Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2015.5.17.49 - Nicolas Coolman (17/05/2015)
~ Lancé par GIRAUX (22/05/2015 13:23:56)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.17357 (Defaut)
GCIE: Google Chrome v42.0.2311.152
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : 7XH36
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8, 64-bit (Build 9200)
---\\ Logiciels de protection du système
Windows Defender W8 (Activate)
---\\ Logiciels d'optimisation du système
CCleaner v5.05
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
---\\ Informations sur le système
~ Processor: AMD64 Family 22 Model 0 Stepping 1, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3525 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 409 GB (90%) free of 451 GB
---\\ Mode de connexion au système
~ Computer Name: PORTABLE
~ User Name: GIRAUX
~ All Users Names: GIRAUX, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\GIRAUX\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\GIRAUX\AppData\Roaming\
~ %Desktop% : C:\Users\GIRAUX\Desktop\
~ %Favorites% : C:\Users\GIRAUX\Favorites\
~ %LocalAppData% : C:\Users\GIRAUX\AppData\Local\
~ %StartMenu% : C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 409 Go of 451 Go)
D: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.1AE81E63F2B5030C874E89E5E667AAEC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2015 - 14:53:34.) -- C:\Windows\System32\wininet.dll [2237440]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04/07/2014 - 11:52:10.) -- C:\Windows\system32\Drivers\volsnap.sys [328000]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/373
~ Mes musiques (My Musics) : 29/1038
~ Mes Favoris (My Favorites) : 1/6
~ Mon Bureau (My Desktop) : 1/3
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés
[MD5.C1DCF54DA67BA34970C1F9A139F7302B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872] [PID.240]
[MD5.3F214479B626B10649F0D0CD070D2D7E] - (.Pas de propriétaire - srptm.) -- C:\Program Files (x86)\LPT\srptm.exe [24608] [PID.5092] =>Adware.Incredibar
[MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8209408] [PID.4528]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [AdBlock]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark Manager]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
~ Google Lines Browser: 18 Scanned in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 21 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro.dll =>PUP.ShopperPro
O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} Clé orpheline
~ BHO: 3 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [GIRAUX]: Crossbrowse.lnk . (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - GS\QuickLaunch [GIRAUX]: speed browser.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\browser.exe (.not file.) =>PUP.SpeedBrowser
O4 - GS\Program [GIRAUX]: Internet Explorer.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\browser.exe (.not file.) =>PUP.SpeedBrowser
~ Global Startup: 4 Scanned in 00mn 04s
---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [GIRAUX]: crossbrowse.lnk . (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [3D BubbleSound] C:\Program Files\BubbleSound\3D BubbleSound.exe (.not file.) =>PUP.BubbleSound
O4 - HKLM\..\Run: [Windesk Winsearch] C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe (.not file.) =>PUP.WindeskWinsearch
O4 - HKCU\..\Run: [PriceMeterW] C:\Users\GIRAUX\AppData\Local\PriceMeter\pricemeterw.exe (.not file.) =>PUP.PriceMeter
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_2B44EB5D69AF54BFC9D8665A05B6DE3A] C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - HKCU\..\Run: [WindApp] C:\Users\GIRAUX\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O4 - HKCU\..\Run: [Selection Tools] C:\Users\GIRAUX\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>PUP.Nosibay
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1850\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_177] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_174] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [AnyProtect Scanner] C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\Wow6432Node\Run: [AnyProtect Tray] C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_486] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1850\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_543] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_541] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [PriceMeterW] C:\Users\GIRAUX\AppData\Local\PriceMeter\pricemeterw.exe (.not file.) =>PUP.PriceMeter
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [GoogleChromeAutoLaunch_2B44EB5D69AF54BFC9D8665A05B6DE3A] C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [WindApp] C:\Users\GIRAUX\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [Selection Tools] C:\Users\GIRAUX\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1850\jsdrv.exe (.not file.) =>PUP.ShopperPro
~ Application: Scanned in 00mn 01s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1C956D4-0309-4791-B605-05F4C9A7B4C5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8862A18-86D7-470C-9DA0-78C3DFEF90C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C1C956D4-0309-4791-B605-05F4C9A7B4C5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C8862A18-86D7-470C-9DA0-78C3DFEF90C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll (.not file.) =>PUP.SearchProtect
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: (BrsHelper) . (...) - C:\Program Files (x86)\YTDOWN~1\BROWSE~2.exe (.not file.) =>PUP.YTDownloader
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Launch Manager Service (LMSvc) . (.Acer Incorporate - LMSvc.) - C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
O23 - Service: LPT System Updater Service (LPTSystemUpdater) . (.Pas de propriétaire - srpts.) - C:\Program Files (x86)\LPT\srpts.exe =>Adware.Incredibar
O23 - Service: ShopperPro Update (SPBIUpd) . (.ShopperPro - ShopperPro Update Service.) - C:\Program Files\Common Files\ShopperPro\spbiu.exe =>PUP.ShopperPro
O23 - Service: Update webget (Update webget) . (...) - C:\Program Files (x86)\webget\updatewebget.exe =>PUP.WebGet
O23 - Service: Util webget (Util webget) . (...) - C:\Program Files (x86)\webget\bin\utilwebget.exe =>PUP.WebGet
O23 - Service: Service Component of VO (VOsrv) . (...) - C:\Users\GIRAUX\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
~ Services: 11 Scanned in 00mn 11s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [0b642246-fc58-4410-b932-752a207eab85-6] (...) -- C:\Program Files (x86)\iWebar\0b642246-fc58-4410-b932-752a207eab85-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [0b642246-fc58-4410-b932-752a207eab85-7] (...) -- C:\Program Files (x86)\iWebar\0b642246-fc58-4410-b932-752a207eab85-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [9945dbcb-e897-4cea-a53f-ed8953383cef-10_user] (...) -- C:\Program Files (x86)\Com NotificationV03.05\9945dbcb-e897-4cea-a53f-ed8953383cef-10.exe (.not file.) [0] =>PUP.ComNotification
[MD5.00000000000000000000000000000000] [APT] [9945dbcb-e897-4cea-a53f-ed8953383cef-5] (...) -- C:\Program Files (x86)\Com NotificationV03.05\9945dbcb-e897-4cea-a53f-ed8953383cef-5.exe (.not file.) [0] =>PUP.ComNotification
[MD5.00000000000000000000000000000000] [APT] [9945dbcb-e897-4cea-a53f-ed8953383cef-5_user] (...) -- C:\Program Files (x86)\Com NotificationV03.05\9945dbcb-e897-4cea-a53f-ed8953383cef-5.exe (.not file.) [0] =>PUP.ComNotification
[MD5.F92019F2A58640821B109B30193D5E7D] [APT] [ALU] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [3367976]
[MD5.B690DE3B3D28AD45112BE310780DBE8D] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [40008]
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.1F014EA12ECB13C909DA9395E9CD3D18] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6278424]
[MD5.00000000000000000000000000000000] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe (.not file.) [0] =>PUP.CrossBrowser
[MD5.00000000000000000000000000000000] [APT] [d979759b-6e82-4f71-aa1c-60d914ad30cb-6] (...) -- C:\Program Files (x86)\Object Browser\d979759b-6e82-4f71-aa1c-60d914ad30cb-6.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [d979759b-6e82-4f71-aa1c-60d914ad30cb-7] (...) -- C:\Program Files (x86)\Object Browser\d979759b-6e82-4f71-aa1c-60d914ad30cb-7.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.0681DF6912DC2E445131FF0A2B9291A0] [APT] [ELJRZPJZDT1] (.LolliScan.) -- C:\ProgramData\LolliScan\LolliScan.exe [805376] =>Adware.Graftor
[MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.GlobalUpdate
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.90BB91E880B05658F60C0087A7A9BB12] [APT] [Inst_Rep] (...) -- C:\Users\GIRAUX\AppData\Local\Installer\Install_22929\DCytdieamodc_amodc_setup.exe [1427968]
[MD5.1A5877A21F757889DBCAF3DB156E0267] [APT] [Launch Manager] (.Acer Incorporate.) -- C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [415272]
[MD5.00000000000000000000000000000000] [APT] [MKMITXA] (...) -- C:\ProgramData\f750b025f568439c8b31ca354d0531a9\f750b025f568439c8b31ca354d0531a9.exe (.not file.) [0]
[MD5.0C7CF368F3C810C4982DDE08D3C50C45] [APT] [NetEngine] (...) -- C:\ProgramData\NetEngine\bin\D10\netengine.exe [75776] =>PUP.NetEngine
[MD5.00000000000000000000000000000000] [APT] [RegClean Pro] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.) [0] =>Rogue.RegistryPowerCleaner
[MD5.00000000000000000000000000000000] [APT] [SmartWeb Upgrade Trigger Task] (...) -- C:\Users\GIRAUX\AppData\Local\SmartWeb\SmartWebHelper.exe (.not file.) [0] =>PUP.SmartWeb
[MD5.00000000000000000000000000000000] [APT] [SPBIW_UpdateTask_Time_3334383039303237392d232d783232575b5a34452d2a] (...) -- C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [SPDriver] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1850\jsdrv.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [temp_0b642246-fc58-4410-b932-752a207eab85-6] (...) -- C:\Program Files (x86)\iWebar\0b642246-fc58-4410-b932-752a207eab85-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [temp_d979759b-6e82-4f71-aa1c-60d914ad30cb-6] (...) -- C:\Program Files (x86)\Object Browser\d979759b-6e82-4f71-aa1c-60d914ad30cb-6.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [YTDownloader] (...) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) [0] =>PUP.YTDownloader
[MD5.00000000000000000000000000000000] [APT] [YTDownloaderUpd] (...) -- C:\Program Files (x86)\YTDownloader\updater.exe (.not file.) [0] =>PUP.YTDownloader
O39 - APT: - (..) -- C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-1-7.job [3368]
O39 - APT: 0b642246-fc58-4410-b932-752a207eab85-6 - (...) -- C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-6.job [5852] =>PUP.CrossRider
O39 - APT: 0b642246-fc58-4410-b932-752a207eab85-6 - (...) -- C:\Windows\System32\Tasks\0b642246-fc58-4410-b932-752a207eab85-6 [5852] =>PUP.CrossRider
O39 - APT: 0b642246-fc58-4410-b932-752a207eab85-7 - (...) -- C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-7.job [5852] =>PUP.CrossRider
O39 - APT: 0b642246-fc58-4410-b932-752a207eab85-7 - (...) -- C:\Windows\System32\Tasks\0b642246-fc58-4410-b932-752a207eab85-7 [5852] =>PUP.CrossRider
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-10_user - (...) -- C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-10_user.job [2134]
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-10_user - (...) -- C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-10_user [2134]
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-5 - (...) -- C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5.job [2468] =>PUP.CrossRider
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-5 - (...) -- C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5 [2468] =>PUP.CrossRider
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-5_user - (...) -- C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5_user.job [2468] =>PUP.CrossRider
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-5_user - (...) -- C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5_user [2468] =>PUP.CrossRider
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect
O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1076] =>PUP.CrossBrowser
O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [1076] =>PUP.CrossBrowser
O39 - APT: - (..) -- C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-1-7.job [3048]
O39 - APT: d979759b-6e82-4f71-aa1c-60d914ad30cb-6 - (...) -- C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-6.job [5524] =>PUP.CrossRider
O39 - APT: d979759b-6e82-4f71-aa1c-60d914ad30cb-6 - (...) -- C:\Windows\System32\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-6 [5524] =>PUP.CrossRider
O39 - APT: d979759b-6e82-4f71-aa1c-60d914ad30cb-7 - (...) -- C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-7.job [5188] =>PUP.CrossRider
O39 - APT: d979759b-6e82-4f71-aa1c-60d914ad30cb-7 - (...) -- C:\Windows\System32\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-7 [5188] =>PUP.CrossRider
O39 - APT: ELJRZPJZDT1 - (.LolliScan.) -- C:\Windows\Tasks\ELJRZPJZDT1.job [350] =>Adware.Graftor
O39 - APT: ELJRZPJZDT1 - (.LolliScan.) -- C:\Windows\System32\Tasks\ELJRZPJZDT1 [350] =>Adware.Graftor
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [930] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [930] =>PUP.GlobalUpdate
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1090]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1090]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1094]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1094]
~ Scheduled Task: 61 Scanned in 00mn 20s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (innfd_1_10_0_13) . (. - .) - C:\Windows\System32\drivers\innfd_1_10_0_13.sys (.not file.)
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: ({0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64.sys =>PUP.LinkiDoo
O41 - Driver: ({55685567-4840-4a91-962b-49a412e9485a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({55685567-4840-4a91-962b-49a412e9485a}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys =>PUP.LinkiDoo
O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 44 Scanned in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E1E0840D-AF8E-15D0-4C25-0C98EC5EF472}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {29200C76-2ADF-0C62-BE0D-2AC087740379}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5C56AD8F-7317-42CB-B5D9-955F4F4BF6A5}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: LPT System Updater Service - (.LPT.) [HKLM][64Bits] -- {BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24} =>Adware.IncrediBar
O42 - Logiciel: Live Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: OEM Application Profile - (.Nom de votre société.) [HKLM][64Bits] -- {C89A97B6-F991-EBB5-77B7-927BCF420EBE}
O42 - Logiciel: OnlineLowDeals - (.OnlineLowDeals.) [HKLM][64Bits] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1 =>PUP.OnlineLowDeals
O42 - Logiciel: Packard Bell Device Fast-lane - (.Packard Bell.) [HKLM][64Bits] -- {3F62D2FD-13C1-49A2-8B5D-47623D9460D7}
O42 - Logiciel: Packard Bell Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- {C18D55BD-1EC6-466D-B763-8EEDDDA9100E}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: QCA CardReader Driver Installer - (.Qualcomm Inc..) [HKLM][64Bits] -- {4E0BC999-655B-421D-87F3-640C6F2BFC11}
O42 - Logiciel: Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Dr - (.Qualcomm Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Qualcomm Atheros WLAN and Bluetooth Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WebFilteringEngine - (.Lavasoft.) [HKLM][64Bits] -- {CE5E1FC7-FD27-493F-A65F-23AD7ED9661D}
~ Logic: 35 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\AppDataLow\Software\rrsavings] =>PUP.SupraSavings
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\Atheros]
[HKCU\Software\Boost]
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Browser]
[HKCU\Software\Chromium]
[HKCU\Software\CinemaPlus-3.2cV03.05-nv-ie] =>PUP.CrossRider
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Com NotificationV03.05] =>PUP.ComNotification
[HKCU\Software\ComNotificationV03.05]
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser
[HKCU\Software\CyberLink]
[HKCU\Software\Ecommfactory]
[HKCU\Software\Google]
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Licenses]
[HKCU\Software\Linkey] =>PUP.LinkeySearch
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Norton]
[HKCU\Software\Nosibay]
[HKCU\Software\OB]
[HKCU\Software\OEM]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Software]
[HKCU\Software\Store] =>PUP.Nosibay
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\System Speedup] =>PUP.SystemSpeedup
[HKCU\Software\Trolltech]
[HKCU\Software\WTools] =>PUP.Nosibay
[HKCU\Software\Wow6432Node]
[HKCU\Software\YTDownloader] =>PUP.YTDownloader
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate
[HKCU\Software\iWebar-nv] =>PUP.CrossRider
[HKCU\Software\kde.org]
[HKCU\Software\systweak]
[HKCU\Software\webget] =>PUP.WebGet
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Atheros]
[HKLM\Software\BubbleSound] =>PUP.BubbleSound
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Google]
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Linkey] =>PUP.LinkeySearch
[HKLM\Software\LolliScan] =>Adware.Graftor
[HKLM\Software\Macromedia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Object Browser-nv] =>PUP.ObjectBrowser
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\SonicFocus]
[HKLM\Software\Synaptics]
[HKLM\Software\Waves Audio]
[HKLM\Software\WebBar] =>PUP.WebBar
[HKLM\Software\Wow6432Node\3f585072-86b4-4d27-8c32-b704fface458] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Boost]
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Com NotificationV03.05] =>PUP.ComNotification
[HKLM\Software\Wow6432Node\Crossbrowse] =>PUP.CrossBrowser
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Infonaut_1.10.0.13] =>PUP.Infonaut
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Mobogenie3] =>PUP.Mobogenie
[HKLM\Software\Wow6432Node\MovieDea]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Object Browser-nv] =>PUP.ObjectBrowser
[HKLM\Software\Wow6432Node\Object Browser] =>PUP.ObjectBrowser
[HKLM\Software\Wow6432Node\Piriform]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PriceMeterLiveUpdate] =>PUP.PriceMeter
[HKLM\Software\Wow6432Node\Qualcomm Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WLAN and Bluetooth Client Installation Program]
[HKLM\Software\Wow6432Node\Qualcomm Inc.]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard
[HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\Wow6432Node\SmdmF] =>PUP.SystemK
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\YTDownloader] =>PUP.YTDownloader
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\c7d483c5-0c81-4def-bbab-72526f8fb45f] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\df3972d2-1d1e-465e-b207-d0d25917c046] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\e9a0c2a9-fe4f-4d67-95d7-555ba284866a] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\fa6ad263-1cfd-e15d-6912-a81441b577d0] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\freeSoftToday] =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\iWebar-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\iWebar] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
[HKLM\Software\Wow6432Node\sweet-pageSoftware] =>PUP.SweetPage
[HKLM\Software\Wow6432Node\systweak]
[HKLM\Software\Wow6432Node\webget] =>PUP.WebGet
[HKLM\Software\Wow6432Node]
[HKLM\Software\YTDownloader] =>PUP.YTDownloader
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\iWebar-nv] =>PUP.CrossRider
[HKLM\Software\rrsavings] =>PUP.SupraSavings
~ Key Software: 232 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/05/2015 - 17:52:28 - [] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 03/06/2013 - 23:20:08 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 18/05/2015 - 15:31:52 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/05/2015 - 15:54:46 - [] ----D C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 18/05/2015 - 17:24:36 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 03/06/2013 - 23:46:04 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 21/05/2015 - 20:45:05 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 13/08/2014 - 23:16:41 - [] ----D C:\Program Files (x86)\LPT =>Adware.Incredibar
O43 - CFD: 03/06/2013 - 23:53:13 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 26/07/2012 - 10:12:59 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 09/04/2013 - 14:37:01 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 16/04/2014 - 21:33:29 - [] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 03/06/2013 - 23:32:41 - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 03/06/2013 - 23:22:44 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 09/04/2013 - 14:37:02 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 17/05/2015 - 18:41:36 - [] ----D C:\Program Files (x86)\Software
O43 - CFD: 03/06/2013 - 23:23:31 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 09/05/2014 - 16:07:26 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 18/05/2015 - 15:00:17 - [] ----D C:\Program Files (x86)\webget =>PUP.WebGet
O43 - CFD: 16/04/2014 - 21:35:10 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 21/05/2015 - 20:46:33 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 04/06/2013 - 08:57:06 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 06/05/2014 - 15:16:18 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 27/04/2014 - 17:52:35 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/05/2015 - 13:23:23 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 03/06/2013 - 23:29:59 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 03/06/2013 - 23:20:11 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 03/06/2013 - 23:22:39 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 18/04/2014 - 09:48:49 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 03/06/2013 - 23:30:55 - [] ----D C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 04/06/2013 - 08:57:06 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 18/05/2015 - 14:50:11 - [0] ----D C:\ProgramData\374311380
