~ Rapport de ZHPDiag v2014.8.6.114 - Nicolas Coolman  (06/08/2014)
~ Lancé par Audrey (08/08/2014 13:58:24)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7601.17514
MFIE: Mozilla Firefox 32.0 (Defaut)
GCIE: Google Chrome v35.0.1916.114

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système
CCleaner v4.10

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader 9.5.5 MUI
Java 7 Update 9

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4024 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 473 GB (80%) free of 584 GB

---\\ Mode de connexion au système
~ Computer Name: AUDREY-PC
~ User Name: Audrey
~ All Users Names: HomeGroupUser$, Audrey, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Audrey\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Audrey\AppData\Roaming\
~ %Desktop% : C:\Users\Audrey\Desktop\
~ %Favorites% : C:\Users\Audrey\Favorites\
~ %LocalAppData% : C:\Users\Audrey\AppData\Local\
~ %StartMenu% : C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 473 Go of 584 Go)
D: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowControlPanel: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center: 49 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.4EFC156290537BB9706D3A7A1A4B8733] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/11/2011 - 06:41:43.) -- C:\Windows\System32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:34:03.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/350
~ Mes musiques (My Musics) : 1/3163
~ Mes Favoris (My Favorites) : 1/29
~ Mes Documents (My Documents) : 8/2899
~ Mon Bureau (My Desktop) : 5/1652
~ Menu demarrer (Programs) : 1/59
~ Hidden Files:  Scanned in 00mn 16s



---\\ Processus lancés
[MD5.AF15816BB8CCD6114B2F99490CA35AC1] - (.Iminent - Iminent Protection.) -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella213.exe   [3088192] [PID.2424]  =>Adware.IMBooster
[MD5.04614DC12E77338F55775349EB90C26C] - (...) -- C:\Program Files (x86)\Iminent\WinkHandler.exe   [425792] [PID.2864]  =>Adware.IMBooster
[MD5.9E195DD48C0341CEB109B5DC567854E1] - (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files (x86)\Desk 365\desk365.exe   [1013808] [PID.3412]  =>Hijacker.22Find
[MD5.AA31CEC6AF77F45C4696DE6A723F0E9E] - (...) -- C:\Users\Audrey\AppData\Local\fst_fr_244\upfst_fr_244.exe   [3354096] [PID.1644]  =>Adware.FreeSoftToday
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe   [186904] [PID.504]
[MD5.449E6CD914920B84DDDF0F12880411EE] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [21444224] [PID.4176]
[MD5.BA73D8DC5DD1CF3E558C2152C3D969AD] - (.Pay By Ads LTD - Pas de description.) -- C:\Users\Audrey\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe   [535472] [PID.4288]
[MD5.B27FFA339170288CE72BF9C8E4872228] - (...) -- C:\Program Files (x86)\v01BlockAndSurf\BlockAndSurf.exe   [131072] [PID.4424]  =>PUP.BlockAndSurf
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe   [270336] [PID.4912]
[MD5.6A75E6BFCCC6BBE6F7CEEEF082214DE1] - (...) -- C:\Program Files (x86)\Remote Mouse Server\RemoteMouse.exe   [7647203] [PID.4956]
[MD5.5AEA1DB5490429EEB0989A0CE2A52D5E] - (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe   [262912] [PID.4992]
[MD5.2B7F2DC5741BB18F7F5EC7558DA68197] - (.Lime Wire, LLC - LimeWire.) -- C:\Program Files (x86)\LimeWire\LimeWire.exe   [503808] [PID.5036]
[MD5.3D853EA1CF42040D2E0123174797C81F] - (.Chicony - traybar.) -- C:\Program Files (x86)\Video Web Camera\traybar.exe   [630784] [PID.5044]
[MD5.94866E9A193120260840B2E3B551E434] - (.Chicony - Video Web Camera.) -- C:\Program Files (x86)\Video Web Camera\CEC_MAIN.exe   [2913792] [PID.4244]
[MD5.C7A9C4FDCEA704A34A5997FE0A8A0A38] - (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe   [1194504] [PID.4612]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe   [91432] [PID.1160]
[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254696] [PID.4000]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe   [49208] [PID.4308]
[MD5.6BCE4EB6C750C13494B92949856194F5] - (...) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\CANALPLUS-CANALSAT-ALADEMANDE.exe   [142336] [PID.1960]
[MD5.D7E9D46862A01652826B574229FB0E41] - (...) -- C:\Program Files (x86)\fst_fr_244\fst_fr_244.exe   [3980272] [PID.1644]  =>Adware.FreeSoftToday
[MD5.FA13092D81EB7005D6AE82F4B3A26BBD] - (...) -- C:\Program Files (x86)\fst_fr_287\fst_fr_287.exe   [3977184] [PID.5564]  =>Adware.FreeSoftToday
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe   [168960] [PID.3776]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe   [559104] [PID.228]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe   [362496] [PID.4884]
[MD5.5FA4401F37935D633B1379F2E98A19A8] - (...) -- C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock\FinderMacroSnapshot.exe   [226853] [PID.3304]
[MD5.746F1A728344AF3FDB0D46755CAFB518] - (...) -- C:\Windows\SysWOW64\mjcm\dnkt.exe   [646448] [PID.1088]
[MD5.71BBBCBC2B6023D0FABF81E1B653545A] - (.Adobe Systems Incorporated - Adobe Photoshop Elements (Editor).) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsEditor.exe   [41878880] [PID.8156]
[MD5.AC28D0B9E78B28AE11A66A6D79A3D9DE] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe   [275568] [PID.7200]
[MD5.EF02222FBA4D5BBA8B7A09AA37751BBC] - (...) -- C:\Program Files (x86)\ToggleMark\bin\ToggleMark.BrowserAdapter.exe   [96544] [PID.4472]
[MD5.3E278FB89EF5D9CA5FF02E34C86103BB] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe   [18544] [PID.7472]
[MD5.038053B5DB6B0DCFB32B7682334B7625] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe   [1863856] [PID.3508]
[MD5.3706CC0C7A9737CE7166164AC0BFE735] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8087040] [PID.6140]
[MD5.25FDF58009C2C666FE0A5BB7AA319447] - (.337 Technology Limited. - dsk service.) -- C:\Program Files (x86)\Desk 365\deskSvc.exe   [425008] [PID.1196]  =>Hijacker.22Find
[MD5.E91C669DB45EC0F1D18185A9B7006E44] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginService\PluginService.exe   [705136] [PID.1324]  =>PUP.IePluginService
[MD5.39531D54F2AFA4473BB4A97F64E99271] - (.Cherished Technololgy LIMITED - WPM Service.) -- C:\ProgramData\WPM\wprotectmanager.exe   [493568] [PID.1432]  =>PUP.WpManager
[MD5.6D9FC1E7EA3C548F4D3455F0C3FEEF8C] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) -- c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe   [169312] [PID.1708]
[MD5.F02A533F517EB38333CB12A9E8963773] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176] [PID.1868]
[MD5.A6B41F3044B2C099BBB5531CAA0551D5] - (.Canal+ Active - CanalPlus.VOD.Service.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe   [188416] [PID.1900]
[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe   [1150496] [PID.1544]
[MD5.70E3EB0CEF795D348F05E5A9B115F491] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe   [62720] [PID.2236]
[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe   [1320496] [PID.2300]
[MD5.B90A279073A815A4AA2C45A09EE004FA] - (.pdfforge GmbH - PDF Architect Conversion Service.) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe   [799280] [PID.2320]
[MD5.149304618AD1F9BB55811779E4467BC3] - (...) -- C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe   [188760] [PID.2700]  =>PUP.SweetIM
[MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe   [240160] [PID.2700]
[MD5.AFA67A2CD2283ECE9B812E610BB1D848] - (...) -- C:\Users\Audrey\AppData\Roaming\VOPackage\VOsrv.exe   [61456] [PID.2804]  =>Adware.Downware
[MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe   [109064] [PID.2828]  =>PUP.Wajam
