~ ZHPDiag v2015.8.10.115 Par Nicolas Coolman (2015/08/10)
~ Démarré par user (Administrator)  (2015/08/11 01:33:13)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version:  Version OK
~ Mode: Scanner
~ Rapport: C:\Users\user\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\user\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
Windows 8.1 Single Language, 64-bit  (Build 9600)

---\\ Navigateurs Internet (2) - 0s
GCIE: Google Chrome v44.0.2403.125
MSIE: Internet Explorer v11.0.9600.16384

---\\ Informations sur les produits Windows (4) - 1s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Logiciels de protection (1) - 0s
Kaspersky Internet Security v15.0.0.463

---\\ Informations sur le système (6) - 0s
~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
~ Operating System:  64-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 8269.272 MB (67% free)
~ System Restore: Activé (Enable)
~ System drive C: has 422 GB free of 477 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: ASUS
~ User Name: user
~ Logged in as Administrator

---\\ Enumération des unités disques (2) - 0s
~ Drive C: has 422 GB free of 477 GB  (System)
~ Drive F: has 471 GB free of 475 GB

---\\ Etat du Centre de Sécurité Windows (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Recherche particulière de fichiers génériques (23) - 1s
[MD5.8479DC46E9A09015C0777A16BC22A15D] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2328880]
[MD5.6E0BDFBEEED65B017F2E4C2C910B0520] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [52736]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [144384]
[MD5.CE76481B886D891F1ECF11939DF16938] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [2328064]
[MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [564736]
[MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.E37F897ED7B5AFF79B1398258DB96BD9] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [19456]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352]
[MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134656]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [107520]
[MD5.0063040EFD7C5B81D67CF985BA35388A] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [141824]
[MD5.405A2E5754DF76663CF0522B87D7929F] - (.Microsoft Corporation - Minirdr SMB Windows NT.) () -- C:\Windows\System32\drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624]
[MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [2011488]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RD.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520]
[MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [312160]

---\\ Processus lancés (37) - 4s
[MD5.DBC598E47E7A382E60E2A4745D41FEF9] - (.ASUS - GFNEXSrv.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896] [PID.1508]
[MD5.6A122B4F0E5293CACFA8A5F2CBA9B356] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120] [PID.1784]
[MD5.058734C95991F6BEBF3D3075B8776234] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552] [PID.1800]
[MD5.7B9ED6E90100A6EBD9759CB7D2ED7BAE] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1619704] [PID.1828]
[MD5.0417C188DA81AA5564B152CA4E00458A] - (.Copyright (C) 2013 - .) -- C:\ProgramData\MobileBrServ\mbbservice.exe [239696] [PID.1208]
[MD5.8652491CA4E651B4AB7F11B9E6B29733] - (.ShopperPro - ShopperPro Update Service.) -- C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880] [PID.2124]  =>PUP.Optional.ShopperPro
[MD5.D0252B2CD35DF5C0D552398D2E390B77] - (...) -- C:\Program Files (x86)\Common Files\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\updater.exe [1065184] [PID.2304]  =>PUP.Optional.CrossRider
[MD5.0B485584F43ABC41895BC32C8E52339A] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752] [PID.2936]
[MD5.F98BFE8634197144D5A8E18DFADE53E8] - (.ASUS - ASUS InstantOn Program.) -- C:\Program Files\ASUS\P4G\InsOnWMI.exe [594744] [PID.2092]
[MD5.A446F3898F1CE9989ACB3F6E758E179B] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe [192160] [PID.2788]
[MD5.61F674D54CD71FBF9B9631BFB608464A] - (.ASUS - Power4Gear Hybrid.) -- C:\Program Files\ASUS\P4G\BatteryLife.exe [1036088] [PID.4008]
[MD5.E7958D045E81BA3952E15E6985EBF62A] - (.Cinema Plus - CinemaP-1.3c exe.) -- C:\Program Files (x86)\CinemaP-1.3c\03028fde-b6ef-4928-878a-0e9ddec76e17-6.exe [1366936] [PID.4228]  =>PUP.Optional.CrossRider
[MD5.9DDFDE6F9D6316B9191884FF62ABE55F] - (.Object Browser - Sense exe.) -- C:\Program Files (x86)\Sense\80e8d410-b2f7-435c-82bd-72d5842bedfd-6.exe [1254816] [PID.4392]
[MD5.E85B26F20AD64B0D6C6B63EDBFCEE81D] - (.iWebar - iWebar exe.) -- C:\Program Files (x86)\iWebar\8b41f82b-0f18-4f5d-9626-96e37d948ed4-6.exe [1253280] [PID.4428]  =>PUP.Optional.CrossRider
[MD5.EAFB798E13C296281878E70BCFE41A69] - (...) -- C:\Program Files (x86)\Big Phat Sports\big_phat_sports_helper_service.exe [191696] [PID.4452]
[MD5.2DD6EF4919B49E7DE92DD05E0FE3689C] - (.Object Browser - Object Browser exe.) -- C:\Program Files (x86)\Object Browser\5c6c93c5-f845-49dd-a422-09ff1a8de928-6.exe [1254816] [PID.4476]  =>PUP.Optional.ObjectBrowser
[MD5.2086AE9CA42D3902FFB324A90AD3EFE2] - (.Cinema Plus - CinemaP-1.3c exe.) -- C:\Program Files (x86)\CinemaP-1.3c\dfc00529-3a2c-483f-9afd-ec4fabc47dbd.exe [340376] [PID.4488]  =>PUP.Optional.CrossRider
[MD5.0DABDA56F6F678E05DC9AC15D0316B22] - (.AsusTek - ASUS Smart Gesture Loader.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [199992] [PID.4984]
[MD5.70F253680AFC7269AA30831EECD4048E] - (.AsusTek - ASUS Smart Gesture Center.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe [283960] [PID.1040]
[MD5.DD5AD873EA9A93C9DE30B2B8A92A9EE8] - (.AsusTek - ASUS Smart Gesture Helper.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe [170296] [PID.5616]
[MD5.BAF49F90F6F5C212F16A3953335ED8A6] - (...) -- C:\Program Files (x86)\Le Robert\Le Petit Robert\PRHYPER.EXE [22560] [PID.5960]
[MD5.D21D821D48AEDC08C58C17C10FC33CB2] - (.slowthanwrote.com - VinSolutions.) -- C:\Users\user\AppData\Roaming\obvqumnjfb.exe [77230080] [PID.5984]
[MD5.BD9B0E544F4D70E20781A00A27FF98E5] - (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [379904] [PID.6024]
[MD5.F4346AFCA70349EB65F0ACF5CDBE2DD3] - (.slowthanwrote.com - VinSolutions.) -- C:\Users\user\AppData\Roaming\obbtxpgplu.exe [84168704] [PID.6040]
[MD5.C106CC72B37814CCFA1A337DBA2F25B3] - (.slowthanwrote.com - VinSolutions.) -- C:\Users\user\AppData\Roaming\obnqvzrudz.exe [71352320] [PID.6072]
[MD5.F1F5E9B8DFDCF50E3A8716EA7BC4D929] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugincontainer.exe [1139936] [PID.5544]  =>PUP.Optional.CrossRider
[MD5.47405064D5B5B2C9ABF60D74CB6B82A5] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\6\Plugin.exe [1134304] [PID.6068]  =>PUP.Optional.CrossRider
[MD5.F3224BEB8BD106B43BB2D70CAD3B512D] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\10\Plugin.exe [1036512] [PID.3148]  =>PUP.Optional.CrossRider
[MD5.17ABD27C344E113187625CFA06C2820C] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\7\Plugin.exe [922848] [PID.3672]  =>PUP.Optional.CrossRider
[MD5.B2AF6BD3EB210E0B387DFA0AEBEC6FE6] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\8\Plugin.exe [1224416] [PID.648]  =>PUP.Optional.CrossRider
[MD5.F699E373969D11BE083E7A502344CCCD] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\5\Plugin.exe [1291488] [PID.2276]  =>PUP.Optional.CrossRider
[MD5.28EF889B62CFC610E3DB1B8E84DBBF90] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\2\Plugin.exe [1764064] [PID.5788]  =>PUP.Optional.CrossRider
[MD5.619146B01947F7C41CC24A0BF05F1D8B] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\3\Plugin.exe [1169120] [PID.5740]  =>PUP.Optional.CrossRider
[MD5.17ABD27C344E113187625CFA06C2820C] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\7\Plugin.exe [922848] [PID.6348]  =>PUP.Optional.CrossRider
[MD5.619146B01947F7C41CC24A0BF05F1D8B] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\3\Plugin.exe [1169120] [PID.6424]  =>PUP.Optional.CrossRider
[MD5.BCD61E909A54A57BE18CD7DC4790A356] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\12\Plugin.exe [690912] [PID.6512]  =>PUP.Optional.CrossRider
[MD5.BCD61E909A54A57BE18CD7DC4790A356] - (...) -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\12\Plugin.exe [690912] [PID.6608]  =>PUP.Optional.CrossRider

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (16) - 0s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.sweet-page.com/  =>PUP.Optional.SweetPage
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] __MSG_ExtensionName__
G2 - GCE: Preference [User Data\Default] [fcjmbgoamdpbndikpbaoeoidaabejfmd] fcjmbgoamdpbndikpbaoeoidaabejfmd
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fpdfodicipdpgboaibeobfmbphjfedea] {background:{scripts:[background.js]}content_scrip
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [mipnjnddbpbdmbpjafflemfdefjlibod] mipnjnddbpbdmbpjafflemfdefjlibod
G2 - GCE: Preference [User Data\Default] [ndlpkmaeinmnbiadacenijnhlolneopm] __MSG_themeName__
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pdnfnkhpgegpcingjbfihlkjeighnddk] pdnfnkhpgegpcingjbfihlkjeighnddk
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest  =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3) (16) - 1s
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc..) -- C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc.) -- C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll
P2 - FPN: [HKLM] [@kaspersky.com/content_blocker] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
P2 - FPN: [HKLM] [@kaspersky.com/online_banking] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
P2 - FPN: [HKLM] [@kaspersky.com/virtual_keyboard] - (.kaspersky.com.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc..) -- C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (19) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/  =>PUP.Optional.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/  =>PUP.Optional.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/  =>PUP.Optional.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118   =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object de navigateur (BHO) (O2) (11) - 0s
O2 - BHO: 07462cf09e3b013003f40973f5b3301f0032850 [64Bits] - {11111111-1111-1111-1111-110311281150} . (...) -- C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll  =>PUP.Optional.ObjectBrowser
O2 - BHO: cb53b500f3e90131a6091fb939dcadf40061915 [64Bits] - {11111111-1111-1111-1111-110611191115} . (...) -- C:\Program Files (x86)\Sense\Sense-bho64.dll
O2 - BHO: 68671f62832e4803b34065d441f9a2210065123 [64Bits] - {11111111-1111-1111-1111-110611511123} . (...) -- C:\Program Files (x86)\iWebar\iWebar-bho64.dll  =>PUP.Optional.CrossRider
O2 - BHO: (no name) [64Bits] - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}  (Orphean)
O2 - BHO: ContentBlockerBrowserHelperObject [64Bits] - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} . (.Kaspersky Lab ZAO - Content Blocker Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject [64Bits] - {73455575-E40C-433C-9784-C78DC7761455} . (.Kaspersky Lab ZAO - Virtual Keyboard Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: DLSecure Toolbar [64Bits] - {7bcc228a-c730-4004-93f9-72cbb7033a62} . (...) -- C:\Program Files (x86)\dlsecuretb\dlsecureDx64.dll
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (.Kaspersky Lab ZAO - Safe Money Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Sale Clipper [64Bits] - {b18906df-1dfa-4d50-8a1f-7d076a8c87b7}  (Orphean)  =>PUP.Optional.SaleClipper
O2 - BHO: SecureWebBHO [64Bits] - {D3C24E2B-C820-4492-9B69-11BF7163F998}  (Orphean)  =>PUP.Optional.SecureSoft
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - URL Advisor Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll

---\\ Internet Explorer Toolbars (O3) (2) - 0s
O3 - Toolbar: DLSecure Toolbar - [HKLM]{7bcc228a-c730-4004-93f9-72cbb7033a62} . (...) -- C:\Program Files (x86)\dlsecuretb\dlsecureDx.dll
O3 - Toolbar: Web Protector Toolbar - [HKLM]{CCC7B151-1D8C-11E3-B2AD-F3EF3D58318D} . (...) -- C:\Program Files (x86)\WebProtector\WebProtector.dll  =>PUP.Optional.WebProtector

---\\ Applications lancées au démarrage du sytème (O4) (14) - 1s
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] . (...) -- C:\Program Files (x86)\Le Robert\Le Petit Robert\PRHYPER.EXE
O4 - HKLM\..\Wow6432Node\Run: [BtTray] . (.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
O4 - HKLM\..\Wow6432Node\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [YouCam Mirror Tray icon] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
O4 - HKUS\S-1-5-21-2224265590-2659732515-3375065286-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2224265590-2659732515-3375065286-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-2224265590-2659732515-3375065286-1001\..\Run: [Le Petit Robert Hyperappel] . (...) -- C:\Program Files (x86)\Le Robert\Le Petit Robert\PRHYPER.EXE

---\\ Modification Domaine/Adresses DNS (O17) (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 193.95.57.20 193.95.59.20
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = hi.link
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 193.95.57.20 193.95.59.20
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = hi.link

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) (1) - 0s
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 334.) - C:\Windows\system32\nvinitx.dll 

---\\ Liste des services NT non Microsoft et non désactivés (O23) (23) - 4s
O23 - Service: ASLDR Service (ASLDRService) . (.ASUSTek Computer Inc. - ASLDR Service.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) . (.ASUS - ASUS InstantOn Program.) - C:\Program Files\ASUS\P4G\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) . (.ASUS - GFNEXSrv.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Kaspersky Anti-Virus Service 15.0.0 (AVP15.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
O23 - Service: BlueSoleilCS (BlueSoleilCS) . (.IVT Corporation - Bluetooth Application.) - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: @oem31.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAM (DptfParticipantProcessorService) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\Windows\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem31.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME (DptfPolicyCriticalService) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\Windows\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem31.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Int (DptfPolicyLpmService) . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) - C:\Windows\system32\DptfPolicyLpmService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: YAC Service (iSafeService) . (...) - C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe  =>PUP.Optional.YetAnotherCleaner
O23 - Service: Live Malware Protection (Live Malware Protection) . (...) - C:\Windows\mlwps.exe
O23 - Service: LiveUpdateWPP Manager (LiveUpdateWPP Manager) . (...) - C:\Program Files (x86)\LiveUpdateWPP\LiveUpdateWPP.exe  =>PUP.Optional.WebProtector
O23 - Service: Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2013 - .) - C:\ProgramData\MobileBrServ\mbbservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 334.8.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: PicexaService (PicexaService) . (...) - C:\Program Files (x86)\Picexa\PicexaSvc.exe  =>PUP.Optional.Picexa
O23 - Service: Privoxy (PrivoxyService) (PrivoxyService) . (...) - C:\Program Files (x86)\Megasoft Security\privoxy.exe  =>PUP.Optional.Privoxy
O23 - Service: Service KMSELDI (Service KMSELDI) . (. - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe  =>PUA.KMSpico
O23 - Service: Service Mgr SaleClipper (Service Mgr SaleClipper) . (...) - C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugincontainer.exe  =>PUP.Optional.SaleClipper
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: ShopperPro Update (SPBIUpd) . (.ShopperPro - ShopperPro Update Service.) - C:\Program Files\Common Files\ShopperPro\spbiu.exe  =>PUP.Optional.ShopperPro
O23 - Service:  (syshost32) . (...) - C:\Windows\Installer\{75B66D64-7B5C-2268-D631-C707B4C68ABD}\syshost.exe
O23 - Service: Update Mgr SaleClipper (Update Mgr SaleClipper) . (...) - C:\Program Files (x86)\Common Files\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\updater.exe  =>PUP.Optional.SaleClipper
O23 - Service: WA 1.10.0.19 Client Service (wasvc_1.10.0.19) . (...) - C:\Program Files (x86)\WordAnchor_1.10.0.19\Service\wasvc.exe  =>PUP.Optional.Generic

---\\ Tâches planifiées en automatique (O39) (107) - 12s
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-1.job   [3102]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-11.job   [5174]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-2.job   [2100]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-3.job   [4148]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-4.job   [4148]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-5.job   [2436]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-5_user.job   [2436]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-6.job   [5508]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-7.job   [5172]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\48_dresses_notification_service.job   [1226]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-1.job   [3446]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-11.job   [5178]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-2.job   [2104]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-3.job   [3464]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-4.job   [4488]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-5.job   [2440]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-5_user.job   [2440]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-6.job   [4152]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-7.job   [3808]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-1.job   [3754]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-11.job   [5496]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-2.job   [2422]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-3.job   [4134]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-4.job   [4470]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-5.job   [2766]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-5_user.job   [2766]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-6.job   [4470]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-7.job   [4134]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-1.job   [3758]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-11.job   [5498]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-2.job   [2424]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-4.job   [4472]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-5.job   [2768]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-5_user.job   [2768]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-6.job   [4472]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-7.job   [4136]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\big_phat_sports_helper_service.job   [540]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\Chromium.job   [334]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\dfc00529-3a2c-483f-9afd-ec4fabc47dbd.job   [1424]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\disco_savings_notification_service.job   [1244]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\f54d621c-c49b-4c91-a145-74209856bbf2.job   [620]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2224265590-2659732515-3375065286-1001Core.job   [912]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2224265590-2659732515-3375065286-1001UA.job   [934]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\fun4u_notification_service.job   [1196]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job   [942]  =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job   [946]  =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1082]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1086]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-11   [8178]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-2   [5104]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-3   [7152]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-4   [7152]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-5   [5440]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-5_user   [5426]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-6   [8512]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\48_dresses_notification_service   [3334]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-1   [6450]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-11   [8182]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-3   [6468]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-4   [7492]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-5   [5444]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-5_user   [5430]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-6   [7156]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-7   [6812]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-1   [6758]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-11   [8500]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-3   [7138]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-4   [7474]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-5   [5770]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-5_user   [5756]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-6   [7474]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-7   [7138]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-1   [6762]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-11   [8502]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-2   [5428]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-4   [7476]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-5   [5772]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-5_user   [5758]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-6   [7476]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-7   [7140]  =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\ASUS InstantOn Config   [2968]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\ASUS P4G   [3056]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher   [3538]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\AutoPico Daily Restart   [3702]  =>PUA.KMSpico
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\avabvexvac   [3444]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\big_phat_sports_helper_service   [3460]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Chromium   [2672]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\dfc00529-3a2c-483f-9afd-ec4fabc47dbd   [4428]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\disco_savings_notification_service   [3352]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\f54d621c-c49b-4c91-a145-74209856bbf2   [3610]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2224265590-2659732515-3375065286-1001Core   [3430]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2224265590-2659732515-3375065286-1001UA   [3780]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\fun4u_notification_service   [3304]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore   [3682]  =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA   [3918]  =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [3822]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [4058]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\LaunchSignup   [4016]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Malware Cleaner   [3320]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Megasoft Security Uninstaller   [3264]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Personal Computer Software Uninstaller   [3652]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_34303638333339332d784a234157344a2a416c505a   [4222]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Windows Installer   [3258]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{1094EEEA-6E28-48EC-ACDC-C460033D5C05}   [3138]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{165564D9-CE16-4C3F-A62F-7DA36E669F6D}   [2970]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{258A2E8C-46E3-464B-8A32-A41086C463E3}   [3158]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{62EE09D8-32DD-4783-9955-026C9D945BC0}   [3208]