O43 - CFD: 18/05/2015 - 15:18:12 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 09/05/2014 - 15:56:04 - [0] ----D C:\ProgramData\Adobe
O43 - CFD: 18/05/2015 - 15:45:09 - [] ----D C:\ProgramData\ae122001df57b070
O43 - CFD: 03/06/2013 - 23:20:14 - [] ----D C:\ProgramData\AMD
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 03/06/2013 - 23:38:36 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 16/04/2014 - 23:43:31 - [] ----D C:\ProgramData\BitDefender
O43 - CFD: 03/06/2013 - 23:54:57 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 03/05/2015 - 14:34:17 - [] ----D C:\ProgramData\Browser
O43 - CFD: 14/04/2014 - 16:45:57 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 03/06/2013 - 23:47:53 - [] ----D C:\ProgramData\CLSK
O43 - CFD: 09/05/2014 - 15:27:10 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 18/05/2015 - 17:57:43 - [0] ----D C:\ProgramData\eaf46fbd000079d7
O43 - CFD: 18/05/2015 - 15:18:15 - [0] ----D C:\ProgramData\f750b025f568439c8b31ca354d0531a9
O43 - CFD: 18/05/2015 - 16:47:09 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 03/06/2013 - 23:46:04 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 16/04/2014 - 21:19:27 - [] ----D C:\ProgramData\Lavasoft
O43 - CFD: 18/05/2015 - 16:46:53 - [0] ----D C:\ProgramData\lessu2paY =>PUP.Less2Pay
O43 - CFD: 18/05/2015 - 16:43:43 - [] ----D C:\ProgramData\LolliScan =>Adware.Graftor
O43 - CFD: 14/04/2014 - 16:45:57 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 21/05/2015 - 20:46:47 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/04/2014 - 16:45:57 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 17/05/2015 - 19:15:07 - [] ----D C:\ProgramData\MovieDeaConfig
O43 - CFD: 18/05/2015 - 15:31:29 - [] ----D C:\ProgramData\Nero
O43 - CFD: 02/05/2015 - 14:45:16 - [] ----D C:\ProgramData\NetEngine =>PUP.NetEngine
O43 - CFD: 16/04/2014 - 23:16:19 - [] ----D C:\ProgramData\Norton
O43 - CFD: 16/04/2014 - 21:30:58 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 16/04/2014 - 21:34:01 - [0] ----D C:\ProgramData\OEM
O43 - CFD: 14/04/2014 - 17:11:15 - [] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 05/05/2015 - 23:03:20 - [] ----D C:\ProgramData\OnlineLowDeals =>PUP.OnlineLowDeals
O43 - CFD: 09/04/2013 - 16:41:56 - [] ----D C:\ProgramData\Packard Bell
O43 - CFD: 18/04/2014 - 09:53:13 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 03/06/2013 - 23:29:04 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 02/05/2015 - 14:45:08 - [] ----D C:\ProgramData\Radio
O43 - CFD: 03/06/2013 - 23:53:21 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 17/05/2015 - 18:25:57 - [] ----D C:\ProgramData\ShopperPro =>PUP.ShopperPro
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 03/06/2013 - 23:54:56 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 29/05/2014 - 14:01:30 - [] ----D C:\ProgramData\Systweak
O43 - CFD: 17/05/2015 - 22:10:32 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 18/05/2015 - 16:46:53 - [0] ----D C:\ProgramData\toapdEal =>PUP.TopDeal
O43 - CFD: 16/04/2014 - 21:34:51 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 13/08/2014 - 23:32:13 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 26/07/2012 - 10:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 17/05/2015 - 21:31:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 06/05/2014 - 15:14:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 29/05/2014 - 14:01:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 03/06/2013 - 23:20:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
O43 - CFD: 17/05/2015 - 18:17:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 03/05/2015 - 15:25:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 03/06/2013 - 23:47:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
O43 - CFD: 09/04/2013 - 16:41:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 18/05/2015 - 17:25:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 16/04/2014 - 21:33:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell
O43 - CFD: 03/05/2015 - 15:11:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser
O43 - CFD: 26/07/2012 - 10:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 09/05/2014 - 12:33:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup
O43 - CFD: 09/04/2013 - 16:34:05 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 26/07/2012 - 09:52:44 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 09/05/2014 - 16:07:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 22/05/2015 - 13:23:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 14/04/2014 - 17:11:01 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Adobe
O43 - CFD: 03/05/2015 - 16:14:11 - [] -SH-D C:\Users\GIRAUX\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 13/08/2014 - 23:34:41 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\ap_logs
O43 - CFD: 14/04/2014 - 17:11:43 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Atheros
O43 - CFD: 04/05/2014 - 19:41:12 - [] ----D C:\Users\GIRAUX\AppData\Roaming\CyberLink
O43 - CFD: 16/04/2014 - 21:27:15 - [] ----D C:\Users\GIRAUX\AppData\Roaming\LavasoftStatistics
O43 - CFD: 16/04/2014 - 21:17:29 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Macromedia
O43 - CFD: 18/05/2015 - 15:40:17 - [] -S--D C:\Users\GIRAUX\AppData\Roaming\Microsoft
O43 - CFD: 09/05/2014 - 15:49:22 - [] ----D C:\Users\GIRAUX\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 03/05/2015 - 15:25:11 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\Nosibay =>PUP.BubbleDock
O43 - CFD: 18/05/2015 - 15:48:31 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\Store =>PUP.Nosibay
O43 - CFD: 14/04/2014 - 17:09:05 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Synaptics
O43 - CFD: 18/05/2015 - 14:50:13 - [] ----D C:\Users\GIRAUX\AppData\Roaming\systweak
O43 - CFD: 24/05/2014 - 10:54:31 - [] ----D C:\Users\GIRAUX\AppData\Roaming\vlc
O43 - CFD: 18/05/2015 - 14:20:57 - [] ----D C:\Users\GIRAUX\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 18/05/2015 - 15:34:37 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\WTools =>PUP.Nosibay
O43 - CFD: 22/05/2015 - 13:24:54 - [] ----D C:\Users\GIRAUX\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 14/04/2014 - 17:08:05 - [] -SH-D C:\Users\GIRAUX\AppData\Local\Application Data
O43 - CFD: 03/05/2015 - 15:06:58 - [] ----D C:\Users\GIRAUX\AppData\Local\Boxore =>Adware.Boxore
O43 - CFD: 17/05/2015 - 18:27:02 - [] ----D C:\Users\GIRAUX\AppData\Local\BrowserHelper =>PUP.BrowserHelper
O43 - CFD: 17/05/2014 - 11:41:40 - [] ----D C:\Users\GIRAUX\AppData\Local\cache
O43 - CFD: 18/05/2015 - 17:37:27 - [0] ----D C:\Users\GIRAUX\AppData\Local\CrashDumps
O43 - CFD: 17/05/2015 - 18:23:58 - [] ----D C:\Users\GIRAUX\AppData\Local\CrashRpt
O43 - CFD: 03/05/2015 - 15:26:08 - [] ----D C:\Users\GIRAUX\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 04/05/2014 - 19:36:34 - [] ----D C:\Users\GIRAUX\AppData\Local\CyberLink
O43 - CFD: 18/05/2015 - 14:17:59 - [] ----D C:\Users\GIRAUX\AppData\Local\ElevatedDiagnostics
O43 - CFD: 03/05/2015 - 15:54:46 - [] ----D C:\Users\GIRAUX\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 18/05/2015 - 17:25:25 - [] ----D C:\Users\GIRAUX\AppData\Local\Google
O43 - CFD: 14/04/2014 - 17:08:05 - [] -SH-D C:\Users\GIRAUX\AppData\Local\Historique
O43 - CFD: 17/05/2015 - 18:24:00 - [] ----D C:\Users\GIRAUX\AppData\Local\Installer
O43 - CFD: 18/05/2015 - 14:17:15 - [] ----D C:\Users\GIRAUX\AppData\Local\Microsoft
O43 - CFD: 18/05/2015 - 15:26:19 - [] ----D C:\Users\GIRAUX\AppData\Local\Mobogenie =>PUP.Mobogenie
O43 - CFD: 18/05/2015 - 17:57:48 - [] ----D C:\Users\GIRAUX\AppData\Local\Packages
O43 - CFD: 04/05/2015 - 07:16:46 - [] ----D C:\Users\GIRAUX\AppData\Local\Pay-By-Ads =>PUP.PaybyAds
O43 - CFD: 18/05/2015 - 15:32:33 - [0] ----D C:\Users\GIRAUX\AppData\Local\PriceMeter =>PUP.PriceMeter
O43 - CFD: 09/05/2014 - 12:32:23 - [] ----D C:\Users\GIRAUX\AppData\Local\Programs
O43 - CFD: 18/05/2015 - 15:40:58 - [] ----D C:\Users\GIRAUX\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 22/05/2015 - 13:23:28 - [] ----D C:\Users\GIRAUX\AppData\Local\Temp
O43 - CFD: 14/04/2014 - 17:08:05 - [] -SH-D C:\Users\GIRAUX\AppData\Local\Temporary Internet Files
O43 - CFD: 13/08/2014 - 23:16:31 - [] ----D C:\Users\GIRAUX\AppData\Local\VirtualStore
O43 - CFD: 17/05/2015 - 19:15:45 - [] ----D C:\Users\GIRAUX\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch
O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/05/2015 - 21:39:20 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/04/2014 - 22:13:19 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 26/07/2012 - 10:13:00 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/05/2015 - 16:54:20 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 17/05/2015 - 18:26:35 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader =>PUP.YTDownloader
~ Program Folder: 151 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B397E9007C8B2B9CE2239C1C022864E8] - 17/05/2015 - 17:37:32 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop Services Web Proxy.) -- C:\Windows\System32\TSWbPrxy.exe [62976]
O44 - LFC:[MD5.5A416C253D2C50327928ABC4A1D8A0F2] - 17/05/2015 - 17:37:47 ---A- . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\Drivers\WdBoot.sys [44024]
O44 - LFC:[MD5.6FBA6CD2348DEC440D0C6D511C55F3FE] - 17/05/2015 - 17:37:47 ---A- . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\Drivers\WdFilter.sys [275712]
O44 - LFC:[MD5.462E0B687C91D7366854C2F6BFB00E58] - 17/05/2015 - 18:34:48 ---A- . (.Microsoft Corporation - Accessibilité au Clavier visuel.) -- C:\Windows\System32\osk.exe [1557504]
O44 - LFC:[MD5.662ADE2A7C7ACF4F6564EEA4C53FAE5C] - 17/05/2015 - 18:35:17 ---A- . (.Microsoft Corporation - DLL de MSCTF Server.) -- C:\Windows\System32\msctf.dll [1120256]
O44 - LFC:[MD5.107D5A70F14C14A131C49E81825C3B05] - 17/05/2015 - 18:35:50 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [46080]
O44 - LFC:[MD5.0A317C0BB483FF3070C151178D96F966] - 17/05/2015 - 18:35:50 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [366592]
O44 - LFC:[MD5.177BCA227E28BED6038E177FE355D13F] - 17/05/2015 - 18:43:03 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1822696]
O44 - LFC:[MD5.A9AB270898C402F3AD37E38F9C8EE1E6] - 17/05/2015 - 18:43:10 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [6971712]
O44 - LFC:[MD5.ADC6CD0741F7709E42462DBD44339779] - 17/05/2015 - 18:51:33 ---A- . (.Microsoft Corporation - Windows Update Wu exports.) -- C:\Windows\System32\wuaext.dll [17920]
O44 - LFC:[MD5.74B43007AB5D88E7460D392692C7152E] - 17/05/2015 - 18:51:35 ---A- . (.Microsoft Corporation - Fournisseur d’impression de rendu côté clie.) -- C:\Windows\System32\win32spl.dll [733184]
O44 - LFC:[MD5.D4051AA2ACD38AABF9DEC24B8A331EB1] - 17/05/2015 - 18:51:35 ---A- . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\Drivers\vhdmp.sys [499008]
O44 - LFC:[MD5.ADE55469A4E5705D3FF3C8BA40913B68] - 17/05/2015 - 18:51:39 ---A- . (.Microsoft Corporation - DLL de spouleur local.) -- C:\Windows\System32\localspl.dll [1024512]
O44 - LFC:[MD5.CC5B978B9A7EBFF2BB154A816554F51C] - 17/05/2015 - 18:51:58 ---A- . (.Microsoft Corporation - Canonical Display Driver.) -- C:\Windows\System32\cdd.dll [199680]
O44 - LFC:[MD5.2BB5627EB587FA995086C3D8C21B6D3F] - 17/05/2015 - 18:51:58 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [1453400]
O44 - LFC:[MD5.D1700FF9826062C5ABEF85CA69B4748C] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll [176640]
O44 - LFC:[MD5.DCE4D6C62FAAE4091192A9AEB168C69B] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll [1623552]
O44 - LFC:[MD5.070BE566C1400A6F2331424317F32F85] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [40448]
O44 - LFC:[MD5.26E5CF7EA10E6036948AA1D8AE1CCEFF] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll [253440]
O44 - LFC:[MD5.ECE495D0FB10AA463C3936B201828307] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [144384]
O44 - LFC:[MD5.800DED1F9B8730AF41260B9125D1BAA7] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [100352]
O44 - LFC:[MD5.BB94C39C0EEB8810CE3E65611232D59C] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [59392]
O44 - LFC:[MD5.F308E862F5D9BB309426D8A979FD6F3A] - 17/05/2015 - 18:52:18 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll [775168]
O44 - LFC:[MD5.C5B45464B98F211FE58AEE62CFF21F05] - 17/05/2015 - 18:52:20 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [3286016]
O44 - LFC:[MD5.AF623B31019F5C05A2BEA9DD0D76938E] - 17/05/2015 - 19:16:06 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [717824]
O44 - LFC:[MD5.559A933F5647A7A2783C8A0C6CB0514C] - 17/05/2015 - 19:16:06 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [100184]
O44 - LFC:[MD5.45845AF69F92DEA0347168DFC6FA917B] - 17/05/2015 - 19:16:07 ---A- . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys [570248]
O44 - LFC:[MD5.9587B18205C24D36982D89E6E951BDC2] - 17/05/2015 - 19:16:07 ---A- . (.Microsoft Corporation - SHCORE.) -- C:\Windows\System32\SHCore.dll [588800]
O44 - LFC:[MD5.61E919D24D684E4F5C95637B0DC3C424] - 17/05/2015 - 19:16:07 ---A- . (.Microsoft Corporation - Utilisateur du Panneau de configuration.) -- C:\Windows\System32\usercpl.dll [1043968]
O44 - LFC:[MD5.F9C42DAF7DB2A258FC1BD8143AD1C67B] - 17/05/2015 - 19:16:08 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1282560]
O44 - LFC:[MD5.356ADC20BA404E9AFD7B656985E0C0F7] - 17/05/2015 - 19:16:08 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll [413696]
O44 - LFC:[MD5.E51B673D22F1173C94DD4635856782AA] - 17/05/2015 - 19:18:38 ---A- . (.Microsoft Corporation - Ressources API de Microsoft Internet Messag.) -- C:\Windows\System32\INETRES.dll [84480]
O44 - LFC:[MD5.8A719F1DC93B17F97DE4CAFF38B3405D] - 17/05/2015 - 19:18:39 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [67072]
O44 - LFC:[MD5.424D3CEBF9C34C556CB477BE22C4DAA7] - 17/05/2015 - 19:18:39 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2706432]
O44 - LFC:[MD5.0FA9266BF44E9F5BC0F1165656C42F46] - 17/05/2015 - 19:18:39 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\System32\UXInit.dll [53760]
O44 - LFC:[MD5.2AF78B1E4D2FBED75F19612860EA91AD] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [197120]
O44 - LFC:[MD5.42500995A17983A275267340C13E664D] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [136704]
O44 - LFC:[MD5.7C6FAE780C49FE64E077367155C1E4AE] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [53760]
O44 - LFC:[MD5.646F847078FDFAC6729D88C6F9B334CB] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [255488]
O44 - LFC:[MD5.B0A544DC31E911712A99A55EC22820F5] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [39936]
O44 - LFC:[MD5.9ECEAE1A5A6DC821AA25E044BE6AB8E5] - 17/05/2015 - 19:18:41 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [441856]
O44 - LFC:[MD5.80336B9BD238FD950D9A04E2E4BC19C8] - 17/05/2015 - 19:18:41 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [97280]
O44 - LFC:[MD5.E029990E88DC9D793FB10EB2082FDADD] - 17/05/2015 - 19:18:41 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [51712]
O44 - LFC:[MD5.38EBD11426B4891D2DBF0D62499BB9AD] - 17/05/2015 - 19:18:42 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [1509376]
O44 - LFC:[MD5.4B70F8851C197DB31DE09F2CCF8A2D89] - 17/05/2015 - 19:18:43 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136]
O44 - LFC:[MD5.E4B6DD1EDF6027C6568AC73279D12190] - 17/05/2015 - 19:18:44 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [949760]
O44 - LFC:[MD5.5F13F0A3A9A3C7359AF630AD57F2DFF7] - 17/05/2015 - 19:18:45 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\System32\uxtheme.dll [915968]
O44 - LFC:[MD5.10B0D9CB7B39E337E4A3EC40F16331E9] - 17/05/2015 - 19:18:45 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [856064]
O44 - LFC:[MD5.4F7B2F763F14FDCEC2B85BB6E0FDE70F] - 17/05/2015 - 19:18:45 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [601600]
O44 - LFC:[MD5.F8CCAE0AE956F119C6EFECB504D93FF6] - 17/05/2015 - 19:18:46 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1409536]
O44 - LFC:[MD5.1AE81E63F2B5030C874E89E5E667AAEC] - 17/05/2015 - 19:18:49 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2237440]
O44 - LFC:[MD5.68501FB2A0222B911176EB94EBB98CFE] - 17/05/2015 - 19:18:53 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2656768]
O44 - LFC:[MD5.284538F66C8345CBE7EA2F04A310E44D] - 17/05/2015 - 19:19:00 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [3959296]
O44 - LFC:[MD5.86DB2157AE231B30C1FAC7426AB95B82] - 17/05/2015 - 19:19:03 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [15414784]
O44 - LFC:[MD5.58CC013EFA9893057160EDA018D8ADCE] - 17/05/2015 - 19:19:41 ---A- . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\Drivers\hdaudbus.sys [71168]
O44 - LFC:[MD5.97EC5A7687742297BE7D31163CD86738] - 17/05/2015 - 19:20:20 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [19291136]
O44 - LFC:[MD5.2D1FE642F10A382FA1F0409CC8E1B38E] - 17/05/2015 - 19:21:52 ---A- . (.Microsoft Corporation - CMI tssdis plug-in.) -- C:\Windows\System32\tssdisai.dll [144896]
O44 - LFC:[MD5.2797CA73EABC59B39189F67CB6074C44] - 17/05/2015 - 19:21:52 ---A- . (.Microsoft Corporation - Exécuteur de file d’attente d’opérations pr.) -- C:\Windows\System32\poqexec.exe [148480]
O44 - LFC:[MD5.AD7B1F0444344752EF123A687ED59487] - 17/05/2015 - 19:23:07 ---A- . (.Microsoft Corporation - Service de cache de police Windows.) -- C:\Windows\System32\FntCache.dll [1280512]
O44 - LFC:[MD5.8B33AE7DDD81F677DC3D7D113DC77466] - 17/05/2015 - 19:23:08 ---A- . (.Microsoft Corporation - Services de typographie Microsoft DirectX.) -- C:\Windows\System32\DWrite.dll [1839616]
O44 - LFC:[MD5.ACC70FACEA41BC63C26875EF5238CEE9] - 17/05/2015 - 19:23:09 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4063744]
O44 - LFC:[MD5.590A2B4198DD35AA42893BA04F66FD3F] - 17/05/2015 - 19:23:18 ---A- . (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\System32\services.exe [417280]
O44 - LFC:[MD5.0FB1BBE9E3B635BF2FA268C6EBD82738] - 17/05/2015 - 19:25:27 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\System32\Windows.Globalization.dll [951808]
O44 - LFC:[MD5.65CE473E4368E67D6EDB5D86646C08F3] - 17/05/2015 - 19:25:31 ---A- . (...) -- C:\Windows\System32\locale.nls [478296]
O44 - LFC:[MD5.20C01B1C480554BD060272573259890F] - 17/05/2015 - 19:43:30 ---A- . (.Microsoft Corporation - Microsoft® Volume Shadow Copy Requestor/Wri.) -- C:\Windows\System32\vssapi.dll [1519104]
O44 - LFC:[MD5.FE37051171F3B90B18037FDBAC5B9D76] - 17/05/2015 - 19:43:30 ---A- . (.Microsoft Corporation - Service de cliché instantané de volumes Mic.) -- C:\Windows\System32\VSSVC.exe [1484288]
O44 - LFC:[MD5.2E9F4330645108C6A35EAB1120CD96D4] - 17/05/2015 - 19:43:31 ---A- . (.Microsoft Corporation - Bibliothèque de suivi du service VSS Micros.) -- C:\Windows\System32\vsstrace.dll [69632]
O44 - LFC:[MD5.33E13020AC1F8DEE162EEC6A7461ADB1] - 18/05/2015 - 13:51:10 ---A- . (...) -- C:\Windows\patsearch.bin [2369]
O44 - LFC:[MD5.47F3FEC378EFC91984827DE1FBA8F566] - 18/05/2015 - 13:56:38 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [419328]
O44 - LFC:[MD5.535831BAADBADB04BA8D730BE642EA08] - 18/05/2015 - 13:56:38 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll [227328]
O44 - LFC:[MD5.EE5ED8E6998D7E686F614BA8D876829B] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [192000]
O44 - LFC:[MD5.150416EB645442AB9AF3ECC0AA183A92] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1111552]
O44 - LFC:[MD5.5B99806639E7B8F30785F48688ACA14A] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [957440]
O44 - LFC:[MD5.0E4A6B258A3024B6F9C96A133451F930] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll [30720]
O44 - LFC:[MD5.3F6F5A2AB1E07C302C209B1BE284B386] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Inventory Agent.) -- C:\Windows\System32\invagent.dll [769024]
O44 - LFC:[MD5.6C7DB777144972B9C0A47B144B9DCC8A] - 18/05/2015 - 13:56:40 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [726528]
O44 - LFC:[MD5.9BD3DE5E420C4123BA08613270764AC4] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corp. - Module de défragmenteur de disque.) -- C:\Windows\System32\Defrag.exe [181248]
O44 - LFC:[MD5.DF9F74432FB1CE9178F33E276A4431BA] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Bashkir Keyboard Layout.) -- C:\Windows\System32\KBDBASH.DLL [6656]
O44 - LFC:[MD5.9ED8C4F352416C11C73C6D912906CA79] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\Windows\System32\KBDRU1.DLL [7168]
O44 - LFC:[MD5.05CA44CAA9C4FB53923E1A9E44EA0F0F] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Russian - Mnemonic Keyboard Layout.) -- C:\Windows\System32\KBDRUM.DLL [8704]
O44 - LFC:[MD5.B495BC16629E0BCED17CEFD25C23964E] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\Windows\System32\KBDRU.DLL [6656]
O44 - LFC:[MD5.DCFD9072A8A1AFCBFB0E05B32C9150EB] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Sakha - Russia Keyboard Layout.) -- C:\Windows\System32\KBDYAK.DLL [7168]
O44 - LFC:[MD5.03D0D2E49D71AD3F0D545F5F915B10F9] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Tatar (Legacy) Keyboard Layout.) -- C:\Windows\System32\KBDTAT.DLL [7168]
O44 - LFC:[MD5.FC1569B5705887D74FE7C8A39BE1C71C] - 18/05/2015 - 14:13:26 ---A- . (.Microsoft Corporation - Microsoft\Optimiseur de lecteur.) -- C:\Windows\System32\defragsvc.dll [340480]