[MD5.CF9826D1F1B7E48FE3CDB86A1F683CD5] - (...) -- C:\Program Files (x86)\WinRST\WinRST.exe   [59904] [PID.2916]  =>PUP.WinRST
[MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe   [354840] [PID.2968]
[MD5.7386369438B4CBB3F9713300711F32B1] - (...) -- C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock\ArchiveSoftwareWinsock.exe   [98340] [PID.1692]
[MD5.0CD18A9B522AA5342B2DA479293541F1] - (...) -- C:\Program Files (x86)\eDealsPop\eDealsPop.exe   [7168] [PID.2740]
[MD5.310D9480758FDCD3F4FEDAA575AB65C7] - (...) -- C:\Program Files (x86)\ToggleMark\updateToggleMark.exe   [323360] [PID.7304]
[MD5.310D9480758FDCD3F4FEDAA575AB65C7] - (...) -- C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe   [323360] [PID.3672]
[MD5.F76D04F7413B07DAA029F6520B64B4E8] - (.Macrovision Europe Ltd. - Activation Licensing Service.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe   [651720] [PID.8136]
~ Processes Running:  Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] tp://rts.dsrlte.com
G2 - GCE: Preference [User Data\Default] [cmkjneookggmljgfilgemfeefneiibdi] BlockAndSurf v.1.174.0.0 (Activé)  =>PUP.BlockAndSurf
G2 - GCE: Preference [User Data\Default] [gooamedlnddjgokhlnkgohghifdcnplp] BlockAndSurf v.1.174.0.0 (Activé)  =>PUP.BlockAndSurf
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] Analyse des liens (URL Advisor) v.12.0.0.477 (Désactivé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [fediheciachmpdophdiejahcjjjgkbif] suurfkeepit v.8.1 (Désactivé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] Clavier virtuel v.12.0.0.477 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.34 (Activé)  =>PUP.Wajam
G2 - GCE: Preference [User Data\Default] [kpjdjfkkmlgacmnenfhafmkldaogiglb] Feven Pro v.1.26.14, (Activé)  =>PUP.CrossRider
G2 - GCE: Preference [User Data\Default] [ldikpdnngdmeceeameoaannjilbjppnm] Plus-HD-3.5 v.1.26.111, (Activé)  =>Adware.PlusHD
G2 - GCE: Preference [User Data\Default] [ljgeaegabficmaccmdbfffoennakbiha] TiCToaCuOupOOn v.2.5 (Désactivé)
G2 - GCE: Preference [User Data\Default] [llnofjfijelilpjdibjjmldcpdenmbfh] Cleaner Facebook v.164 (Activé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nfeonecgpoepapkmdgdmjolonaakdknd] Lyrics Fan v.1.112 (Désactivé)  =>Adware.AddLyrics
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick start v.4.4.7, (Désactivé)  =>PUP.QuickStart
G2 - GCE: Preference [User Data\Default] [pflphaooapbgpeakohlggbpidpppgdff] MySearchDial v.9.4.24, (Activé)  =>Adware.MyWebSearch
G2 - GCE: Preference [User Data\Default] [pinnimcikdbhhfcgdmcdcbingagfgelm] LuCCkyoCCouupoNN v.1.0 (Désactivé)  =>PUP.LuckyCoupon
G2 - GCE: Preference [User Data\Default] [pjldcfjmnllhmgjclecdnfampinooman] Kaspersky Anti-banni00C300A8re v.12.0.0.374 (Désactivé)

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkjneookggmljgfilgemfeefneiibdi [BlockAndSurf]  =>PUP.BlockAndSurf
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gooamedlnddjgokhlnkgohghifdcnplp [BlockAndSurf]  =>PUP.BlockAndSurf
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [Analyse des liens (URL Advisor)]
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\fediheciachmpdophdiejahcjjjgkbif [suurfkeepit]
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [Clavier virtuel]
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [Wajam]  =>PUP.Wajam
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpjdjfkkmlgacmnenfhafmkldaogiglb [Feven Pro]  =>PUP.CrossRider
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldikpdnngdmeceeameoaannjilbjppnm [Plus-HD-3.5]  =>Adware.PlusHD
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljgeaegabficmaccmdbfffoennakbiha [TiCToaCuOupOOn]
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\llnofjfijelilpjdibjjmldcpdenmbfh [Cleaner Facebook]
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfeonecgpoepapkmdgdmjolonaakdknd [Lyrics Fan]  =>Adware.AddLyrics
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet]
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [Quick start]  =>PUP.QuickStart
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [MySearchDial]  =>Adware.MyWebSearch
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm [LuCCkyoCCouupoNN]  =>PUP.LuckyCoupon
G2 - EXT: C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [Kaspersky Anti-banni00C300A8re]
~ Google Lines Browser: 42 Scanned in 00mn 03s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\Audrey\prefs.js
C:\Users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\Audrey\user.js
M3 - MFPP: Plugins - [Audrey] -- C:\Users\Audrey\AppData\Roaming\Mozilla\Firefox\Profiles\Audrey\searchplugins\Mysearchdial.xml  =>Adware.MyWebSearch
M0 - MFSP: prefs.js [Audrey - Audrey] http://www.trovi.com  =>Hijacker.TroviCom
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - APIX Mozilla Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPAPIX.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - fluxDVD Browser Helper Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPFluxBrowserHelper.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - MPDRM License Acquisition Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPMPDRM.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - WMDRM License Acquisition Wrapper.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPWMDRMWrapper.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.9.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.9.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.9.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20513.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
P2 - FPN: [HKCU] [@facebook.com/FBPlugin,version=1.0.3] - (.Pas de propriétaire - Provides additional functionality on Facebook. See <a href="http://www.) -- C:\Users\Audrey\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll  =>.Facebook
~ Firefox Browser: 21 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com  =>Adware.IMBooster
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com  =>PUP.Awesomehp
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com  =>Adware.MyWebSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com  =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R3 - URLSearchHook: SiteFinder [64Bits] - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} . (.Site Finder - Site Finder Toolbar.) (1.0.0.0) -- C:\Program Files (x86)\SiteFinder\SiteFinder.dll  =>Adware.ShoppingReport
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 23 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>;*origin.com;*ea.com;*akamaihd.net  =>PUP.AkamaiHD
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:39998   =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 214



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer [64Bits] - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: CrossriderApp0037180 [64Bits] - {11111111-1111-1111-1111-110311711180} . (.Plus HD - Plus-HD-3.5 BHO.) -- C:\Program Files (x86)\Plus-HD-3.5\Plus-HD-3.5-bho.dll  =>PUP.CrossRider
O2 - BHO: iminent Helper Object [64Bits] - {112BA211-334C-4A90-90EC-2AD1CDAB287C} . (.Iminent - Pas de description.) -- C:\Program Files (x86)\IminentToolbar\1.8.28.3\bh\iminent.dll  =>Adware.IMBooster
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Download Manager Browser Helper Object [64Bits] - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} . (.Protect Software GmbH - Download Manager Helper.) -- C:\Program Files (x86)\Common Files\fluxDVD\Download Manager\XEBDLHelper.dll
O2 - BHO: IETabPage Class [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\SupTab\SupTab.dll  =>PUP.SupTab