---\\ Logiciels installés (O42) (67) - 7s
O42 - Logiciel: Package de pilotes Windows - ASUS (ATP) Mouse  (05/09/2013 1.0.0.173) - (.ASUS.) [HKLM][64Bits] -- 1016059FBF327ED9E3BAE758BD08CF10D3C6252D
O42 - Logiciel: KMSpico v9.1.3 - (...) [HKLM][64Bits] -- KMSpico_is1  =>PUA.KMSpico
O42 - Logiciel: R for Windows 3.0.2 - (.R Core Team.) [HKLM][64Bits] -- R for Windows 3.0.2_is1
O42 - Logiciel: R for Windows 3.1.3 - (.R Core Team.) [HKLM][64Bits] -- R for Windows 3.1.3_is1
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: WinRAR 5.21 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Ralink Bluetooth Stack64 - (.Mediatek.) [HKLM][64Bits] -- {307AA214-8490-9119-DA81-C8E875AD1C94}
O42 - Logiciel: ASUS Power4Gear Hybrid - (.ASUS.) [HKLM][64Bits] -- {9B6239BF-4E85-4590-8D72-51E30DB1A9AA}
O42 - Logiciel: NVIDIA Pilote graphique 334.89 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Mises à jour NVIDIA 11.10.13 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: AMCap - (.Noël Danjou.) [HKLM][64Bits] -- AMCap
O42 - Logiciel: CinemaP-1.3c - (.Cinema Plus.) [HKLM][64Bits] -- CinemaP-1.3c  =>PUP.Optional.CrossRider
O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM][64Bits] -- DivX Plus DirectShow Filters
O42 - Logiciel: DLSecure Toolbar - (.Visicom Media Inc..) [HKLM][64Bits] -- dlsecuretb
O42 - Logiciel: Intel(R) Dynamic Platform and Thermal Framework - (.Intel Corporation.) [HKLM][64Bits] -- FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C
O42 - Logiciel: GOM Player - (...) [HKLM][64Bits] -- GOM Player
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}
O42 - Logiciel: YAC(Yet Another Cleaner!) - (.ELEX DO BRASIL PARTICIPAÇÕES LTDA.) [HKLM][64Bits] -- iSafe  =>PUP.Optional.Elex
O42 - Logiciel: iWebar - (.iWebar.) [HKLM][64Bits] -- iWebar  =>PUP.Optional.CrossRider
O42 - Logiciel: Désinstaller Le Petit Robert de la langue française - (...) [HKLM][64Bits] -- Le Petit Robert
O42 - Logiciel: LiveUpdateWPP - (.Anti-phishing database updater for Web Protector Plus. This service keeps your computer updated with the newest database of known Internet threats..) [HKLM][64Bits] -- LiveUpdateWPP  =>PUP.Optional.WebProtector
O42 - Logiciel: Mobile Broadband HL Service - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Mobile Broadband HL Service
O42 - Logiciel: Object Browser - (.Object Browser.) [HKLM][64Bits] -- Object Browser  =>PUP.Optional.ObjectBrowser
O42 - Logiciel: Picexa - (.Taiwan Shui Mu Chih Ching Technology Limited.) [HKLM][64Bits] -- Picexa  =>PUP.Optional.Picexa
O42 - Logiciel: RStudio - (.RStudio.) [HKLM][64Bits] -- RStudio
O42 - Logiciel: Rtools 3.1 - (.The R Foundation.) [HKLM][64Bits] -- Rtools_is1
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM][64Bits] -- sa.edu.ksa.ayat
O42 - Logiciel: Sale Clipper - (.Sale Clipper.) [HKLM][64Bits] -- Sale Clipper  =>PUP.Optional.SaleClipper
O42 - Logiciel: Search Protect - (.Client Connect LTD.) [HKLM][64Bits] -- SearchProtect  =>PUP.Optional.SearchProtect
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense
O42 - Logiciel: Shopper-Pro - (...) [HKLM][64Bits] -- ShopperPro  =>PUP.Optional.ShopperPro
O42 - Logiciel: SLD Codec Pack - (...) [HKLM][64Bits] -- SLD Codec Pack
O42 - Logiciel: sweet-page uninstall - (.sweet-page.) [HKLM][64Bits] -- sweet-page uninstall  =>PUP.Optional.SweetPage
O42 - Logiciel: VLC media player 1.0.0-rc3 - (.VideoLAN Team.) [HKLM][64Bits] -- VLC media player
O42 - Logiciel: Web Protector IE - (.WebProtector.) [HKLM][64Bits] -- WebProtector  =>PUP.Optional.WebProtector
O42 - Logiciel: webssearches uninstall - (.webssearches.) [HKLM][64Bits] -- webssearches uninstall  =>PUP.Optional.WebsSearches
O42 - Logiciel: WindowsMangerProtect20.0.0.1064 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect  =>PUP.Optional.Fuyu
O42 - Logiciel: WordAnchor 1.10.0.19 - (.WordAnchor.) [HKLM][64Bits] -- WordAnchor_1.10.0.19  =>PUP.Optional.WordAnchor
O42 - Logiciel: YTDownloader - (.YTDownloader.) [HKLM][64Bits] -- YTDownloader  =>PUP.Optional.YTDownloader
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: IBM SPSS Statistics 19 - (.SPSS Inc., an IBM Company.) [HKLM][64Bits] -- {06C43FAA-7226-41EF-A05E-9AE0AA849FFE}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0A3925EA-5B0E-401B-A189-7419149747B2}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Skype™ 6.21 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Sybase PowerAMC 15.1 - (.Sybase Inc..) [HKLM][64Bits] -- {48B0BE4A-EDC9-44C4-A3DB-67D62D75961F}
O42 - Logiciel: ASUS Smart Gesture - (.ASUS.) [HKLM][64Bits] -- {4D3286A6-F6AB-498A-82A4-E4F040529F3D}
O42 - Logiciel: Stata 12 - (.StataCorp LP.) [HKLM][64Bits] -- {5006A0E8-B9B0-48DF-981A-41D005B3E937}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {653C1B5A-3287-47B1-8613-0745D4E771C4}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM][64Bits] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM][64Bits] -- {7B63B2922B174135AFC0E1377DD81EC2}
O42 - Logiciel: DivX Player - (.DivX, Inc..) [HKLM][64Bits] -- {8ADFC4160D694100B5B8A22DE9DCABD9}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: ATK Package - (.ASUS.) [HKLM][64Bits] -- {AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM][64Bits] -- {B13A7C41581B411290FBC0395694E2A9}
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM][64Bits] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM][64Bits] -- {D1566597-887B-6FAB-A761-018A5D75D6EC}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU][64Bits] -- CodeBlocks
O42 - Logiciel: InetStat - (.InetStat.) [HKCU][64Bits] -- InetStat  =>PUP.Optional.InetStat
O42 - Logiciel: Form Cooking - (.Browser Bus corp.) [HKCU][64Bits] -- {9563BC59-9556-4805-8CD4-886781779D8D}

---\\ HKCU & HKLM Software Keys (125) - 7s
HKLM\SOFTWARE\Wow6432Node\000ac3b4-5ea6-4a3b-9f11-30dc3ce3ee7f  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\7b395e1e-ab35-4592-94df-4dd315ccc2bd  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\a3726d6e-1d0a-4fed-996f-ad27e1082d8e  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AsLdr
HKLM\SOFTWARE\Wow6432Node\ASUS
HKLM\SOFTWARE\Wow6432Node\b2ee8ba1-5b1f-4333-9c46-818e525c3964  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\BSPACode
HKLM\SOFTWARE\Wow6432Node\BSShellFolderCache
HKLM\SOFTWARE\Wow6432Node\c6646b42-24e1-409d-9113-5ef8c4e599fe  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.3c  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.3c-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CLSYSTEM
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\delta-homesSoftware  =>PUP.Optional.DeltaHomes
HKLM\SOFTWARE\Wow6432Node\DivXNetworks
HKLM\SOFTWARE\Wow6432Node\dlsecuretb
HKLM\SOFTWARE\Wow6432Node\Elex-tech
HKLM\SOFTWARE\Wow6432Node\Email Notifier
HKLM\SOFTWARE\Wow6432Node\ErrorLists-crcodedownloader  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\f0f07bc1-28b9-4b67-99eb-cb0a483b004d  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\f580f8fc-3cc6-4e06-8425-f973bdb6aa2b  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ff47689d-df81-4df6-9b46-8333d485d937  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GRETECH
HKLM\SOFTWARE\Wow6432Node\hdcode
HKLM\SOFTWARE\Wow6432Node\IBM
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\IVT Corporation
HKLM\SOFTWARE\Wow6432Node\iWebar  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\iWebar-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Le Robert
HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP  =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Ntpad
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\Object Browser  =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\Object Browser-nv  =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PegasusImaging
HKLM\SOFTWARE\Wow6432Node\Picexa  =>PUP.Optional.Picexa
HKLM\SOFTWARE\Wow6432Node\PicexaSvc  =>PUP.Optional.Picexa
HKLM\SOFTWARE\Wow6432Node\R-core
HKLM\SOFTWARE\Wow6432Node\R-TT
HKLM\SOFTWARE\Wow6432Node\Rainbow Technologies
HKLM\SOFTWARE\Wow6432Node\Ralink Corporation
HKLM\SOFTWARE\Wow6432Node\RStudio
HKLM\SOFTWARE\Wow6432Node\SaleClipper  =>PUP.Optional.SaleClipper
HKLM\SOFTWARE\Wow6432Node\SearchProtect  =>PUP.Optional.SearchProtect
HKLM\SOFTWARE\Wow6432Node\SecureWebChannel  =>PUP.Optional.SecureSoft
HKLM\SOFTWARE\Wow6432Node\Sense
HKLM\SOFTWARE\Wow6432Node\Sense-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SLD
HKLM\SOFTWARE\Wow6432Node\SPPDCOM  =>PUP.Optional.PCSpeedUp
HKLM\SOFTWARE\Wow6432Node\Stata
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware  =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\Sybase
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WebProtector  =>PUP.Optional.BProtector
HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware  =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\Wow6432Node\WordAnchor_1.10.0.19  =>PUP.Optional.WordAnchor
HKLM\SOFTWARE\Wow6432Node\YTDownloader  =>PUP.Optional.YTDownloader
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\AC3Filter
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ASUS
HKCU\SOFTWARE\CodeBlocks
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DownLite
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\ForumerIT  =>Toolbar.Forumer
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\GSpot Appliance Corp
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InetStat  =>PUP.Optional.InetStat
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MEDASYS
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PegasusImaging
HKCU\SOFTWARE\ProductSetup  =>PUP.Optional.InstallCore
HKCU\SOFTWARE\R-TT
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Screentime Media
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\Stata
HKCU\SOFTWARE\SupHpUISoft  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Sybase
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\V9  =>PUP.Optional.V9Software
HKCU\SOFTWARE\Vittalia  =>PUP.Optional.Vittalia
HKCU\SOFTWARE\Waves Audio
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\YTDownloader  =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\CinemaP-1.3c  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\iWebar  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Object Browser  =>PUP.Optional.ObjectBrowser
HKCU\SOFTWARE\AppDataLow\Software\Sense