O44 - LFC:[MD5.AA37946941ED3805AB3A924965907147] - 18/05/2015 - 14:13:28 ---A- . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\Drivers\volsnap.sys [328000]
O44 - LFC:[MD5.5AAB01B8725DC24CA6B3FC5012D70DB9] - 18/05/2015 - 14:13:28 ---A- . (.Microsoft Corporation - Windows Connection Service Provider DLL.) -- C:\Windows\System32\wcmcsp.dll [74752]
O44 - LFC:[MD5.C5FE4940CA3C5FB2EAB6C39C3FC456AD] - 18/05/2015 - 14:13:29 ---A- . (.Microsoft Corporation - API du Gestionnaire de fenêtres du Bureau M.) -- C:\Windows\System32\dwmapi.dll [117248]
O44 - LFC:[MD5.F43314B83101DEBF7D7CCD42493CFC60] - 18/05/2015 - 14:13:29 ---A- . (.Microsoft Corporation - DLL du service de gestion des connexions Wi.) -- C:\Windows\System32\wcmsvc.dll [263680]
O44 - LFC:[MD5.9C7C5190CD04EFAD1A71A4D6A8A44FDE] - 18/05/2015 - 14:13:30 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\System32\winload.exe [1271664]
O44 - LFC:[MD5.50FDEA8EDF71EB1A9F6C76D6E613BC60] - 18/05/2015 - 14:13:33 ---A- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [2238464]
O44 - LFC:[MD5.11FAD2D291E172B95FCB54B4B1CE508F] - 18/05/2015 - 14:13:33 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\System32\winload.efi [1403896]
O44 - LFC:[MD5.4930F66E2F2BC026DBA513CBE2F38DB1] - 18/05/2015 - 14:13:34 ---A- . (.Microsoft Corporation - Décodeur vidéo Windows Media.) -- C:\Windows\System32\WMVDECOD.DLL [2842112]
O44 - LFC:[MD5.3D353BA6A5A2A39AC34034FF57CAEDE9] - 18/05/2015 - 14:13:36 ---A- . (.Microsoft Corporation - WMI Provider for Storage Management.) -- C:\Windows\System32\storagewmi.dll [1539584]
O44 - LFC:[MD5.374D0F32D84F6214C72CC7AE0646D808] - 18/05/2015 - 14:14:02 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\System32\ubpm.dll [325632]
O44 - LFC:[MD5.693D4C4FF116A2834B8736DF960C8B7A] - 18/05/2015 - 14:21:02 ---A- . (.Microsoft Corporation - Programme d’installation de la base de donn.) -- C:\Windows\System32\sdbinst.exe [25088]
O44 - LFC:[MD5.6902412DF14B4B7AB1DE53B74DEDF80B] - 18/05/2015 - 14:21:03 ---A- . (.Microsoft Corporation - Fichier DLL du client de compatibilité des.) -- C:\Windows\System32\apphelp.dll [632832]
O44 - LFC:[MD5.480C020D9B58E881A5349F5F1189A418] - 18/05/2015 - 14:21:03 ---A- . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [204288]
O44 - LFC:[MD5.063C1CE377CD584DAD99F4C128113397] - 18/05/2015 - 14:21:38 ---A- . (.Microsoft Corporation - Service journal des événements.) -- C:\Windows\System32\wevtsvc.dll [1688576]
O44 - LFC:[MD5.27A4C3F2CB4DF20BF81B2449861BC75F] - 18/05/2015 - 14:21:41 ---A- . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\Windows\System32\WPDShServiceObj.dll [96256]
O44 - LFC:[MD5.861E7664346A2917054EDBF28A9A16CB] - 18/05/2015 - 14:21:42 ---A- . (.Microsoft Corporation - Extension de l’environnement des appareils.) -- C:\Windows\System32\wpdshext.dll [2048000]
O44 - LFC:[MD5.9D17F78BB04A3EF67426AFD087660188] - 18/05/2015 - 14:22:07 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [410017]
O44 - LFC:[MD5.BB0CC9FC01F800B80250CDA2477F4C20] - 18/05/2015 - 14:23:17 ---A- . (.Microsoft Corporation - Photo Metadata Handler.) -- C:\Windows\System32\PhotoMetadataHandler.dll [452096]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/05/2015 - 14:53:55 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.6D56EDA9E2E584392BAC447585714D60] - 18/05/2015 - 16:06:25 ---A- . (...) -- C:\Windows\win.ini [194]
O44 - LFC:[MD5.933D0641FFD98BDD19A0EDE448668084] - 18/05/2015 - 16:24:48 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [124112]
O44 - LFC:[MD5.65D9D98DBFF574BA9B68F76F0BB1630E] - 18/05/2015 - 16:55:56 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [140425016]
O44 - LFC:[MD5.8752CC895B972F48D82F9ADB3D96E351] - 21/05/2015 - 19:44:18 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [295552]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
O44 - LFC:[MD5.5C428AED0739F742B90B651C55A89C89] - 21/05/2015 - 20:42:15 ---A- . (...) -- C:\Windows\System32\spu_storage.bin [65536]
O44 - LFC:[MD5.1B1EDE4B8A00420B898DE827EB8DE6FC] - 22/05/2015 - 12:09:30 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.F266DDA44CB26ABB264F581CF8BF69D8] - 22/05/2015 - 12:22:46 ---A- . (...) -- C:\Windows\WindowsUpdate.log [209841]
~ Files: 117 Scanned in 03mn 13s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.2A26E881A7253454A0D05663113B9D42] - 17/05/2015 - 16:56:26 ---A- - C:\Windows\Prefetch\3D BUBBLESOUND.EXE-920EAE65.pf =>PUP.BubbleSound
O45 - LFCP:[MD5.E966D0D05C3C889A5E5D11F8B917809A] - 03/05/2015 - 14:24:10 ---A- - C:\Windows\Prefetch\3DBUBBLESOUND.EXE-8529772A.pf =>PUP.BubbleSound
O45 - LFCP:[MD5.7AD36E3D31A5E9C1E25BD4BE8D87F554] - 02/05/2015 - 10:56:24 ---A- - C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.EXE-8EADCC4C.pf =>PUP.WebBar
O45 - LFCP:[MD5.34B9D403CCD208FBCC006E8B46517F41] - 02/05/2015 - 10:56:24 ---A- - C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.TMP-FBDE2C6C.pf =>PUP.WebBar
O45 - LFCP:[MD5.DFA3FB124B8E5C64F5F7C5AF2AF0B888] - 18/05/2015 - 13:30:09 ---A- - C:\Windows\Prefetch\ANYPROTECT.EXE-53752276.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.E55736F27ADA89CB87DA7F0CC5D4D7C3] - 09/05/2014 - 15:15:53 ---A- - C:\Windows\Prefetch\ANYPROTECTSCANNERSETUP.EXE-78729A55.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.95C3F73A7828FF8EA086F80AC32004D5] - 03/07/2014 - 17:32:14 ---A- - C:\Windows\Prefetch\ANYPROTECTSCANNERSETUP.EXE-A8FC7DFA.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.77E80F1B751AF511849F7D1A8BCC3CE5] - 17/05/2015 - 16:57:19 ---A- - C:\Windows\Prefetch\ANYPROTECTTRAYICON.EXE-27142BBB.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.D73295B9F2B425E724257B190AAA5375] - 13/08/2014 - 22:31:16 ---A- - C:\Windows\Prefetch\AUG13_SWEET-PAGE.EXE-B7829FB4.pf =>PUP.SweetPage
O45 - LFCP:[MD5.91E5E904729C276D33CBA60778AF0613] - 02/05/2015 - 09:49:08 ---A- - C:\Windows\Prefetch\AVAAVAEVY.EXE-F0D0FB4D.pf =>PUP.SearchProtect
O45 - LFCP:[MD5.3E56FB2E0AEA2E127EBC9367AC84BC9D] - 17/05/2015 - 16:57:22 ---A- - C:\Windows\Prefetch\BOXORE.EXE-43C373DB.pf =>Adware.Boxore
O45 - LFCP:[MD5.662A30D7D8138762B151D8E088966316] - 09/01/2015 - 20:19:27 ---A- - C:\Windows\Prefetch\BOXORE.EXE-666CD123.pf =>Adware.Boxore
O45 - LFCP:[MD5.1D3340824FEEEE77C3E674EAE603B289] - 03/05/2015 - 14:23:57 ---A- - C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-DFED0F4A.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.8273D222DFC0CDB48ACE6ADC3E785D53] - 17/05/2015 - 17:24:55 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-3D298B56.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.A60A5B0A402BD3B64ED750FCEC50CEC3] - 17/05/2015 - 17:24:22 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-55962E5A.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.BB5003CC2AEAF28708D28D2AD3C3420B] - 17/05/2015 - 17:24:37 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-8D7EBCA0.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.7D032D1F11CEBE2FC51FFCEF70E6AF30] - 17/05/2015 - 17:22:05 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-91DAA462.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.273DF47B6F00B2929847D3F0BAE8F6AA] - 17/05/2015 - 17:22:11 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-BF82B3BB.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.6A4F14FE5B8F670C905442A91F389B48] - 17/05/2015 - 17:25:26 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-E8E96170.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.5FEE4301157388775E237700CA6C0CF5] - 16/05/2015 - 14:47:23 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UPDATE.EXE-F9BF41B5.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.6BCAC4FFCF2D44102833649D46D85450] - 17/05/2015 - 17:13:23 ---A- - C:\Windows\Prefetch\BUBBLE DOCK.EXE-6662D36E.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.1982CC5C106358CBC3D4973181A4975C] - 18/05/2015 - 16:40:11 ---A- - C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf =>PUP.CrossBrowser
O45 - LFCP:[MD5.8BC266D09B2121DAAF3F15D706206253] - 02/05/2015 - 09:49:19 ---A- - C:\Windows\Prefetch\DLLOGIC.EXE-121B1069.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.599D5F2762F5737C90A38865FAD422C4] - 09/05/2014 - 11:32:29 ---A- - C:\Windows\Prefetch\FST_FR_0805-58F0869E.TMP-6847C904.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.3D1A172110B86A0A93DC4FE8B12DB665] - 17/05/2015 - 16:56:46 ---A- - C:\Windows\Prefetch\FST_FR_174.EXE-0CED5BC1.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.9BC2D53FAE625AEC20B69158622D58F4] - 17/05/2015 - 17:41:34 ---A- - C:\Windows\Prefetch\FST_FR_177.EXE-C7E096D7.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.28270BF5F0ADB873D4CE236516C2E49F] - 18/05/2015 - 15:43:36 ---A- - C:\Windows\Prefetch\GAMESDESKTOP-FR-UNINSTALLER.E-45C8D44D.pf =>Adware.GamesDesktop
O45 - LFCP:[MD5.8CACEE3935B879E8FDF2E363986D5BA2] - 18/05/2015 - 15:43:36 ---A- - C:\Windows\Prefetch\GAMESDESKTOP-FR-UNINSTALLER.T-7A95C272.pf =>Adware.GamesDesktop
O45 - LFCP:[MD5.CE30BE76B94CFFBD66A8CBC43941D5A9] - 22/05/2015 - 12:09:47 ---A- - C:\Windows\Prefetch\GLOBALUPDATE.EXE-2956FB3E.pf =>PUP.GlobalUpdate
O45 - LFCP:[MD5.E6E5052DFCE0FE188ECBF7674CA9C17C] - 21/05/2015 - 19:52:42 ---A- - C:\Windows\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-0D97AF76.pf =>PUP.GlobalUpdate
O45 - LFCP:[MD5.AFA9F90C9A024904B635690511704D69] - 17/05/2015 - 16:57:19 ---A- - C:\Windows\Prefetch\GMSD_FR_486.EXE-214F1261.pf =>PUP.CrossRider
O45 - LFCP:[MD5.54C41ABC5C6BD0296316F5E2DDAB3B76] - 18/05/2015 - 12:23:26 ---A- - C:\Windows\Prefetch\GMSD_FR_543.EXE-6636BF05.pf =>PUP.CrossRider
O45 - LFCP:[MD5.D3D2D19C3188CEA5C68CA1B9CB5F4D75] - 17/05/2015 - 17:28:46 ---A- - C:\Windows\Prefetch\INS_IWEBAR.EXE-1AC9BF13.pf =>PUP.CrossRider
O45 - LFCP:[MD5.B44F4024CF7E6470D06090B83CFAB301] - 17/05/2015 - 17:24:55 ---A- - C:\Windows\Prefetch\INS_SHOPPERPRO.EXE-6525AC53.pf =>PUP.ShopperPro
O45 - LFCP:[MD5.BFCF7C78F3A75E3CD4C1DE6C29C3A3EF] - 17/05/2015 - 16:56:33 ---A- - C:\Windows\Prefetch\LBUBBLE DOCK.EXE-679FEB82.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.87E0FF53765E936176C292BDF3099A7E] - 22/05/2015 - 12:09:58 ---A- - C:\Windows\Prefetch\LOLLISCAN.EXE-24A984AD.pf =>Adware.Graftor
O45 - LFCP:[MD5.401174E4F20B7086014E54FE32EB0E96] - 06/09/2014 - 22:27:21 ---A- - C:\Windows\Prefetch\MOBOGENIE.EXE-7EA50C05.pf =>PUP.Mobogenie
O45 - LFCP:[MD5.69D1663389659759F4AF2B67E45FFC2E] - 04/05/2015 - 06:13:06 ---A- - C:\Windows\Prefetch\NETENGINE.EXE-89180B4B.pf =>PUP.NetEngine
O45 - LFCP:[MD5.D477963C94E535FE7F43CA67F1E39F30] - 18/05/2015 - 16:10:27 ---A- - C:\Windows\Prefetch\NETENGINE.EXE-9D77DEE3.pf =>PUP.NetEngine
O45 - LFCP:[MD5.3856165A2632B72296584A742BC8D118] - 21/05/2015 - 19:39:56 ---A- - C:\Windows\Prefetch\ONLINELOWDEALS.EXE-779BDFA3.pf =>PUP.OnlineLowDeals
O45 - LFCP:[MD5.6818B532389DA75CB0C76A7020AD70D1] - 13/08/2014 - 22:31:39 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-194D0BF1.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.09A920103A2414FF4010BEB93E5CFA6C] - 13/08/2014 - 22:41:26 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-FA03D2EB.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.87FB1B302FABFFCA211F87F71CA22C46] - 18/05/2015 - 15:43:36 ---A- - C:\Windows\Prefetch\OPTIMIZERPROINSTALLER.EXE-CF838C85.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.F4255CAD460C984A80FA7D4B182747AD] - 13/08/2014 - 22:31:55 ---A- - C:\Windows\Prefetch\OPTPROSTART.EXE-65F7E6B1.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.9E6B2F75A6F80263397C944F86882B61] - 02/05/2015 - 10:55:37 ---A- - C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-07CAD180.pf =>PUP.WebBar
O45 - LFCP:[MD5.2B5154539503699E862D369AB876B8AA] - 02/05/2015 - 10:55:38 ---A- - C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-F9BD7C26.pf =>PUP.WebBar
O45 - LFCP:[MD5.04B7DDFFD082ACDDA3BA7BA268C2A703] - 09/05/2014 - 14:54:01 ---A- - C:\Windows\Prefetch\PCSPEEDMAXIMIZER.EXE-60BA47FF.pf =>Rogue.PCSpeedMaximizer
O45 - LFCP:[MD5.D9390C5D2E8B419798E71649472796E4] - 18/05/2015 - 14:22:03 ---A- - C:\Windows\Prefetch\PREDM.EXE-3384F7AA.pf =>Adware.Downware
O45 - LFCP:[MD5.43E6845183D4E483D0AF70ED3A8550CC] - 18/05/2015 - 15:50:39 ---A- - C:\Windows\Prefetch\PREDM.EXE-54BABDD2.pf =>Adware.Downware
O45 - LFCP:[MD5.DF855889D80527D25A47FEAE1E66D02A] - 18/05/2015 - 14:19:01 ---A- - C:\Windows\Prefetch\PREDM.EXE-A6FF2D0D.pf =>Adware.Downware
O45 - LFCP:[MD5.54DEE6398FADEE6B15304F532E64E2A5] - 18/05/2015 - 14:16:19 ---A- - C:\Windows\Prefetch\PREDM.EXE-D3AA664E.pf =>Adware.Downware
O45 - LFCP:[MD5.DB34806BDBF7FD0CB9BA70BEA91A8149] - 18/05/2015 - 14:23:55 ---A- - C:\Windows\Prefetch\PREDM.EXE-E19DECFC.pf =>Adware.Downware
O45 - LFCP:[MD5.0E734ED7802835F39D5BF91F21D1E7C9] - 18/05/2015 - 14:23:55 ---A- - C:\Windows\Prefetch\PREDM.TMP-08B53991.pf =>Adware.Downware
O45 - LFCP:[MD5.E782BCF12E66BAB499C6F3D0C17ABAD7] - 18/05/2015 - 14:22:03 ---A- - C:\Windows\Prefetch\PREDM.TMP-900940DB.pf =>Adware.Downware
O45 - LFCP:[MD5.DFBD5F65EED74CB900362313A5C12666] - 18/05/2015 - 14:19:02 ---A- - C:\Windows\Prefetch\PREDM.TMP-909AC1B0.pf =>Adware.Downware
O45 - LFCP:[MD5.20557FA6666F1EC07615DF45EE805077] - 18/05/2015 - 14:16:19 ---A- - C:\Windows\Prefetch\PREDM.TMP-FD13B63E.pf =>Adware.Downware
O45 - LFCP:[MD5.B68D3C536BDA2401CC6F1AC03C00C866] - 17/05/2015 - 17:40:47 ---A- - C:\Windows\Prefetch\PRICEMETER.EXE-26DC6DF5.pf =>PUP.PriceMeter
O45 - LFCP:[MD5.3855092B0C05E0201D6DAFCFFE90B822] - 17/05/2015 - 17:40:46 ---A- - C:\Windows\Prefetch\PRICEMETERW.EXE-3C4761E0.pf =>PUP.PriceMeter
O45 - LFCP:[MD5.45A352D2FCF388C693AB22EC9FBBEB19] - 18/05/2015 - 14:45:21 ---A- - C:\Windows\Prefetch\R1VIEWPASSWORDH54.EXE-D7488F96.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.5AC66546A04F25AB867174A441B35F91] - 05/05/2015 - 21:26:52 ---A- - C:\Windows\Prefetch\SAFEGUARD.EXE-7CBAAFE7.pf =>PUP.SafeGuard
O45 - LFCP:[MD5.B307E1CFAAFCE61A4C4E15D616BEA758] - 17/05/2015 - 17:41:38 ---A- - C:\Windows\Prefetch\SAFEGUARDAPP.EXE-5C40F3F4.pf =>PUP.SafeGuard
O45 - LFCP:[MD5.E183D9E337B0DAEAD8376CFC64CFEC8A] - 18/05/2015 - 14:33:27 ---A- - C:\Windows\Prefetch\SAFEGUARDAPPUNINSTALL.EXE-5FA3B616.pf =>PUP.SafeGuard
O45 - LFCP:[MD5.7A966926CCD2EDFB810AE143882BEB5E] - 18/05/2015 - 14:33:32 ---A- - C:\Windows\Prefetch\SAFEGUARDSRV.EXE-AD204746.pf =>PUP.SafeGuard
O45 - LFCP:[MD5.8C19D1E76A584662F2E85151A3B791E8] - 18/05/2015 - 14:33:49 ---A- - C:\Windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-47C0B2B3.pf =>PUP.Nosibay
O45 - LFCP:[MD5.61B69F35CA5F0924C80CFBCA40AA825C] - 18/05/2015 - 14:33:57 ---A- - C:\Windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-91EBAEB2.pf =>PUP.Nosibay
O45 - LFCP:[MD5.A8386D8808739A7F06094322E5F95F7B] - 17/05/2015 - 17:41:12 ---A- - C:\Windows\Prefetch\SELECTION TOOLS.EXE-47572FA1.pf =>PUP.Nosibay
O45 - LFCP:[MD5.8A60AE633F1F725B87DCDBB049903502] - 18/05/2015 - 13:26:54 ---A- - C:\Windows\Prefetch\SETUP_RECOVER_REC_FR_31.EXE-28A9E265.pf =>PUP.CrossRider
O45 - LFCP:[MD5.373EFBF404B4B868EF1169D32A7A0089] - 18/05/2015 - 13:26:54 ---A- - C:\Windows\Prefetch\SETUP_RECOVER_REC_FR_31.TMP-23632B96.pf =>PUP.CrossRider
O45 - LFCP:[MD5.44040C27C4FE906B1864A029DC9BE0C8] - 09/05/2014 - 15:39:37 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.67080DC147ED0BC4F772689ADBABF3E4] - 18/05/2015 - 14:36:50 ---A- - C:\Windows\Prefetch\SMARTBAR.EXE-DE07B86D.pf =>Hijacker.SmartBar
O45 - LFCP:[MD5.B36639A19EAE9D73A8803167B5081B05] - 27/09/2014 - 13:10:23 ---A- - C:\Windows\Prefetch\SMARTBARVERSIONSHELPER.EXE-3FFCFF5A.pf =>Hijacker.SmartBar
O45 - LFCP:[MD5.A274677039E33CD8C7B2DD27DFFB300B] - 18/05/2015 - 11:56:31 ---A- - C:\Windows\Prefetch\SMARTWEBAPP.EXE-08F0DFFC.pf =>PUP.SmartWeb
O45 - LFCP:[MD5.4AA7AB63C43E3CC036F0476D8E12B60C] - 18/05/2015 - 11:56:29 ---A- - C:\Windows\Prefetch\SMARTWEBHELPER.EXE-342058B7.pf =>PUP.SmartWeb
O45 - LFCP:[MD5.B4888CCA44958425235665026A745128] - 18/05/2015 - 13:50:50 ---A- - C:\Windows\Prefetch\SMDMFSERVICE.EXE-4AA7D1F8.pf =>PUP.SystemK
O45 - LFCP:[MD5.F2D6ABB0FAB75E2C8E1CA72C331F3519] - 18/05/2015 - 14:51:18 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-BC667DDF.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.D61D7CF93C05CE752F3F772E6AB3D242] - 18/05/2015 - 14:53:25 ---A- - C:\Windows\Prefetch\SPYHUNTER4.EXE-3B4E3201.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.9D74CA98E36E763E139E590D1871AEEE] - 13/08/2014 - 22:33:08 ---A- - C:\Windows\Prefetch\SUPIEPLUGINSERVICEUPDATE.EXE-64C891B3.pf =>PUP.IePluginService
O45 - LFCP:[MD5.8EA919AFA4801ED98B6F3483B8960806] - 13/08/2014 - 22:32:47 ---A- - C:\Windows\Prefetch\SUPTAB_NS_V5.8.8.640.EXE-934F7C7F.pf =>PUP.SupTab
O45 - LFCP:[MD5.D945C3442BDE90FD2AF5446195D299B3] - 18/05/2015 - 13:17:50 ---A- - C:\Windows\Prefetch\UPDATEMOBOGENIE.EXE-B1DE5CE4.pf =>PUP.Mobogenie
O45 - LFCP:[MD5.FF13DDF950059B4A9EBEB6FF30C5B4BE] - 18/05/2015 - 15:53:16 ---A- - C:\Windows\Prefetch\UPDATEWEBGET.EXE-966A72C6.pf =>PUP.WebGet
O45 - LFCP:[MD5.2135B9B35FBAB55623A14897568E3277] - 18/05/2015 - 13:26:28 ---A- - C:\Windows\Prefetch\UPFST_FR_174.EXE-ABBB8944.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.2B8DF8D92EBE432ADDD9043B5639C733] - 09/05/2014 - 13:28:31 ---A- - C:\Windows\Prefetch\UPFST_FR_177.EXE-4335BAEA.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.38A51932DFA62F91BBCBC939CF003122] - 18/05/2015 - 13:26:54 ---A- - C:\Windows\Prefetch\UPGMSD_FR_486.EXE-8339FE5C.pf =>PUP.CrossRider
O45 - LFCP:[MD5.A58C9DDAE79C5249578021E945C3797F] - 17/05/2015 - 18:11:21 ---A- - C:\Windows\Prefetch\UPGMSD_FR_543.EXE-89222DE0.pf =>PUP.CrossRider
O45 - LFCP:[MD5.52F38D00F07BDF0C0277CAFFD091169C] - 18/05/2015 - 13:58:24 ---A- - C:\Windows\Prefetch\UTILWEBGET.EXE-C5EA2EAE.pf =>PUP.WebGet
O45 - LFCP:[MD5.EF693002735EE0B4E5BC38D8C6613712] - 02/05/2015 - 11:21:15 ---A- - C:\Windows\Prefetch\VIEWPASSWORDQ52.EXE-77AA9D34.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.55697B6241642B067940CEE43ABD61AD] - 18/05/2015 - 12:52:28 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-31218219.pf =>Adware.Downware
O45 - LFCP:[MD5.24E7CBA99A2DF91DFC029FFEE24341AC] - 18/05/2015 - 14:41:11 ---A- - C:\Windows\Prefetch\WAJAM.EXE-1B35FFE4.pf =>PUP.Wajam
O45 - LFCP:[MD5.EDBAF4F6A49EA178E07FF8B6ED40A203] - 18/05/2015 - 14:46:08 ---A- - C:\Windows\Prefetch\WAJAM_64.EXE-A93C0311.pf =>PUP.Wajam
O45 - LFCP:[MD5.5531B8244182D3A1860A08A145BE874C] - 03/05/2015 - 15:08:53 ---A- - C:\Windows\Prefetch\WAJAM_DOWNLOAD_V2.EXE-C82415A6.pf =>PUP.Wajam
O45 - LFCP:[MD5.C83C5A1C5C3332B77A76EC881C3B37E4] - 13/08/2014 - 21:10:23 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-0E806A1A.pf =>PUP.Wajam
O45 - LFCP:[MD5.D87153C2EADE9BB5640A5D91CF5D8057] - 13/08/2014 - 22:33:11 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-9F3AA660.pf =>PUP.Wajam
O45 - LFCP:[MD5.6446F0903C5D2FDDE90E03B7EFC03C22] - 17/05/2015 - 18:03:39 ---A- - C:\Windows\Prefetch\WEBGET.BOAS.EXE-E75A5A8F.pf =>PUP.WebGet
O45 - LFCP:[MD5.2AAC1C4D96F86C6FC69856DFB4BA03EF] - 17/05/2015 - 16:56:09 ---A- - C:\Windows\Prefetch\WEBGET.BOASHELPER.EXE-5FFA6197.pf =>PUP.WebGet
O45 - LFCP:[MD5.CA1B38828BE73A0DC915A40B152E8276] - 17/05/2015 - 18:16:20 ---A- - C:\Windows\Prefetch\WEBGET.BOASPRT.EXE-2DAE2285.pf =>PUP.WebGet
O45 - LFCP:[MD5.5EDDC547D47AC64DDEE3DD475D672410] - 21/05/2015 - 19:41:51 ---A- - C:\Windows\Prefetch\WEBGET.BROWSERADAPTER.EXE-6E444B8F.pf =>PUP.WebGet
O45 - LFCP:[MD5.DC64B0EB189BFD2D581DF43550B7A0DE] - 21/05/2015 - 19:41:51 ---A- - C:\Windows\Prefetch\WEBGET.BROWSERADAPTER64.EXE-2DF3BA81.pf =>PUP.WebGet
O45 - LFCP:[MD5.3EB1B2B07B0F2089C4F948389AEDF58D] - 02/05/2015 - 09:47:29 ---A- - C:\Windows\Prefetch\WEBGET.BRT.HELPER.EXE-AED88B14.pf =>PUP.WebGet
O45 - LFCP:[MD5.9E5C2F9D6E178296D77B7309AFB60F58] - 17/05/2015 - 17:13:23 ---A- - C:\Windows\Prefetch\WEBGET.EXPEXT.EXE-BB00B59C.pf =>PUP.WebGet
O45 - LFCP:[MD5.56DF42230FE2E5506CA94FB73CA8EEEC] - 18/05/2015 - 14:00:30 ---A- - C:\Windows\Prefetch\WEBGET.OFSVC.EXE-C1D7C643.pf =>PUP.WebGet
O45 - LFCP:[MD5.DDEDC95AC4729802C2CB6E9DEE7AA8FB] - 21/05/2015 - 19:42:07 ---A- - C:\Windows\Prefetch\WEBGET.PURBROWSE64.EXE-D19CBDB5.pf =>PUP.WebGet
O45 - LFCP:[MD5.76FA8D076F11AAF12C8C110569BF0FF4] - 09/05/2014 - 14:48:20 ---A- - C:\Windows\Prefetch\WEBGET_SETUP.EXE-EC6C52BC.pf =>PUP.WebGet
O45 - LFCP:[MD5.C8054D34DFAD4341AE394C887178CF36] - 13/08/2014 - 22:32:16 ---A- - C:\Windows\Prefetch\WPM_NS_V20.0.0.502.EXE-7950C172.pf =>PUP.WpManager
O45 - LFCP:[MD5.00721208408D48CECDF639193211BD89] - 18/05/2015 - 16:59:56 ---A- - C:\Windows\Prefetch\YTDOWNLOADER.EXE-DC808E8B.pf =>PUP.YTDownloader
O45 - LFCP:[MD5.B7D5C05CEB320523924D1A52B2CFA073] - 02/05/2015 - 11:21:42 ---A- - C:\Windows\Prefetch\_VIEWPASSWORDQ52.EXE-F3ACBB8C.pf =>PUP.ViewPassword
~ Prefetcher: 105 Scanned in 00mn 07s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 01s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 4 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [492272]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [340720]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [184048]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [76016]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [258288]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [26352]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [104688]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [108272]
O58 - SDL:01/12/2012 - 00:40:16 ---A- . (.Qualcomm Atheros, Inc. - Driver for Atheros AR81xx Secure Digital Host Controller.) -- C:\Windows\System32\Drivers\athrsd.sys [48760]
O58 - SDL:02/06/2012 - 15:31:32 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [2935808]
O58 - SDL:29/03/2013 - 06:01:18 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3776512]
O58 - SDL:14/02/2013 - 12:41:14 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtihdW86.sys [94208]
O58 - SDL:13/03/2013 - 06:58:20 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [11644416]
