19 09:41:32 - [] RD -- C:\Program Files\Skype O43 - CFD: 2015/08/08 17:45:38 - [] D -- C:\Program Files\Software =>PUP.Optional.Boxore O43 - CFD: 2009/08/04 12:48:11 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 2011/01/23 03:12:13 - [] D -- C:\Program Files\VideoLAN O43 - CFD: 2014/06/20 04:29:11 - [] D -- C:\Program Files\Windows Desktop Search O43 - CFD: 2009/08/04 15:44:10 - [] D -- C:\Program Files\Windows Live O43 - CFD: 2009/08/04 15:42:05 - [] D -- C:\Program Files\Windows Live SkyDrive O43 - CFD: 2009/08/04 15:22:55 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 2009/08/04 12:39:38 - [] D -- C:\Program Files\Windows NT O43 - CFD: 2009/08/04 12:42:05 - [0] HD -- C:\Program Files\WindowsUpdate O43 - CFD: 2011/01/23 03:12:51 - [] D -- C:\Program Files\WinRAR O43 - CFD: 2015/08/10 14:02:16 - [] D -- C:\Program Files\WinThruster O43 - CFD: 2009/08/04 12:44:21 - [] D -- C:\Program Files\xerox O43 - CFD: 2009/08/04 12:43:41 - [] RDC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Accessoires O43 - CFD: 2011/01/23 02:08:03 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Acer O43 - CFD: 2011/01/23 02:00:31 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Acer Crystal Eye webcam O43 - CFD: 2012/09/09 05:53:39 - [0] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Acer GameZone O43 - CFD: 2009/08/04 16:43:44 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\AcerSystem O43 - CFD: 2011/01/23 03:36:33 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\ADOBE O43 - CFD: 2011/01/23 03:08:35 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\CCleaner O43 - CFD: 2015/08/08 21:17:10 - [] RDC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage O43 - CFD: 2009/08/04 16:30:53 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\eSobi v2 O43 - CFD: 2015/08/09 18:50:21 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GAMESDESKTOP =>PUP.Optional.GamesDesktop O43 - CFD: 2009/08/04 15:21:35 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Google Desktop O43 - CFD: 2015/06/16 09:13:40 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\iTunes O43 - CFD: 2015/03/30 10:21:10 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Java O43 - CFD: 2009/08/04 12:39:56 - [] RDC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux O43 - CFD: 2014/06/20 04:26:01 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Download Manager O43 - CFD: 2011/01/23 04:14:22 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Office O43 - CFD: 2014/10/17 19:02:40 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Microsoft Silverlight O43 - CFD: 2015/03/30 11:00:09 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox O43 - CFD: 2009/08/04 12:44:15 - [] RDC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Outils d'administration O43 - CFD: 2011/02/25 13:14:06 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Picasa 3 O43 - CFD: 2015/06/16 08:48:12 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\QuickTime O43 - CFD: 2014/10/19 05:56:31 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Skype O43 - CFD: 2015/03/30 11:25:57 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\VideoLAN O43 - CFD: 2015/08/08 22:50:00 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WaInterEnhancer =>PUP.Optional.Multiplug O43 - CFD: 2015/08/10 13:48:14 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Windows Live O43 - CFD: 2012/09/07 05:59:00 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinRAR O43 - CFD: 2015/08/10 14:02:16 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinThruster O43 - CFD: 2011/01/23 02:24:38 - [] DC -- C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Your Uninstaller 2010 O43 - CFD: 2015/06/16 09:11:22 - [] DC -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1 O43 - CFD: 2015/08/08 22:43:47 - [] DC -- C:\Documents and Settings\All Users\Application Data\3215589157971400341 O43 - CFD: 2012/12/15 06:53:07 - [] DC -- C:\Documents and Settings\All Users\Application Data\Adobe O43 - CFD: 2015/08/08 17:54:15 - [] DC -- C:\Documents and Settings\All Users\Application Data\Ahjukesrop O43 - CFD: 2014/07/03 08:57:17 - [] DC -- C:\Documents and Settings\All Users\Application Data\Apple O43 - CFD: 2011/02/12 07:38:38 - [] DC -- C:\Documents and Settings\All Users\Application Data\Apple Computer O43 - CFD: 2015/07/11 12:30:13 - [] DC -- C:\Documents and Settings\All Users\Application Data\AVAST Software O43 - CFD: 2015/06/16 09:13:31 - [] DC -- C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB O43 - CFD: 2015/08/09 12:18:33 - [] DC -- C:\Documents and Settings\All Users\Application Data\Browser =>PUP.Optional.SpeedBrowser O43 - CFD: 2015/08/09 18:46:44 - [] DC -- C:\Documents and Settings\All Users\Application Data\BWinManProB O43 - CFD: 2011/02/08 04:20:38 - [] DC -- C:\Documents and Settings\All Users\Application Data\CyberLink O43 - CFD: 2015/07/11 18:24:44 - [] DC -- C:\Documents and Settings\All Users\Application Data\DatacardService O43 - CFD: 2015/06/20 06:05:24 - [] DC -- C:\Documents and Settings\All Users\Application Data\Dropbox O43 - CFD: 2009/08/04 16:30:58 - [] DC -- C:\Documents and Settings\All Users\Application Data\eSobi O43 - CFD: 2014/11/25 16:02:51 - [] DC -- C:\Documents