---\\ Contenu des dossiers Programmes (O43) (209) - 6s
O43 - CFD: 2015/08/10 19:47:17 - [] D -- C:\Program Files (x86)\48 dresses
O43 - CFD: 2015/02/05 22:24:41 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2014/09/30 23:12:34 - [] D -- C:\Program Files (x86)\ASUS
O43 - CFD: 2015/02/05 22:24:49 - [] D -- C:\Program Files (x86)\Ayat
O43 - CFD: 2015/05/31 00:34:54 - [] D -- C:\Program Files (x86)\Big Phat Sports
O43 - CFD: 2015/08/10 20:05:12 - [] D -- C:\Program Files (x86)\CinemaP-1.3c  =>PUP.Optional.CrossRider
O43 - CFD: 2014/11/04 13:54:55 - [] D -- C:\Program Files (x86)\CodeBlocks
O43 - CFD: 2015/08/10 19:37:44 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/10/01 00:20:59 - [] D -- C:\Program Files (x86)\CyberLink
O43 - CFD: 2015/08/10 19:47:17 - [] D -- C:\Program Files (x86)\disco savings
O43 - CFD: 2014/09/30 21:56:35 - [] D -- C:\Program Files (x86)\DivX
O43 - CFD: 2015/08/10 19:48:50 - [] D -- C:\Program Files (x86)\dlsecuretb
O43 - CFD: 2014/10/31 01:14:44 - [] D -- C:\Program Files (x86)\DownLite
O43 - CFD: 2015/08/10 19:47:17 - [] D -- C:\Program Files (x86)\e253af97-89b9-4831-8b49-6c20bab475d2  =>PUP.Optional.CrossRider
O43 - CFD: 2015/08/10 19:37:46 - [] D -- C:\Program Files (x86)\Elex-tech  =>PUP.Optional.Elex
O43 - CFD: 2015/08/10 19:47:17 - [] D -- C:\Program Files (x86)\fun4u
O43 - CFD: 2015/08/02 22:46:27 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2014/09/30 21:57:02 - [] D -- C:\Program Files (x86)\GRETECH
O43 - CFD: 2015/07/07 09:56:40 - [] D -- C:\Program Files (x86)\IBM
O43 - CFD: 2015/02/05 22:24:55 - [] HD -- C:\Program Files (x86)\InstallJammer Registry
O43 - CFD: 2015/04/16 12:11:55 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2014/09/30 23:10:44 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/07/03 16:05:31 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/10 19:48:50 - [] D -- C:\Program Files (x86)\iWebar  =>PUP.Optional.CrossRider
O43 - CFD: 2014/10/01 00:37:32 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 2014/11/15 17:39:15 - [] D -- C:\Program Files (x86)\Le Robert
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Program Files (x86)\LiveUpdateWPP  =>PUP.Optional.WebProtector
O43 - CFD: 2015/08/10 19:48:49 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Program Files (x86)\Megasoft Security
O43 - CFD: 2014/09/30 22:03:44 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2014/09/30 22:03:43 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2014/09/30 22:03:51 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2013/08/22 16:36:30 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/08/10 19:53:14 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2014/10/31 00:59:13 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2014/09/30 21:57:27 - [] D -- C:\Program Files (x86)\Noel Danjou
O43 - CFD: 2014/09/30 22:52:18 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2015/08/10 19:58:06 - [] D -- C:\Program Files (x86)\Object Browser  =>PUP.Optional.ObjectBrowser
O43 - CFD: 2015/08/01 00:57:31 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2015/08/05 23:29:36 - [] D -- C:\Program Files (x86)\Personal Computer Software
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Program Files (x86)\Picexa  =>PUP.Optional.Picexa
O43 - CFD: 2015/03/01 15:42:48 - [] D -- C:\Program Files (x86)\R-Studio
O43 - CFD: 2014/09/30 23:05:11 - [] D -- C:\Program Files (x86)\Ralink Corporation
O43 - CFD: 2014/10/31 00:59:13 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Program Files (x86)\Sale Clipper  =>PUP.Optional.SaleClipper
O43 - CFD: 2015/08/10 19:37:56 - [] D -- C:\Program Files (x86)\SearchProtect  =>PUP.Optional.SearchProtect
O43 - CFD: 2015/08/10 19:59:41 - [] D -- C:\Program Files (x86)\Sense
O43 - CFD: 2014/10/31 01:17:49 - [] D -- C:\Program Files (x86)\ShopperPro  =>PUP.Optional.ShopperPro
O43 - CFD: 2015/07/04 18:39:24 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/09/30 21:59:31 - [] D -- C:\Program Files (x86)\SLD Codec Pack
O43 - CFD: 2015/03/09 19:36:23 - [] D -- C:\Program Files (x86)\Stata12
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Program Files (x86)\SupTab  =>PUP.Optional.SupTab
O43 - CFD: 2015/04/16 12:11:36 - [] D -- C:\Program Files (x86)\Sybase
O43 - CFD: 2014/09/30 21:59:52 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 2015/08/10 19:48:50 - [] D -- C:\Program Files (x86)\WebProtector  =>PUP.Optional.WebProtect
O43 - CFD: 2013/08/22 23:25:40 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/08/22 23:25:40 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2013/08/22 23:25:40 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2013/08/22 16:36:33 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 16:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/08/22 23:25:40 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2013/08/22 16:36:33 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 16:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 16:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Program Files (x86)\WordAnchor_1.10.0.19  =>PUP.Optional.WordAnchor
O43 - CFD: 2014/10/31 01:51:50 - [] D -- C:\Program Files (x86)\YTDownloader  =>PUP.Optional.YTDownloader
O43 - CFD: 2015/07/07 10:00:58 - [] HD -- C:\Program Files (x86)\Zero G Registry
O43 - CFD: 2013/08/22 16:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 23:27:43 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/08/22 16:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/09/30 23:18:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 2014/10/02 21:33:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
O43 - CFD: 2014/09/30 21:56:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
O43 - CFD: 2014/09/30 21:57:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/07 09:58:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
O43 - CFD: 2014/10/01 00:37:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
O43 - CFD: 2014/10/01 00:16:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico  =>PUA.KMSpico
O43 - CFD: 2014/11/15 17:41:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Petit Robert
O43 - CFD: 2013/08/22 16:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/09/30 22:04:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa  =>PUP.Optional.Picexa
O43 - CFD: 2015/07/11 16:27:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
O43 - CFD: 2015/05/04 20:53:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
O43 - CFD: 2014/10/19 16:43:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/09/30 21:59:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SLD Codec Pack
O43 - CFD: 2015/05/12 17:36:45 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/03/09 19:32:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stata 12
O43 - CFD: 2015/04/16 12:13:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sybase
O43 - CFD: 2013/08/22 16:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2013/08/22 23:27:43 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/09/30 21:59:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/07/01 00:17:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/02/05 22:24:42 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/08/10 17:22:00 - [] D -- C:\ProgramData\boost_interprocess
O43 - CFD: 2014/09/30 21:45:06 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2015/01/04 17:32:54 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/11/15 22:49:43 - [] D -- C:\ProgramData\EmailNotifier  =>PUP.Optional.EmailNotifier
O43 - CFD: 2015/08/11 01:29:31 - [] D -- C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b
O43 - CFD: 2015/08/11 01:24:54 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 2015/08/10 18:09:14 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/09/30 21:45:06 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2014/10/01 15:46:37 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/09/30 22:04:16 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/10/02 22:53:07 - [] D -- C:\ProgramData\MobileBrServ
O43 - CFD: 2014/09/30 21:45:06 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2015/08/10 17:56:10 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2014/09/30 22:53:23 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2014/09/30 22:52:20 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\ProgramData\P4G
O43 - CFD: 2015/04/16 12:14:19 - [] D -- C:\ProgramData\PowerAMC 15
O43 - CFD: 2014/09/30 23:05:13 - [] D -- C:\ProgramData\Ralink Bluetooth Stack
O43 - CFD: 2013/08/22 23:27:43 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/07/03 17:40:25 - [] D -- C:\ProgramData\SafeNet Sentinel
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\ProgramData\ShopperPro  =>PUP.Optional.ShopperPro
O43 - CFD: 2014/10/19 16:43:27 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2015/07/07 09:58:25 - [] D -- C:\ProgramData\SPSS
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/10/01 00:18:44 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/02/05 22:24:41 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2014/09/30 22:03:43 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2014/09/30 21:56:26 - [] D -- C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD: 2015/08/11 01:22:27 - [] D -- C:\Program Files (x86)\Common Files\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b
O43 - CFD: 2015/07/07 09:57:12 - [] D -- C:\Program Files (x86)\Common Files\IBM
O43 - CFD: 2014/09/30 22:50:44 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2014/09/30 23:04:23 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2014/09/30 21:56:32 - [] D -- C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 2013/08/22 16:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/10/19 16:43:26 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2015/07/05 01:30:54 - [] D -- C:\Program Files (x86)\Common Files\SPSS
O43 - CFD: 2014/09/30 22:01:38 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/02/05 22:24:42 - [] D -- C:\Users\user\AppData\Roaming\Adobe
O43 - CFD: 2015/08/11 01:00:51 - [] D -- C:\Users\user\AppData\Roaming\codeblocks
O43 - CFD: 2014/10/01 00:23:07 - [] D -- C:\Users\user\AppData\Roaming\CyberLink
O43 - CFD: 2014/11/28 14:44:39 - [] D -- C:\Users\user\AppData\Roaming\DivX
O43 - CFD: 2014/10/31 01:13:50 - [] D -- C:\Users\user\AppData\Roaming\DownLite
O43 - CFD: 2015/07/07 10:13:49 - [] D -- C:\Users\user\AppData\Roaming\Eclipse
O43 - CFD: 2015/08/10 19:41:43 - [] D -- C:\Users\user\AppData\Roaming\Elex-tech  =>PUP.Optional.Elex
O43 - CFD: 2014/10/02 21:09:50 - [] D -- C:\Users\user\AppData\Roaming\GRETECH
O43 - CFD: 2014/10/02 22:07:38 - [] D -- C:\Users\user\AppData\Roaming\Identities
O43 - CFD: 2015/08/10 19:47:30 - [] D -- C:\Users\user\AppData\Roaming\InetStat  =>PUP.Optional.InetStat
O43 - CFD: 2015/04/16 12:11:16 - [] D -- C:\Users\user\AppData\Roaming\InstallShield
O43 - CFD: 2015/07/10 12:59:45 - [] D -- C:\Users\user\AppData\Roaming\LaunchPad
O43 - CFD: 2014/11/30 03:55:51 - [] D -- C:\Users\user\AppData\Roaming\Macromedia
O43 - CFD: 2015/07/12 13:56:54 - [] SD -- C:\Users\user\AppData\Roaming\Microsoft
O43 - CFD: 2015/08/10 19:41:54 - [] D -- C:\Users\user\AppData\Roaming\Mozilla
O43 - CFD: 2015/08/05 18:27:32 - [] D -- C:\Users\user\AppData\Roaming\Notepad++
O43 - CFD: 2015/08/10 19:41:56 - [] D -- C:\Users\user\AppData\Roaming\Opera Software
O43 - CFD: 2015/08/10 19:47:31 - [] D -- C:\Users\user\AppData\Roaming\Picexa Viewer  =>PUP.Optional.Picexa
O43 - CFD: 2015/02/22 19:35:02 - [] D -- C:\Users\user\AppData\Roaming\R-TT
O43 - CFD: 2015/04/30 11:49:00 - [] D -- C:\Users\user\AppData\Roaming\RStudio
O43 - CFD: 2015/02/05 22:26:37 - [] D -- C:\Users\user\AppData\Roaming\sa.edu.ksa.ayat
O43 - CFD: 2015/07/03 17:17:25 - [] D -- C:\Users\user\AppData\Roaming\Shortcut
O43 - CFD: 2015/08/11 01:25:44 - [] D -- C:\Users\user\AppData\Roaming\Skype
O43 - CFD: 2015/03/01 15:23:48 - [0] D -- C:\Users\user\AppData\Roaming\Stata10
O43 - CFD: 2015/08/10 19:47:31 - [] D -- C:\Users\user\AppData\Roaming\sweet-page  =>PUP.Optional.SweetPage
O43 - CFD: 2015/05/12 17:36:46 - [] D -- C:\Users\user\AppData\Roaming\Temp
O43 - CFD: 2014/10/31 00:15:49 - [] D -- C:\Users\user\AppData\Roaming\Thinstall
O43 - CFD: 2015/08/10 19:47:31 - [] D -- C:\Users\user\AppData\Roaming\Updater
O43 - CFD: 2015/05/04 17:29:48 - [] D -- C:\Users\user\AppData\Roaming\vlc
O43 - CFD: 2015/08/10 19:47:31 - [] D -- C:\Users\user\AppData\Roaming\webssearches  =>PUP.Optional.WebsSearches
O43 - CFD: 2015/07/01 00:17:30 - [] D -- C:\Users\user\AppData\Roaming\WinRAR
O43 - CFD: 2015/08/11 01:33:27 - [] D -- C:\Users\user\AppData\Roaming\ZHP
O43 - CFD: 2015/02/05 22:24:35 - [] D -- C:\Users\user\AppData\Local\Adobe
O43 - CFD: 2014/09/30 21:52:18 - [0] SHD -- C:\Users\user\AppData\Local\Application Data
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Users\user\AppData\Local\ASUS
O43 - CFD: 2015/08/10 19:53:02 - [] D -- C:\Users\user\AppData\Local\avabvexvac
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Users\user\AppData\Local\bluesoleil
O43 - CFD: 2015/08/10 15:36:08 - [0] D -- C:\Users\user\AppData\Local\Browser Bus
O43 - CFD: 2015/08/01 00:51:45 - [] D -- C:\Users\user\AppData\Local\Chromium
O43 - CFD: 2014/10/31 01:02:15 - [] D -- C:\Users\user\AppData\Local\CrashRpt  =>.Legitimate.CrashReports
O43 - CFD: 2014/10/01 00:22:59 - [] D -- C:\Users\user\AppData\Local\CyberLink
O43 - CFD: 2015/08/03 01:16:34 - [] D -- C:\Users\user\AppData\Local\Diagnostics
O43 - CFD: 2015/06/07 18:49:40 - [0] D -- C:\Users\user\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/10/12 22:29:59 - [] D -- C:\Users\user\AppData\Local\Facebook
O43 - CFD: 2015/08/10 19:47:18 - [] D -- C:\Users\user\AppData\Local\Form Cooking
O43 - CFD: 2014/10/31 01:07:16 - [] D -- C:\Users\user\AppData\Local\globalUpdate  =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/10/01 15:51:02 - [] D -- C:\Users\user\AppData\Local\Google
O43 - CFD: 2014/09/30 21:52:18 - [0] SHD -- C:\Users\user\AppData\Local\Historique
O43 - CFD: 2015/08/10 19:38:13 - [] D -- C:\Users\user\AppData\Local\Installer  =>PUP.Optional.InstallPedia
O43 - CFD: 2014/10/28 20:58:31 - [] D -- C:\Users\user\AppData\Local\Intel_Corporation
O43 - CFD: 2015/07/07 10:13:40 - [] D -- C:\Users\user\AppData\Local\javasharedresources
O43 - CFD: 2015/07/12 13:47:48 - [] D -- C:\Users\user\AppData\Local\Microsoft
O43 - CFD: 2015/01/02 22:39:38 - [] D -- C:\Users\user\AppData\Local\Microsoft Help
O43 - CFD: 2015/08/10 17:56:19 - [] D -- C:\Users\user\AppData\Local\Mozilla
O43 - CFD: 2015/07/03 17:17:17 - [] D -- C:\Users\user\AppData\Local\Opera Software
O43 - CFD: 2014/10/19 16:29:04 - [] D -- C:\Users\user\AppData\Local\Packages
O43 - CFD: 2014/10/01 00:16:24 - [] D -- C:\Users\user\AppData\Local\Programs
O43 - CFD: 2015/08/11 01:00:30 - [] D -- C:\Users\user\AppData\Local\RStudio-Desktop
O43 - CFD: 2014/10/19 16:43:32 - [] D -- C:\Users\user\AppData\Local\Skype
O43 - CFD: 2015/08/11 01:33:42 - [] D -- C:\Users\user\AppData\Local\Temp
O43 - CFD: 2014/09/30 21:52:18 - [0] SHD -- C:\Users\user\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/10/31 00:15:49 - [] D -- C:\Users\user\AppData\Local\Thinstall
O43 - CFD: 2014/11/15 17:42:25 - [] D -- C:\Users\user\AppData\Local\VirtualStore
O43 - CFD: 2013/08/22 16:36:32 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 16:36:32 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/09/30 21:52:30 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/11/04 13:54:28 - [0] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
O43 - CFD: 2014/10/01 00:21:02 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
O43 - CFD: 2015/08/05 18:26:21 - [0] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat  =>PUP.Optional.InetStat
O43 - CFD: 2013/08/22 16:36:32 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/01 01:01:24 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2013/08/22 16:36:32 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/01 00:17:06 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/10/31 01:38:12 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader  =>PUP.Optional.YTDownloader