O58 - SDL:13/03/2013 - 04:34:16 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [581120]
O58 - SDL:15/04/2013 - 10:06:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [346192]
O58 - SDL:15/04/2013 - 10:06:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\Drivers\btath_avdt.sys [115280]
O58 - SDL:15/04/2013 - 10:06:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [34384]
O58 - SDL:15/04/2013 - 10:06:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [89168]
O58 - SDL:15/04/2013 - 10:06:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [179432]
O58 - SDL:15/04/2013 - 10:06:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [77464]
O58 - SDL:15/04/2013 - 10:06:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [136784]
O58 - SDL:15/04/2013 - 10:06:16 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [584272]
O58 - SDL:20/09/2012 - 08:55:24 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [533224]
O58 - SDL:20/09/2012 - 08:55:27 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3265256]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64752]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [411888]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [45296]
O58 - SDL:18/12/2012 - 23:36:44 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys [119528]
O58 - SDL:10/01/2013 - 04:23:14 ---A- . (.Acer Incorporated - Launch Manager Wireless Driver.) -- C:\Windows\System32\Drivers\LMDriver.sys [21360]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [108784]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [92400]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [116976]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [81136]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [51952]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [353008]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [64240]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [52464]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150256]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168176]
O58 - SDL:10/01/2013 - 04:23:14 ---A- . (.Acer Incorporated - RadioShim.) -- C:\Windows\System32\Drivers\RadioShim.sys [15704]
O58 - SDL:19/03/2013 - 13:21:10 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3363016]
O58 - SDL:26/07/2012 - 09:11:43 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44784]
O58 - SDL:26/07/2012 - 06:00:56 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81648]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:05/02/2013 - 13:54:18 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [469232]
O58 - SDL:28/08/2012 - 13:27:24 ---A- . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\Drivers\usbfilter.sys [58536]
O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19184]
O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [164080]
O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [322800]
O58 - SDL:09/01/2015 - 00:31:54 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64.sys [48824] =>PUP.LinkiDoo
O58 - SDL:27/05/2014 - 15:14:06 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:02/07/2014 - 11:45:58 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:07/05/2014 - 15:06:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
~ Drivers: 55 Scanned in 00mn 05s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 17/05/2015 - 13:29:11 ---A- . (...) -- C:\Users\GIRAUX\AppData\Local\Installer\Install_22929\DCytdieamodc_amodc_setup.exe [1427968]
O61 - LFC: 17/05/2015 - 13:29:27 ---A- . (...) -- C:\Users\GIRAUX\AppData\Roaming\appdataFr3.bin [20]
O61 - LFC: 17/05/2015 - 13:29:31 ---A- . (.Piriform Ltd.) -- C:\Users\GIRAUX\Downloads\ccsetup505.exe [6484352]
O61 - LFC: 18/05/2015 - 13:29:27 ---A- . (.SoftBrain Technologies Ltd..) -- C:\Users\GIRAUX\AppData\Local\SmartWeb\__u.exe [172673] =>PUP.SmartWeb
O61 - LFC: 18/05/2015 - 13:29:31 ---A- . (.Google Inc..) -- C:\Users\GIRAUX\Downloads\ChromeSetup.exe [880208]
O61 - LFC: 21/05/2015 - 13:29:27 ---A- . (.Microsoft Corporation.) -- C:\Users\GIRAUX\AppData\Local\Temp\is-7G6OO.tmp\_isetup\_shfoldr.dll [23312]
O61 - LFC: 22/05/2015 - 13:29:31 ---A- . (.Nicolas Coolman.) -- C:\Users\GIRAUX\Downloads\ZHPDiag2.exe [6880230] =>.Nicolas Coolman
~ 5 Fichiers temporaires (Temporary files)
~ 10 Fichiers cookies (Cookies files)
~ Files: 7 Scanned in 00mn 57s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
~ FASS Keys: 10 Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] OldSearch - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Yahoo! Search) - http://q.search-simple.com =>Hijacker.SearchSimple
O69 - SBI: SearchScopes [HKCU] {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Yahoo! Search) - http://searchsimple-a.akamaihd.net =>PUP.AkamaiHD
O69 - SBI: SearchScopes [HKCU] {8DF2DF13-1CC9-4730-A864-3CEF569D8A69} - (Yahoo! Search) - http://searchsimple-a.akamaihd.net =>PUP.AkamaiHD
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} - (default-search.net) - http://www.default-search.net =>Hijacker.Browsers
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
~ Keys: Scanned in 00mn 00s
---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [204288]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [305664]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1160192]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3286016]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1287680]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]
~ Services: 34 Scanned in 00mn 02s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.8618798D02987BCBE9D6A4BECA87701F] [SPRF][17/05/2015] (...) -- C:\Users\GIRAUX\AppData\Roaming\appdataFr3.bin [20]
~ Files: 1 Scanned in 00mn 00s
---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 18/05/2015 - 15:18:12 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 18/05/2015 - 15:18:15 - [0] ----D C:\ProgramData\f750b025f568439c8b31ca354d0531a9
~ Files: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.2B106AB8AD3B9FB3299A7BD5210CEF28] [WIS][23/04/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\2fbc15.msi [1892352] =>Adware.IncrediBar
~ WIS: 1 Scanned in 00mn 02s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASAPI32 =>PUP.SafeGuard
HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASMANCS =>PUP.SafeGuard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\netengine_RASAPI32 =>PUP.NetEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\netengine_RASMANCS =>PUP.NetEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Smartbar_RASAPI32 =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Smartbar_RASMANCS =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webgetUntemp_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webgetUntemp_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
~ BTK: 45 Scanned in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 22/07/1658 0 | (BrsHelper) . (...) - C:\Program Files (x86)\YTDOWN~1\BROWSE~2.exe =>PUP.YTDownloader
SS - | Demand 16/11/2012 469648 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
SS - | Auto 17/05/2015 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Demand 17/05/2015 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Auto 18/05/2015 107848 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/05/2015 107848 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/03/2013 241152 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 15/04/2013 228480 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 13/08/2014 694784 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
SR - | Auto 15/03/2013 431656 | (LMSvc) . (.Acer Incorporate.) - C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
SR - | Auto 23/04/2014 37920 | (LPTSystemUpdater) . (...) - C:\Program Files (x86)\LPT\srpts.exe =>Adware.Incredibar
SR - | Auto 17/05/2015 2346416 | (SPBIUpd) . (.ShopperPro.) - C:\Program Files\Common Files\ShopperPro\spbiu.exe =>PUP.ShopperPro
SR - | Auto 18/05/2015 646384 | (Update webget) . (...) - C:\Program Files (x86)\webget\updatewebget.exe =>PUP.WebGet
SR - | Auto 18/05/2015 646384 | (Util webget) . (...) - C:\Program Files (x86)\webget\bin\utilwebget.exe =>PUP.WebGet
SR - | Auto 25/02/2014 353792 | (VOsrv) . (...) - C:\Users\GIRAUX\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Auto 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
~ Services: Scanned in 00mn 29s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by GIRAUX at 22/05/2015 13:33:02
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by GIRAUX at 22/05/2015 13:33:04
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/05/2015)
Clés trouvées (Keys found) : 41
Valeurs trouvées (Values found) : 6
Dossiers trouvés (Folders found) : 33
Fichiers trouvés (Files found) : 96
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\BrsHelper] =>PUP.YTDownloader^
[HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
[HKLM\SYSTEM\CurrentControlSet\Services\LPTSystemUpdater] =>Adware.Incredibar^
[HKLM\SYSTEM\CurrentControlSet\Services\SPBIUpd] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\Update webget] =>PUP.WebGet^
[HKLM\SYSTEM\CurrentControlSet\Services\Util webget] =>PUP.WebGet^
[HKLM\SYSTEM\CurrentControlSet\Services\VOsrv] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1] =>PUP.AnyProtect^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2] =>PUP.AnyProtect^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3] =>PUP.AnyProtect^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NetEngine] =>PUP.NetEngine^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro] =>Rogue.RegistryPowerCleaner^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task] =>PUP.SmartWeb^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd] =>PUP.YTDownloader^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}] =>Adware.IncrediBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1] =>PUP.OnlineLowDeals^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}] =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:3D BubbleSound =>PUP.BubbleSound^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:PriceMeterW =>PUP.PriceMeter^
C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate^
C:\Program Files (x86)\LPT =>Adware.Incredibar^
C:\Program Files (x86)\webget =>PUP.WebGet^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\lessu2paY =>PUP.Less2Pay^
C:\ProgramData\LolliScan =>Adware.Graftor^
C:\ProgramData\NetEngine =>PUP.NetEngine^
C:\ProgramData\OnlineLowDeals =>PUP.OnlineLowDeals^
C:\ProgramData\ShopperPro =>PUP.ShopperPro^
C:\ProgramData\toapdEal =>PUP.TopDeal^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector =>PUP.AdvancedSystemProtector^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup^
C:\Users\GIRAUX\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^
C:\Users\GIRAUX\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\GIRAUX\AppData\Roaming\Nosibay =>PUP.BubbleDock^
C:\Users\GIRAUX\AppData\Roaming\Store =>PUP.Nosibay^
C:\Users\GIRAUX\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\GIRAUX\AppData\Roaming\WTools =>PUP.Nosibay^
C:\Users\GIRAUX\AppData\Local\Boxore =>Adware.Boxore^
C:\Users\GIRAUX\AppData\Local\BrowserHelper =>PUP.BrowserHelper^
C:\Users\GIRAUX\AppData\Local\Crossbrowse =>PUP.CrossBrowser^
C:\Users\GIRAUX\AppData\Local\globalUpdate =>PUP.GlobalUpdate^
C:\Users\GIRAUX\AppData\Local\Mobogenie =>PUP.Mobogenie^
C:\Users\GIRAUX\AppData\Local\Pay-By-Ads =>PUP.PaybyAds^
C:\Users\GIRAUX\AppData\Local\PriceMeter =>PUP.PriceMeter^
C:\Users\GIRAUX\AppData\Local\SmartWeb =>PUP.SmartWeb^
C:\Users\GIRAUX\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch^
C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader =>PUP.YTDownloader^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\GIRAUX\AppData\Local\Installer =>Adware.InstallPedia
C:\Program Files (x86)\LPT\srptm.exe =>Adware.Incredibar^
C:\ProgramData\LolliScan\LolliScan.exe =>Adware.Graftor^
C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate^
C:\ProgramData\NetEngine\bin\D10\netengine.exe =>PUP.NetEngine^
C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\0b642246-fc58-4410-b932-752a207eab85-6 =>PUP.CrossRider^
C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\0b642246-fc58-4410-b932-752a207eab85-7 =>PUP.CrossRider^
C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5 =>PUP.CrossRider^
C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5_user =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\Crossbrowse.job =>PUP.CrossBrowser^
C:\Windows\System32\Tasks\Crossbrowse =>PUP.CrossBrowser^
C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-6 =>PUP.CrossRider^
C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-7 =>PUP.CrossRider^
C:\Windows\Tasks\ELJRZPJZDT1.job =>Adware.Graftor^
C:\Windows\System32\Tasks\ELJRZPJZDT1 =>Adware.Graftor^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE^
[HKCU\Software\AppDataLow\Software\rrsavings] =>PUP.SupraSavings^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV03.05-nv-ie] =>PUP.CrossRider^
[HKCU\Software\Com NotificationV03.05] =>PUP.ComNotification^
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\Linkey] =>PUP.LinkeySearch^
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\Store] =>PUP.Nosibay^
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider^
[HKCU\Software\System Speedup] =>PUP.SystemSpeedup^
[HKCU\Software\WTools] =>PUP.Nosibay^
[HKCU\Software\YTDownloader] =>PUP.YTDownloader^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^
[HKCU\Software\iWebar-nv] =>PUP.CrossRider^
[HKCU\Software\webget] =>PUP.WebGet^
[HKLM\Software\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\BubbleSound] =>PUP.BubbleSound^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Linkey] =>PUP.LinkeySearch^
[HKLM\Software\LolliScan] =>Adware.Graftor^
[HKLM\Software\Object Browser-nv] =>PUP.ObjectBrowser^
[HKLM\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\WebBar] =>PUP.WebBar^
[HKLM\Software\Wow6432Node\3f585072-86b4-4d27-8c32-b704fface458] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Com NotificationV03.05] =>PUP.ComNotification^
[HKLM\Software\Wow6432Node\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Infonaut_1.10.0.13] =>PUP.Infonaut^
[HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor^
[HKLM\Software\Wow6432Node\Mobogenie3] =>PUP.Mobogenie^
[HKLM\Software\Wow6432Node\Object Browser-nv] =>PUP.ObjectBrowser^
[HKLM\Software\Wow6432Node\Object Browser] =>PUP.ObjectBrowser^
[HKLM\Software\Wow6432Node\PriceMeterLiveUpdate] =>PUP.PriceMeter^
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp^
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard^
[HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect^
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\SmdmF] =>PUP.SystemK^
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser^
[HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup^
[HKLM\Software\Wow6432Node\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\c7d483c5-0c81-4def-bbab-72526f8fb45f] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\df3972d2-1d1e-465e-b207-d0d25917c046] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\e9a0c2a9-fe4f-4d67-95d7-555ba284866a] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\fa6ad263-1cfd-e15d-6912-a81441b577d0] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\freeSoftToday] =>Adware.FreeSoftToday^
[HKLM\Software\Wow6432Node\iWebar-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\iWebar] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Wow6432Node\sweet-pageSoftware] =>PUP.SweetPage^
[HKLM\Software\Wow6432Node\webget] =>PUP.WebGet^
[HKLM\Software\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\iWebar-nv] =>PUP.CrossRider^
[HKLM\Software\rrsavings] =>PUP.SupraSavings^
C:\Windows\Installer\2fbc15.msi =>Adware.IncrediBar^
~ Additionnel Scan: 150839 Items scanned in 02mn 47s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 5 Scanned in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/adware-incredibar =>Adware.Incredibar
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/pup-sweetpage =>PUP.SweetPage
http://nicolascoolman.fr/pup-shopperpro =>PUP.ShopperPro
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.BubbleSound
http://www.nicolascoolman.fr/blog/ =>PUP.WindeskWinsearch
http://nicolascoolman.fr/pup-pricemeter =>PUP.PriceMeter
http://www.nicolascoolman.fr/blog/ =>PUP.Nosibay
http://nicolascoolman.fr/pup-ytdownloader =>PUP.YTDownloader
http://nicolascoolman.fr/adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://www.nicolascoolman.fr/blog/ =>PUP.IePluginService
http://nicolascoolman.fr/pup-webget =>PUP.WebGet
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://www.nicolascoolman.fr/blog/ =>PUP.ComNotification
http://nicolascoolman.fr/pup-objectbrowser =>PUP.ObjectBrowser
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://www.nicolascoolman.fr/blog/ =>PUP.NetEngine
http://nicolascoolman.fr/rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog/ =>PUP.OnlineLowDeals
http://www.nicolascoolman.fr/blog/ =>PUP.DynConIE
http://nicolascoolman.fr/pup-suprasavings =>PUP.SupraSavings
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/pup-linkeysearch =>PUP.LinkeySearch
http://www.nicolascoolman.fr/blog/ =>PUP.SafeGuard
http://nicolascoolman.fr/pup-systemspeedup =>PUP.SystemSpeedup
http://www.nicolascoolman.fr/blog/ =>PUP.WebBar
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp
http://nicolascoolman.fr/pup-systemk =>PUP.SystemK
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog/ =>PUP.Less2Pay
http://www.nicolascoolman.fr/blog/ =>PUP.TopDeal
http://nicolascoolman.fr/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserHelper
http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>Adware.GamesDesktop
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://nicolascoolman.fr/rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.fr/pup-viewpassword =>PUP.ViewPassword
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.fr/crapware-spyhunter =>Crapware.SpyHunter
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://www.nicolascoolman.fr/blog/ =>Hijacker.SearchSimple
http://www.nicolascoolman.fr/blog/ =>PUP.AkamaiHD
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.fr/adware-installpedia =>Adware.InstallPedia
~ MSI: 67 link(s) detected in 00mn 00s
End of the scan (1610 lines in 12mn 05s)(0.10)
~ Lancé par GIRAUX (22/05/2015 13:23:56)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.17357 (Defaut)
GCIE: Google Chrome v42.0.2311.152
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : 7XH36
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8, 64-bit (Build 9200)
---\\ Logiciels de protection du système
Windows Defender W8 (Activate)
---\\ Logiciels d'optimisation du système
CCleaner v5.05
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
---\\ Informations sur le système
~ Processor: AMD64 Family 22 Model 0 Stepping 1, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3525 MB (61% free)
System Restore: Activé (Enable)
System drive C: has 409 GB (90%) free of 451 GB
---\\ Mode de connexion au système
~ Computer Name: PORTABLE
~ User Name: GIRAUX
~ All Users Names: GIRAUX, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\GIRAUX\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\GIRAUX\AppData\Roaming\
~ %Desktop% : C:\Users\GIRAUX\Desktop\
~ %Favorites% : C:\Users\GIRAUX\Favorites\
~ %LocalAppData% : C:\Users\GIRAUX\AppData\Local\
~ %StartMenu% : C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 409 Go of 451 Go)
D: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.1AE81E63F2B5030C874E89E5E667AAEC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2015 - 14:53:34.) -- C:\Windows\System32\wininet.dll [2237440]
[MD5.75DD70A14145499C9F7D903CF9A8C91B] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.12/04/2014 - 10:10:31.) -- C:\Windows\System32\Winlogon.exe [578048]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.FE7FB9612D354EB41DF4F0FF5D6FB259] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.29/05/2014 - 23:24:46.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.58CC013EFA9893057160EDA018D8ADCE] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.15/07/2014 - 23:51:05.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.14EE56050E1637926F5CFA65B1F4209B] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.12/07/2014 - 05:34:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [404480]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.AA37946941ED3805AB3A924965907147] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04/07/2014 - 11:52:10.) -- C:\Windows\system32\Drivers\volsnap.sys [328000]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/373
~ Mes musiques (My Musics) : 29/1038
~ Mes Favoris (My Favorites) : 1/6
~ Mon Bureau (My Desktop) : 1/3
~ Menu demarrer (Programs) : 1/22
~ Hidden Files: Scanned in 00mn 03s
---\\ Processus lancés
[MD5.C1DCF54DA67BA34970C1F9A139F7302B] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872] [PID.240]
[MD5.3F214479B626B10649F0D0CD070D2D7E] - (.Pas de propriétaire - srptm.) -- C:\Program Files (x86)\LPT\srptm.exe [24608] [PID.5092] =>Adware.Incredibar
[MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8209408] [PID.4528]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [__MSG_appName__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [__MSG_appName__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [__MSG_appName__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [__MSG_appName__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [AdBlock]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [Bookmark Manager]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [Chrome Hotword Shared Module]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [__MSG_APP_NAME__]