O2 - BHO: PDF Architect Helper [64Bits] - {3A2D5EBA-F86D-4BD3-A177-019765996711} . (.pdfforge GmbH - PDF Architect Helper.) -- C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline
O2 - BHO: LuckyShoppeR [64Bits] - {74904F58-1176-7FB1-441C-5285E88CB94F} . (...) -- C:\ProgramData\LuckyShoppeR\D4.dll  =>PUP.LuckyShopper
O2 - BHO: (no name) [64Bits] - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Clé orpheline
O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.SIEN - Minibar.) -- C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll  =>PUP.Minibar
O2 - BHO: BlockAndSurf [64Bits] - {A3A24936-AE9E-3C21-9C0F-42BFD7FD8EE4} . (...) -- C:\Program Files (x86)\v01BlockAndSurf\174.dll  =>PUP.BlockAndSurf
O2 - BHO: Wajam IE BHO [64Bits] - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files (x86)\Wajam\IE\priam_bho.dll  =>PUP.Wajam
O2 - BHO: Lyrics Fan [64Bits] - {A8720491-9558-4C0D-9E35-30EED15DFB2B} . (.FAN Software - Lyrics Fan.) -- C:\Program Files (x86)\LyricsFan\lrcfan.dll  =>Adware.AddLyrics
O2 - BHO: QuuEenCoupon [64Bits] - {DB78C489-7731-6FFF-21E0-CDBC5602E895} . (...) -- C:\ProgramData\QuuEenCoupon\hC4GY.dll  =>PUP.QueenCoupon
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Updater By Sweetpacks Helper [64Bits] - {DEDAF650-12B8-48f5-A843-BBA100716106} . (...) -- C:\Program Files\Updater By Sweetpacks\Extension32.dll  =>PUP.SweetIM
O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll  =>PUP.SweetIM
O2 - BHO: mysearchdial Helper Object [64Bits] - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} . (.Ironsource Israel (2011) LTD - Pas de description.) -- C:\Program Files (x86)\Mysearchdial\1.8.21.0\bh\mysearchdial.dll  =>Adware.MyWebSearch
O2 - BHO: HP Smart BHO Class [64Bits] - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O2 - BHO: deal2dealliat [64Bits] - {70D8F4B6-CE22-A20E-F71C-8B6B9300DCF8} Clé orpheline  =>PUP.Deal2Dealit
O2 - BHO: (no name) [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Clé orpheline
~ BHO: 28 Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.awesomehp.com  =>PUP.Awesomehp
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com  =>PUP.Awesomehp
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com  =>PUP.Awesomehp
O4 - GS\QuickLaunch [Audrey]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.awesomehp.com  =>PUP.Awesomehp
O4 - GS\QuickLaunch [Audrey]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com  =>PUP.Awesomehp
O4 - GS\QuickLaunch [Audrey]: SpeedUpMyPC.lnk . (.Uniblue Systems Limited - Uniblue SpeedUpMyPC.)  -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe   =>PUP.SpeedUpMyPC
O4 - GS\TaskBar [Audrey]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com  =>PUP.Awesomehp
O4 - GS\SystemTools [Audrey]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com  =>PUP.Awesomehp
O4 - GS\SendTo [Audrey]: Desk 365.lnk . (.337 Technology Limited. - Desk 365 application.)  -- C:\Program Files (x86)\Desk 365\desk365.exe   =>Hijacker.22Find
O4 - GS\Desktop [Audrey]: Continue VuuPC Installation.lnk . (...)  -- C:\Users\Audrey\AppData\Local\Temp\ICReinstall_nsnC8CD.tmp  \RR (.not file.)  =>PUP.VuuPC
~ Global Startup: 11 Scanned in 00mn 03s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [Audrey]: genesis.lnk - Clé orpheline  =>PUP.Genesis
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe 
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe 
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe 
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe 
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe 
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKCU\..\Run: [Desk 365] . (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files (x86)\Desk 365\desk365.exe   =>Hijacker.22Find
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe   =>PUP.OptimizerPro
O4 - HKCU\..\Run: [Yahoo! Search] . (.Pay By Ads LTD - Pas de description.) -- C:\Users\Audrey\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe 
O4 - HKCU\..\Run: [BlockAndSurf] . (...) -- C:\Program Files (x86)\v01BlockAndSurf\BlockAndSurf.exe   =>PUP.BlockAndSurf
O4 - HKCU\..\Run: [lan] . (...) -- C:\Users\Audrey\chat-land\Chat-Landmessenger.jar   =>Hijacker.ChercheUS
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe 
O4 - HKLM\..\Wow6432Node\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files (x86)\Video Web Camera\traybar.exe 
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe 
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- c:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe   =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [CANAL+ CANALSAT A LA DEMANDE] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\Launcher.exe 
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [CanalPlayer] . (.Canal+ Distribution - CanalPlayer.exe.) -- C:\Program Files (x86)\Lecteur CANALPLAY\CanalPlayer.exe 
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe 
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_38] Clé orpheline   =>PUP.AgenceExclusive
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_244] . (...) -- C:\Program Files (x86)\fst_fr_244\fst_fr_244.exe   =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\Run: [eDealsPop] . (...) -- C:\Program Files (x86)\eDealsPop\eDealsPop.exe 
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_287] . (...) -- C:\Program Files (x86)\fst_fr_287\fst_fr_287.exe   =>Adware.FreeSoftToday
O4 - HKLM\..\Wow6432Node\RunOnce: [SPUpdSentinel] Clé orpheline 
O4 - HKLM\..\Wow6432Node\RunOnce: [upfst_fr_244.exe] . (...) -- C:\Users\Audrey\AppData\Local\fst_fr_244\upfst_fr_244.exe   =>Adware.FreeSoftToday
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\Run: [Desk 365] . (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files (x86)\Desk 365\desk365.exe   =>Hijacker.22Find
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe   =>PUP.OptimizerPro
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\Run: [Yahoo! Search] . (.Pay By Ads LTD - Pas de description.) -- C:\Users\Audrey\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.8.2\dsrlte.exe 
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\Run: [BlockAndSurf] . (...) -- C:\Program Files (x86)\v01BlockAndSurf\BlockAndSurf.exe   =>PUP.BlockAndSurf
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\Run: [lan] . (...) -- C:\Users\Audrey\chat-land\Chat-Landmessenger.jar   =>Hijacker.ChercheUS
O4 - HKUS\S-1-5-21-489699717-112529968-1088025083-1001\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe 
~ Application:  Scanned in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll  =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.canalplay.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E4793462-88C8-40B9-8987-4BAC3BFA73F5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6527EFA-5D62-4DB1-B43C-1C8BEE207311}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E4793462-88C8-40B9-8987-4BAC3BFA73F5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E6527EFA-5D62-4DB1-B43C-1C8BEE207311}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E4793462-88C8-40B9-8987-4BAC3BFA73F5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E6527EFA-5D62-4DB1-B43C-1C8BEE207311}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) -- 
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: 0580bc2010c6cb3cc1f4a298c3e08a5c.exe (0580bc2010c6cb3cc1f4a298c3e08a5c.exe) . (...) - C:\Users\Audrey\AppData\Local\0580bc2010c6cb3cc1f4a298c3e08a5c\0580bc2010c6cb3cc1f4a298c3e08a5c.exe (.not file.)