and Settings\All Users\Application Data\fast connect O43 - CFD: 2014/01/13 12:06:53 - [] DC -- C:\Documents and Settings\All Users\Application Data\Google O43 - CFD: 2015/08/08 22:35:57 - [] DC -- C:\Documents and Settings\All Users\Application Data\hjpeccfplbohjkpmpgmpaenebmhjibka O43 - CFD: 2015/08/08 17:51:54 - [] DC -- C:\Documents and Settings\All Users\Application Data\IHProtectUpDate =>PUP.Optional.AgentODR O43 - CFD: 2015/08/08 22:44:21 - [] DC -- C:\Documents and Settings\All Users\Application Data\kpmbgcglelimnpaelngaladelmlldcnl O43 - CFD: 2011/03/31 12:40:06 - [] DC -- C:\Documents and Settings\All Users\Application Data\McAfee O43 - CFD: 2014/06/20 04:29:10 - [] SDC -- C:\Documents and Settings\All Users\Application Data\Microsoft O43 - CFD: 2015/07/15 17:49:23 - [] DC -- C:\Documents and Settings\All Users\Application Data\Microsoft Help O43 - CFD: 2015/03/31 11:11:52 - [] DC -- C:\Documents and Settings\All Users\Application Data\Mozilla O43 - CFD: 2015/03/30 10:33:15 - [] DC -- C:\Documents and Settings\All Users\Application Data\Oracle O43 - CFD: 2015/08/08 17:50:51 - [] DC -- C:\Documents and Settings\All Users\Application Data\rWinManPror O43 - CFD: 2015/08/09 18:45:25 - [] DC -- C:\Documents and Settings\All Users\Application Data\ShopperPro =>PUP.Optional.ShopperPro O43 - CFD: 2015/07/19 09:41:58 - [] DC -- C:\Documents and Settings\All Users\Application Data\Skype O43 - CFD: 2012/05/02 12:19:47 - [] DC -- C:\Documents and Settings\All Users\Application Data\Sun O43 - CFD: 2015/03/30 13:06:41 - [] ADC -- C:\Documents and Settings\All Users\Application Data\Temp O43 - CFD: 2015/08/09 18:46:43 - [0] DC -- C:\Documents and Settings\All Users\Application Data\UWinManProU O43 - CFD: 2015/03/30 10:31:50 - [] DC -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage O43 - CFD: 2015/08/08 22:34:17 - [] DC -- C:\Documents and Settings\All Users\Application Data\{1186e7b8-1372-2dc8-1186-6e7b81379ee0} O43 - CFD: 2011/02/12 07:39:46 - [] DC -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 2012/12/15 06:59:38 - [] D -- C:\Program Files\Fichiers communs\Adobe O43 - CFD: 2015/06/16 09:12:07 - [] D -- C:\Program Files\Fichiers communs\Apple O43 - CFD: 2011/01/23 02:06:14 - [] D -- C:\Program Files\Fichiers communs\CyberLink O43 - CFD: 2014/10/21 00:53:43 - [] D -- C:\Program Files\Fichiers communs\DESIGNER O43 - CFD: 2009/08/04 15:17:48 - [] D -- C:\Program Files\Fichiers communs\InstallShield O43 - CFD: 2015/03/30 10:22:19 - [] D -- C:\Program Files\Fichiers communs\Java O43 - CFD: 2014/10/20 03:45:09 - [] D -- C:\Program Files\Fichiers communs\Microsoft Shared O43 - CFD: 2009/08/04 12:41:38 - [] D -- C:\Program Files\Fichiers communs\MSSoap O43 - CFD: 2009/08/04 16:12:09 - [] D -- C:\Program Files\Fichiers communs\Oberon Media O43 - CFD: 2009/08/04 14:34:26 - [] D -- C:\Program Files\Fichiers communs\ODBC O43 - CFD: 2009/08/04 12:41:40 - [] D -- C:\Program Files\Fichiers communs\Services O43 - CFD: 2014/10/19 05:56:31 - [] D -- C:\Program Files\Fichiers communs\Skype O43 - CFD: 2009/08/04 14:34:23 - [] D -- C:\Program Files\Fichiers communs\SpeechEngines O43 - CFD: 2011/02/08 04:21:11 - [0] D -- C:\Program Files\Fichiers communs\SWF Studio O43 - CFD: 2011/01/23 04:10:31 - [] D -- C:\Program Files\Fichiers communs\System O43 - CFD: 2009/08/04 15:39:40 - [] D -- C:\Program Files\Fichiers communs\Windows Live O43 - CFD: 2011/02/08 04:21:30 - [0] SHDC -- C:\Documents and Settings\NATHALIE\Application Data\.# O43 - CFD: 2015/08/09 18:53:19 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\3775 O43 - CFD: 2015/08/09 18:53:19 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\3778 O43 - CFD: 2011/01/23 03:34:22 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\ACD Systems O43 - CFD: 2009/08/04 16:31:50 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Acer O43 - CFD: 2009/08/04 15:47:02 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Acer GameZone Console O43 - CFD: 2011/03/31 12:50:54 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Adobe O43 - CFD: 2012/08/10 05:32:20 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\AdSigner_Certificate O43 - CFD: 2015/08/09 18:54:56 - [] SHDC -- C:\Documents and Settings\NATHALIE\Application Data\AnyProtectEx =>PUP.Optional.AnyProtect O43 - CFD: 2012/01/02 02:41:44 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Apple Computer O43 - CFD: 2015/08/09 18:57:31 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Company O43 - CFD: 2015/08/08 17:48:31 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\csdimedia =>PUP.Optional.MaxDriverUpdater O43 - CFD: 2011/02/08 04:20:29 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\CyberLink O43 - CFD: 2015/08/09 18:11:28 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox O43 - CFD: 2011/01/23 09:24:30 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\eSobi O43 - CFD: 2011/01/23 03:13:17 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Google O43 - CFD: 2009/08/04 12:48:15 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Identities O43 - CFD: 2011/01/23 02:00:17 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\InstallShield O43 - CFD: 2011/01/23 02:09:42 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Macromedia