---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (18) - 23s
O45 - LFCP:[MD5.9B462130EB1F8628E2206AC5AEE15DCF] 2015/08/01 00:55:56 A -- C:\Windows\Prefetch\BACKUPSTACK.EXE-0A0E71E8.pf  =>PUP.Optional.MyPCBackup
O45 - LFCP:[MD5.0C96977A7757F2FCEF7451D9BBE0AE7A] 2015/08/06 01:24:29 A -- C:\Windows\Prefetch\CINEMAP-1.3C-BG.EXE-D8D5C4ED.pf  =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.5721FF044E3E9A607FD1D3E7D4BC4231] 2015/08/10 00:29:00 A -- C:\Windows\Prefetch\CINEMAP-1.3C-CODEDOWNLOADER.E-85255D32.pf  =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.69716CD17FEACD295CBC1342F3AFB325] 2015/08/06 01:13:02 A -- C:\Windows\Prefetch\INETSTAT.EXE-95D92388.pf  =>PUP.Optional.InetStat
O45 - LFCP:[MD5.858A08396AF7A6BAC8842D64C2E4E4AA] 2015/08/06 01:24:30 A -- C:\Windows\Prefetch\IWEBAR-BG.EXE-ADBB5123.pf  =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.71E974139A71E5C00BE089E12978BCEB] 2015/08/06 01:24:20 A -- C:\Windows\Prefetch\IWEBAR-BUTTONUTIL64.EXE-2A0498E2.pf  =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.F5F7E30277A45EAE8C26F2133EF909F9] 2015/08/11 01:07:00 A -- C:\Windows\Prefetch\IWEBAR-CODEDOWNLOADER.EXE-EDFC6328.pf  =>PUP.Optional.CrossRider
O45 - LFCP:[MD5.C6BDD151B8D24ACEC43A755576F6E1FE] 2015/07/03 16:04:46 A -- C:\Windows\Prefetch\JUNE15_3936_CORNL_SWEET-PAGE.-DD6F58C5.pf  =>PUP.Optional.SweetPage
O45 - LFCP:[MD5.92857D2360C332A08560330A738530CE] 2015/07/03 16:05:09 A -- C:\Windows\Prefetch\LIVEUPDATEWPP.EXE-BAACD31D.pf  =>PUP.Optional.WebProtector
O45 - LFCP:[MD5.BCD063CC05FF4B453C4741EBEA2F08BA] 2015/08/01 00:59:34 A -- C:\Windows\Prefetch\MYPC BACKUP.EXE-98FB306F.pf  =>PUP.Optional.MyPCBackup
O45 - LFCP:[MD5.80911062AA5C234B03E676A15E78F8E4] 2015/08/06 01:24:30 A -- C:\Windows\Prefetch\OBJECT BROWSER-BG.EXE-92CFBB55.pf  =>PUP.Optional.ObjectBrowser
O45 - LFCP:[MD5.FE90D612D72C6709BDC409ED3BCA1A25] 2015/08/06 01:24:20 A -- C:\Windows\Prefetch\OBJECT BROWSER-BUTTONUTIL64.E-F21D7174.pf  =>PUP.Optional.ObjectBrowser
O45 - LFCP:[MD5.0E69D93E4AAA83595CA5E4CF6C08C317] 2015/08/11 01:08:01 A -- C:\Windows\Prefetch\OBJECT BROWSER-CODEDOWNLOADER-BDEEF49A.pf  =>PUP.Optional.ObjectBrowser
O45 - LFCP:[MD5.E70D0D7CB8B46AE63B71F09B6AD92B6F] 2015/08/11 00:53:46 A -- C:\Windows\Prefetch\PICEXA.EXE-2C49876D.pf  =>PUP.Optional.Picexa
O45 - LFCP:[MD5.13DC5712D9B0E7F0B67EC574C22EBF6B] 2015/06/25 10:35:05 A -- C:\Windows\Prefetch\PICEXASVC.EXE-BE57AC91.pf  =>PUP.Optional.Picexa
O45 - LFCP:[MD5.97E26A692A23FBE46E8E5AF819A0745B] 2015/08/02 22:44:44 A -- C:\Windows\Prefetch\PRIVOXY.EXE-397FB0DC.pf  =>PUP.Optional.Privoxy
O45 - LFCP:[MD5.937AB4EA555B679192B81D6DE4354A65] 2015/08/01 00:59:47 A -- C:\Windows\Prefetch\SIGNUP WIZARD.EXE-CEFD4E77.pf  =>PUP.Optional.MyPCBackup
O45 - LFCP:[MD5.6568C6C3D39FEC1EAD61AB921B230710] 2015/07/03 16:04:47 A -- C:\Windows\Prefetch\WORDANCHOR-SETUP-1.10.0.19.EX-E28E87F7.pf  =>PUP.Optional.WordAnchor