G2 - EXT: C:\Users\GIRAUX\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [__MSG_appName__]
~ Google Lines Browser: 18 Scanned in 00mn 01s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (10.00.9200.16384 (win8_rtm.120725-1247)) -- C:\Windows\SysWOW64\ieframe.dll
~ IE Browser: 21 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: ShopperProBHO [64Bits] - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} . (.Goobzo Ltd. - ShopperPro Extension.) -- C:\ProgramData\ShopperPro\ShopperPro.dll =>PUP.ShopperPro
O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} Clé orpheline
~ BHO: 3 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [GIRAUX]: Crossbrowse.lnk . (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - GS\QuickLaunch [GIRAUX]: speed browser.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\browser.exe (.not file.) =>PUP.SpeedBrowser
O4 - GS\Program [GIRAUX]: Internet Explorer.lnk . (...) -- C:\Program Files (x86)\speed browser\Application\browser.exe (.not file.) =>PUP.SpeedBrowser
~ Global Startup: 4 Scanned in 00mn 04s
---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [GIRAUX]: crossbrowse.lnk . (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [3D BubbleSound] C:\Program Files\BubbleSound\3D BubbleSound.exe (.not file.) =>PUP.BubbleSound
O4 - HKLM\..\Run: [Windesk Winsearch] C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe (.not file.) =>PUP.WindeskWinsearch
O4 - HKCU\..\Run: [PriceMeterW] C:\Users\GIRAUX\AppData\Local\PriceMeter\pricemeterw.exe (.not file.) =>PUP.PriceMeter
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_2B44EB5D69AF54BFC9D8665A05B6DE3A] C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - HKCU\..\Run: [WindApp] C:\Users\GIRAUX\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O4 - HKCU\..\Run: [Selection Tools] C:\Users\GIRAUX\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>PUP.Nosibay
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
O4 - HKCU\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1850\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_177] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_174] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [AnyProtect Scanner] C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\Wow6432Node\Run: [AnyProtect Tray] C:\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_486] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
O4 - HKLM\..\Wow6432Node\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1850\jsdrv.exe (.not file.) =>PUP.ShopperPro
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_543] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_541] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [PriceMeterW] C:\Users\GIRAUX\AppData\Local\PriceMeter\pricemeterw.exe (.not file.) =>PUP.PriceMeter
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [GoogleChromeAutoLaunch_2B44EB5D69AF54BFC9D8665A05B6DE3A] C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) =>PUP.CrossBrowser
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [WindApp] C:\Users\GIRAUX\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [Selection Tools] C:\Users\GIRAUX\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
O4 - HKUS\S-1-5-21-2641858561-105066415-3428219565-1001\..\Run: [SPDriver] C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1850\jsdrv.exe (.not file.) =>PUP.ShopperPro
~ Application: Scanned in 00mn 01s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C1C956D4-0309-4791-B605-05F4C9A7B4C5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8862A18-86D7-470C-9DA0-78C3DFEF90C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C1C956D4-0309-4791-B605-05F4C9A7B4C5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C8862A18-86D7-470C-9DA0-78C3DFEF90C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll (.not file.) =>PUP.SearchProtect
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: (BrsHelper) . (...) - C:\Program Files (x86)\YTDOWN~1\BROWSE~2.exe (.not file.) =>PUP.YTDownloader
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
O23 - Service: Launch Manager Service (LMSvc) . (.Acer Incorporate - LMSvc.) - C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
O23 - Service: LPT System Updater Service (LPTSystemUpdater) . (.Pas de propriétaire - srpts.) - C:\Program Files (x86)\LPT\srpts.exe =>Adware.Incredibar
O23 - Service: ShopperPro Update (SPBIUpd) . (.ShopperPro - ShopperPro Update Service.) - C:\Program Files\Common Files\ShopperPro\spbiu.exe =>PUP.ShopperPro
O23 - Service: Update webget (Update webget) . (...) - C:\Program Files (x86)\webget\updatewebget.exe =>PUP.WebGet
O23 - Service: Util webget (Util webget) . (...) - C:\Program Files (x86)\webget\bin\utilwebget.exe =>PUP.WebGet
O23 - Service: Service Component of VO (VOsrv) . (...) - C:\Users\GIRAUX\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
~ Services: 11 Scanned in 00mn 11s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [0b642246-fc58-4410-b932-752a207eab85-6] (...) -- C:\Program Files (x86)\iWebar\0b642246-fc58-4410-b932-752a207eab85-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [0b642246-fc58-4410-b932-752a207eab85-7] (...) -- C:\Program Files (x86)\iWebar\0b642246-fc58-4410-b932-752a207eab85-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [9945dbcb-e897-4cea-a53f-ed8953383cef-10_user] (...) -- C:\Program Files (x86)\Com NotificationV03.05\9945dbcb-e897-4cea-a53f-ed8953383cef-10.exe (.not file.) [0] =>PUP.ComNotification
[MD5.00000000000000000000000000000000] [APT] [9945dbcb-e897-4cea-a53f-ed8953383cef-5] (...) -- C:\Program Files (x86)\Com NotificationV03.05\9945dbcb-e897-4cea-a53f-ed8953383cef-5.exe (.not file.) [0] =>PUP.ComNotification
[MD5.00000000000000000000000000000000] [APT] [9945dbcb-e897-4cea-a53f-ed8953383cef-5_user] (...) -- C:\Program Files (x86)\Com NotificationV03.05\9945dbcb-e897-4cea-a53f-ed8953383cef-5.exe (.not file.) [0] =>PUP.ComNotification
[MD5.F92019F2A58640821B109B30193D5E7D] [APT] [ALU] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [3367976]
[MD5.B690DE3B3D28AD45112BE310780DBE8D] [APT] [ALUAgent] (...) -- C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [40008]
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.1F014EA12ECB13C909DA9395E9CD3D18] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6278424]
[MD5.00000000000000000000000000000000] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe (.not file.) [0] =>PUP.CrossBrowser
[MD5.00000000000000000000000000000000] [APT] [d979759b-6e82-4f71-aa1c-60d914ad30cb-6] (...) -- C:\Program Files (x86)\Object Browser\d979759b-6e82-4f71-aa1c-60d914ad30cb-6.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [d979759b-6e82-4f71-aa1c-60d914ad30cb-7] (...) -- C:\Program Files (x86)\Object Browser\d979759b-6e82-4f71-aa1c-60d914ad30cb-7.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.0681DF6912DC2E445131FF0A2B9291A0] [APT] [ELJRZPJZDT1] (.LolliScan.) -- C:\ProgramData\LolliScan\LolliScan.exe [805376] =>Adware.Graftor
[MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.GlobalUpdate
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848]
[MD5.90BB91E880B05658F60C0087A7A9BB12] [APT] [Inst_Rep] (...) -- C:\Users\GIRAUX\AppData\Local\Installer\Install_22929\DCytdieamodc_amodc_setup.exe [1427968]
[MD5.1A5877A21F757889DBCAF3DB156E0267] [APT] [Launch Manager] (.Acer Incorporate.) -- C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [415272]
[MD5.00000000000000000000000000000000] [APT] [MKMITXA] (...) -- C:\ProgramData\f750b025f568439c8b31ca354d0531a9\f750b025f568439c8b31ca354d0531a9.exe (.not file.) [0]
[MD5.0C7CF368F3C810C4982DDE08D3C50C45] [APT] [NetEngine] (...) -- C:\ProgramData\NetEngine\bin\D10\netengine.exe [75776] =>PUP.NetEngine
[MD5.00000000000000000000000000000000] [APT] [RegClean Pro] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.) [0] =>Rogue.RegistryPowerCleaner
[MD5.00000000000000000000000000000000] [APT] [SmartWeb Upgrade Trigger Task] (...) -- C:\Users\GIRAUX\AppData\Local\SmartWeb\SmartWebHelper.exe (.not file.) [0] =>PUP.SmartWeb
[MD5.00000000000000000000000000000000] [APT] [SPBIW_UpdateTask_Time_3334383039303237392d232d783232575b5a34452d2a] (...) -- C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [SPDriver] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.42.1.1850\jsdrv.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [temp_0b642246-fc58-4410-b932-752a207eab85-6] (...) -- C:\Program Files (x86)\iWebar\0b642246-fc58-4410-b932-752a207eab85-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [temp_d979759b-6e82-4f71-aa1c-60d914ad30cb-6] (...) -- C:\Program Files (x86)\Object Browser\d979759b-6e82-4f71-aa1c-60d914ad30cb-6.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [YTDownloader] (...) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) [0] =>PUP.YTDownloader
[MD5.00000000000000000000000000000000] [APT] [YTDownloaderUpd] (...) -- C:\Program Files (x86)\YTDownloader\updater.exe (.not file.) [0] =>PUP.YTDownloader
O39 - APT: - (..) -- C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-1-7.job [3368]
O39 - APT: 0b642246-fc58-4410-b932-752a207eab85-6 - (...) -- C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-6.job [5852] =>PUP.CrossRider
O39 - APT: 0b642246-fc58-4410-b932-752a207eab85-6 - (...) -- C:\Windows\System32\Tasks\0b642246-fc58-4410-b932-752a207eab85-6 [5852] =>PUP.CrossRider
O39 - APT: 0b642246-fc58-4410-b932-752a207eab85-7 - (...) -- C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-7.job [5852] =>PUP.CrossRider
O39 - APT: 0b642246-fc58-4410-b932-752a207eab85-7 - (...) -- C:\Windows\System32\Tasks\0b642246-fc58-4410-b932-752a207eab85-7 [5852] =>PUP.CrossRider
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-10_user - (...) -- C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-10_user.job [2134]
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-10_user - (...) -- C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-10_user [2134]
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-5 - (...) -- C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5.job [2468] =>PUP.CrossRider
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-5 - (...) -- C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5 [2468] =>PUP.CrossRider
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-5_user - (...) -- C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5_user.job [2468] =>PUP.CrossRider
O39 - APT: 9945dbcb-e897-4cea-a53f-ed8953383cef-5_user - (...) -- C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5_user [2468] =>PUP.CrossRider
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect
O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1076] =>PUP.CrossBrowser
O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [1076] =>PUP.CrossBrowser
O39 - APT: - (..) -- C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-1-7.job [3048]
O39 - APT: d979759b-6e82-4f71-aa1c-60d914ad30cb-6 - (...) -- C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-6.job [5524] =>PUP.CrossRider
O39 - APT: d979759b-6e82-4f71-aa1c-60d914ad30cb-6 - (...) -- C:\Windows\System32\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-6 [5524] =>PUP.CrossRider
O39 - APT: d979759b-6e82-4f71-aa1c-60d914ad30cb-7 - (...) -- C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-7.job [5188] =>PUP.CrossRider
O39 - APT: d979759b-6e82-4f71-aa1c-60d914ad30cb-7 - (...) -- C:\Windows\System32\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-7 [5188] =>PUP.CrossRider
O39 - APT: ELJRZPJZDT1 - (.LolliScan.) -- C:\Windows\Tasks\ELJRZPJZDT1.job [350] =>Adware.Graftor
O39 - APT: ELJRZPJZDT1 - (.LolliScan.) -- C:\Windows\System32\Tasks\ELJRZPJZDT1 [350] =>Adware.Graftor
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [930] =>PUP.GlobalUpdate
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [930] =>PUP.GlobalUpdate
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1090]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1090]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1094]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1094]
~ Scheduled Task: 61 Scanned in 00mn 20s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 9 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (innfd_1_10_0_13) . (. - .) - C:\Windows\System32\drivers\innfd_1_10_0_13.sys (.not file.)
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: ({0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64.sys =>PUP.LinkiDoo
O41 - Driver: ({55685567-4840-4a91-962b-49a412e9485a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys =>PUP.LinkiDoo
O41 - Driver: ({55685567-4840-4a91-962b-49a412e9485a}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys =>PUP.LinkiDoo
O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 44 Scanned in 00mn 01s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {E1E0840D-AF8E-15D0-4C25-0C98EC5EF472}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {29200C76-2ADF-0C62-BE0D-2AC087740379}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {5C56AD8F-7317-42CB-B5D9-955F4F4BF6A5}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM][64Bits] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A}
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: LPT System Updater Service - (.LPT.) [HKLM][64Bits] -- {BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24} =>Adware.IncrediBar
O42 - Logiciel: Live Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE26E302-876A-48D9-9058-3129E5B99999}
O42 - Logiciel: OEM Application Profile - (.Nom de votre société.) [HKLM][64Bits] -- {C89A97B6-F991-EBB5-77B7-927BCF420EBE}
O42 - Logiciel: OnlineLowDeals - (.OnlineLowDeals.) [HKLM][64Bits] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1 =>PUP.OnlineLowDeals
O42 - Logiciel: Packard Bell Device Fast-lane - (.Packard Bell.) [HKLM][64Bits] -- {3F62D2FD-13C1-49A2-8B5D-47623D9460D7}
O42 - Logiciel: Packard Bell Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- {C18D55BD-1EC6-466D-B763-8EEDDDA9100E}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61}
O42 - Logiciel: QCA CardReader Driver Installer - (.Qualcomm Inc..) [HKLM][64Bits] -- {4E0BC999-655B-421D-87F3-640C6F2BFC11}
O42 - Logiciel: Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Dr - (.Qualcomm Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Qualcomm Atheros WLAN and Bluetooth Client Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WebFilteringEngine - (.Lavasoft.) [HKLM][64Bits] -- {CE5E1FC7-FD27-493F-A65F-23AD7ED9661D}
~ Logic: 35 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ATI]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE
[HKCU\Software\AppDataLow\Software\adawarebp]
[HKCU\Software\AppDataLow\Software\rrsavings] =>PUP.SupraSavings
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\Atheros]
[HKCU\Software\Boost]
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Browser]
[HKCU\Software\Chromium]
[HKCU\Software\CinemaPlus-3.2cV03.05-nv-ie] =>PUP.CrossRider
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Com NotificationV03.05] =>PUP.ComNotification
[HKCU\Software\ComNotificationV03.05]
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser
[HKCU\Software\CyberLink]
[HKCU\Software\Ecommfactory]
[HKCU\Software\Google]
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Licenses]
[HKCU\Software\Linkey] =>PUP.LinkeySearch
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Mine]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Norton]
[HKCU\Software\Nosibay]
[HKCU\Software\OB]
[HKCU\Software\OEM]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Software]
[HKCU\Software\Store] =>PUP.Nosibay
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\System Speedup] =>PUP.SystemSpeedup
[HKCU\Software\Trolltech]
[HKCU\Software\WTools] =>PUP.Nosibay
[HKCU\Software\Wow6432Node]
[HKCU\Software\YTDownloader] =>PUP.YTDownloader
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate
[HKCU\Software\iWebar-nv] =>PUP.CrossRider
[HKCU\Software\kde.org]
[HKCU\Software\systweak]
[HKCU\Software\webget] =>PUP.WebGet
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Atheros]
[HKLM\Software\BubbleSound] =>PUP.BubbleSound
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Google]
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Linkey] =>PUP.LinkeySearch
[HKLM\Software\LolliScan] =>Adware.Graftor
[HKLM\Software\Macromedia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\Object Browser-nv] =>PUP.ObjectBrowser
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\SonicFocus]
[HKLM\Software\Synaptics]
[HKLM\Software\Waves Audio]
[HKLM\Software\WebBar] =>PUP.WebBar
[HKLM\Software\Wow6432Node\3f585072-86b4-4d27-8c32-b704fface458] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\ATHEROS]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Boost]
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Com NotificationV03.05] =>PUP.ComNotification
[HKLM\Software\Wow6432Node\Crossbrowse] =>PUP.CrossBrowser
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Infonaut_1.10.0.13] =>PUP.Infonaut
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Mobogenie3] =>PUP.Mobogenie
[HKLM\Software\Wow6432Node\MovieDea]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Object Browser-nv] =>PUP.ObjectBrowser
[HKLM\Software\Wow6432Node\Object Browser] =>PUP.ObjectBrowser
[HKLM\Software\Wow6432Node\Piriform]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PriceMeterLiveUpdate] =>PUP.PriceMeter
[HKLM\Software\Wow6432Node\Qualcomm Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Qualcomm Atheros WLAN and Bluetooth Client Installation Program]
[HKLM\Software\Wow6432Node\Qualcomm Inc.]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard
[HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\Wow6432Node\SmdmF] =>PUP.SystemK
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\YTDownloader] =>PUP.YTDownloader
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\c7d483c5-0c81-4def-bbab-72526f8fb45f] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\df3972d2-1d1e-465e-b207-d0d25917c046] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\e9a0c2a9-fe4f-4d67-95d7-555ba284866a] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\fa6ad263-1cfd-e15d-6912-a81441b577d0] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\freeSoftToday] =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\iWebar-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\iWebar] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
[HKLM\Software\Wow6432Node\sweet-pageSoftware] =>PUP.SweetPage
[HKLM\Software\Wow6432Node\systweak]
[HKLM\Software\Wow6432Node\webget] =>PUP.WebGet
[HKLM\Software\Wow6432Node]
[HKLM\Software\YTDownloader] =>PUP.YTDownloader
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\iWebar-nv] =>PUP.CrossRider
[HKLM\Software\rrsavings] =>PUP.SupraSavings
~ Key Software: 232 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/05/2015 - 17:52:28 - [] ----D C:\Program Files (x86)\AMD AVT
O43 - CFD: 03/06/2013 - 23:20:08 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 18/05/2015 - 15:31:52 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/05/2015 - 15:54:46 - [] ----D C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 18/05/2015 - 17:24:36 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 03/06/2013 - 23:46:04 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 21/05/2015 - 20:45:05 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 13/08/2014 - 23:16:41 - [] ----D C:\Program Files (x86)\LPT =>Adware.Incredibar
O43 - CFD: 03/06/2013 - 23:53:13 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 26/07/2012 - 10:12:59 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 09/04/2013 - 14:37:01 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 16/04/2014 - 21:33:29 - [] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 03/06/2013 - 23:32:41 - [] ----D C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 03/06/2013 - 23:22:44 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 09/04/2013 - 14:37:02 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 17/05/2015 - 18:41:36 - [] ----D C:\Program Files (x86)\Software
O43 - CFD: 03/06/2013 - 23:23:31 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 09/05/2014 - 16:07:26 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 18/05/2015 - 15:00:17 - [] ----D C:\Program Files (x86)\webget =>PUP.WebGet
O43 - CFD: 16/04/2014 - 21:35:10 - [] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 21/05/2015 - 20:46:33 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 04/06/2013 - 08:57:06 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 06/05/2014 - 15:16:18 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 26/07/2012 - 10:12:59 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 27/04/2014 - 17:52:35 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/07/2012 - 10:12:59 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22/05/2015 - 13:23:23 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 03/06/2013 - 23:29:59 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 03/06/2013 - 23:20:11 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 03/06/2013 - 23:22:39 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 18/04/2014 - 09:48:49 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 03/06/2013 - 23:30:55 - [] ----D C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 04/06/2013 - 08:57:06 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 18/05/2015 - 14:50:11 - [0] ----D C:\ProgramData\374311380
O43 - CFD: 18/05/2015 - 15:18:12 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 09/05/2014 - 15:56:04 - [0] ----D C:\ProgramData\Adobe
O43 - CFD: 18/05/2015 - 15:45:09 - [] ----D C:\ProgramData\ae122001df57b070