O43 - CFD: 2015/04/27 14:25:03 - [0] DC -- C:\Documents and Settings\NATHALIE\Application Data\Media Player Classic O43 - CFD: 2015/08/07 14:06:16 - [] SDC -- C:\Documents and Settings\NATHALIE\Application Data\Microsoft O43 - CFD: 2011/01/23 03:28:25 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Mozilla O43 - CFD: 2012/05/23 11:35:06 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Oracle O43 - CFD: 2015/08/08 22:34:18 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Outraged Team O43 - CFD: 2015/08/10 14:09:15 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Skype O43 - CFD: 2015/08/10 14:02:22 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Solvusoft O43 - CFD: 2012/05/02 12:10:58 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Sun O43 - CFD: 2013/09/06 06:56:53 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\U3 O43 - CFD: 2011/01/23 02:24:45 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\URSoft O43 - CFD: 2014/11/23 15:09:19 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\uTorrent O43 - CFD: 2015/08/09 23:11:28 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\vlc O43 - CFD: 2014/06/20 04:33:57 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\Windows Desktop Search O43 - CFD: 2011/04/16 05:11:49 - [0] DC -- C:\Documents and Settings\NATHALIE\Application Data\Windows Live Writer O43 - CFD: 2011/01/23 04:09:03 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\WinRAR O43 - CFD: 2015/08/10 14:14:25 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\ZHP O43 - CFD: 2015/08/09 18:57:31 - [] DC -- C:\Documents and Settings\NATHALIE\Application Data\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} O43 - CFD: 2015/08/10 13:51:35 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\2B54BCE0-1439073337-11DE-952A-00269E11D6C6 O43 - CFD: 2015/07/06 14:20:02 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Adobe O43 - CFD: 2011/02/12 07:36:10 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Apple O43 - CFD: 2011/06/17 08:49:46 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Apple Computer O43 - CFD: 2015/08/08 17:53:17 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Boxore =>PUP.Optional.Boxore O43 - CFD: 2015/08/09 19:52:50 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\BrowserHelper =>PUP.Optional.BrowserHelper O43 - CFD: 2015/08/09 18:41:23 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\CrashRpt =>.Legitimate.CrashReports O43 - CFD: 2015/08/08 17:57:30 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Crossbrowse =>PUP.Optional.CrossBrowse O43 - CFD: 2015/01/27 01:56:04 - [0] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Deployment O43 - CFD: 2015/06/20 06:05:25 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Dropbox O43 - CFD: 2014/10/13 16:38:00 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Facebook O43 - CFD: 2015/08/08 17:52:15 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2015/08/09 20:20:26 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_005010055 =>PUP.Optional.CrossRider O43 - CFD: 2015/07/22 19:48:03 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google O43 - CFD: 2011/10/08 11:40:56 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Identities O43 - CFD: 2015/08/09 18:42:30 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Installer =>PUP.Optional.InstallPedia O43 - CFD: 2015/05/30 16:59:55 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Microsoft O43 - CFD: 2009/08/04 15:28:10 - [0] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Microsoft Help O43 - CFD: 2011/01/23 03:28:18 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Mozilla O43 - CFD: 2014/10/18 07:04:04 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Programs O43 - CFD: 2014/10/19 05:57:16 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Skype O43 - CFD: 2015/08/09 21:51:56 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\SmartWeb =>PUP.Optional.SmartWebSearch O43 - CFD: 2012/05/24 02:55:11 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Sun O43 - CFD: 2015/07/06 18:14:57 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Temp O43 - CFD: 2011/04/16 05:11:36 - [] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Windows Live Writer O43 - CFD: 2012/01/16 13:23:22 - [0] D -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\WMTools Downloaded Files O43 - CFD: 2009/08/04 15:27:06 - [] RD -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Accessoires O43 - CFD: 2015/08/09 19:03:23 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\AnyProtect PC Backup =>PUP.Optional.AnyProtect O43 - CFD: 2011/01/23 02:15:06 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\CyberLink PowerDVD 8 O43 - CFD: 2015/08/08 02:19:45 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Dropbox O43 - CFD: 2015/08/09 20:43:57 - [] RD -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Démarrage O43 - CFD: 2015/07/22 19:48:06 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Google Photos Backup O43 - CFD: 2015/08/08 22:34:29 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\GUPlayer =>PUP.Optional.GUPlayer O43 - CFD: 2011/04/20 04:57:54 - [] RD -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\Outils d'administration O43 - CFD: 2011/01/23 03:11:16 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\The KMPlayer O43 - CFD: 2012/09/07 05:59:00 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\WinRAR O43 - CFD: 2015/08/09 18:52:35 - [] D -- C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\YTDownloader =>PUP.Optional.YTDownloader ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (1) - 8s O45 - LFCP:[MD5.BA2F985A5E6BF2228BBB0DEFF31E936C] 2015/08/09 22:34:01 A -- C:\WINDOWS\Prefetch\PRICELESSINSTALLER.EXE-2C87BCC0.pf =>PUP.Optional.PriceLess ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) (24) - 2s O53 - SMSR:HKLM\...