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe  =>.Adobe Systems Incorporated
O23 - Service: ArchiveSoftwareWinsock.exe (ArchiveSoftwareWinsock.exe) . (...) - C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock\ArchiveSoftwareWinsock.exe
O23 - Service: CanalPlus.VOD (CanalPlus.VOD) . (.Canal+ Active - CanalPlus.VOD.Service.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
O23 - Service: ClassCompilerMetafile.exe (ClassCompilerMetafile.exe) . (...) - C:\Users\Audrey\AppData\Local\737cb9b671dd9293a47dd49f27300c48\ClassCompilerMetafile.exe (.not file.)
O23 - Service: Desk 365 service (desksvc) . (.337 Technology Limited. - dsk service.) - C:\Program Files (x86)\Desk 365\deskSvc.exe  =>Hijacker.22Find
O23 - Service: e2731bae2e84854.exe (e2731bae2e84854.exe) . (...) - C:\Users\Audrey\AppData\Local\d4729c8bbf6e51b71760b3778fad0c06\e2731bae2e84854.exe (.not file.)
O23 - Service: Acer ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  =>.Google Inc
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service:  (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe  =>Adware.InstallBrain
O23 - Service: IePlugin Service (IePluginService) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginService\PluginService.exe  =>PUP.IePluginService
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: PDF Architect Helper Service (PDF Architect Helper Service) . (.pdfforge GmbH - PDF Architect Helper Service.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service (PDF Architect Service) . (.pdfforge GmbH - PDF Architect Conversion Service.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PirritDesktop (PirritDesktop) . (...) - C:\Users\Audrey\AppData\Local\PirritSuggestor\PirritService.exe (.not file.)  =>PUP.PirritSuggestor
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files (x86)\Common Files\Umbrella\Umbrella213.exe  =>Adware.IMBooster
O23 - Service: Update ToggleMark (Update ToggleMark) . (...) - C:\Program Files (x86)\ToggleMark\updateToggleMark.exe
O23 - Service: Updater By Sweetpacks (Updater By Sweetpacks) . (...) - C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe  =>PUP.SweetIM
O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: Util ToggleMark (Util ToggleMark) . (...) - C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe
O23 - Service: Service Component of VO (VOsrv) . (...) - C:\Users\Audrey\AppData\Roaming\VOPackage\VOsrv.exe  =>Adware.Downware
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe  =>PUP.Wajam
O23 - Service: WinkHandler (WinkHandler) . (...) - C:\Program Files (x86)\Iminent\WinkHandler.exe  =>Adware.IMBooster
O23 - Service: WinRST (WinRST) . (...) - C:\Program Files (x86)\WinRST\WinRST.exe  =>PUP.WinRST
O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe  =>PUP.WpManager
~ Services: 24 Scanned in 00mn 10s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe   [136176]
[MD5.00000000000000000000000000000000] [APT] [{7CBE5BB0-6EFA-4D24-8CB1-706673792E9F}] (...) -- E:\installprogress.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C94B7B7E-32ED-4F40-8629-8D4500725064}] (...) -- C:\Program Files (x86)\Widestream6\WideStream.exe (.not file.)   [0]  =>Adware.SPointer
[MD5.00000000000000000000000000000000] [APT] [{D7300C81-68CA-412F-B5D1-C47AB16986B9}] (...) -- C:\Program Files\Alwil Software\Avast5\aswRundll.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (...) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (.not file.)   [0]
O39 - APT:  - (..) -- C:\Windows\Tasks\BlockAndSurf Update.job   [424]  =>PUP.BlockAndSurf
O39 - APT:  - (..) -- C:\Windows\Tasks\BlockAndSurf_wd.job   [402]  =>PUP.BlockAndSurf
O39 - APT:  - (..) -- C:\Windows\Tasks\Feven Pro-chromeinstaller.job   [3086]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\Tasks\Feven Pro-firefoxinstaller.job   [2254]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce16eddf1d961.job   [1066]
O39 - APT:  - (..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6e0dc87a746d.job   [1066]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1068]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1068]
O39 - APT:  - (..) -- C:\Windows\Tasks\Plus-HD-3.5-chromeinstaller.job   [1908]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\Tasks\Plus-HD-3.5-codedownloader.job   [1200]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\Tasks\Plus-HD-3.5-enabler.job   [1100]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\Tasks\Plus-HD-3.5-firefoxinstaller.job   [1832]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\Tasks\Plus-HD-3.5-updater.job   [1298]  =>PUP.CrossRider
O39 - APT:  - (..) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job   [914]
O39 - APT:  - (..) -- C:\Windows\Tasks\SpeedUpMyPC Maintenance.job   [232]  =>PUP.SpeedUpMyPC
O39 - APT:  - (..) -- C:\Windows\Tasks\SpeedUpMyPC Startup.job   [226]  =>PUP.SpeedUpMyPC
~ Scheduled Task: 22 Scanned in 00mn 07s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll  =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe  =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll  =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver:  ({9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64.sys  =>PUP.LinkiDoo
O41 - Driver:  ({af16abf4-eac1-49b4-93fc-58f6ca799135}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}w64.sys  =>PUP.LinkiDoo
O41 - Driver:  ({ba099a85-e825-4802-83e7-d386a5b4a734}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{ba099a85-e825-4802-83e7-d386a5b4a734}w64.sys  =>PUP.LinkiDoo
O41 - Driver:  (kl2) . (. - .) - C:\Windows\System32\DRIVERS\kl2.sys (.not file.)