O43 - CFD: 03/06/2013 - 23:20:14 - [] ----D C:\ProgramData\AMD
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 03/06/2013 - 23:38:36 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 16/04/2014 - 23:43:31 - [] ----D C:\ProgramData\BitDefender
O43 - CFD: 03/06/2013 - 23:54:57 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 03/05/2015 - 14:34:17 - [] ----D C:\ProgramData\Browser
O43 - CFD: 14/04/2014 - 16:45:57 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 03/06/2013 - 23:47:53 - [] ----D C:\ProgramData\CLSK
O43 - CFD: 09/05/2014 - 15:27:10 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 18/05/2015 - 17:57:43 - [0] ----D C:\ProgramData\eaf46fbd000079d7
O43 - CFD: 18/05/2015 - 15:18:15 - [0] ----D C:\ProgramData\f750b025f568439c8b31ca354d0531a9
O43 - CFD: 18/05/2015 - 16:47:09 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 03/06/2013 - 23:46:04 - [] ----D C:\ProgramData\install_clap
O43 - CFD: 16/04/2014 - 21:19:27 - [] ----D C:\ProgramData\Lavasoft
O43 - CFD: 18/05/2015 - 16:46:53 - [0] ----D C:\ProgramData\lessu2paY =>PUP.Less2Pay
O43 - CFD: 18/05/2015 - 16:43:43 - [] ----D C:\ProgramData\LolliScan =>Adware.Graftor
O43 - CFD: 14/04/2014 - 16:45:57 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 21/05/2015 - 20:46:47 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14/04/2014 - 16:45:57 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 17/05/2015 - 19:15:07 - [] ----D C:\ProgramData\MovieDeaConfig
O43 - CFD: 18/05/2015 - 15:31:29 - [] ----D C:\ProgramData\Nero
O43 - CFD: 02/05/2015 - 14:45:16 - [] ----D C:\ProgramData\NetEngine =>PUP.NetEngine
O43 - CFD: 16/04/2014 - 23:16:19 - [] ----D C:\ProgramData\Norton
O43 - CFD: 16/04/2014 - 21:30:58 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 16/04/2014 - 21:34:01 - [0] ----D C:\ProgramData\OEM
O43 - CFD: 14/04/2014 - 17:11:15 - [] ----D C:\ProgramData\OEM_YAHOO
O43 - CFD: 05/05/2015 - 23:03:20 - [] ----D C:\ProgramData\OnlineLowDeals =>PUP.OnlineLowDeals
O43 - CFD: 09/04/2013 - 16:41:56 - [] ----D C:\ProgramData\Packard Bell
O43 - CFD: 18/04/2014 - 09:53:13 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 03/06/2013 - 23:29:04 - [] ----D C:\ProgramData\Qualcomm Atheros
O43 - CFD: 02/05/2015 - 14:45:08 - [] ----D C:\ProgramData\Radio
O43 - CFD: 03/06/2013 - 23:53:21 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 17/05/2015 - 18:25:57 - [] ----D C:\ProgramData\ShopperPro =>PUP.ShopperPro
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 03/06/2013 - 23:54:56 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 29/05/2014 - 14:01:30 - [] ----D C:\ProgramData\Systweak
O43 - CFD: 17/05/2015 - 22:10:32 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 26/07/2012 - 09:22:08 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 18/05/2015 - 16:46:53 - [0] ----D C:\ProgramData\toapdEal =>PUP.TopDeal
O43 - CFD: 16/04/2014 - 21:34:51 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 13/08/2014 - 23:32:13 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 26/07/2012 - 10:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 17/05/2015 - 21:31:41 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 06/05/2014 - 15:14:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 29/05/2014 - 14:01:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 03/06/2013 - 23:20:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
O43 - CFD: 17/05/2015 - 18:17:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 03/05/2015 - 15:25:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 03/06/2013 - 23:47:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
O43 - CFD: 09/04/2013 - 16:41:16 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 18/05/2015 - 17:25:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 26/07/2012 - 10:13:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 16/04/2014 - 21:33:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell
O43 - CFD: 03/05/2015 - 15:11:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser
O43 - CFD: 26/07/2012 - 10:13:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 09/05/2014 - 12:33:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup
O43 - CFD: 09/04/2013 - 16:34:05 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 26/07/2012 - 09:52:44 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 09/05/2014 - 16:07:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 22/05/2015 - 13:23:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 14/04/2014 - 17:11:01 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Adobe
O43 - CFD: 03/05/2015 - 16:14:11 - [] -SH-D C:\Users\GIRAUX\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 13/08/2014 - 23:34:41 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\ap_logs
O43 - CFD: 14/04/2014 - 17:11:43 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Atheros
O43 - CFD: 04/05/2014 - 19:41:12 - [] ----D C:\Users\GIRAUX\AppData\Roaming\CyberLink
O43 - CFD: 16/04/2014 - 21:27:15 - [] ----D C:\Users\GIRAUX\AppData\Roaming\LavasoftStatistics
O43 - CFD: 16/04/2014 - 21:17:29 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Macromedia
O43 - CFD: 18/05/2015 - 15:40:17 - [] -S--D C:\Users\GIRAUX\AppData\Roaming\Microsoft
O43 - CFD: 09/05/2014 - 15:49:22 - [] ----D C:\Users\GIRAUX\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 03/05/2015 - 15:25:11 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\Nosibay =>PUP.BubbleDock
O43 - CFD: 18/05/2015 - 15:48:31 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\Store =>PUP.Nosibay
O43 - CFD: 14/04/2014 - 17:09:05 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Synaptics
O43 - CFD: 18/05/2015 - 14:50:13 - [] ----D C:\Users\GIRAUX\AppData\Roaming\systweak
O43 - CFD: 24/05/2014 - 10:54:31 - [] ----D C:\Users\GIRAUX\AppData\Roaming\vlc
O43 - CFD: 18/05/2015 - 14:20:57 - [] ----D C:\Users\GIRAUX\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 18/05/2015 - 15:34:37 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\WTools =>PUP.Nosibay
O43 - CFD: 22/05/2015 - 13:24:54 - [] ----D C:\Users\GIRAUX\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 14/04/2014 - 17:08:05 - [] -SH-D C:\Users\GIRAUX\AppData\Local\Application Data
O43 - CFD: 03/05/2015 - 15:06:58 - [] ----D C:\Users\GIRAUX\AppData\Local\Boxore =>Adware.Boxore
O43 - CFD: 17/05/2015 - 18:27:02 - [] ----D C:\Users\GIRAUX\AppData\Local\BrowserHelper =>PUP.BrowserHelper
O43 - CFD: 17/05/2014 - 11:41:40 - [] ----D C:\Users\GIRAUX\AppData\Local\cache
O43 - CFD: 18/05/2015 - 17:37:27 - [0] ----D C:\Users\GIRAUX\AppData\Local\CrashDumps
O43 - CFD: 17/05/2015 - 18:23:58 - [] ----D C:\Users\GIRAUX\AppData\Local\CrashRpt
O43 - CFD: 03/05/2015 - 15:26:08 - [] ----D C:\Users\GIRAUX\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 04/05/2014 - 19:36:34 - [] ----D C:\Users\GIRAUX\AppData\Local\CyberLink
O43 - CFD: 18/05/2015 - 14:17:59 - [] ----D C:\Users\GIRAUX\AppData\Local\ElevatedDiagnostics
O43 - CFD: 03/05/2015 - 15:54:46 - [] ----D C:\Users\GIRAUX\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 18/05/2015 - 17:25:25 - [] ----D C:\Users\GIRAUX\AppData\Local\Google
O43 - CFD: 14/04/2014 - 17:08:05 - [] -SH-D C:\Users\GIRAUX\AppData\Local\Historique
O43 - CFD: 17/05/2015 - 18:24:00 - [] ----D C:\Users\GIRAUX\AppData\Local\Installer
O43 - CFD: 18/05/2015 - 14:17:15 - [] ----D C:\Users\GIRAUX\AppData\Local\Microsoft
O43 - CFD: 18/05/2015 - 15:26:19 - [] ----D C:\Users\GIRAUX\AppData\Local\Mobogenie =>PUP.Mobogenie
O43 - CFD: 18/05/2015 - 17:57:48 - [] ----D C:\Users\GIRAUX\AppData\Local\Packages
O43 - CFD: 04/05/2015 - 07:16:46 - [] ----D C:\Users\GIRAUX\AppData\Local\Pay-By-Ads =>PUP.PaybyAds
O43 - CFD: 18/05/2015 - 15:32:33 - [0] ----D C:\Users\GIRAUX\AppData\Local\PriceMeter =>PUP.PriceMeter
O43 - CFD: 09/05/2014 - 12:32:23 - [] ----D C:\Users\GIRAUX\AppData\Local\Programs
O43 - CFD: 18/05/2015 - 15:40:58 - [] ----D C:\Users\GIRAUX\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 22/05/2015 - 13:23:28 - [] ----D C:\Users\GIRAUX\AppData\Local\Temp
O43 - CFD: 14/04/2014 - 17:08:05 - [] -SH-D C:\Users\GIRAUX\AppData\Local\Temporary Internet Files
O43 - CFD: 13/08/2014 - 23:16:31 - [] ----D C:\Users\GIRAUX\AppData\Local\VirtualStore
O43 - CFD: 17/05/2015 - 19:15:45 - [] ----D C:\Users\GIRAUX\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch
O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/05/2015 - 21:39:20 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/04/2014 - 22:13:19 - [0] ----D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 26/07/2012 - 10:13:00 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 18/05/2015 - 16:54:20 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/07/2012 - 10:13:00 - [] R---D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 17/05/2015 - 18:26:35 - [] ----D C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader =>PUP.YTDownloader
~ Program Folder: 151 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B397E9007C8B2B9CE2239C1C022864E8] - 17/05/2015 - 17:37:32 ---A- . (.Microsoft Corporation - Microsoft Remote Desktop Services Web Proxy.) -- C:\Windows\System32\TSWbPrxy.exe [62976]
O44 - LFC:[MD5.5A416C253D2C50327928ABC4A1D8A0F2] - 17/05/2015 - 17:37:47 ---A- . (.Microsoft Corporation - Microsoft antimalware boot driver.) -- C:\Windows\System32\Drivers\WdBoot.sys [44024]
O44 - LFC:[MD5.6FBA6CD2348DEC440D0C6D511C55F3FE] - 17/05/2015 - 17:37:47 ---A- . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) -- C:\Windows\System32\Drivers\WdFilter.sys [275712]
O44 - LFC:[MD5.462E0B687C91D7366854C2F6BFB00E58] - 17/05/2015 - 18:34:48 ---A- . (.Microsoft Corporation - Accessibilité au Clavier visuel.) -- C:\Windows\System32\osk.exe [1557504]
O44 - LFC:[MD5.662ADE2A7C7ACF4F6564EEA4C53FAE5C] - 17/05/2015 - 18:35:17 ---A- . (.Microsoft Corporation - DLL de MSCTF Server.) -- C:\Windows\System32\msctf.dll [1120256]
O44 - LFC:[MD5.107D5A70F14C14A131C49E81825C3B05] - 17/05/2015 - 18:35:50 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [46080]
O44 - LFC:[MD5.0A317C0BB483FF3070C151178D96F966] - 17/05/2015 - 18:35:50 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [366592]
O44 - LFC:[MD5.177BCA227E28BED6038E177FE355D13F] - 17/05/2015 - 18:43:03 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1822696]
O44 - LFC:[MD5.A9AB270898C402F3AD37E38F9C8EE1E6] - 17/05/2015 - 18:43:10 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [6971712]
O44 - LFC:[MD5.ADC6CD0741F7709E42462DBD44339779] - 17/05/2015 - 18:51:33 ---A- . (.Microsoft Corporation - Windows Update Wu exports.) -- C:\Windows\System32\wuaext.dll [17920]
O44 - LFC:[MD5.74B43007AB5D88E7460D392692C7152E] - 17/05/2015 - 18:51:35 ---A- . (.Microsoft Corporation - Fournisseur d’impression de rendu côté clie.) -- C:\Windows\System32\win32spl.dll [733184]
O44 - LFC:[MD5.D4051AA2ACD38AABF9DEC24B8A331EB1] - 17/05/2015 - 18:51:35 ---A- . (.Microsoft Corporation - VHD Miniport Driver.) -- C:\Windows\System32\Drivers\vhdmp.sys [499008]
O44 - LFC:[MD5.ADE55469A4E5705D3FF3C8BA40913B68] - 17/05/2015 - 18:51:39 ---A- . (.Microsoft Corporation - DLL de spouleur local.) -- C:\Windows\System32\localspl.dll [1024512]
O44 - LFC:[MD5.CC5B978B9A7EBFF2BB154A816554F51C] - 17/05/2015 - 18:51:58 ---A- . (.Microsoft Corporation - Canonical Display Driver.) -- C:\Windows\System32\cdd.dll [199680]
O44 - LFC:[MD5.2BB5627EB587FA995086C3D8C21B6D3F] - 17/05/2015 - 18:51:58 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [1453400]
O44 - LFC:[MD5.D1700FF9826062C5ABEF85CA69B4748C] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Authentication Provider.) -- C:\Windows\System32\storewuauth.dll [176640]
O44 - LFC:[MD5.DCE4D6C62FAAE4091192A9AEB168C69B] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Expérience utilisateur du client Windows Up.) -- C:\Windows\System32\wucltux.dll [1623552]
O44 - LFC:[MD5.070BE566C1400A6F2331424317F32F85] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update Application Launcher.) -- C:\Windows\System32\wuapp.exe [40448]
O44 - LFC:[MD5.26E5CF7EA10E6036948AA1D8AE1CCEFF] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update Modern WuApp.) -- C:\Windows\System32\WUSettingsProvider.dll [253440]
O44 - LFC:[MD5.ECE495D0FB10AA463C3936B201828307] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update Vista Web Control.) -- C:\Windows\System32\wuwebv.dll [144384]
O44 - LFC:[MD5.800DED1F9B8730AF41260B9125D1BAA7] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update WUDriver Stub.) -- C:\Windows\System32\wudriver.dll [100352]
O44 - LFC:[MD5.BB94C39C0EEB8810CE3E65611232D59C] - 17/05/2015 - 18:52:17 ---A- . (.Microsoft Corporation - Windows Update.) -- C:\Windows\System32\wuauclt.exe [59392]
O44 - LFC:[MD5.F308E862F5D9BB309426D8A979FD6F3A] - 17/05/2015 - 18:52:18 ---A- . (.Microsoft Corporation - API du client Windows Update.) -- C:\Windows\System32\wuapi.dll [775168]
O44 - LFC:[MD5.C5B45464B98F211FE58AEE62CFF21F05] - 17/05/2015 - 18:52:20 ---A- . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [3286016]
O44 - LFC:[MD5.AF623B31019F5C05A2BEA9DD0D76938E] - 17/05/2015 - 19:16:06 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [717824]
O44 - LFC:[MD5.559A933F5647A7A2783C8A0C6CB0514C] - 17/05/2015 - 19:16:06 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [100184]
O44 - LFC:[MD5.45845AF69F92DEA0347168DFC6FA917B] - 17/05/2015 - 19:16:07 ---A- . (.Microsoft Corporation - Kernel Cryptography, Next Generation.) -- C:\Windows\System32\Drivers\cng.sys [570248]
O44 - LFC:[MD5.9587B18205C24D36982D89E6E951BDC2] - 17/05/2015 - 19:16:07 ---A- . (.Microsoft Corporation - SHCORE.) -- C:\Windows\System32\SHCore.dll [588800]
O44 - LFC:[MD5.61E919D24D684E4F5C95637B0DC3C424] - 17/05/2015 - 19:16:07 ---A- . (.Microsoft Corporation - Utilisateur du Panneau de configuration.) -- C:\Windows\System32\usercpl.dll [1043968]
O44 - LFC:[MD5.F9C42DAF7DB2A258FC1BD8143AD1C67B] - 17/05/2015 - 19:16:08 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1282560]
O44 - LFC:[MD5.356ADC20BA404E9AFD7B656985E0C0F7] - 17/05/2015 - 19:16:08 ---A- . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll [413696]
O44 - LFC:[MD5.E51B673D22F1173C94DD4635856782AA] - 17/05/2015 - 19:18:38 ---A- . (.Microsoft Corporation - Ressources API de Microsoft Internet Messag.) -- C:\Windows\System32\INETRES.dll [84480]
O44 - LFC:[MD5.8A719F1DC93B17F97DE4CAFF38B3405D] - 17/05/2015 - 19:18:39 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [67072]
O44 - LFC:[MD5.424D3CEBF9C34C556CB477BE22C4DAA7] - 17/05/2015 - 19:18:39 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2706432]
O44 - LFC:[MD5.0FA9266BF44E9F5BC0F1165656C42F46] - 17/05/2015 - 19:18:39 ---A- . (.Microsoft Corporation - Windows User Experience Session Initializat.) -- C:\Windows\System32\UXInit.dll [53760]
O44 - LFC:[MD5.2AF78B1E4D2FBED75F19612860EA91AD] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [197120]
O44 - LFC:[MD5.42500995A17983A275267340C13E664D] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - IE Sysprep Provider.) -- C:\Windows\System32\iesysprep.dll [136704]
O44 - LFC:[MD5.7C6FAE780C49FE64E077367155C1E4AE] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [53760]
O44 - LFC:[MD5.646F847078FDFAC6729D88C6F9B334CB] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [255488]
O44 - LFC:[MD5.B0A544DC31E911712A99A55EC22820F5] - 17/05/2015 - 19:18:40 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [39936]
O44 - LFC:[MD5.9ECEAE1A5A6DC821AA25E044BE6AB8E5] - 17/05/2015 - 19:18:41 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [441856]
O44 - LFC:[MD5.80336B9BD238FD950D9A04E2E4BC19C8] - 17/05/2015 - 19:18:41 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [97280]
O44 - LFC:[MD5.E029990E88DC9D793FB10EB2082FDADD] - 17/05/2015 - 19:18:41 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [51712]
O44 - LFC:[MD5.38EBD11426B4891D2DBF0D62499BB9AD] - 17/05/2015 - 19:18:42 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [1509376]
O44 - LFC:[MD5.4B70F8851C197DB31DE09F2CCF8A2D89] - 17/05/2015 - 19:18:43 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [603136]
O44 - LFC:[MD5.E4B6DD1EDF6027C6568AC73279D12190] - 17/05/2015 - 19:18:44 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [949760]
O44 - LFC:[MD5.5F13F0A3A9A3C7359AF630AD57F2DFF7] - 17/05/2015 - 19:18:45 ---A- . (.Microsoft Corporation - Bibliothèque de thèmes Ux Microsoft.) -- C:\Windows\System32\uxtheme.dll [915968]
O44 - LFC:[MD5.10B0D9CB7B39E337E4A3EC40F16331E9] - 17/05/2015 - 19:18:45 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [856064]
O44 - LFC:[MD5.4F7B2F763F14FDCEC2B85BB6E0FDE70F] - 17/05/2015 - 19:18:45 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [601600]
O44 - LFC:[MD5.F8CCAE0AE956F119C6EFECB504D93FF6] - 17/05/2015 - 19:18:46 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1409536]
O44 - LFC:[MD5.1AE81E63F2B5030C874E89E5E667AAEC] - 17/05/2015 - 19:18:49 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2237440]
O44 - LFC:[MD5.68501FB2A0222B911176EB94EBB98CFE] - 17/05/2015 - 19:18:53 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2656768]
O44 - LFC:[MD5.284538F66C8345CBE7EA2F04A310E44D] - 17/05/2015 - 19:19:00 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [3959296]
O44 - LFC:[MD5.86DB2157AE231B30C1FAC7426AB95B82] - 17/05/2015 - 19:19:03 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [15414784]
O44 - LFC:[MD5.58CC013EFA9893057160EDA018D8ADCE] - 17/05/2015 - 19:19:41 ---A- . (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\Drivers\hdaudbus.sys [71168]
O44 - LFC:[MD5.97EC5A7687742297BE7D31163CD86738] - 17/05/2015 - 19:20:20 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [19291136]
O44 - LFC:[MD5.2D1FE642F10A382FA1F0409CC8E1B38E] - 17/05/2015 - 19:21:52 ---A- . (.Microsoft Corporation - CMI tssdis plug-in.) -- C:\Windows\System32\tssdisai.dll [144896]
O44 - LFC:[MD5.2797CA73EABC59B39189F67CB6074C44] - 17/05/2015 - 19:21:52 ---A- . (.Microsoft Corporation - Exécuteur de file d’attente d’opérations pr.) -- C:\Windows\System32\poqexec.exe [148480]
O44 - LFC:[MD5.AD7B1F0444344752EF123A687ED59487] - 17/05/2015 - 19:23:07 ---A- . (.Microsoft Corporation - Service de cache de police Windows.) -- C:\Windows\System32\FntCache.dll [1280512]
O44 - LFC:[MD5.8B33AE7DDD81F677DC3D7D113DC77466] - 17/05/2015 - 19:23:08 ---A- . (.Microsoft Corporation - Services de typographie Microsoft DirectX.) -- C:\Windows\System32\DWrite.dll [1839616]
O44 - LFC:[MD5.ACC70FACEA41BC63C26875EF5238CEE9] - 17/05/2015 - 19:23:09 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4063744]
O44 - LFC:[MD5.590A2B4198DD35AA42893BA04F66FD3F] - 17/05/2015 - 19:23:18 ---A- . (.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\System32\services.exe [417280]
O44 - LFC:[MD5.0FB1BBE9E3B635BF2FA268C6EBD82738] - 17/05/2015 - 19:25:27 ---A- . (.Microsoft Corporation - Windows Globalization.) -- C:\Windows\System32\Windows.Globalization.dll [951808]
O44 - LFC:[MD5.65CE473E4368E67D6EDB5D86646C08F3] - 17/05/2015 - 19:25:31 ---A- . (...) -- C:\Windows\System32\locale.nls [478296]
O44 - LFC:[MD5.20C01B1C480554BD060272573259890F] - 17/05/2015 - 19:43:30 ---A- . (.Microsoft Corporation - Microsoft® Volume Shadow Copy Requestor/Wri.) -- C:\Windows\System32\vssapi.dll [1519104]
O44 - LFC:[MD5.FE37051171F3B90B18037FDBAC5B9D76] - 17/05/2015 - 19:43:30 ---A- . (.Microsoft Corporation - Service de cliché instantané de volumes Mic.) -- C:\Windows\System32\VSSVC.exe [1484288]
O44 - LFC:[MD5.2E9F4330645108C6A35EAB1120CD96D4] - 17/05/2015 - 19:43:31 ---A- . (.Microsoft Corporation - Bibliothèque de suivi du service VSS Micros.) -- C:\Windows\System32\vsstrace.dll [69632]
O44 - LFC:[MD5.33E13020AC1F8DEE162EEC6A7461ADB1] - 18/05/2015 - 13:51:10 ---A- . (...) -- C:\Windows\patsearch.bin [2369]
O44 - LFC:[MD5.47F3FEC378EFC91984827DE1FBA8F566] - 18/05/2015 - 13:56:38 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [419328]
O44 - LFC:[MD5.535831BAADBADB04BA8D730BE642EA08] - 18/05/2015 - 13:56:38 ---A- . (.Microsoft Corporation - Program Compatibility Data Updater.) -- C:\Windows\System32\aepdu.dll [227328]
O44 - LFC:[MD5.EE5ED8E6998D7E686F614BA8D876829B] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [192000]
O44 - LFC:[MD5.150416EB645442AB9AF3ECC0AA183A92] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1111552]
O44 - LFC:[MD5.5B99806639E7B8F30785F48688ACA14A] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [957440]
O44 - LFC:[MD5.0E4A6B258A3024B6F9C96A133451F930] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll [30720]
O44 - LFC:[MD5.3F6F5A2AB1E07C302C209B1BE284B386] - 18/05/2015 - 13:56:39 ---A- . (.Microsoft Corporation - Inventory Agent.) -- C:\Windows\System32\invagent.dll [769024]
O44 - LFC:[MD5.6C7DB777144972B9C0A47B144B9DCC8A] - 18/05/2015 - 13:56:40 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [726528]
O44 - LFC:[MD5.9BD3DE5E420C4123BA08613270764AC4] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corp. - Module de défragmenteur de disque.) -- C:\Windows\System32\Defrag.exe [181248]
O44 - LFC:[MD5.DF9F74432FB1CE9178F33E276A4431BA] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Bashkir Keyboard Layout.) -- C:\Windows\System32\KBDBASH.DLL [6656]
O44 - LFC:[MD5.9ED8C4F352416C11C73C6D912906CA79] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Russia(Typewriter) Keyboard Layout.) -- C:\Windows\System32\KBDRU1.DLL [7168]
O44 - LFC:[MD5.05CA44CAA9C4FB53923E1A9E44EA0F0F] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Russian - Mnemonic Keyboard Layout.) -- C:\Windows\System32\KBDRUM.DLL [8704]
O44 - LFC:[MD5.B495BC16629E0BCED17CEFD25C23964E] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Russian Keyboard Layout.) -- C:\Windows\System32\KBDRU.DLL [6656]
O44 - LFC:[MD5.DCFD9072A8A1AFCBFB0E05B32C9150EB] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Sakha - Russia Keyboard Layout.) -- C:\Windows\System32\KBDYAK.DLL [7168]