\startupreg\CTFMON.EXE [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O53 - SMSR:HKLM\...\startupreg\gmsd_fr_005010055 [Key] . (...) -- C:\Program Files\gmsd_fr_005010055\gmsd_fr_005010055.exe (.not file.) =>PUP.Optional.CrossRider O53 - SMSR:HKLM\...\startupreg\Google Desktop Search [Key] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O53 - SMSR:HKLM\...\startupreg\IMJPMIG8.1 [Key] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\ime\imjp8_1\imjpmig.exe O53 - SMSR:HKLM\...\startupreg\MSMSGS [Key] . (...) -- C:\Program Files\Messenger\msmsgs.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\MSPY2002 [Key] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE O53 - SMSR:HKLM\...\startupreg\PDVD8LanguageShortcut [Key] . (.Copyright (C) 2006 - Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe O53 - SMSR:HKLM\...\startupreg\PersistenceThread [Key] . (.Intel Corporation - PersistenceThread Background App for Intel(.) -- C:\WINDOWS\system32\PersistenceThread.exe O53 - SMSR:HKLM\...\startupreg\PHIME2002A [Key] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE O53 - SMSR:HKLM\...\startupreg\PHIME2002ASync [Key] . (.Microsoft Corporation - 微軟新注音輸入法 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE O53 - SMSR:HKLM\...\startupreg\ProductReg [Key] . (.Acer - ProductR Application.) -- C:\Program Files\Acer\WR_PopUp\ProductReg.exe O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (...) -- C:\Program Files\PowerISO\PWRISOVM.EXE (.not file.) O53 - SMSR:HKLM\...\startupreg\RemoteControl8 [Key] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe O53 - SMSR:HKLM\...\startupreg\RTHDCPL [Key] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- RTHDCPL.EXE (.not file.) O53 - SMSR:HKLM\...\startupreg\shopperz04082015 [Key] . (...) -- C:\Program Files\shopperz04082015\Sfval.exe (.not file.) =>PUP.Optional.Shopperz O53 - SMSR:HKLM\...\startupreg\shopperz04082015XP [Key] . (...) -- C:\Program Files\shopperz04082015\Qhgvel.bat (.not file.) =>PUP.Optional.Shopperz O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (...) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (...) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\upgmsd_fr_004010054.exe [Key] . (...) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_004010054\upgmsd_fr_004010054.exe (.not file.) =>PUP.Optional.CrossRider O53 - SMSR:HKLM\...\startupreg\upgmsd_fr_005010055.exe [Key] . (...) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_005010055\upgmsd_fr_005010055.exe =>PUP.Optional.CrossRider O53 - SMSR:HKLM\...\startupreg\YTDownloader [Key] . (...) -- C:\Program Files\YTDownloader\YTDownloader.exe (.not file.) =>PUP.Optional.YTDownloader ---\\ Liste des pilotes du système (SDL) (O58) (57) - 7s O58 - SDL:2008/04/14 14:00:00 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\System32\drivers\aliide.sys [5248] O58 - SDL:2008/08/05 14:10:12 A . (.Creative - Creative WDM 3D Audio Driver.) -- C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736] O58 - SDL:2008/04/13 11:36:40 A . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\System32\drivers\AMDAGP.SYS [43008] O58 - SDL:2008/04/14 14:00:00 A . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\System32\drivers\asc.sys [26496] O58 - SDL:2008/04/14 14:00:00 A . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\System32\drivers\asc3550.sys [14848] O58 - SDL:2009/02/20 10:53:18 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS [1952512] O58 - SDL:2015/06/18 12:10:14 A . (.Cherimoya Ltd - Cherimoya Ltd.) -- C:\WINDOWS\System32\drivers\cherimoya.sys [56344] =>PUP.Optional.Shopperz O58 - SDL:2008/04/14 14:00:00 A . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] O58 - SDL:2008/04/14 14:00:00 A . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\System32\drivers\cmdide.sys [6656] O58 - SDL:2008/04/14 14:00:00 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] O58 - SDL:2008/04/14 14:00:00 A . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\System32\drivers\dac2w2k.sys [179584] O58 - SDL:2008/04/14 14:00:00 A . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) -- C:\WINDOWS\System32\drivers\dmboot.sys [800256] O58 - SDL:2008/04/14 14:00:00 A . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\drivers\dmio.sys [154496] O58 - SDL:2008/04/14 14:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] O58 - SDL:2012/08/21 08:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [26840] O58 - SDL:2008/04/14 14:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384] O58 - SDL:2009/04/28 05:44:18 A . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\igxpmp32.sys [5096544] O58 - SDL:2006/01/04 09:41:48 A . (.Creative Technology Ltd. - Creative WDM Audio Driver (32-bit).) -- C:\WINDOWS\System32\drivers\Monfilt.sys [1389056] O58 - SDL:2008/04/14 14:00:00 A . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\mraid35x.sys [17280] O58 - SDL:2014/12/03 19:45:30 A . (.Windows (R) Win 7 DDK provider - TDI driver platform.) -- C:\WINDOWS\System32\drivers\netmon_tdi.sys [57176] O58 - SDL:2008/04/14 14:00:00 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] O58 - SDL:2008/04/14 14:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] O58 - SDL:2008/04/14 14:00:00 A . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\System32\drivers\ql1080.sys [40320] O58 - SDL:2008/04/14 14:00:00 A . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\System32\drivers\ql12160.sys [45312] O58 - SDL:2008/04/14 14:00:00 A . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\System32\drivers\ql1280.sys [49024] O58 - SDL:2008/04/14 14:00:00 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] O58 - SDL:2008/04/14 14:00:00 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] O58 - SDL:2009/04/16 05:10:06 A . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys [132480] O58 - SDL:2009/03/24 13:35:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [5056000] O58 - SDL:2008/04/14 14:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] O58 - SDL:2008/04/13 11:36:40 A . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\System32\drivers\SISAGP.SYS [40960] O58 - SDL:2008/04/14 14:00:00 A . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\System32\drivers\sparrow.sys [19072] O58 - SDL:2008/04/14 14:00:00 A . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\symc810.sys [16256] O58 - SDL:2008/04/14 14:00:00 A . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\symc8xx.sys [32640] O58 - SDL:2008/04/14 14:00:00 A . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\sym_hi.sys [28384] O58 - SDL:2008/04/14 14:00:00 A . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\sym_u3.sys [30688] O58 - SDL:2009/02/27 10:21:52 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [205360] O58 - SDL:2008/04/14 14:00:00 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] O58 - SDL:2008/04/14 14:00:00 A . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\System32\drivers\ultra.sys [36736] O58 - SDL:2013/03/18 11:51:08 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl.sys [45056] O58 - SDL:2008/04/14 14:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9037] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097] O58 - SDL:2002/03/20 23:01:06 RA . (...) -- C:\WINDOWS\System32\Digita.sys [6688] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4912] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27916] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [34000] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424] O58 - SDL:2008/04/14 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560] ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (12) - 17s O61 - LFC: 2015/08/08 22:34:17 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Outraged Team\Outraged Team.exe [66048] O61 - LFC: 2015/08/05 22:49:14 AC . (.The ICU Project.) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\icudt55.dll [25911296] O61 - LFC: 2015/08/05 22:49:14 AC . (.The ICU Project.) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\icuin55.dll [1675776] O61 - LFC: 2015/08/05 22:49:14 AC . (.The ICU Project.) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\icuuc55.dll [1157632] O61 - LFC: 2015/08/05 22:49:16 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\libEGL.dll [56320] O61 - LFC: 2015/08/05 22:49:16 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\libGLESv2.dll [1128448] O61 - LFC: 2015/08/05 22:49:56 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\QtQuick.2\qtquick2plugin.dll [12800] O61 - LFC: 2015/08/05 22:49:56 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\QtQuick\Window.2\windowplugin.dll [12288] O61 - LFC: 2015/08/05 22:49:56 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll [56320] O61 - LFC: 2015/08/05 22:49:54 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll [779776] O61 - LFC: 2015/08/09 18:52:55 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\3778\Updater.exe [641024] O61 - LFC: 2015/08/09 18:52:55 AC . (..) -- C:\Documents and Settings\NATHALIE\Application Data\3775\Updater.exe [641024] ---\\ Associations Shell Spawning (O67) (10) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe ---\\ Menu de démarrage Internet (SMI) (O68) (9) - 0s O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.istartsurf.com/ =>PUP.Optional.IsStart O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (20) - 15s O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.newtab.url", "http://www.mystartsearch.com/newtab/?type=nt&ts=1439138440&z=2ecda6f3047d2f72b143aacg5zecet5g0cbb[...] =>PUP.Optional.StartSearch O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.alias", "mystartsearch"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/favicon.ico"); =>PUP.Optional.StartSearch