---\\ Liste des pilotes du système (SDL) (O58) (77) - 2s
O58 - SDL:2015/07/31 22:46:31 A . (...) -- C:\Windows\System32\drivers\28fd9db5cf0b046.sys   [94680]
O58 - SDL:2013/08/22 13:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys   [108896]
O58 - SDL:2013/08/22 13:43:41 A . (.PMC-Sierra - PMC-Sierra Storport  Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys   [782176]
O58 - SDL:2013/08/22 13:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [79200]
O58 - SDL:2013/08/22 13:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [259424]
O58 - SDL:2013/08/22 13:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [25952]
O58 - SDL:2013/08/22 13:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [114016]
O58 - SDL:2013/10/09 06:52:16 A . (.ASUS - HID driver for ASUS Wireless Radio Control.) -- C:\Windows\System32\drivers\AsHIDSwitch64.sys   [20280]
O58 - SDL:2013/05/28 17:03:26 A . (.ASUS Corporation - Asus TP Filter Driver.) -- C:\Windows\System32\drivers\AsusTP.sys   [65784]
O58 - SDL:2013/08/13 00:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2  Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys   [17624]
O58 - SDL:2012/12/19 20:57:44 A . (.IVT Corporation - Bluelet Audio Adapter Driver.) -- C:\Windows\System32\drivers\blueletaudio.sys   [33968]
O58 - SDL:2012/06/15 10:22:02 A . (.IVT Corporation - Bluetooth Audio Bus Driver.) -- C:\Windows\System32\drivers\BtAudioBus.sys   [23136]
O58 - SDL:2012/07/19 16:47:40 A . (.Ralink Corporation - Bluetooth L2CAP_SCO Interface Profile Drive.) -- C:\Windows\System32\drivers\BtL2caScoIf.sys   [56904]
O58 - SDL:2013/08/22 13:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys   [531296]
O58 - SDL:2013/04/22 03:13:30 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\System32\drivers\DptfDevPch.sys   [57216]
O58 - SDL:2013/04/22 03:13:30 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\System32\drivers\DptfDevProc.sys   [120256]
O58 - SDL:2013/04/22 03:13:30 A . (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Frame.) -- C:\Windows\System32\drivers\DptfManager.sys   [200808]
O58 - SDL:2013/08/22 13:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys   [3357024]
O58 - SDL:2014/11/03 22:46:41 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys   [117248]
O58 - SDL:2014/11/03 22:46:41 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys   [87040]
O58 - SDL:2014/11/03 22:46:41 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys   [98304]
O58 - SDL:2014/11/03 22:46:41 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys   [72192]
O58 - SDL:2014/11/03 22:46:41 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys   [28672]
O58 - SDL:2014/11/03 22:46:41 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys   [13952]
O58 - SDL:2013/08/22 13:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [64352]
O58 - SDL:2013/07/30 19:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys   [24568]
O58 - SDL:2013/07/25 20:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys   [99320]
O58 - SDL:2013/11/16 04:59:44 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys   [632168]
O58 - SDL:2013/08/10 01:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys   [651248]
O58 - SDL:2013/08/22 13:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys   [412000]
O58 - SDL:2013/10/01 12:02:30 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys   [4177920]
O58 - SDL:2014/02/11 18:24:36 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys   [450520]
O58 - SDL:2014/02/07 03:25:47 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\intelaud.sys   [38296]
O58 - SDL:2015/05/06 04:27:33 A . (.Elex do Brasil Participações Ltda - iSafe Kernel Boot Driver.) -- C:\Windows\System32\drivers\iSafeKrnlBoot.sys   [53568]  =>PUP.Optional.YetAnotherCleaner
O58 - SDL:2015/04/17 03:43:55 A . (...) -- C:\Windows\System32\drivers\iSafeNetFilter.sys   [52392]  =>PUP.Optional.YetAnotherCleaner
O58 - SDL:2013/03/25 10:03:44 A . (.Ralink Corporation - Bluetooth Filter Driver.) -- C:\Windows\System32\drivers\IvtUrbBtFlt.sys   [49584]
O58 - SDL:2013/08/22 23:51:12 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\drivers\iwdbus.sys   [26008]
O58 - SDL:2012/08/02 04:22:48 A . (. - Keyboard Filter Driver.) -- C:\Windows\System32\drivers\kbfiltr.sys   [14992]
O58 - SDL:2014/02/20 11:59:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys   [457824]
O58 - SDL:2012/07/27 17:38:24 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klelam.sys   [29616]
O58 - SDL:2014/10/04 23:25:44 A . (.Kaspersky Lab ZAO - Filter Core [fre_win8_x64].) -- C:\Windows\System32\drivers\klflt.sys   [141376]
O58 - SDL:2014/04/10 16:25:32 A . (.Kaspersky Lab ZAO - KLHK [fre_win8_x64].) -- C:\Windows\System32\drivers\klhk.sys   [243808]
O58 - SDL:2014/10/04 23:25:44 A . (.Kaspersky Lab ZAO - Klif Mini-Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klif.sys   [769600]
O58 - SDL:2014/02/25 12:09:02 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\System32\drivers\klim6.sys   [30304]
O58 - SDL:2014/03/28 16:51:02 A . (.Kaspersky Lab ZAO - KLKBDFLT Keyboard Device Filter [fre_win8_x.) -- C:\Windows\System32\drivers\klkbdflt.sys   [28768]
O58 - SDL:2013/08/08 16:11:00 A . (.Kaspersky Lab ZAO - KLMOUFLT Mouse Device Filter [fre_win8_x64].) -- C:\Windows\System32\drivers\klmouflt.sys   [29280]
O58 - SDL:2013/04/12 14:34:48 A . (.Kaspersky Lab ZAO - KLPD [fre_wnet_x64].) -- C:\Windows\System32\drivers\klpd.sys   [15456]
O58 - SDL:2014/03/19 16:00:38 A . (.Kaspersky Lab ZAO - Network filtering component [fre_win8_x64].) -- C:\Windows\System32\drivers\klwfp.sys   [67680]
O58 - SDL:2014/03/26 16:05:28 A . (.Kaspersky Lab ZAO - KNEPS Power [fre_wnet_amd64].) -- C:\Windows\System32\drivers\kneps.sys   [179296]
O58 - SDL:2013/08/22 13:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [109408]
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [93536]
O58 - SDL:2013/08/22 13:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys   [81760]
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys   [82784]
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [56672]
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys   [575840]
O58 - SDL:2013/08/22 13:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys   [63840]
O58 - SDL:2014/01/01 17:22:16 A . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28x.sys   [2499248]
O58 - SDL:2014/02/08 19:34:51 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys   [12324640]
O58 - SDL:2014/02/08 19:34:51 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvpciflt.sys   [32544]
O58 - SDL:2013/08/22 13:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [150368]
O58 - SDL:2013/08/22 13:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [168288]
O58 - SDL:2014/01/08 14:24:10 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys   [848088]
O58 - SDL:2013/12/27 10:34:44 A . (.Ralink Technology, Corp. - Ralink Bluetooth Adapter.) -- C:\Windows\System32\drivers\rtbth.sys   [1205448]
O58 - SDL:2014/02/18 21:43:42 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys   [3867224]
O58 - SDL:2014/01/03 13:34:28 A . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\Windows\System32\drivers\RtsPer.sys   [465624]
O58 - SDL:2013/08/22 16:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [23040]
O58 - SDL:2013/08/22 13:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [44896]
O58 - SDL:2013/08/22 13:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [81760]
O58 - SDL:2013/12/12 11:07:06 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys   [33592]
O58 - SDL:2013/08/22 13:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys   [31072]
O58 - SDL:2013/01/10 19:41:06 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys   [468720]
O58 - SDL:2013/08/22 13:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys   [40664]
O58 - SDL:2013/12/10 07:27:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys   [100312]
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [19808]
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [168800]
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS   [305504]
O58 - SDL:2015/06/15 23:21:46 A . (.WA - WA WFP Driver x64.) -- C:\Windows\System32\drivers\wafd_1_10_0_19.sys   [57728]  =>PUP.Optional.WordAnchor

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (6) - 23s
O61 - LFC: 2015/08/04 20:12:38 A . (..) -- C:\Users\user\AppData\Roaming\InetStat\inetstat.exe   [840206]  =>PUP.Optional.InetStat
O61 - LFC: 2015/08/05 18:11:34 A . (.Eclipse Foundation.) -- C:\Users\user\AppData\Roaming\Eclipse\com.ibm.spss.statistics.help_19\configuration\nl\fr_FR\org.eclipse.osgi\bundles\62\1\.cp\swt-win32-3448.dll   [335872]
O61 - LFC: 2015/08/10 19:32:19 A . (..) -- C:\Users\user\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin   [269992]
O61 - LFC: 2015/08/09 21:56:11 A . (..) -- C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\OO12G1KY\run[1].exe   [6656]
O61 - LFC: 2015/08/10 20:30:22 A . (..) -- C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\LCVI87XQ\run[1].exe   [6656]
O61 - LFC: 2015/08/11 01:26:30 A . (..) -- C:\Users\user\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin   [1113849]

---\\ Associations Shell Spawning (O67) (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Menu de démarrage Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- iexplore.exe 
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (5) - 0s
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Trovi search) - http://do-search.com/  =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://do-search.com/  =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://do-search.com/  =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (Search The Web) - http://do-search.com/  =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://do-search.com/  =>PUP.Optional.DoSearches

---\\ Enumère les services démarrés par Svchost (SSS) (O83) (34) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [207360]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll   [155136]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll   [155136]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll   [324608]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [1311744]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [1102336]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll   [903168]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [109568]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll   [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [107008]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll   [1212416]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll   [220672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\system32\mmcss.dll   [70656]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll   [220672]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll   [326656]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll   [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [336896]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Wi.) -- C:\Windows\System32\GeofenceMonitorService.dll   [491520]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\system32\wlidsvc.dll   [1563136]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll   [50688]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll   [201728]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Micro.) -- C:\Windows\System32\ncasvc.dll   [164352]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll   [101376]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à dista.) -- C:\Windows\System32\rasmans.dll   [534016]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [223744]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\sens.dll   [71680]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll   [433152]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll   [306688]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\system32\wuaueng.dll   [3524096]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll   [1017856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [629760]