O44 - LFC:[MD5.03D0D2E49D71AD3F0D545F5F915B10F9] - 18/05/2015 - 14:13:24 ---A- . (.Microsoft Corporation - Tatar (Legacy) Keyboard Layout.) -- C:\Windows\System32\KBDTAT.DLL [7168]
O44 - LFC:[MD5.FC1569B5705887D74FE7C8A39BE1C71C] - 18/05/2015 - 14:13:26 ---A- . (.Microsoft Corporation - Microsoft\Optimiseur de lecteur.) -- C:\Windows\System32\defragsvc.dll [340480]
O44 - LFC:[MD5.AA37946941ED3805AB3A924965907147] - 18/05/2015 - 14:13:28 ---A- . (.Microsoft Corporation - Pilote de cliché instantané du volume.) -- C:\Windows\System32\Drivers\volsnap.sys [328000]
O44 - LFC:[MD5.5AAB01B8725DC24CA6B3FC5012D70DB9] - 18/05/2015 - 14:13:28 ---A- . (.Microsoft Corporation - Windows Connection Service Provider DLL.) -- C:\Windows\System32\wcmcsp.dll [74752]
O44 - LFC:[MD5.C5FE4940CA3C5FB2EAB6C39C3FC456AD] - 18/05/2015 - 14:13:29 ---A- . (.Microsoft Corporation - API du Gestionnaire de fenêtres du Bureau M.) -- C:\Windows\System32\dwmapi.dll [117248]
O44 - LFC:[MD5.F43314B83101DEBF7D7CCD42493CFC60] - 18/05/2015 - 14:13:29 ---A- . (.Microsoft Corporation - DLL du service de gestion des connexions Wi.) -- C:\Windows\System32\wcmsvc.dll [263680]
O44 - LFC:[MD5.9C7C5190CD04EFAD1A71A4D6A8A44FDE] - 18/05/2015 - 14:13:30 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\System32\winload.exe [1271664]
O44 - LFC:[MD5.50FDEA8EDF71EB1A9F6C76D6E613BC60] - 18/05/2015 - 14:13:33 ---A- . (.Microsoft Corporation - Direct3D 10 Rasterizer.) -- C:\Windows\System32\d3d10warp.dll [2238464]
O44 - LFC:[MD5.11FAD2D291E172B95FCB54B4B1CE508F] - 18/05/2015 - 14:13:33 ---A- . (.Microsoft Corporation - OS Loader.) -- C:\Windows\System32\winload.efi [1403896]
O44 - LFC:[MD5.4930F66E2F2BC026DBA513CBE2F38DB1] - 18/05/2015 - 14:13:34 ---A- . (.Microsoft Corporation - Décodeur vidéo Windows Media.) -- C:\Windows\System32\WMVDECOD.DLL [2842112]
O44 - LFC:[MD5.3D353BA6A5A2A39AC34034FF57CAEDE9] - 18/05/2015 - 14:13:36 ---A- . (.Microsoft Corporation - WMI Provider for Storage Management.) -- C:\Windows\System32\storagewmi.dll [1539584]
O44 - LFC:[MD5.374D0F32D84F6214C72CC7AE0646D808] - 18/05/2015 - 14:14:02 ---A- . (.Microsoft Corporation - DLL du Gestionnaire de processus d’arrière-.) -- C:\Windows\System32\ubpm.dll [325632]
O44 - LFC:[MD5.693D4C4FF116A2834B8736DF960C8B7A] - 18/05/2015 - 14:21:02 ---A- . (.Microsoft Corporation - Programme d’installation de la base de donn.) -- C:\Windows\System32\sdbinst.exe [25088]
O44 - LFC:[MD5.6902412DF14B4B7AB1DE53B74DEDF80B] - 18/05/2015 - 14:21:03 ---A- . (.Microsoft Corporation - Fichier DLL du client de compatibilité des.) -- C:\Windows\System32\apphelp.dll [632832]
O44 - LFC:[MD5.480C020D9B58E881A5349F5F1189A418] - 18/05/2015 - 14:21:03 ---A- . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [204288]
O44 - LFC:[MD5.063C1CE377CD584DAD99F4C128113397] - 18/05/2015 - 14:21:38 ---A- . (.Microsoft Corporation - Service journal des événements.) -- C:\Windows\System32\wevtsvc.dll [1688576]
O44 - LFC:[MD5.27A4C3F2CB4DF20BF81B2449861BC75F] - 18/05/2015 - 14:21:41 ---A- . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\Windows\System32\WPDShServiceObj.dll [96256]
O44 - LFC:[MD5.861E7664346A2917054EDBF28A9A16CB] - 18/05/2015 - 14:21:42 ---A- . (.Microsoft Corporation - Extension de l’environnement des appareils.) -- C:\Windows\System32\wpdshext.dll [2048000]
O44 - LFC:[MD5.9D17F78BB04A3EF67426AFD087660188] - 18/05/2015 - 14:22:07 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [410017]
O44 - LFC:[MD5.BB0CC9FC01F800B80250CDA2477F4C20] - 18/05/2015 - 14:23:17 ---A- . (.Microsoft Corporation - Photo Metadata Handler.) -- C:\Windows\System32\PhotoMetadataHandler.dll [452096]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/05/2015 - 14:53:55 ---A- . (...) -- C:\autoexec.bat [0]
O44 - LFC:[MD5.6D56EDA9E2E584392BAC447585714D60] - 18/05/2015 - 16:06:25 ---A- . (...) -- C:\Windows\win.ini [194]
O44 - LFC:[MD5.933D0641FFD98BDD19A0EDE448668084] - 18/05/2015 - 16:24:48 ---A- . (.Microsoft Corporation - WinFX OpenType/CFF Rasterizer.) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [124112]
O44 - LFC:[MD5.65D9D98DBFF574BA9B68F76F0BB1630E] - 18/05/2015 - 16:55:56 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [140425016]
O44 - LFC:[MD5.8752CC895B972F48D82F9ADB3D96E351] - 21/05/2015 - 19:44:18 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [295552]
O44 - LFC:[MD5.F1C59DAF0B958C6DBED434DEF9374926] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1793362]
O44 - LFC:[MD5.B7B9BE0E093DB6212C09FD31B2028E2B] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\perfc009.dat [132614]
O44 - LFC:[MD5.ABC8123FF141AE26EA1B05F145B3C54C] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [155650]
O44 - LFC:[MD5.1D178A6EA3291AA0F3121276E4F5F1F6] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\perfh009.dat [710244]
O44 - LFC:[MD5.D9C5431C12142069EB5518E76D056F66] - 21/05/2015 - 19:55:05 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [800978]
O44 - LFC:[MD5.5C428AED0739F742B90B651C55A89C89] - 21/05/2015 - 20:42:15 ---A- . (...) -- C:\Windows\System32\spu_storage.bin [65536]
O44 - LFC:[MD5.1B1EDE4B8A00420B898DE827EB8DE6FC] - 22/05/2015 - 12:09:30 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.F266DDA44CB26ABB264F581CF8BF69D8] - 22/05/2015 - 12:22:46 ---A- . (...) -- C:\Windows\WindowsUpdate.log [209841]
~ Files: 117 Scanned in 03mn 13s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.2A26E881A7253454A0D05663113B9D42] - 17/05/2015 - 16:56:26 ---A- - C:\Windows\Prefetch\3D BUBBLESOUND.EXE-920EAE65.pf =>PUP.BubbleSound
O45 - LFCP:[MD5.E966D0D05C3C889A5E5D11F8B917809A] - 03/05/2015 - 14:24:10 ---A- - C:\Windows\Prefetch\3DBUBBLESOUND.EXE-8529772A.pf =>PUP.BubbleSound
O45 - LFCP:[MD5.7AD36E3D31A5E9C1E25BD4BE8D87F554] - 02/05/2015 - 10:56:24 ---A- - C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.EXE-8EADCC4C.pf =>PUP.WebBar
O45 - LFCP:[MD5.34B9D403CCD208FBCC006E8B46517F41] - 02/05/2015 - 10:56:24 ---A- - C:\Windows\Prefetch\AIRWEBBAR_SOFT_PARTNER.TMP-FBDE2C6C.pf =>PUP.WebBar
O45 - LFCP:[MD5.DFA3FB124B8E5C64F5F7C5AF2AF0B888] - 18/05/2015 - 13:30:09 ---A- - C:\Windows\Prefetch\ANYPROTECT.EXE-53752276.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.E55736F27ADA89CB87DA7F0CC5D4D7C3] - 09/05/2014 - 15:15:53 ---A- - C:\Windows\Prefetch\ANYPROTECTSCANNERSETUP.EXE-78729A55.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.95C3F73A7828FF8EA086F80AC32004D5] - 03/07/2014 - 17:32:14 ---A- - C:\Windows\Prefetch\ANYPROTECTSCANNERSETUP.EXE-A8FC7DFA.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.77E80F1B751AF511849F7D1A8BCC3CE5] - 17/05/2015 - 16:57:19 ---A- - C:\Windows\Prefetch\ANYPROTECTTRAYICON.EXE-27142BBB.pf =>PUP.AnyProtect
O45 - LFCP:[MD5.D73295B9F2B425E724257B190AAA5375] - 13/08/2014 - 22:31:16 ---A- - C:\Windows\Prefetch\AUG13_SWEET-PAGE.EXE-B7829FB4.pf =>PUP.SweetPage
O45 - LFCP:[MD5.91E5E904729C276D33CBA60778AF0613] - 02/05/2015 - 09:49:08 ---A- - C:\Windows\Prefetch\AVAAVAEVY.EXE-F0D0FB4D.pf =>PUP.SearchProtect
O45 - LFCP:[MD5.3E56FB2E0AEA2E127EBC9367AC84BC9D] - 17/05/2015 - 16:57:22 ---A- - C:\Windows\Prefetch\BOXORE.EXE-43C373DB.pf =>Adware.Boxore
O45 - LFCP:[MD5.662A30D7D8138762B151D8E088966316] - 09/01/2015 - 20:19:27 ---A- - C:\Windows\Prefetch\BOXORE.EXE-666CD123.pf =>Adware.Boxore
O45 - LFCP:[MD5.1D3340824FEEEE77C3E674EAE603B289] - 03/05/2015 - 14:23:57 ---A- - C:\Windows\Prefetch\BUBBLE DOCK BSETUP.EXE-DFED0F4A.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.8273D222DFC0CDB48ACE6ADC3E785D53] - 17/05/2015 - 17:24:55 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-3D298B56.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.A60A5B0A402BD3B64ED750FCEC50CEC3] - 17/05/2015 - 17:24:22 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-55962E5A.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.BB5003CC2AEAF28708D28D2AD3C3420B] - 17/05/2015 - 17:24:37 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-8D7EBCA0.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.7D032D1F11CEBE2FC51FFCEF70E6AF30] - 17/05/2015 - 17:22:05 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-91DAA462.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.273DF47B6F00B2929847D3F0BAE8F6AA] - 17/05/2015 - 17:22:11 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-BF82B3BB.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.6A4F14FE5B8F670C905442A91F389B48] - 17/05/2015 - 17:25:26 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-E8E96170.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.5FEE4301157388775E237700CA6C0CF5] - 16/05/2015 - 14:47:23 ---A- - C:\Windows\Prefetch\BUBBLE DOCK UPDATE.EXE-F9BF41B5.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.6BCAC4FFCF2D44102833649D46D85450] - 17/05/2015 - 17:13:23 ---A- - C:\Windows\Prefetch\BUBBLE DOCK.EXE-6662D36E.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.1982CC5C106358CBC3D4973181A4975C] - 18/05/2015 - 16:40:11 ---A- - C:\Windows\Prefetch\CROSSBROWSE.EXE-6BE4601B.pf =>PUP.CrossBrowser
O45 - LFCP:[MD5.8BC266D09B2121DAAF3F15D706206253] - 02/05/2015 - 09:49:19 ---A- - C:\Windows\Prefetch\DLLOGIC.EXE-121B1069.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.599D5F2762F5737C90A38865FAD422C4] - 09/05/2014 - 11:32:29 ---A- - C:\Windows\Prefetch\FST_FR_0805-58F0869E.TMP-6847C904.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.3D1A172110B86A0A93DC4FE8B12DB665] - 17/05/2015 - 16:56:46 ---A- - C:\Windows\Prefetch\FST_FR_174.EXE-0CED5BC1.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.9BC2D53FAE625AEC20B69158622D58F4] - 17/05/2015 - 17:41:34 ---A- - C:\Windows\Prefetch\FST_FR_177.EXE-C7E096D7.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.28270BF5F0ADB873D4CE236516C2E49F] - 18/05/2015 - 15:43:36 ---A- - C:\Windows\Prefetch\GAMESDESKTOP-FR-UNINSTALLER.E-45C8D44D.pf =>Adware.GamesDesktop
O45 - LFCP:[MD5.8CACEE3935B879E8FDF2E363986D5BA2] - 18/05/2015 - 15:43:36 ---A- - C:\Windows\Prefetch\GAMESDESKTOP-FR-UNINSTALLER.T-7A95C272.pf =>Adware.GamesDesktop
O45 - LFCP:[MD5.CE30BE76B94CFFBD66A8CBC43941D5A9] - 22/05/2015 - 12:09:47 ---A- - C:\Windows\Prefetch\GLOBALUPDATE.EXE-2956FB3E.pf =>PUP.GlobalUpdate
O45 - LFCP:[MD5.E6E5052DFCE0FE188ECBF7674CA9C17C] - 21/05/2015 - 19:52:42 ---A- - C:\Windows\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-0D97AF76.pf =>PUP.GlobalUpdate
O45 - LFCP:[MD5.AFA9F90C9A024904B635690511704D69] - 17/05/2015 - 16:57:19 ---A- - C:\Windows\Prefetch\GMSD_FR_486.EXE-214F1261.pf =>PUP.CrossRider
O45 - LFCP:[MD5.54C41ABC5C6BD0296316F5E2DDAB3B76] - 18/05/2015 - 12:23:26 ---A- - C:\Windows\Prefetch\GMSD_FR_543.EXE-6636BF05.pf =>PUP.CrossRider
O45 - LFCP:[MD5.D3D2D19C3188CEA5C68CA1B9CB5F4D75] - 17/05/2015 - 17:28:46 ---A- - C:\Windows\Prefetch\INS_IWEBAR.EXE-1AC9BF13.pf =>PUP.CrossRider
O45 - LFCP:[MD5.B44F4024CF7E6470D06090B83CFAB301] - 17/05/2015 - 17:24:55 ---A- - C:\Windows\Prefetch\INS_SHOPPERPRO.EXE-6525AC53.pf =>PUP.ShopperPro
O45 - LFCP:[MD5.BFCF7C78F3A75E3CD4C1DE6C29C3A3EF] - 17/05/2015 - 16:56:33 ---A- - C:\Windows\Prefetch\LBUBBLE DOCK.EXE-679FEB82.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.87E0FF53765E936176C292BDF3099A7E] - 22/05/2015 - 12:09:58 ---A- - C:\Windows\Prefetch\LOLLISCAN.EXE-24A984AD.pf =>Adware.Graftor
O45 - LFCP:[MD5.401174E4F20B7086014E54FE32EB0E96] - 06/09/2014 - 22:27:21 ---A- - C:\Windows\Prefetch\MOBOGENIE.EXE-7EA50C05.pf =>PUP.Mobogenie
O45 - LFCP:[MD5.69D1663389659759F4AF2B67E45FFC2E] - 04/05/2015 - 06:13:06 ---A- - C:\Windows\Prefetch\NETENGINE.EXE-89180B4B.pf =>PUP.NetEngine
O45 - LFCP:[MD5.D477963C94E535FE7F43CA67F1E39F30] - 18/05/2015 - 16:10:27 ---A- - C:\Windows\Prefetch\NETENGINE.EXE-9D77DEE3.pf =>PUP.NetEngine
O45 - LFCP:[MD5.3856165A2632B72296584A742BC8D118] - 21/05/2015 - 19:39:56 ---A- - C:\Windows\Prefetch\ONLINELOWDEALS.EXE-779BDFA3.pf =>PUP.OnlineLowDeals
O45 - LFCP:[MD5.6818B532389DA75CB0C76A7020AD70D1] - 13/08/2014 - 22:31:39 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-194D0BF1.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.09A920103A2414FF4010BEB93E5CFA6C] - 13/08/2014 - 22:41:26 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-FA03D2EB.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.87FB1B302FABFFCA211F87F71CA22C46] - 18/05/2015 - 15:43:36 ---A- - C:\Windows\Prefetch\OPTIMIZERPROINSTALLER.EXE-CF838C85.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.F4255CAD460C984A80FA7D4B182747AD] - 13/08/2014 - 22:31:55 ---A- - C:\Windows\Prefetch\OPTPROSTART.EXE-65F7E6B1.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.9E6B2F75A6F80263397C944F86882B61] - 02/05/2015 - 10:55:37 ---A- - C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-07CAD180.pf =>PUP.WebBar
O45 - LFCP:[MD5.2B5154539503699E862D369AB876B8AA] - 02/05/2015 - 10:55:38 ---A- - C:\Windows\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-F9BD7C26.pf =>PUP.WebBar
O45 - LFCP:[MD5.04B7DDFFD082ACDDA3BA7BA268C2A703] - 09/05/2014 - 14:54:01 ---A- - C:\Windows\Prefetch\PCSPEEDMAXIMIZER.EXE-60BA47FF.pf =>Rogue.PCSpeedMaximizer
O45 - LFCP:[MD5.D9390C5D2E8B419798E71649472796E4] - 18/05/2015 - 14:22:03 ---A- - C:\Windows\Prefetch\PREDM.EXE-3384F7AA.pf =>Adware.Downware
O45 - LFCP:[MD5.43E6845183D4E483D0AF70ED3A8550CC] - 18/05/2015 - 15:50:39 ---A- - C:\Windows\Prefetch\PREDM.EXE-54BABDD2.pf =>Adware.Downware
O45 - LFCP:[MD5.DF855889D80527D25A47FEAE1E66D02A] - 18/05/2015 - 14:19:01 ---A- - C:\Windows\Prefetch\PREDM.EXE-A6FF2D0D.pf =>Adware.Downware
O45 - LFCP:[MD5.54DEE6398FADEE6B15304F532E64E2A5] - 18/05/2015 - 14:16:19 ---A- - C:\Windows\Prefetch\PREDM.EXE-D3AA664E.pf =>Adware.Downware
O45 - LFCP:[MD5.DB34806BDBF7FD0CB9BA70BEA91A8149] - 18/05/2015 - 14:23:55 ---A- - C:\Windows\Prefetch\PREDM.EXE-E19DECFC.pf =>Adware.Downware
O45 - LFCP:[MD5.0E734ED7802835F39D5BF91F21D1E7C9] - 18/05/2015 - 14:23:55 ---A- - C:\Windows\Prefetch\PREDM.TMP-08B53991.pf =>Adware.Downware
O45 - LFCP:[MD5.E782BCF12E66BAB499C6F3D0C17ABAD7] - 18/05/2015 - 14:22:03 ---A- - C:\Windows\Prefetch\PREDM.TMP-900940DB.pf =>Adware.Downware
O45 - LFCP:[MD5.DFBD5F65EED74CB900362313A5C12666] - 18/05/2015 - 14:19:02 ---A- - C:\Windows\Prefetch\PREDM.TMP-909AC1B0.pf =>Adware.Downware
O45 - LFCP:[MD5.20557FA6666F1EC07615DF45EE805077] - 18/05/2015 - 14:16:19 ---A- - C:\Windows\Prefetch\PREDM.TMP-FD13B63E.pf =>Adware.Downware
O45 - LFCP:[MD5.B68D3C536BDA2401CC6F1AC03C00C866] - 17/05/2015 - 17:40:47 ---A- - C:\Windows\Prefetch\PRICEMETER.EXE-26DC6DF5.pf =>PUP.PriceMeter
O45 - LFCP:[MD5.3855092B0C05E0201D6DAFCFFE90B822] - 17/05/2015 - 17:40:46 ---A- - C:\Windows\Prefetch\PRICEMETERW.EXE-3C4761E0.pf =>PUP.PriceMeter
O45 - LFCP:[MD5.45A352D2FCF388C693AB22EC9FBBEB19] - 18/05/2015 - 14:45:21 ---A- - C:\Windows\Prefetch\R1VIEWPASSWORDH54.EXE-D7488F96.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.5AC66546A04F25AB867174A441B35F91] - 05/05/2015 - 21:26:52 ---A- - C:\Windows\Prefetch\SAFEGUARD.EXE-7CBAAFE7.pf =>PUP.SafeGuard
O45 - LFCP:[MD5.B307E1CFAAFCE61A4C4E15D616BEA758] - 17/05/2015 - 17:41:38 ---A- - C:\Windows\Prefetch\SAFEGUARDAPP.EXE-5C40F3F4.pf =>PUP.SafeGuard
O45 - LFCP:[MD5.E183D9E337B0DAEAD8376CFC64CFEC8A] - 18/05/2015 - 14:33:27 ---A- - C:\Windows\Prefetch\SAFEGUARDAPPUNINSTALL.EXE-5FA3B616.pf =>PUP.SafeGuard
O45 - LFCP:[MD5.7A966926CCD2EDFB810AE143882BEB5E] - 18/05/2015 - 14:33:32 ---A- - C:\Windows\Prefetch\SAFEGUARDSRV.EXE-AD204746.pf =>PUP.SafeGuard
O45 - LFCP:[MD5.8C19D1E76A584662F2E85151A3B791E8] - 18/05/2015 - 14:33:49 ---A- - C:\Windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-47C0B2B3.pf =>PUP.Nosibay
O45 - LFCP:[MD5.61B69F35CA5F0924C80CFBCA40AA825C] - 18/05/2015 - 14:33:57 ---A- - C:\Windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-91EBAEB2.pf =>PUP.Nosibay
O45 - LFCP:[MD5.A8386D8808739A7F06094322E5F95F7B] - 17/05/2015 - 17:41:12 ---A- - C:\Windows\Prefetch\SELECTION TOOLS.EXE-47572FA1.pf =>PUP.Nosibay
O45 - LFCP:[MD5.8A60AE633F1F725B87DCDBB049903502] - 18/05/2015 - 13:26:54 ---A- - C:\Windows\Prefetch\SETUP_RECOVER_REC_FR_31.EXE-28A9E265.pf =>PUP.CrossRider
O45 - LFCP:[MD5.373EFBF404B4B868EF1169D32A7A0089] - 18/05/2015 - 13:26:54 ---A- - C:\Windows\Prefetch\SETUP_RECOVER_REC_FR_31.TMP-23632B96.pf =>PUP.CrossRider
O45 - LFCP:[MD5.44040C27C4FE906B1864A029DC9BE0C8] - 09/05/2014 - 15:39:37 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf =>PUP.MyPCBackup
O45 - LFCP:[MD5.67080DC147ED0BC4F772689ADBABF3E4] - 18/05/2015 - 14:36:50 ---A- - C:\Windows\Prefetch\SMARTBAR.EXE-DE07B86D.pf =>Hijacker.SmartBar
O45 - LFCP:[MD5.B36639A19EAE9D73A8803167B5081B05] - 27/09/2014 - 13:10:23 ---A- - C:\Windows\Prefetch\SMARTBARVERSIONSHELPER.EXE-3FFCFF5A.pf =>Hijacker.SmartBar
O45 - LFCP:[MD5.A274677039E33CD8C7B2DD27DFFB300B] - 18/05/2015 - 11:56:31 ---A- - C:\Windows\Prefetch\SMARTWEBAPP.EXE-08F0DFFC.pf =>PUP.SmartWeb
O45 - LFCP:[MD5.4AA7AB63C43E3CC036F0476D8E12B60C] - 18/05/2015 - 11:56:29 ---A- - C:\Windows\Prefetch\SMARTWEBHELPER.EXE-342058B7.pf =>PUP.SmartWeb
O45 - LFCP:[MD5.B4888CCA44958425235665026A745128] - 18/05/2015 - 13:50:50 ---A- - C:\Windows\Prefetch\SMDMFSERVICE.EXE-4AA7D1F8.pf =>PUP.SystemK
O45 - LFCP:[MD5.F2D6ABB0FAB75E2C8E1CA72C331F3519] - 18/05/2015 - 14:51:18 ---A- - C:\Windows\Prefetch\SPYHUNTER-INSTALLER.EXE-BC667DDF.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.D61D7CF93C05CE752F3F772E6AB3D242] - 18/05/2015 - 14:53:25 ---A- - C:\Windows\Prefetch\SPYHUNTER4.EXE-3B4E3201.pf =>Crapware.SpyHunter
O45 - LFCP:[MD5.9D74CA98E36E763E139E590D1871AEEE] - 13/08/2014 - 22:33:08 ---A- - C:\Windows\Prefetch\SUPIEPLUGINSERVICEUPDATE.EXE-64C891B3.pf =>PUP.IePluginService
O45 - LFCP:[MD5.8EA919AFA4801ED98B6F3483B8960806] - 13/08/2014 - 22:32:47 ---A- - C:\Windows\Prefetch\SUPTAB_NS_V5.8.8.640.EXE-934F7C7F.pf =>PUP.SupTab
O45 - LFCP:[MD5.D945C3442BDE90FD2AF5446195D299B3] - 18/05/2015 - 13:17:50 ---A- - C:\Windows\Prefetch\UPDATEMOBOGENIE.EXE-B1DE5CE4.pf =>PUP.Mobogenie
O45 - LFCP:[MD5.FF13DDF950059B4A9EBEB6FF30C5B4BE] - 18/05/2015 - 15:53:16 ---A- - C:\Windows\Prefetch\UPDATEWEBGET.EXE-966A72C6.pf =>PUP.WebGet
O45 - LFCP:[MD5.2135B9B35FBAB55623A14897568E3277] - 18/05/2015 - 13:26:28 ---A- - C:\Windows\Prefetch\UPFST_FR_174.EXE-ABBB8944.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.2B8DF8D92EBE432ADDD9043B5639C733] - 09/05/2014 - 13:28:31 ---A- - C:\Windows\Prefetch\UPFST_FR_177.EXE-4335BAEA.pf =>Adware.FreeSoftToday
O45 - LFCP:[MD5.38A51932DFA62F91BBCBC939CF003122] - 18/05/2015 - 13:26:54 ---A- - C:\Windows\Prefetch\UPGMSD_FR_486.EXE-8339FE5C.pf =>PUP.CrossRider
O45 - LFCP:[MD5.A58C9DDAE79C5249578021E945C3797F] - 17/05/2015 - 18:11:21 ---A- - C:\Windows\Prefetch\UPGMSD_FR_543.EXE-89222DE0.pf =>PUP.CrossRider
O45 - LFCP:[MD5.52F38D00F07BDF0C0277CAFFD091169C] - 18/05/2015 - 13:58:24 ---A- - C:\Windows\Prefetch\UTILWEBGET.EXE-C5EA2EAE.pf =>PUP.WebGet
O45 - LFCP:[MD5.EF693002735EE0B4E5BC38D8C6613712] - 02/05/2015 - 11:21:15 ---A- - C:\Windows\Prefetch\VIEWPASSWORDQ52.EXE-77AA9D34.pf =>PUP.ViewPassword
O45 - LFCP:[MD5.55697B6241642B067940CEE43ABD61AD] - 18/05/2015 - 12:52:28 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-31218219.pf =>Adware.Downware
O45 - LFCP:[MD5.24E7CBA99A2DF91DFC029FFEE24341AC] - 18/05/2015 - 14:41:11 ---A- - C:\Windows\Prefetch\WAJAM.EXE-1B35FFE4.pf =>PUP.Wajam
O45 - LFCP:[MD5.EDBAF4F6A49EA178E07FF8B6ED40A203] - 18/05/2015 - 14:46:08 ---A- - C:\Windows\Prefetch\WAJAM_64.EXE-A93C0311.pf =>PUP.Wajam
O45 - LFCP:[MD5.5531B8244182D3A1860A08A145BE874C] - 03/05/2015 - 15:08:53 ---A- - C:\Windows\Prefetch\WAJAM_DOWNLOAD_V2.EXE-C82415A6.pf =>PUP.Wajam
O45 - LFCP:[MD5.C83C5A1C5C3332B77A76EC881C3B37E4] - 13/08/2014 - 21:10:23 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-0E806A1A.pf =>PUP.Wajam
O45 - LFCP:[MD5.D87153C2EADE9BB5640A5D91CF5D8057] - 13/08/2014 - 22:33:11 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-9F3AA660.pf =>PUP.Wajam
O45 - LFCP:[MD5.6446F0903C5D2FDDE90E03B7EFC03C22] - 17/05/2015 - 18:03:39 ---A- - C:\Windows\Prefetch\WEBGET.BOAS.EXE-E75A5A8F.pf =>PUP.WebGet
O45 - LFCP:[MD5.2AAC1C4D96F86C6FC69856DFB4BA03EF] - 17/05/2015 - 16:56:09 ---A- - C:\Windows\Prefetch\WEBGET.BOASHELPER.EXE-5FFA6197.pf =>PUP.WebGet
O45 - LFCP:[MD5.CA1B38828BE73A0DC915A40B152E8276] - 17/05/2015 - 18:16:20 ---A- - C:\Windows\Prefetch\WEBGET.BOASPRT.EXE-2DAE2285.pf =>PUP.WebGet
O45 - LFCP:[MD5.5EDDC547D47AC64DDEE3DD475D672410] - 21/05/2015 - 19:41:51 ---A- - C:\Windows\Prefetch\WEBGET.BROWSERADAPTER.EXE-6E444B8F.pf =>PUP.WebGet
O45 - LFCP:[MD5.DC64B0EB189BFD2D581DF43550B7A0DE] - 21/05/2015 - 19:41:51 ---A- - C:\Windows\Prefetch\WEBGET.BROWSERADAPTER64.EXE-2DF3BA81.pf =>PUP.WebGet
O45 - LFCP:[MD5.3EB1B2B07B0F2089C4F948389AEDF58D] - 02/05/2015 - 09:47:29 ---A- - C:\Windows\Prefetch\WEBGET.BRT.HELPER.EXE-AED88B14.pf =>PUP.WebGet
O45 - LFCP:[MD5.9E5C2F9D6E178296D77B7309AFB60F58] - 17/05/2015 - 17:13:23 ---A- - C:\Windows\Prefetch\WEBGET.EXPEXT.EXE-BB00B59C.pf =>PUP.WebGet
O45 - LFCP:[MD5.56DF42230FE2E5506CA94FB73CA8EEEC] - 18/05/2015 - 14:00:30 ---A- - C:\Windows\Prefetch\WEBGET.OFSVC.EXE-C1D7C643.pf =>PUP.WebGet
O45 - LFCP:[MD5.DDEDC95AC4729802C2CB6E9DEE7AA8FB] - 21/05/2015 - 19:42:07 ---A- - C:\Windows\Prefetch\WEBGET.PURBROWSE64.EXE-D19CBDB5.pf =>PUP.WebGet
O45 - LFCP:[MD5.76FA8D076F11AAF12C8C110569BF0FF4] - 09/05/2014 - 14:48:20 ---A- - C:\Windows\Prefetch\WEBGET_SETUP.EXE-EC6C52BC.pf =>PUP.WebGet
O45 - LFCP:[MD5.C8054D34DFAD4341AE394C887178CF36] - 13/08/2014 - 22:32:16 ---A- - C:\Windows\Prefetch\WPM_NS_V20.0.0.502.EXE-7950C172.pf =>PUP.WpManager
O45 - LFCP:[MD5.00721208408D48CECDF639193211BD89] - 18/05/2015 - 16:59:56 ---A- - C:\Windows\Prefetch\YTDOWNLOADER.EXE-DC808E8B.pf =>PUP.YTDownloader
O45 - LFCP:[MD5.B7D5C05CEB320523924D1A52B2CFA073] - 02/05/2015 - 11:21:42 ---A- - C:\Windows\Prefetch\_VIEWPASSWORDQ52.EXE-F3ACBB8C.pf =>PUP.ViewPassword