O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.name", "mystartsearch"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.ptid", "cmi"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.uid", "ST9160310AS_5SV8YL9YXXXX5SV8YL9Y"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=ds&ts=1439138440&z=2ecda6f3047d2f72b143aacg5z[...] =>PUP.Optional.StartSearch O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("browser.search.selectedEngine", "istartsurf"); =>PUP.Optional.IsStart O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("extensions.crossrider.bic", "14f114ab56991c2cb5f25c30a2e009c1"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [NATHALIE - v6vz1z61.default-1439064453781] user_pref("{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec}.ScriptData_product_name", "shopperz04082015"); =>PUP.Optional.Shopperz O69 - SBI: SearchScopes [HKCU] 52CF5E5A49DD4D22B56EBAABD42DBB13 - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {05E304E7-C2BD-4116-959A-7E42D9C728D3} - (Bing.com) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (istartsurf) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Bing) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {7C3449A2-72B5-4C52-938A-5D724A13E765} - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com/ =>PUP.Optional.StartSearch ---\\ Enumère les services démarrés par Svchost (SSS) (O83) (39) - 3s O83 - Search Svchost Services: AppMgmt (AppMgmt) . (...) -- C:\WINDOWS\System32\appmgmts.dll [0] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - DLL Service gestionnaire de disque logique.) -- C:\WINDOWS\system32\dmserver.dll [24576] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Service client DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [127488] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gestionnaire de connexions réseau.) -- C:\WINDOWS\system32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Micro.) -- C:\WINDOWS\system32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gestionnaire de stockage amovible.) -- C:\WINDOWS\system32\ntmssvc.dll [438272] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Moteur du Planificateur de tâches.) -- C:\WINDOWS\system32\schedsvc.dll [194560] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secon.) -- C:\WINDOWS\system32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à.) -- C:\WINDOWS\system32\ipnathlp.dll [332800] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Service de restauration du système.) -- C:\WINDOWS\system32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\WINDOWS\system32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Service de temps Windows.) -- C:\WINDOWS\system32\w32time.dll [178176] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Service configuration automatique sans fil.) -- C:\WINDOWS\system32\wzcsvc.dll [483840] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Exécution du service Agent de quarantaine.) -- C:\WINDOWS\system32\qagentrt.dll [293376] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\system32\kmsvc.dll [61440] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\system32\shsvcs.dll [135680] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [25088] ---\\ Enumère les codes produits des logiciels (PUC) (O90) (2) - 3s O90 - PUC: "8413141972A528C4F9775BD56DF3AF9E" . (.Media Player Z.) -- C:\WINDOWS\Installer\{91413148-5A27-4C82-9F77-B55DD63FFAE9}\producticon =>PUP.Optional.CrossRider O90 - PUC: "93BAD29AC2E44034A96BCB446EB8552E" . (.globalupdate Helper.) =>PUP.Optional.GlobalUpdate ---\\ Scan Additionnel (O88) (152) - 1s C:\Documents and Settings\NATHALIE\Local Settings\Application Data\2B54BCE0-1439073337-11DE-952A-00269E11D6C6\snse284.tmp =>PUP.Optional.CrossRider C:\Program Files\shopperz04082015\KomeUfuwe.exe =>PUP.Optional.Shopperz C:\WINDOWS\Microsoft\sogrMed\Media Player ZUpdater.exe =>PUP.Optional.CrossRider C:\WINDOWS\Microsoft\UpdatingServiceMed\Media Player ZNewVersionDownloader.exe =>PUP.Optional.CrossRider C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\engaigpbgdjjmanonjcjkcmomgibneba C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0a0e29f6-0ab0-44e1-a98e-bd050ee692ec} =>PUP.Optional.Shopperz HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C96F985-C6FC-4AFB-B644-869C24BF303F} =>PUP.Optional.Multiplug C:\Documents and Settings\All Users\Application Data\ShopperPro\ShopperPro.dll =>PUP.Optional.ShopperPro HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} =>PUP.Optional.ShopperPro C:\WINDOWS\system32\Peakoar.dll =>Hijacker.Winsock HKLM\SYSTEM\CurrentControlSet\Services\a34dfee7-ea86-4e1d-88fb-46171610240f =>PUP.Optional.Shopperz HKLM\SYSTEM\CurrentControlSet\Services\BrsHelper =>PUP.Optional.YTDownloader HKLM\SYSTEM\CurrentControlSet\Services\comyninu =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\csrcc =>PUP.Optional.Shopperz HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate =>PUP.Optional.GlobalUpdate C:\Program Files\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate HKLM\SYSTEM\CurrentControlSet\Services\gopibeko =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\hyverumu =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\kepelizy =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\mosetihe =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\MyrwewNebg =>PUP.Optional.Shopperz HKLM\SYSTEM\CurrentControlSet\Services\shopperz04082015 Updater =>PUP.Optional.Shopperz HKLM\SYSTEM\CurrentControlSet\Services\sogrMed =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\SPBIUpd =>PUP.Optional.ShopperPro HKLM\SYSTEM\CurrentControlSet\Services\UpdatingServiceMed =>PUP.Optional.Proxomoto C:\WINDOWS\Microsoft\UpdatingServiceMed\Media Player ZNewVersionDownloader.exe =>PUP.Optional.Proxomoto HKLM\SYSTEM\CurrentControlSet\Services\wusykefy =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\zehyqefe =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-1-6.