O41 - Driver:  (KLIF) . (. - .) - C:\Windows\System32\DRIVERS\klif.sys (.not file.)
O41 - Driver:  (KLIM6) . (. - .) - C:\Windows\System32\DRIVERS\klim6.sys (.not file.)
~ Drivers: 72 Scanned in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {FF21C3E6-97FD-474F-9518-8DCBE94C2854}
O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 13 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Photoshop Elements 7  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5511C07D-A83C-45AD-92B6-42DF99729A3C}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {CB6075D9-F912-40AE-BEA6-E590DA24F16B}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Reader 9.5.5 MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: Amazonia - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Backup Manager Basic - (.NewTech Infosystems.) [HKLM][64Bits] -- {72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: BlockAndSurf - (.BlockAndSurf-software.) [HKLM][64Bits] -- EE23210E-F588-A06F-CCE1-3B48D7F4EF69  =>PUP.BlockAndSurf
O42 - Logiciel: Buzzdock - (.Alactro LLC.) [HKLM][64Bits] -- {ac225167-00fc-452d-94c5-bb93600e7d9a}
O42 - Logiciel: CANAL+ CANALSAT A LA DEMANDE - (.CanalPlus.) [HKLM][64Bits] -- {04DA096D-6236-4A5D-8FB6-3081E67009BA}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: Chicken Invaders 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}
O42 - Logiciel: Comptes - (...) [HKLM][64Bits] -- ST6UNST #1
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: CopyTrans Suite désinstallation uniquement - (.WindSolutions.) [HKCU][64Bits] -- CopyTrans Suite
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Desk 365 - (.337 Technology Limited..) [HKLM][64Bits] -- Desk 365  =>Hijacker.22Find
O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}
O42 - Logiciel: Facebook Plug-In - (.Facebook, Inc..) [HKCU][64Bits] -- Facebook Plug-In
O42 - Logiciel: Farm Frenzy 2 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}
O42 - Logiciel: Feven Pro - (.Feven.) [HKLM][64Bits] -- Feven Pro  =>PUP.CrossRider
O42 - Logiciel: FreeSoftToday 001.287 - (.FrEeSoFtOdAy.) [HKLM][64Bits] -- FreeSoftToday_is1  =>Adware.FreeSoftToday
O42 - Logiciel: Genesis - (...) [HKCU][64Bits] -- genesis  =>PUP.Genesis
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}
O42 - Logiciel: GotClip Downloader - (...) [HKLM][64Bits] -- GotClip
O42 - Logiciel: Granny In Paradise - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}
O42 - Logiciel: Grasvue - (...) [HKLM][64Bits] -- Grasvue
O42 - Logiciel: HP Customer Participation Program 13.0 - (.HP.) [HKLM][64Bits] -- HPExtendedCapabilities
O42 - Logiciel: HP Imaging Device Functions 13.0 - (.HP.) [HKLM][64Bits] -- HP Imaging Device Functions
O42 - Logiciel: HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 - (.HP.) [HKLM][64Bits] -- {AA6F009F-0CCD-4DD6-A462-28419C101D54}  =>.Hewlett-Packard Co
O42 - Logiciel: HP Photosmart Essential 3.5 - (.HP.) [HKLM][64Bits] -- HP Photosmart Essential  =>.Hewlett-Packard Co
O42 - Logiciel: HP Smart Web Printing 4.51 - (.HP.) [HKLM][64Bits] -- HP Smart Web Printing
O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM][64Bits] -- HP Solution Center & Imaging Support Tools
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {97486FBE-A3FC-4783-8D55-EA37E9D171CC}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM][64Bits] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
O42 - Logiciel: Heroes of Hellas - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}
O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: IePluginService12.27.0.3326 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- IePlugins  =>PUP.IePluginService
O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- IMBoosterARP  =>Adware.IMBooster
O42 - Logiciel: Iminent Toolbar on IE and Chrome - (.IminentToolbar.) [HKLM][64Bits] -- iminent  =>Adware.IMBooster
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Internet Explorer Toolbar 4.9 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}  =>PUP.SweetIM
O42 - Logiciel: Java 7 Update 9 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417009FF}
O42 - Logiciel: Java(TM) 6 Update 26 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: Launch Manager - (.Packard Bell.) [HKLM][64Bits] -- LManager
O42 - Logiciel: Lecteur CANALPLAY 2.6 - (.Canal+ Distribution.) [HKLM][64Bits] -- {E9E37358-E3E1-47BA-9E21-375EF3616BC9}
O42 - Logiciel: LimeWire 5.5.16 - (.Lime Wire, LLC.) [HKLM][64Bits] -- LimeWire
O42 - Logiciel: LuckyShoppeR - (.LucKyShoppiEr.) [HKLM][64Bits] -- {AE9B04F2-E9E8-162C-829B-52C116B3EFCC}  =>PUP.LuckyShopper
O42 - Logiciel: Lyrics Fan - (.FAN Software.) [HKLM][64Bits] -- lrcfan@fansoft.br  =>Adware.AddLyrics
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: MaxiCompte - (.EuroSoft Software Development.) [HKLM][64Bits] -- MaxiCompte 3.17_is1
O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}
O42 - Logiciel: Metaboli - (.Packard Bell.) [HKLM][64Bits] -- Metaboli
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}
O42 - Logiciel: Mozilla Firefox 32.0 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 32.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mysearchdial - (.Mysearchdial.) [HKLM][64Bits] -- mysearchdial  =>Adware.MyWebSearch
O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {8ed5c8a6-2aee-40dd-8df4-26cd57921222}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}
O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {f4041dce-3fe1-4e18-8a9e-9de65231ee36}
O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}
O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {cc019e3f-59d2-4486-8d4b-878105b62a71}
O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}
O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {e5c7d048-f9b4-4219-b323-8bdb01a2563d}
O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84b3-4c50-8622-b8c0aa2d2885}
O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}
O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400dbd-e6db-45b8-9b6b-1dd7033818ec}
O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}
O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {dba84796-8503-4ff0-af57-1747dd9a166d}
O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}
O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348b586-c9ae-46ce-936c-a68e9426e214}
O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM][64Bits] -- {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}