~ Prefetcher: 105 Scanned in 00mn 07s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 17 Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 01s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 4 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [106736]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [492272]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [340720]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [184048]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [76016]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [258288]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [26352]
O58 - SDL:26/07/2012 - 06:00:49 ---A- . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [104688]
O58 - SDL:26/07/2012 - 06:00:48 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [108272]
O58 - SDL:01/12/2012 - 00:40:16 ---A- . (.Qualcomm Atheros, Inc. - Driver for Atheros AR81xx Secure Digital Host Controller.) -- C:\Windows\System32\Drivers\athrsd.sys [48760]
O58 - SDL:02/06/2012 - 15:31:32 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [2935808]
O58 - SDL:29/03/2013 - 06:01:18 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athw8x.sys [3776512]
O58 - SDL:14/02/2013 - 12:41:14 ---A- . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\AtihdW86.sys [94208]
O58 - SDL:13/03/2013 - 06:58:20 ---A- . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [11644416]
O58 - SDL:13/03/2013 - 04:34:16 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\Drivers\atikmpag.sys [581120]
O58 - SDL:15/04/2013 - 10:06:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [346192]
O58 - SDL:15/04/2013 - 10:06:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\Drivers\btath_avdt.sys [115280]
O58 - SDL:15/04/2013 - 10:06:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [34384]
O58 - SDL:15/04/2013 - 10:06:12 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [89168]
O58 - SDL:15/04/2013 - 10:06:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [179432]
O58 - SDL:15/04/2013 - 10:06:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [77464]
O58 - SDL:15/04/2013 - 10:06:14 ---A- . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [136784]
O58 - SDL:15/04/2013 - 10:06:16 ---A- . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [584272]
O58 - SDL:20/09/2012 - 08:55:24 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [533224]
O58 - SDL:20/09/2012 - 08:55:27 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3265256]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64752]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [411888]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [45296]
O58 - SDL:18/12/2012 - 23:36:44 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys [119528]
O58 - SDL:10/01/2013 - 04:23:14 ---A- . (.Acer Incorporated - Launch Manager Wireless Driver.) -- C:\Windows\System32\Drivers\LMDriver.sys [21360]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [108784]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [92400]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [116976]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [81136]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [51952]
O58 - SDL:26/07/2012 - 06:00:52 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [353008]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [64240]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [52464]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150256]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168176]
O58 - SDL:10/01/2013 - 04:23:14 ---A- . (.Acer Incorporated - RadioShim.) -- C:\Windows\System32\Drivers\RadioShim.sys [15704]
O58 - SDL:19/03/2013 - 13:21:10 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3363016]
O58 - SDL:26/07/2012 - 09:11:43 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44784]
O58 - SDL:26/07/2012 - 06:00:56 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81648]
O58 - SDL:26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:05/02/2013 - 13:54:18 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [469232]
O58 - SDL:28/08/2012 - 13:27:24 ---A- . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\System32\Drivers\usbfilter.sys [58536]
O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19184]
O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [164080]
O58 - SDL:26/07/2012 - 06:00:58 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [322800]
O58 - SDL:09/01/2015 - 00:31:54 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{0d4cca85-dc2d-45b2-bbaf-78d1b51629f0}w64.sys [48824] =>PUP.LinkiDoo
O58 - SDL:27/05/2014 - 15:14:06 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}Gw64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:02/07/2014 - 11:45:58 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{55685567-4840-4a91-962b-49a412e9485a}w64.sys [61112] =>PUP.LinkiDoo
O58 - SDL:07/05/2014 - 15:06:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}Gw64.sys [61112] =>PUP.LinkiDoo
~ Drivers: 55 Scanned in 00mn 05s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 17/05/2015 - 13:29:11 ---A- . (...) -- C:\Users\GIRAUX\AppData\Local\Installer\Install_22929\DCytdieamodc_amodc_setup.exe [1427968]
O61 - LFC: 17/05/2015 - 13:29:27 ---A- . (...) -- C:\Users\GIRAUX\AppData\Roaming\appdataFr3.bin [20]
O61 - LFC: 17/05/2015 - 13:29:31 ---A- . (.Piriform Ltd.) -- C:\Users\GIRAUX\Downloads\ccsetup505.exe [6484352]
O61 - LFC: 18/05/2015 - 13:29:27 ---A- . (.SoftBrain Technologies Ltd..) -- C:\Users\GIRAUX\AppData\Local\SmartWeb\__u.exe [172673] =>PUP.SmartWeb
O61 - LFC: 18/05/2015 - 13:29:31 ---A- . (.Google Inc..) -- C:\Users\GIRAUX\Downloads\ChromeSetup.exe [880208]
O61 - LFC: 21/05/2015 - 13:29:27 ---A- . (.Microsoft Corporation.) -- C:\Users\GIRAUX\AppData\Local\Temp\is-7G6OO.tmp\_isetup\_shfoldr.dll [23312]
O61 - LFC: 22/05/2015 - 13:29:31 ---A- . (.Nicolas Coolman.) -- C:\Users\GIRAUX\Downloads\ZHPDiag2.exe [6880230] =>.Nicolas Coolman
~ 5 Fichiers temporaires (Temporary files)
~ 10 Fichiers cookies (Cookies files)
~ Files: 7 Scanned in 00mn 57s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
~ FASS Keys: 10 Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] OldSearch - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Yahoo! Search) - http://q.search-simple.com =>Hijacker.SearchSimple
O69 - SBI: SearchScopes [HKCU] {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Yahoo! Search) - http://searchsimple-a.akamaihd.net =>PUP.AkamaiHD
O69 - SBI: SearchScopes [HKCU] {8DF2DF13-1CC9-4730-A864-3CEF569D8A69} - (Yahoo! Search) - http://searchsimple-a.akamaihd.net =>PUP.AkamaiHD
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} - (default-search.net) - http://www.default-search.net =>Hijacker.Browsers
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
~ Keys: Scanned in 00mn 00s
---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [204288]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [149504]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [305664]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1366016]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1160192]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99840]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [358400]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [107520]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [62976]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [438784]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [305664]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3286016]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [826368]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [565760]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [894464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151552]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [105472]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1287680]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [219648]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [80896]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [291328]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [190976]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1964544]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [47104]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [207872]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [161792]
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - Service Broker pour les événements système.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224]
~ Services: 34 Scanned in 00mn 02s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.8618798D02987BCBE9D6A4BECA87701F] [SPRF][17/05/2015] (...) -- C:\Users\GIRAUX\AppData\Roaming\appdataFr3.bin [20]
~ Files: 1 Scanned in 00mn 00s
---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 18/05/2015 - 15:18:12 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 18/05/2015 - 15:18:15 - [0] ----D C:\ProgramData\f750b025f568439c8b31ca354d0531a9
~ Files: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.2B106AB8AD3B9FB3299A7BD5210CEF28] [WIS][23/04/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\2fbc15.msi [1892352] =>Adware.IncrediBar
~ WIS: 1 Scanned in 00mn 02s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASAPI32 =>PUP.SafeGuard
HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASMANCS =>PUP.SafeGuard
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\netengine_RASAPI32 =>PUP.NetEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\netengine_RASMANCS =>PUP.NetEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Smartbar_RASAPI32 =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Smartbar_RASMANCS =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webgetUntemp_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webgetUntemp_RASMANCS =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 =>PUP.WebGet
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS =>PUP.WebGet
~ BTK: 45 Scanned in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 22/07/1658 0 | (BrsHelper) . (...) - C:\Program Files (x86)\YTDOWN~1\BROWSE~2.exe =>PUP.YTDownloader
SS - | Demand 16/11/2012 469648 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
SS - | Auto 17/05/2015 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Demand 17/05/2015 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Auto 18/05/2015 107848 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/05/2015 107848 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/03/2013 241152 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 15/04/2013 228480 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 13/08/2014 694784 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService
SR - | Auto 15/03/2013 431656 | (LMSvc) . (.Acer Incorporate.) - C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
SR - | Auto 23/04/2014 37920 | (LPTSystemUpdater) . (...) - C:\Program Files (x86)\LPT\srpts.exe =>Adware.Incredibar
SR - | Auto 17/05/2015 2346416 | (SPBIUpd) . (.ShopperPro.) - C:\Program Files\Common Files\ShopperPro\spbiu.exe =>PUP.ShopperPro
SR - | Auto 18/05/2015 646384 | (Update webget) . (...) - C:\Program Files (x86)\webget\updatewebget.exe =>PUP.WebGet
SR - | Auto 18/05/2015 646384 | (Util webget) . (...) - C:\Program Files (x86)\webget\bin\utilwebget.exe =>PUP.WebGet
SR - | Auto 25/02/2014 353792 | (VOsrv) . (...) - C:\Users\GIRAUX\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Auto 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
~ Services: Scanned in 00mn 29s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by GIRAUX at 22/05/2015 13:33:02
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by GIRAUX at 22/05/2015 13:33:04
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/05/2015)
Clés trouvées (Keys found) : 41
Valeurs trouvées (Values found) : 6
Dossiers trouvés (Folders found) : 33
Fichiers trouvés (Files found) : 96
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\BrsHelper] =>PUP.YTDownloader^
[HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^
[HKLM\SYSTEM\CurrentControlSet\Services\LPTSystemUpdater] =>Adware.Incredibar^
[HKLM\SYSTEM\CurrentControlSet\Services\SPBIUpd] =>PUP.ShopperPro^
[HKLM\SYSTEM\CurrentControlSet\Services\Update webget] =>PUP.WebGet^
[HKLM\SYSTEM\CurrentControlSet\Services\Util webget] =>PUP.WebGet^
[HKLM\SYSTEM\CurrentControlSet\Services\VOsrv] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP1] =>PUP.AnyProtect^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP2] =>PUP.AnyProtect^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierPP3] =>PUP.AnyProtect^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NetEngine] =>PUP.NetEngine^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro] =>Rogue.RegistryPowerCleaner^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartWeb Upgrade Trigger Task] =>PUP.SmartWeb^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd] =>PUP.YTDownloader^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}] =>Adware.IncrediBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1] =>PUP.OnlineLowDeals^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}] =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:3D BubbleSound =>PUP.BubbleSound^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:PriceMeterW =>PUP.PriceMeter^
C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate^
C:\Program Files (x86)\LPT =>Adware.Incredibar^
C:\Program Files (x86)\webget =>PUP.WebGet^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\lessu2paY =>PUP.Less2Pay^
C:\ProgramData\LolliScan =>Adware.Graftor^
C:\ProgramData\NetEngine =>PUP.NetEngine^
C:\ProgramData\OnlineLowDeals =>PUP.OnlineLowDeals^
C:\ProgramData\ShopperPro =>PUP.ShopperPro^
C:\ProgramData\toapdEal =>PUP.TopDeal^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector =>PUP.AdvancedSystemProtector^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser =>PUP.SpeedBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup^
C:\Users\GIRAUX\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^
C:\Users\GIRAUX\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\GIRAUX\AppData\Roaming\Nosibay =>PUP.BubbleDock^
C:\Users\GIRAUX\AppData\Roaming\Store =>PUP.Nosibay^
C:\Users\GIRAUX\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\GIRAUX\AppData\Roaming\WTools =>PUP.Nosibay^
C:\Users\GIRAUX\AppData\Local\Boxore =>Adware.Boxore^
C:\Users\GIRAUX\AppData\Local\BrowserHelper =>PUP.BrowserHelper^
C:\Users\GIRAUX\AppData\Local\Crossbrowse =>PUP.CrossBrowser^
C:\Users\GIRAUX\AppData\Local\globalUpdate =>PUP.GlobalUpdate^
C:\Users\GIRAUX\AppData\Local\Mobogenie =>PUP.Mobogenie^
C:\Users\GIRAUX\AppData\Local\Pay-By-Ads =>PUP.PaybyAds^
C:\Users\GIRAUX\AppData\Local\PriceMeter =>PUP.PriceMeter^
C:\Users\GIRAUX\AppData\Local\SmartWeb =>PUP.SmartWeb^
C:\Users\GIRAUX\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch^
C:\Users\GIRAUX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader =>PUP.YTDownloader^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\GIRAUX\AppData\Local\Installer =>Adware.InstallPedia
C:\Program Files (x86)\LPT\srptm.exe =>Adware.Incredibar^
C:\ProgramData\LolliScan\LolliScan.exe =>Adware.Graftor^
C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate^
C:\ProgramData\NetEngine\bin\D10\netengine.exe =>PUP.NetEngine^
C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\0b642246-fc58-4410-b932-752a207eab85-6 =>PUP.CrossRider^
C:\Windows\Tasks\0b642246-fc58-4410-b932-752a207eab85-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\0b642246-fc58-4410-b932-752a207eab85-7 =>PUP.CrossRider^
C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5 =>PUP.CrossRider^
C:\Windows\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\9945dbcb-e897-4cea-a53f-ed8953383cef-5_user =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\Crossbrowse.job =>PUP.CrossBrowser^
C:\Windows\System32\Tasks\Crossbrowse =>PUP.CrossBrowser^
C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-6 =>PUP.CrossRider^
C:\Windows\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\d979759b-6e82-4f71-aa1c-60d914ad30cb-7 =>PUP.CrossRider^
C:\Windows\Tasks\ELJRZPJZDT1.job =>Adware.Graftor^
C:\Windows\System32\Tasks\ELJRZPJZDT1 =>Adware.Graftor^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE^
[HKCU\Software\AppDataLow\Software\rrsavings] =>PUP.SupraSavings^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV03.05-nv-ie] =>PUP.CrossRider^
[HKCU\Software\Com NotificationV03.05] =>PUP.ComNotification^
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\Linkey] =>PUP.LinkeySearch^
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\Store] =>PUP.Nosibay^
[HKCU\Software\SupHpUISoft] =>PUP.CrossRider^
[HKCU\Software\System Speedup] =>PUP.SystemSpeedup^
[HKCU\Software\WTools] =>PUP.Nosibay^
[HKCU\Software\YTDownloader] =>PUP.YTDownloader^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^
[HKCU\Software\iWebar-nv] =>PUP.CrossRider^
[HKCU\Software\webget] =>PUP.WebGet^
[HKLM\Software\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\BubbleSound] =>PUP.BubbleSound^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Linkey] =>PUP.LinkeySearch^
[HKLM\Software\LolliScan] =>Adware.Graftor^
[HKLM\Software\Object Browser-nv] =>PUP.ObjectBrowser^
[HKLM\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\WebBar] =>PUP.WebBar^
[HKLM\Software\Wow6432Node\3f585072-86b4-4d27-8c32-b704fface458] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Com NotificationV03.05] =>PUP.ComNotification^
[HKLM\Software\Wow6432Node\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Infonaut_1.10.0.13] =>PUP.Infonaut^
[HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor^
[HKLM\Software\Wow6432Node\Mobogenie3] =>PUP.Mobogenie^
[HKLM\Software\Wow6432Node\Object Browser-nv] =>PUP.ObjectBrowser^
[HKLM\Software\Wow6432Node\Object Browser] =>PUP.ObjectBrowser^
[HKLM\Software\Wow6432Node\PriceMeterLiveUpdate] =>PUP.PriceMeter^
[HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp^
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard^
[HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect^
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\SmdmF] =>PUP.SystemK^
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser^
[HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup^
[HKLM\Software\Wow6432Node\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\c7d483c5-0c81-4def-bbab-72526f8fb45f] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\df3972d2-1d1e-465e-b207-d0d25917c046] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\e9a0c2a9-fe4f-4d67-95d7-555ba284866a] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\fa6ad263-1cfd-e15d-6912-a81441b577d0] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\freeSoftToday] =>Adware.FreeSoftToday^
[HKLM\Software\Wow6432Node\iWebar-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\iWebar] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Wow6432Node\sweet-pageSoftware] =>PUP.SweetPage^
[HKLM\Software\Wow6432Node\webget] =>PUP.WebGet^
[HKLM\Software\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\iWebar-nv] =>PUP.CrossRider^
[HKLM\Software\rrsavings] =>PUP.SupraSavings^
C:\Windows\Installer\2fbc15.msi =>Adware.IncrediBar^
~ Additionnel Scan: 150839 Items scanned in 02mn 47s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 5 Scanned in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/adware-incredibar =>Adware.Incredibar
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/pup-sweetpage =>PUP.SweetPage
http://nicolascoolman.fr/pup-shopperpro =>PUP.ShopperPro
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.BubbleSound
http://www.nicolascoolman.fr/blog/ =>PUP.WindeskWinsearch
http://nicolascoolman.fr/pup-pricemeter =>PUP.PriceMeter
http://www.nicolascoolman.fr/blog/ =>PUP.Nosibay
http://nicolascoolman.fr/pup-ytdownloader =>PUP.YTDownloader
http://nicolascoolman.fr/adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://www.nicolascoolman.fr/blog/ =>PUP.IePluginService
http://nicolascoolman.fr/pup-webget =>PUP.WebGet
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://www.nicolascoolman.fr/blog/ =>PUP.ComNotification
http://nicolascoolman.fr/pup-objectbrowser =>PUP.ObjectBrowser
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://www.nicolascoolman.fr/blog/ =>PUP.NetEngine
http://nicolascoolman.fr/rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog/ =>PUP.OnlineLowDeals
http://www.nicolascoolman.fr/blog/ =>PUP.DynConIE
http://nicolascoolman.fr/pup-suprasavings =>PUP.SupraSavings
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/pup-linkeysearch =>PUP.LinkeySearch
http://www.nicolascoolman.fr/blog/ =>PUP.SafeGuard
http://nicolascoolman.fr/pup-systemspeedup =>PUP.SystemSpeedup
http://www.nicolascoolman.fr/blog/ =>PUP.WebBar
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp
http://nicolascoolman.fr/pup-systemk =>PUP.SystemK
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog/ =>PUP.Less2Pay
http://www.nicolascoolman.fr/blog/ =>PUP.TopDeal
http://nicolascoolman.fr/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserHelper
http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>Adware.GamesDesktop
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://nicolascoolman.fr/rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.fr/pup-viewpassword =>PUP.ViewPassword
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.fr/crapware-spyhunter =>Crapware.SpyHunter
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://www.nicolascoolman.fr/blog/ =>Hijacker.SearchSimple
http://www.nicolascoolman.fr/blog/ =>PUP.AkamaiHD
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.fr/adware-installpedia =>Adware.InstallPedia
~ MSI: 67 link(s) detected in 00mn 00s
End of the scan (1610 lines in 12mn 05s)(0.10)