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-1-7.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-4.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-5.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-6.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\945dee8e-cdbf-4566-8737-7ca867199ad7-7.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\AmiUpdXp.job =>PUP.Optional.SoftwareUpdater C:\WINDOWS\Tasks\APSnotifierPP1.job =>PUP.Optional.AnyProtect C:\WINDOWS\Tasks\APSnotifierPP2.job =>PUP.Optional.AnyProtect C:\WINDOWS\Tasks\APSnotifierPP3.job =>PUP.Optional.AnyProtect C:\WINDOWS\Tasks\ccd25dc2-db54-41a4-a1cd-9349ed85a7aa-10_user.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate C:\WINDOWS\Tasks\MAXDriverUpdater_UPDATES.job =>PUP.Optional.MaxDriverUpdater C:\WINDOWS\Tasks\ShopperPro.job =>PUP.Optional.ShopperPro C:\WINDOWS\Tasks\ShopperProJSUpd.job =>PUP.Optional.ShopperPro C:\WINDOWS\Tasks\YTDownloader.job =>PUP.Optional.YTDownloader C:\WINDOWS\Tasks\YTDownloaderUpd.job =>PUP.Optional.YTDownloader HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater =>PUP.Optional.SoftwareUpdater HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{91413148-5A27-4C82-9F77-B55DD63FFAE9} =>PUP.Optional.CrossRider HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar HKLM\SOFTWARE\Boxore =>PUP.Optional.Boxore HKLM\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Crossrider =>PUP.Optional.CrossRider HKLM\SOFTWARE\csdimedia =>PUP.Optional.MaxDriverUpdater HKLM\SOFTWARE\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\GAMESDESKTOP =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\IHProtect =>PUP.Optional.AgentODR HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\istartsurfSoftware =>PUP.Optional.IsStart HKLM\SOFTWARE\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\NetCrawl =>PUP.Optional.Sambreel HKLM\SOFTWARE\Object Browser =>PUP.Optional.ObjectBrowser HKLM\SOFTWARE\Object Browser-nv =>PUP.Optional.ObjectBrowser HKLM\SOFTWARE\Object Browser-nv-ie =>PUP.Optional.ObjectBrowser HKLM\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair HKLM\SOFTWARE\RocketTab =>PUP.Optional.RocketTab HKLM\SOFTWARE\searchult =>PUP.Optional.Generic HKLM\SOFTWARE\ShopperPro =>PUP.Optional.ShopperPro HKLM\SOFTWARE\shopperz04082015 =>PUP.Optional.Shopperz HKLM\SOFTWARE\SupDp =>PUP.Optional.SupTab HKLM\SOFTWARE\supTab =>PUP.Optional.SupTab HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Optional.Fuyu HKLM\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\WaInterEnhancer =>PUP.Optional.Multiplug HKLM\SOFTWARE\WebBar =>PUP.Optional.WebBar HKLM\SOFTWARE\WordSurfer_1.10.0.19 =>PUP.Optional.WordSurfer HKLM\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKLM\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader HKLM\SOFTWARE\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\AskPartnerNetwork =>Toolbar.AskBar HKCU\SOFTWARE\Boxore =>PUP.Optional.Boxore HKCU\SOFTWARE\BrowserV30.07-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Cinema PlusV09.08-ntf =>PUP.Optional.CrossRider HKCU\SOFTWARE\Cinema PlusV09.08-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\csdimedia =>PUP.Optional.MaxDriverUpdater HKCU\SOFTWARE\DailyPcClean =>PUP.Optional.DailyPCClean HKCU\SOFTWARE\DynConIE =>PUP.Optional.DynConIE HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\ImInstaller =>Toolbar.IncrediMail HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\iWebar-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\MedPlayvidV3.1-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\NetCrawl =>PUP.Optional.Sambreel HKCU\SOFTWARE\Object Browser-nv =>PUP.Optional.ObjectBrowser HKCU\SOFTWARE\Object Browser-nv-ie =>PUP.Optional.ObjectBrowser HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair HKCU\SOFTWARE\RocketTabInstalled =>PUP.Optional.RocketTab HKCU\SOFTWARE\Search Extensions =>PUP.Optional.RocketTab HKCU\SOFTWARE\ShopperPro =>PUP.Optional.ShopperPro HKCU\SOFTWARE\shopperz04082015 =>PUP.Optional.Shopperz HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech HKCU\SOFTWARE\TNT2 =>PUP.Optional.TidyNetwork HKCU\SOFTWARE\tstamptoken =>PUP.Optional.MaxComputerCleaner HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\WaInterEnhancer =>PUP.Optional.Multiplug HKCU\SOFTWARE\WajIEnhance =>PUP.Optional.Wajam HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader HKCU\SOFTWARE\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate C:\Program Files\shopperz04082015 =>PUP.Optional.Shopperz C:\Program Files\Software =>PUP.Optional.Boxore C:\Documents and Settings\All Users\Menu