---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (37) - 1s
O87 - FAEL: "{87F55787-00FB-4977-93F7-3D5CD2219ED5}" [In-None-P6-TRUE] .(.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O87 - FAEL: "{DC10A609-5C7C-4959-BB5B-887CF68F53CD}" [In-None-P17-TRUE] .(.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O87 - FAEL: "{BC0E1779-15AF-4D42-A8E5-16083BE35915}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe  =>PUA.KMSpico
O87 - FAEL: "{948B7FE9-FABA-4E17-A3E6-E4B8EE233906}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\KMSELDI.exe  =>PUA.KMSpico
O87 - FAEL: "{1FBBAF2A-07AF-4D53-ABB6-523BDE4C2CF1}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe  =>PUA.KMSpico
O87 - FAEL: "{16E11293-A784-4E35-8110-2E2555AE7F75}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe  =>PUA.KMSpico
O87 - FAEL: "{21497696-F36A-410C-AC73-9201B13559C6}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe  =>PUA.KMSpico
O87 - FAEL: "{2966A823-A74D-46EF-81E3-7A7DD5E81C74}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe  =>PUA.KMSpico
O87 - FAEL: "{9B63300E-5202-463D-9C32-94E9BD52E721}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\dlsecuretb\dtUser.exe
O87 - FAEL: "{C831FAAF-E74D-479A-894D-28222BD46E62}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\dlsecuretb\dtUser.exe
O87 - FAEL: "{E01C1549-8D7B-4222-A99C-F0CB3AE904C1}" [In-None-P6-TRUE] .(...) -- C:\ProgramData\EmailNotifier\EmailNotifier.exe
O87 - FAEL: "{42E35640-C388-4638-8B80-3BAF45F20CD8}" [In-None-P17-TRUE] .(...) -- C:\ProgramData\EmailNotifier\EmailNotifier.exe
O87 - FAEL: "{86D0AF74-6F3A-473A-9FBD-3719FBFFEDB9}" [In-None-P6-TRUE] .(.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O87 - FAEL: "{86BC28A8-423E-46B7-A0F6-2F67A2B69F46}" [In-None-P17-TRUE] .(.IVT Corporation - Bluetooth Application.) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O87 - FAEL: "{0D1BEFFD-8A26-4962-8452-CD965B6F4A62}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe  =>PUA.KMSpico
O87 - FAEL: "{0FA3CA0B-32AB-40EB-A3A8-F794684ADDF9}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\AutoPico.exe  =>PUA.KMSpico
O87 - FAEL: "{70A4FF28-D299-4E90-A33E-270C78C1B21C}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe  =>PUA.KMSpico
O87 - FAEL: "{C84B5D37-9DC1-4B7D-8335-03DF630AAB11}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSpico\Service_KMS.exe  =>PUA.KMSpico
O87 - FAEL: "{2BC0143D-B440-423C-A189-AE70C8BE2010}" [In-None-P17-TRUE] .(...) -- C:\Users\user\AppData\Local\Chromium\Application\chrome.exe (.not file.)
O87 - FAEL: "{9B0D10A8-15F3-4EE3-9000-807AE62E86D7}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\SPSSWinWrapIDE.exe (.not file.)
O87 - FAEL: "{50D8B695-E454-4F88-AE2D-F5E0D476BB77}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\SPSSWinWrapIDE.exe (.not file.)
O87 - FAEL: "{547A527F-14B9-4AB7-AE50-4F93F2A1AD05}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\statistics.com (.not file.)
O87 - FAEL: "{85196ABC-C16B-4D3F-9E34-BD017674E6A4}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\statistics.com (.not file.)
O87 - FAEL: "{47FE7A42-FE85-48DB-8813-B6BCA48F9073}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\statistics.exe (.not file.)
O87 - FAEL: "{477687CB-7B1D-4FB1-856A-53D414D59F93}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\statistics.exe (.not file.)
O87 - FAEL: "{9384B228-F280-417A-9C7B-7016B82CE0F3}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\SPSSWinWrapIDE.exe (.not file.)
O87 - FAEL: "{DA4858BF-9076-4D7D-AF69-9BB7913912DD}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\SPSSWinWrapIDE.exe (.not file.)
O87 - FAEL: "{702638FC-889C-4E7B-AC99-FC05CB0C6CBF}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\statistics.com (.not file.)
O87 - FAEL: "{1A75B54F-C1F9-4C27-B540-F5A4E06F9ED5}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\statistics.com (.not file.)
O87 - FAEL: "{D678C5B5-FCF6-498F-A65A-BC54B76CCA01}" [In-None-P6-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\statistics.exe (.not file.)
O87 - FAEL: "{94F900BC-55B2-4A8E-A6E8-5A98A6E981CC}" [In-None-P17-FALSE] .(...) -- C:\Program Files (x86)\SPSSInc\Statistics17\statistics.exe (.not file.)
O87 - FAEL: "{6B66FD8B-7F74-4360-BA83-A265BD0F2608}" [In-None-P6-FALSE] .(.SPSS Inc. - IBM SPSS Statistics 19 Command.) -- C:\Program Files (x86)\IBM\SPSS\Statistics\19\stats.com
O87 - FAEL: "{AF9E21AA-33D7-4079-966B-B9BFBA5C95F1}" [In-None-P17-FALSE] .(.SPSS Inc. - IBM SPSS Statistics 19 Command.) -- C:\Program Files (x86)\IBM\SPSS\Statistics\19\stats.com
O87 - FAEL: "{1E3A7D07-5303-4E5E-BFA3-60A404DADBAF}" [In-None-P6-FALSE] .(.SPSS Inc. - IBM SPSS Statistics 19.) -- C:\Program Files (x86)\IBM\SPSS\Statistics\19\stats.exe
O87 - FAEL: "{1C47D203-7220-4F41-A54C-74E356439D73}" [In-None-P17-FALSE] .(.SPSS Inc. - IBM SPSS Statistics 19.) -- C:\Program Files (x86)\IBM\SPSS\Statistics\19\stats.exe
O87 - FAEL: "{453B33F8-80E2-491B-80F7-A20C98555D2E}" [In-None-P6-FALSE] .(.SPSS Inc. - IBM SPSS Statistics 19 WinWrap Basic IDE.) -- C:\Program Files (x86)\IBM\SPSS\Statistics\19\WinWrapIDE.exe
O87 - FAEL: "{2DCE3C9A-BAE4-4876-9214-D4302E92BC94}" [In-None-P17-FALSE] .(.SPSS Inc. - IBM SPSS Statistics 19 WinWrap Basic IDE.) -- C:\Program Files (x86)\IBM\SPSS\Statistics\19\WinWrapIDE.exe

---\\ Recherche de clés de registre Tracing (O100) (2) - 0s
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32  =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS  =>PUP.Optional.MyPCBackup