O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}
O42 - Logiciel: Optimizer Pro v3.2 - (...) [HKLM][64Bits] -- Optimizer Pro_is1  =>PUP.OptimizerPro
O42 - Logiciel: PDF Architect - (.pdfforge GmbH.) [HKLM][64Bits] -- {064A929A-4DE8-40CF-A901-BD40C14E4D25}
O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Packard Bell GameZone Console - (.Oberon Media, Inc..) [HKLM][64Bits] -- {9242564e-02e9-4ea8-9d2d-351f6f728e1c}_is1
O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell InfoCentre
O42 - Logiciel: Packard Bell MyBackup - (.NewTech Infosystems.) [HKLM][64Bits] -- InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}
O42 - Logiciel: Packard Bell Power Management - (.Packard Bell.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Registration
O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: PackardBell ScreenSaver - (.PackardBell.) [HKLM][64Bits] -- PackardBell Screensaver
O42 - Logiciel: PerfectTablePlan 4.2.6 - (.Oryx Digital Ltd.) [HKLM][64Bits] -- {E845BCFF-C327-42AD-B839-A644D5E94A26}_is1
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3
O42 - Logiciel: Plus-HD-3.5 - (.Plus HD.) [HKLM][64Bits] -- Plus-HD-3.5  =>Adware.PlusHD
O42 - Logiciel: Quick Zip 5.1 - (.Quick Zip Dev.) [HKLM][64Bits] -- {87AF4C0E-D953-424B-8108-3127CA217E6F}
O42 - Logiciel: QuuEenCoupon - (.QuEEEnCouoponn.) [HKLM][64Bits] -- {3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}  =>PUP.QueenCoupon
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: Remote Mouse Server version 1.05 - (.Remote Mouse Server.) [HKLM][64Bits] -- {F34EE6D2-9356-4294-B3B3-AE04428C8C43}_is1
O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM][64Bits] -- Shop for HP Supplies
O42 - Logiciel: SiteFinder - (.SiteFinder.) [HKLM][64Bits] -- SiteFinder  =>Adware.ShoppingReport
O42 - Logiciel: Skype™ 6.16 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: Softwarenetz Agenda2 - (...) [HKLM][64Bits] -- Terminkalender2
O42 - Logiciel: SpeedUpMyPC - (.Uniblue Systems Limited.) [HKLM][64Bits] -- {E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1  =>PUP.SpeedUpMyPC
O42 - Logiciel: Star Defender 4 - (.Oberon Media.) [HKLM][64Bits] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}
O42 - Logiciel: SupTab - (...) [HKLM][64Bits] -- SupTab  =>PUP.SupTab
O42 - Logiciel: SweetPacks Updater Service - (...) [HKLM][64Bits] -- WNLT  =>PUP.SweetIM
O42 - Logiciel: ToggleMark - (.ToggleMark.) [HKLM][64Bits] -- ToggleMark
O42 - Logiciel: Updater By Sweetpacks 2.0.0.605 - (.Sweetpacks.) [HKLM][64Bits] -- {DEDAF650-12B8-48f5-A843-BBA100716106}_is1  =>PUP.SweetIM
O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player  =>.VideoLAN
O42 - Logiciel: VO Package - (...) [HKLM][64Bits] -- VOPackage  =>Adware.Downware
O42 - Logiciel: Video Web Camera - (.Chicony Electronics Co.,Ltd..) [HKLM][64Bits] -- {12A1B519-5934-4508-ADBD-335347B0DC87}
O42 - Logiciel: VirtualDJ Home FREE - (.Atomix Productions.) [HKLM][64Bits] -- {B515962D-C979-44AC-9912-F7BB499B4B2C}
O42 - Logiciel: Vodafone Mobile Connect Lite Runtime Components - (.Vodafone.) [HKLM][64Bits] -- {CFA76A76-03CF-43AC-AAB4-E2E3DACE4E02}
O42 - Logiciel: WPM17.8.0.3325 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- WPM  =>PUP.WpManager
O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam  =>PUP.Wajam
O42 - Logiciel: Watermark Software - (.Watermark Software. All Rights Reserved..) [HKCU][64Bits] -- WatermarkSoftware
O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM][64Bits] -- Packard Bell Welcome Center
O42 - Logiciel: WinGrosMaigre - (...) [HKLM][64Bits] -- WinGrosMaigre
O42 - Logiciel: WinRAR 4.01 (64 bits) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: WinSCP 4.3.4 - (.Martin Prikryl.) [HKLM][64Bits] -- winscp3_is1
O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}  =>.Microsoft Corporation
O42 - Logiciel: Yahoo! Search - (.Pay-By-Ads.) [HKCU][64Bits] -- Yahoo! Search
O42 - Logiciel: deal2dealliat - (.deAla2dEallit.) [HKLM][64Bits] -- {D831E399-50FE-84AE-F5F7-0A63AC282464}  =>PUP.Deal2Dealit
O42 - Logiciel: eDealsPop version 1.0 - (.eDealsPop.) [HKLM][64Bits] -- eDealsPop_is1
O42 - Logiciel: fst_fr_244 - (.FREE_SOFTTODAY.) [HKLM][64Bits] -- fst_fr_244_is1  =>Adware.FreeSoftToday
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
~ Logic: 93 Scanned in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\Acer]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Software\BlockAndSurf]  =>PUP.BlockAndSurf
[HKCU\Software\AppDataLow\Software\Crossrider]  =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\LyricsFan]  =>Adware.AddLyrics
[HKCU\Software\AppDataLow\Software\Plus-HD-3.5]  =>Adware.PlusHD
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BabSolution]  =>Hijacker.BabSolution
[HKCU\Software\BrowserTemp]
[HKCU\Software\CEC_CM_SW]
[HKCU\Software\Canal+ Active]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\DataMngr]  =>PUP.Datamngr
[HKCU\Software\Dnldstr_Aggregator]
[HKCU\Software\EuroSoft Software Development]
[HKCU\Software\Genesis]  =>PUP.Genesis
[HKCU\Software\Google]
[HKCU\Software\GotClip Downloader]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IminentToolbar]  =>Adware.IMBooster
[HKCU\Software\Iminent]  =>Adware.IMBooster
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore]  =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions]  =>Adware.VidSaver
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Magnet]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Martin Prikryl]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\OB]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Oberon Media]
[HKCU\Software\OpenXML-ODF Translator]
[HKCU\Software\Optimizer Pro]  =>PUP.OptimizerPro
[HKCU\Software\OryxDigital]
[HKCU\Software\PDF Architect]
[HKCU\Software\PDFCreator]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Pvm]
[HKCU\Software\Qtrax]  =>P2P.Qtrax
[HKCU\Software\Quick Zip Dev]
[HKCU\Software\SearchProtectINT2]  =>PUP.SearchProtect
[HKCU\Software\Skype]
[HKCU\Software\Softonic]  =>Toolbar.Conduit
[HKCU\Software\SoftwareNetz]
[HKCU\Software\Software]
[HKCU\Software\SweetIM]  =>PUP.SweetIM
[HKCU\Software\TeleCharger]
[HKCU\Software\ToggleMark]
[HKCU\Software\Trolltech]
[HKCU\Software\TutoTag]  =>PUP.AgenceExclusive
[HKCU\Software\Tutorials]  =>PUP.AgenceExclusive
[HKCU\Software\UpdateStar]  =>Adware.Boxore