Démarrer\Programmes\GAMESDESKTOP =>PUP.Optional.GamesDesktop C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WaInterEnhancer =>PUP.Optional.Multiplug C:\Documents and Settings\All Users\Application Data\Browser =>PUP.Optional.SpeedBrowser C:\Documents and Settings\All Users\Application Data\IHProtectUpDate =>PUP.Optional.AgentODR C:\Documents and Settings\All Users\Application Data\ShopperPro =>PUP.Optional.ShopperPro C:\Documents and Settings\NATHALIE\Application Data\AnyProtectEx =>PUP.Optional.AnyProtect C:\Documents and Settings\NATHALIE\Application Data\csdimedia =>PUP.Optional.MaxDriverUpdater C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Boxore =>PUP.Optional.Boxore C:\Documents and Settings\NATHALIE\Local Settings\Application Data\BrowserHelper =>PUP.Optional.BrowserHelper C:\Documents and Settings\NATHALIE\Local Settings\Application Data\CrashRpt =>.Legitimate.CrashReports C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Crossbrowse =>PUP.Optional.CrossBrowse C:\Documents and Settings\NATHALIE\Local Settings\Application Data\globalUpdate =>PUP.Optional.GlobalUpdate C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_005010055 =>PUP.Optional.CrossRider C:\Documents and Settings\NATHALIE\Local Settings\Application Data\Installer =>PUP.Optional.InstallPedia C:\Documents and Settings\NATHALIE\Local Settings\Application Data\SmartWeb =>PUP.Optional.SmartWebSearch C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\AnyProtect PC Backup =>PUP.Optional.AnyProtect C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\GUPlayer =>PUP.Optional.GUPlayer C:\Documents and Settings\NATHALIE\Menu Démarrer\Programmes\YTDownloader =>PUP.Optional.YTDownloader C:\WINDOWS\Prefetch\PRICELESSINSTALLER.EXE-2C87BCC0.pf =>PUP.Optional.PriceLess C:\Documents and Settings\NATHALIE\Local Settings\Application Data\gmsd_fr_005010055\upgmsd_fr_005010055.exe =>PUP.Optional.CrossRider C:\WINDOWS\System32\drivers\cherimoya.sys =>PUP.Optional.Shopperz C:\WINDOWS\Installer\{91413148-5A27-4C82-9F77-B55DD63FFAE9}\producticon =>PUP.Optional.CrossRider HKLM\Software\Classes\Installer\Products\8413141972A528C4F9775BD56DF3AF9E =>PUP.Optional.CrossRider HKLM\Software\Classes\Installer\Features\8413141972A528C4F9775BD56DF3AF9E =>PUP.Optional.CrossRider HKLM\Software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E =>PUP.Optional.GlobalUpdate HKLM\Software\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E =>PUP.Optional.GlobalUpdate HKLM\SYSTEM\CurrentControlSet\Services\globalUpdatem =>PUP.Optional.GlobalUpdate ---\\ Récapitulatif des éléments trouvées sur votre station (46) - 0s http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/blog =>PUP.Optional.Shopperz http://www.nicolascoolman.fr/adware-boxore/ =>PUP.Optional.Boxore http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug http://www.nicolascoolman.fr/pup-shopperpro/ =>PUP.Optional.ShopperPro http://www.nicolascoolman.fr/pup-ytdownloader/ =>PUP.Optional.YTDownloader http://www.nicolascoolman.fr/blog =>PUP.Optional.Proxomoto http://www.nicolascoolman.fr/pup-software-updater/ =>PUP.Optional.SoftwareUpdater http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxDriverUpdater http://www.nicolascoolman.fr/blog =>Toolbar.AskBar http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse http://www.nicolascoolman.fr/blog =>PUP.Optional.SweetSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.GamesDesktop http://www.nicolascoolman.fr/blog =>PUP.Optional.AgentODR http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.Sambreel http://www.nicolascoolman.fr/pup-objectbrowser/ =>PUP.Optional.ObjectBrowser http://www.nicolascoolman.fr/rogue-reimagerepair/ =>PUP.Optional.ReImageRepair http://www.nicolascoolman.fr/blog =>PUP.Optional.RocketTab http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab http://www.nicolascoolman.fr/trojan-fuyu/ =>PUP.Optional.Fuyu http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive http://www.nicolascoolman.fr/blog =>PUP.Optional.WebBar http://www.nicolascoolman.fr/blog =>PUP.Optional.WordSurfer http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit http://www.nicolascoolman.fr/pup-optional-dailypcclean/ =>PUP.Optional.DailyPCClean http://www.nicolascoolman.fr/blog =>PUP.Optional.DynConIE http://www.nicolascoolman.fr/blog =>Toolbar.IncrediMail http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore http://www.nicolascoolman.fr/blog =>PUP.Optional.SimplyTech http://www.nicolascoolman.fr/adware-tidynetwork/ =>PUP.Optional.TidyNetwork http://www.nicolascoolman.fr/blog =>PUP.Optional.MaxComputerCleaner http://www.nicolascoolman.fr/pup-wajam/ =>PUP.Optional.Wajam http://www.nicolascoolman.fr/blog =>PUP.Optional.SpeedBrowser http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserHelper http://www.nicolascoolman.fr/blog =>.Legitimate.CrashReports http://www.nicolascoolman.fr/adware-installpedia/ =>PUP.Optional.InstallPedia http://www.nicolascoolman.fr/pup-smartwebsearch/ =>PUP.Optional.SmartWebSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.GUPlayer http://www.nicolascoolman.fr/blog =>PUP.Optional.PriceLess http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine ~ End of the scan, 70589 items in 207 seconds (1087)(0)()