---\\ Scan Additionnel (O88) (224) - 0s
C:\Program Files\Common Files\ShopperPro\spbiu.exe  =>PUP.Optional.ShopperPro
C:\Program Files (x86)\Common Files\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\updater.exe  =>PUP.Optional.CrossRider
C:\Program Files (x86)\CinemaP-1.3c\03028fde-b6ef-4928-878a-0e9ddec76e17-6.exe  =>PUP.Optional.CrossRider
C:\Program Files (x86)\iWebar\8b41f82b-0f18-4f5d-9626-96e37d948ed4-6.exe  =>PUP.Optional.CrossRider
C:\Program Files (x86)\Object Browser\5c6c93c5-f845-49dd-a422-09ff1a8de928-6.exe  =>PUP.Optional.ObjectBrowser
C:\Program Files (x86)\CinemaP-1.3c\dfc00529-3a2c-483f-9afd-ec4fabc47dbd.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugincontainer.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\6\Plugin.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\10\Plugin.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\7\Plugin.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\8\Plugin.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\5\Plugin.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\2\Plugin.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\3\Plugin.exe  =>PUP.Optional.CrossRider
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugins\12\Plugin.exe  =>PUP.Optional.CrossRider
C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll  =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311281150}  =>PUP.Optional.ObjectBrowser
C:\Program Files (x86)\iWebar\iWebar-bho64.dll  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611511123}  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b18906df-1dfa-4d50-8a1f-7d076a8c87b7}  =>PUP.Optional.SaleClipper
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3C24E2B-C820-4492-9B69-11BF7163F998}  =>PUP.Optional.SecureSoft
C:\Program Files (x86)\WebProtector\WebProtector.dll  =>PUP.Optional.WebProtector
HKLM\SYSTEM\CurrentControlSet\Services\iSafeService  =>PUP.Optional.YetAnotherCleaner
C:\Program Files (x86)\Elex-tech\YAC\iSafeSvc.exe  =>PUP.Optional.YetAnotherCleaner
HKLM\SYSTEM\CurrentControlSet\Services\LiveUpdateWPP Manager  =>PUP.Optional.WebProtector
C:\Program Files (x86)\LiveUpdateWPP\LiveUpdateWPP.exe  =>PUP.Optional.WebProtector
HKLM\SYSTEM\CurrentControlSet\Services\PicexaService  =>PUP.Optional.Picexa
C:\Program Files (x86)\Picexa\PicexaSvc.exe  =>PUP.Optional.Picexa
HKLM\SYSTEM\CurrentControlSet\Services\PrivoxyService  =>PUP.Optional.Privoxy
C:\Program Files (x86)\Megasoft Security\privoxy.exe  =>PUP.Optional.Privoxy
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI  =>PUA.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe  =>PUA.KMSpico
HKLM\SYSTEM\CurrentControlSet\Services\Service Mgr SaleClipper  =>PUP.Optional.SaleClipper
C:\ProgramData\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\plugincontainer.exe  =>PUP.Optional.SaleClipper
HKLM\SYSTEM\CurrentControlSet\Services\SPBIUpd  =>PUP.Optional.ShopperPro
HKLM\SYSTEM\CurrentControlSet\Services\Update Mgr SaleClipper  =>PUP.Optional.SaleClipper
C:\Program Files (x86)\Common Files\f43a0a22-b5b9-43e4-9c6f-705bf4e40c7b\updater.exe  =>PUP.Optional.SaleClipper
HKLM\SYSTEM\CurrentControlSet\Services\wasvc_1.10.0.19  =>PUP.Optional.Generic
C:\Program Files (x86)\WordAnchor_1.10.0.19\Service\wasvc.exe  =>PUP.Optional.Generic
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-1.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-11.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-2.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-3.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-4.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-5.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-5_user.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-6.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-7.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-1.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-11.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-2.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-3.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-4.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-5.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-5_user.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-6.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-7.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-1.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-11.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-2.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-3.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-4.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-5.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-5_user.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-6.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-7.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-1.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-11.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-2.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-4.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-5.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-5_user.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-6.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-7.job  =>PUP.Optional.CrossRider
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job  =>PUP.Optional.GlobalUpdate
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job  =>PUP.Optional.GlobalUpdate
C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-11  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-2  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-3  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-4  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-5  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-5_user  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\03028fde-b6ef-4928-878a-0e9ddec76e17-6  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-1  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-11  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-3  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-4  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-5  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-5_user  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-6  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\5c6c93c5-f845-49dd-a422-09ff1a8de928-7  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-1  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-11  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-3  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-4  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-5  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-5_user  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-6  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\80e8d410-b2f7-435c-82bd-72d5842bedfd-7  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-1  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-11  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-2  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-4  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-5  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-5_user  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-6  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\8b41f82b-0f18-4f5d-9626-96e37d948ed4-7  =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\AutoPico Daily Restart  =>PUA.KMSpico
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore  =>PUP.Optional.GlobalUpdate
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA  =>PUP.Optional.GlobalUpdate
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1  =>PUA.KMSpico
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.3c  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iSafe  =>PUP.Optional.Elex
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iWebar  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\LiveUpdateWPP  =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser  =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Picexa  =>PUP.Optional.Picexa
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Sale Clipper  =>PUP.Optional.SaleClipper
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect  =>PUP.Optional.SearchProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro  =>PUP.Optional.ShopperPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstall  =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WebProtector  =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall  =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect  =>PUP.Optional.Fuyu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WordAnchor_1.10.0.19  =>PUP.Optional.WordAnchor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader  =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InetStat  =>PUP.Optional.InetStat
HKLM\SOFTWARE\Wow6432Node\000ac3b4-5ea6-4a3b-9f11-30dc3ce3ee7f  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\7b395e1e-ab35-4592-94df-4dd315ccc2bd  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\a3726d6e-1d0a-4fed-996f-ad27e1082d8e  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\b2ee8ba1-5b1f-4333-9c46-818e525c3964  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\c6646b42-24e1-409d-9113-5ef8c4e599fe  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.3c  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\CinemaP-1.3c-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\delta-homesSoftware  =>PUP.Optional.DeltaHomes
HKLM\SOFTWARE\Wow6432Node\ErrorLists-crcodedownloader  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\f0f07bc1-28b9-4b67-99eb-cb0a483b004d  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\f580f8fc-3cc6-4e06-8425-f973bdb6aa2b  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ff47689d-df81-4df6-9b46-8333d485d937  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\iWebar  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\iWebar-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\LiveUpdateWPP  =>PUP.Optional.WebProtector
HKLM\SOFTWARE\Wow6432Node\Object Browser  =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\Object Browser-nv  =>PUP.Optional.ObjectBrowser
HKLM\SOFTWARE\Wow6432Node\Picexa  =>PUP.Optional.Picexa
HKLM\SOFTWARE\Wow6432Node\PicexaSvc  =>PUP.Optional.Picexa
HKLM\SOFTWARE\Wow6432Node\SaleClipper  =>PUP.Optional.SaleClipper
HKLM\SOFTWARE\Wow6432Node\SearchProtect  =>PUP.Optional.SearchProtect
HKLM\SOFTWARE\Wow6432Node\SecureWebChannel  =>PUP.Optional.SecureSoft
HKLM\SOFTWARE\Wow6432Node\Sense-nv  =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\SPPDCOM  =>PUP.Optional.PCSpeedUp
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware  =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\WebProtector  =>PUP.Optional.BProtector
HKLM\SOFTWARE\Wow6432Node\webssearchesSoftware  =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\Wow6432Node\WordAnchor_1.10.0.19  =>PUP.Optional.WordAnchor
HKLM\SOFTWARE\Wow6432Node\YTDownloader  =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\ForumerIT  =>Toolbar.Forumer
HKCU\SOFTWARE\InetStat  =>PUP.Optional.InetStat
HKCU\SOFTWARE\ProductSetup  =>PUP.Optional.InstallCore
HKCU\SOFTWARE\SupHpUISoft  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\V9  =>PUP.Optional.V9Software
HKCU\SOFTWARE\Vittalia  =>PUP.Optional.Vittalia
HKCU\SOFTWARE\YTDownloader  =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\AppDataLow\Software\CinemaP-1.3c  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\iWebar  =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Object Browser  =>PUP.Optional.ObjectBrowser
C:\Program Files (x86)\CinemaP-1.3c  =>PUP.Optional.CrossRider
C:\Program Files (x86)\e253af97-89b9-4831-8b49-6c20bab475d2  =>PUP.Optional.CrossRider
C:\Program Files (x86)\Elex-tech  =>PUP.Optional.Elex
C:\Program Files (x86)\iWebar  =>PUP.Optional.CrossRider
C:\Program Files (x86)\LiveUpdateWPP  =>PUP.Optional.WebProtector
C:\Program Files (x86)\Object Browser  =>PUP.Optional.ObjectBrowser
C:\Program Files (x86)\Picexa  =>PUP.Optional.Picexa
C:\Program Files (x86)\Sale Clipper  =>PUP.Optional.SaleClipper
C:\Program Files (x86)\SearchProtect  =>PUP.Optional.SearchProtect
C:\Program Files (x86)\ShopperPro  =>PUP.Optional.ShopperPro
C:\Program Files (x86)\SupTab  =>PUP.Optional.SupTab
C:\Program Files (x86)\WebProtector  =>PUP.Optional.WebProtect
C:\Program Files (x86)\WordAnchor_1.10.0.19  =>PUP.Optional.WordAnchor
C:\Program Files (x86)\YTDownloader  =>PUP.Optional.YTDownloader
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico  =>PUA.KMSpico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa  =>PUP.Optional.Picexa
C:\ProgramData\EmailNotifier  =>PUP.Optional.EmailNotifier
C:\ProgramData\ShopperPro  =>PUP.Optional.ShopperPro
C:\Users\user\AppData\Roaming\Elex-tech  =>PUP.Optional.Elex
C:\Users\user\AppData\Roaming\InetStat  =>PUP.Optional.InetStat
C:\Users\user\AppData\Roaming\Picexa Viewer  =>PUP.Optional.Picexa
C:\Users\user\AppData\Roaming\sweet-page  =>PUP.Optional.SweetPage
C:\Users\user\AppData\Roaming\webssearches  =>PUP.Optional.WebsSearches
C:\Users\user\AppData\Local\CrashRpt  =>.Legitimate.CrashReports
C:\Users\user\AppData\Local\globalUpdate  =>PUP.Optional.GlobalUpdate
C:\Users\user\AppData\Local\Installer  =>PUP.Optional.InstallPedia
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat  =>PUP.Optional.InetStat
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader  =>PUP.Optional.YTDownloader
C:\Windows\Prefetch\BACKUPSTACK.EXE-0A0E71E8.pf  =>PUP.Optional.MyPCBackup
C:\Windows\Prefetch\CINEMAP-1.3C-BG.EXE-D8D5C4ED.pf  =>PUP.Optional.CrossRider
C:\Windows\Prefetch\CINEMAP-1.3C-CODEDOWNLOADER.E-85255D32.pf  =>PUP.Optional.CrossRider
C:\Windows\Prefetch\INETSTAT.EXE-95D92388.pf  =>PUP.Optional.InetStat
C:\Windows\Prefetch\IWEBAR-BG.EXE-ADBB5123.pf  =>PUP.Optional.CrossRider
C:\Windows\Prefetch\IWEBAR-BUTTONUTIL64.EXE-2A0498E2.pf  =>PUP.Optional.CrossRider
C:\Windows\Prefetch\IWEBAR-CODEDOWNLOADER.EXE-EDFC6328.pf  =>PUP.Optional.CrossRider
C:\Windows\Prefetch\JUNE15_3936_CORNL_SWEET-PAGE.-DD6F58C5.pf  =>PUP.Optional.SweetPage
C:\Windows\Prefetch\LIVEUPDATEWPP.EXE-BAACD31D.pf  =>PUP.Optional.WebProtector
C:\Windows\Prefetch\MYPC BACKUP.EXE-98FB306F.pf  =>PUP.Optional.MyPCBackup
C:\Windows\Prefetch\OBJECT BROWSER-BG.EXE-92CFBB55.pf  =>PUP.Optional.ObjectBrowser
C:\Windows\Prefetch\OBJECT BROWSER-BUTTONUTIL64.E-F21D7174.pf  =>PUP.Optional.ObjectBrowser
C:\Windows\Prefetch\OBJECT BROWSER-CODEDOWNLOADER-BDEEF49A.pf  =>PUP.Optional.ObjectBrowser
C:\Windows\Prefetch\PICEXA.EXE-2C49876D.pf  =>PUP.Optional.Picexa
C:\Windows\Prefetch\PICEXASVC.EXE-BE57AC91.pf  =>PUP.Optional.Picexa
C:\Windows\Prefetch\PRIVOXY.EXE-397FB0DC.pf  =>PUP.Optional.Privoxy
C:\Windows\Prefetch\SIGNUP WIZARD.EXE-CEFD4E77.pf  =>PUP.Optional.MyPCBackup
C:\Windows\Prefetch\WORDANCHOR-SETUP-1.10.0.19.EX-E28E87F7.pf  =>PUP.Optional.WordAnchor
C:\Windows\System32\drivers\iSafeKrnlBoot.sys  =>PUP.Optional.YetAnotherCleaner
C:\Windows\System32\drivers\iSafeNetFilter.sys  =>PUP.Optional.YetAnotherCleaner
C:\Windows\System32\drivers\wafd_1_10_0_19.sys  =>PUP.Optional.WordAnchor
C:\Users\user\AppData\Roaming\InetStat\inetstat.exe  =>PUP.Optional.InetStat
C:\Program Files\KMSpico\KMSELDI.exe  =>PUA.KMSpico
C:\Program Files\KMSpico\AutoPico.exe  =>PUA.KMSpico
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc  =>PUP.Optional.SearchProtect
C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe  =>PUP.Optional.SearchProtect
HKLM\SYSTEM\CurrentControlSet\Services\wasvc_1.10.0.19  =>PUP.Optional.WordAnchor
C:\Program Files (x86)\WordAnchor_1.10.0.19\Service\wasvc.exe  =>PUP.Optional.WordAnchor
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32  =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS  =>PUP.Optional.MyPCBackup

---\\ Récapitulatif des éléments trouvées sur votre station (35) - 0s
http://www.nicolascoolman.fr/pup-shopperpro/  =>PUP.Optional.ShopperPro
http://www.nicolascoolman.fr/pup-crossrider/  =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/pup-objectbrowser/  =>PUP.Optional.ObjectBrowser
http://www.nicolascoolman.fr/pup-sweetpage/  =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/hijacker-qvo6/  =>PUP.Optional.Qvo6
http://www.nicolascoolman.fr/pup-optional-saleclipper/  =>PUP.Optional.SaleClipper
http://www.nicolascoolman.fr/blog  =>PUP.Optional.SecureSoft
http://www.nicolascoolman.fr/blog  =>PUP.Optional.WebProtector
http://www.nicolascoolman.fr/blog  =>PUP.Optional.YetAnotherCleaner
http://www.nicolascoolman.fr/blog  =>PUP.Optional.Picexa
http://www.nicolascoolman.fr/blog  =>PUP.Optional.Privoxy
http://www.nicolascoolman.fr/pup-kmspico/  =>PUA.KMSpico
http://www.nicolascoolman.fr/blog  =>PUP.Optional.Generic
http://www.nicolascoolman.fr/pup-globalupdate/  =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/pup-elex/  =>PUP.Optional.Elex
http://www.nicolascoolman.fr/pup-searchprotect/  =>PUP.Optional.SearchProtect
http://www.nicolascoolman.fr/hijacker-webssearches/  =>PUP.Optional.WebsSearches
http://www.nicolascoolman.fr/trojan-fuyu/  =>PUP.Optional.Fuyu
http://www.nicolascoolman.fr/pup-wordanchor/  =>PUP.Optional.WordAnchor
http://www.nicolascoolman.fr/pup-ytdownloader/  =>PUP.Optional.YTDownloader
http://www.nicolascoolman.fr/pup-inetstat//  =>PUP.Optional.InetStat
http://www.nicolascoolman.fr/blog  =>PUP.Optional.DeltaHomes
http://www.nicolascoolman.fr/rogue-pcspeedup/  =>PUP.Optional.PCSpeedUp
http://www.nicolascoolman.fr/pup-bprotector/  =>PUP.Optional.BProtector
http://www.nicolascoolman.fr/toolbar-forumer/  =>Toolbar.Forumer
http://www.nicolascoolman.fr/adware-installcore/  =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/pup-v9software/  =>PUP.Optional.V9Software
http://www.nicolascoolman.fr/pup-vittalia/  =>PUP.Optional.Vittalia
http://www.nicolascoolman.fr/pup-suptab/  =>PUP.Optional.SupTab
http://www.nicolascoolman.fr/blog  =>PUP.Optional.WebProtect
http://www.nicolascoolman.fr/blog  =>PUP.Optional.EmailNotifier
http://www.nicolascoolman.fr/blog  =>.Legitimate.CrashReports
http://www.nicolascoolman.fr/adware-installpedia/  =>PUP.Optional.InstallPedia
http://www.nicolascoolman.fr/pup-mypcbackup/  =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/pup-dosearches/  =>PUP.Optional.DoSearches

~ End of the scan, 20210 items in 165 seconds (1204)(0)()