[HKCU\Software\VirtualDJ]
[HKCU\Software\Vodafone]
[HKCU\Software\WNLT]  =>Adware.IncrediBar
[HKCU\Software\Wajam]  =>PUP.Wajam
[HKCU\Software\WinGrosMaigre]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\WinkHandler]  =>Adware.IMBooster
[HKCU\Software\Wistron]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\adobe]
[HKCU\Software\fluxDVD]
[HKCU\Software\freesofttoday]  =>Adware.FreeSoftToday
[HKCU\Software\keyhole.com]
[HKCU\Software\mysearchdial]  =>Adware.MyWebSearch
[HKCU\Software\yahooinstall]
[HKLM\Software\<company>]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer]
[HKLM\Software\Alps]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Audible]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conexant Systems Inc  ]
[HKLM\Software\Conexant]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\IM Providers]
[HKLM\Software\Iminent]  =>Adware.IMBooster
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Macromedia]
[HKLM\Software\Martin Prikryl]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Pirrit]  =>PUP.PirritSuggestor
[HKLM\Software\Policies]
[HKLM\Software\RST]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SI-App]
[HKLM\Software\Sonic]
[HKLM\Software\Updater By Sweetpacks]  =>PUP.SweetIM
[HKLM\Software\Upt]
[HKLM\Software\Volatile]
[HKLM\Software\WNLT]  =>Adware.IncrediBar
[HKLM\Software\WinRAR]
[HKLM\Software\WinUpd]
[HKLM\Software\Wow6432Node\ALWIL Software]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Audible]
[HKLM\Software\Wow6432Node\Babylon]  =>PUP.Babylon
[HKLM\Software\Wow6432Node\Canal+ Active]
[HKLM\Software\Wow6432Node\Chicony Electronics Co.,Ltd.]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]  =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Digital River]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\FREE_SOFTTODAY]  =>Adware.FreeSoftToday
[HKLM\Software\Wow6432Node\FrEeSoFtOdAy]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HP]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\IePlugin]
[HKLM\Software\Wow6432Node\IminentToolbar]  =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent]  =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallCore]  =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\Martin Prikryl]
[HKLM\Software\Wow6432Node\McAfee.com]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\PDFCreator]
[HKLM\Software\Wow6432Node\Packard Bell]
[HKLM\Software\Wow6432Node\Pirrit Solutions]  =>PUP.PirritSuggestor
[HKLM\Software\Wow6432Node\Pirrit]  =>PUP.PirritSuggestor
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RST]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\SI-App]
[HKLM\Software\Wow6432Node\Safer Networking Limited]
[HKLM\Software\Wow6432Node\SecureDigitalServices]
[HKLM\Software\Wow6432Node\SimplyGen]  =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Solutions]
[HKLM\Software\Wow6432Node\Sonic]
[HKLM\Software\Wow6432Node\SweetIM]  =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\ToggleMark]
[HKLM\Software\Wow6432Node\Tutorials]  =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\Umbrella]
[HKLM\Software\Wow6432Node\Uniblue]
[HKLM\Software\Wow6432Node\Updater By Sweetpacks]  =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Upt]
[HKLM\Software\Wow6432Node\V9]
[HKLM\Software\Wow6432Node\VirtualDJ]
[HKLM\Software\Wow6432Node\Vodafone]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WinUpd]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Wistron]
[HKLM\Software\Wow6432Node\Wpm]  =>PUP.WpManager
[HKLM\Software\Wow6432Node\awesomehpSoftware]  =>PUP.Awesomehp
[HKLM\Software\Wow6432Node\deskSvc]  =>Hijacker.22Find
[HKLM\Software\Wow6432Node\hdcode]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\mpDRM]
[HKLM\Software\Wow6432Node\supTab]  =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM]  =>PUP.WpManager
[HKLM\Software\Wow6432Node]
~ Key Software: 458 Scanned in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/06/2014 - 13:49:33 - [] ----D C:\Program Files (x86)\-BlockAndSurfS  =>PUP.BlockAndSurf
O43 - CFD: 25/05/2013 - 16:16:05 - [] ----D C:\Program Files (x86)\3DVIA
O43 - CFD: 03/11/2009 - 06:20:29 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 05/05/2012 - 17:02:46 - [] ----D C:\Program Files (x86)\Canal+
O43 - CFD: 10/06/2014 - 10:16:27 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 03/11/2009 - 06:14:11 - [] ----D C:\Program Files (x86)\CyberLink
O43 - CFD: 08/08/2014 - 13:51:46 - [] ----D C:\Program Files (x86)\Desk 365  =>Hijacker.22Find
O43 - CFD: 24/07/2014 - 21:02:29 - [] ----D C:\Program Files (x86)\eDealsPop
O43 - CFD: 21/02/2014 - 09:53:31 - [] ----D C:\Program Files (x86)\Feven Pro  =>PUP.CrossRider
O43 - CFD: 02/06/2013 - 18:54:07 - [0] ----D C:\Program Files (x86)\FindLyrics  =>Adware.AddLyrics
O43 - CFD: 24/06/2014 - 13:47:17 - [] ----D C:\Program Files (x86)\fst_fr_244  =>Adware.FreeSoftToday
O43 - CFD: 08/07/2014 - 16:07:25 - [] ----D C:\Program Files (x86)\fst_fr_287  =>Adware.FreeSoftToday
O43 - CFD: 14/12/2013 - 09:40:52 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 11/11/2011 - 11:24:59 - [] ----D C:\Program Files (x86)\GotClip
O43 - CFD: 21/06/2012 - 17:49:36 - [] ----D C:\Program Files (x86)\HP
O43 - CFD: 01/04/2014 - 20:34:08 - [] ---AD C:\Program Files (x86)\Iminent  =>Adware.IMBooster
O43 - CFD: 01/04/2014 - 20:34:11 - [] ----D C:\Program Files (x86)\IminentToolbar  =>Adware.IMBooster
O43 - CFD: 28/09/2012 - 21:44:15 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 16/08/2009 - 07:45:39 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 18/12/2011 - 11:27:12 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 26/07/2011 - 08:29:05 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 03/11/2009 - 06:12:40 - [] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 11/10/2012 - 20:17:23 - [] ----D C:\Program Files (x86)\Lecteur CANALPLAY
O43 - CFD: 04/07/2012 - 14:57:41 - [] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 02/06/2013 - 12:04:15 - [] ----D C:\Program Files (x86)\LyricsFan  =>Adware.AddLyrics
O43 - CFD: 15/05/2013 - 10:19:28 - [] ----D C:\Program Files (x86)\MaxiCompte 3
O43 - CFD: 22/06/2012 - 14:19:55 - [] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 07/07/2011 - 14:22:26 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 22/08/2009 - 08:04:37 - [] ----D C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
O43 - CFD: 19/09/2013 - 09:36:41 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 03/11/2009 - 06:25:00 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 03/11/2009 - 06:17:42 - [] ----D C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 19/12/2010 - 11:12:48 - [] ----D C:\Program Files (x86)\Microsoft Works
O43 - CFD: 02/11/2010 - 09:44:56 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 23/01/2014 - 15:00:03 - [] ----D C:\Program Files (x86)\Movie Maker 2.6
O43 - CFD: 06/08/2014 - 11:01:04 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 25/07/2014 - 16:02:26 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 20/01/2010 - 22:56:30 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 20/11/2013 - 19:54:41 - [] ----D C:\Program Files (x86)\Mysearchdial  =>Adware.MyWebSearch
O43 - CFD: 16/08/2009 - 08:00:40 - [] ----D C:\Program Files (x86)\Nero
O43 - CFD: 22/08/2009 - 08:23:52 - [] ----D C:\Program Files (x86)\NewTech Infosystems
O43 - CFD: 17/11/2010 - 18:24:12 - [] ----D C:\Program Files (x86)\OpenXML-ODF Translator
O43 - CFD: 15/06/2014 - 21:03:46 - [] ----D C:\Program Files (x86)\Optimizer Pro  =>PUP.OptimizerPro
O43 - CFD: 19/01/2010 - 20:17:32 - [] ----D C:\Program Files (x86)\Packard Bell
O43 - CFD: 22/08/2009 - 08:18:08 - [] ----D C:\Program Files (x86)\Packard Bell GameZone
O43 - CFD: 18/03/2014 - 17:07:43 - [] ----D C:\Program Files (x86)\PDF Architect
O43 - CFD: 14/05/2014 - 11:50:54 - [] ----D C:\Program Files (x86)\PDFCreator
O43 - CFD: 01/04/2014 - 20:33:39 - [] ----D C:\Program Files (x86)\PerfectTablePlan
O43 - CFD: 20/11/2013 - 20:00:47 - [] ----D C:\Program Files (x86)\Plus-HD-3.5  =>Adware.PlusHD
O43 - CFD: 28/01/2010 - 18:08:35 - [] ----D C:\Program Files (x86)\Pvm
O43 - CFD: 17/11/2010 - 18:39:49 - [] ----D C:\Program Files (x86)\QuickZip
O43 - CFD: 16/08/2009 - 07:46:13 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 03/09/2011 - 21:40:30 - [] ----D C:\Program Files (x86)\Remote Mouse Server
O43 - CFD: 01/04/2014 - 20:34:47 - [] ----D C:\Program Files (x86)\SiteFinder  =>Adware.ShoppingReport
O43 - CFD: 10/06/2014 - 10:16:27 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 21/02/2014 - 09:53:33 - [] ----D C:\Program Files (x86)\Software
O43 - CFD: 22/06/2012 - 11:12:47 - [] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 02/05/2014 - 11:44:24 - [] ----D C:\Program Files (x86)\SupTab  =>PUP.SupTab
O43 - CFD: 20/11/2013 - 20:01:38 - [] ----D C:\Program Files (x86)\SweetIM  =>PUP.SweetIM
O43 - CFD: 06/08/2014 - 10:41:39 - [] ----D C:\Program Files (x86)\ToggleMark
O43 - CFD: 21/02/2014 - 09:52:38 - [] ----D C:\Program Files (x86)\Uniblue
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 08/07/2014 - 16:08:25 - [] ----D C:\Program Files (x86)\v01BlockAndSurf  =>PUP.BlockAndSurf
O43 - CFD: 03/11/2009 - 06:11:47 - [] ----D C:\Program Files (x86)\Video Web Camera
O43 - CFD: 25/01/2013 - 21:46:03 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 26/01/2013 - 15:03:00 - [] ----D C:\Program Files (x86)\VirtualDJ
O43 - CFD: 22/02/2010 - 20:04:46 - [] ----D C:\Program Files (x86)\Vodafone
O43 - CFD: 21/02/2014 - 11:08:10 - [] ----D C:\Program Files (x86)\Wajam  =>PUP.Wajam
O43 - CFD: 03/11/2009 - 14:58:15 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 08/11/2011 - 15:28:59 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 15/03/2011 - 23:38:00 - [] ----D C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Mail  =>.Microsoft Corporation
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Media Player  =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 07/07/2011 - 17:05:56 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 09/06/2011 - 09:51:03 - [] ----D C:\Program Files (x86)\WinGrosMaigre
O43 - CFD: 05/05/2014 - 15:50:35 - [] ----D C:\Program Files (x86)\WinRST  =>PUP.WinRST
O43 - CFD: 23/08/2011 - 16:22:36 - [] ----D C:\Program Files (x86)\WinSCP
O43 - CFD: 07/08/2014 - 23:30:31 - [] ----D C:\Program Files (x86)\ZHPDiag  =>.Nicolas Coolman
O43 - CFD: 19/01/2010 - 13:51:29 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 22/08/2009 - 09:49:58 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 09/10/2013 - 17:47:44 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 03/11/2009 - 06:14:11 - [] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 22/08/2009 - 08:00:39 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 01/10/2012 - 16:39:24 - [] ----D C:\Program Files (x86)\Common Files\fluxDVD
O43 - CFD: 08/03/2010 - 16:55:04 - [] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 08/03/2010 - 16:54:30 - [] ----D C:\Program Files (x86)\Common Files\HP
O43 - CFD: 28/09/2012 - 21:43:45 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/07/2011 - 08:29:40 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 03/11/2009 - 06:21:47 - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 17/03/2012 - 14:09:43 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 28/09/2012 - 21:50:40 - [] ----D C:\Program Files (x86)\Common Files\mpDRM
O43 - CFD: 16/08/2009 - 08:02:42 - [] ----D C:\Program Files (x86)\Common Files\Nero
O43 - CFD: 22/08/2009 - 08:07:46 - [] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 03/11/2009 - 06:21:25 - [] ----D C:\Program Files (x86)\Common Files\PX Storage Engine
O43 - CFD: 22/08/2009 - 09:50:18 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 10/06/2014 - 10:16:27 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 03/11/2009 - 06:21:25 - [] ----D C:\Program Files (x86)\Common Files\Sonic Shared
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 16/03/2012 - 08:42:26 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 07/08/2014 - 18:14:41 - [] ----D C:\Program Files (x86)\Common Files\Umbrella
O43 - CFD: 03/11/2009 - 06:23:01 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 22/02/2010 - 20:04:54 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 09/10/2013 - 16:00:27 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 15/06/2014 - 21:19:15 - [0] ----D C:\ProgramData\374311380
O43 - CFD: 09/06/2014 - 20:22:17 - [] ----D C:\ProgramData\8381b5be430a9343
O43 - CFD: 28/05/2013 - 17:25:16 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 22/03/2010 - 19:47:38 - [] ----D C:\ProgramData\Alwil Software
O43 - CFD: 18/08/2011 - 11:45:13 - [] ----D C:\ProgramData\Apple
O43 - CFD: 10/01/2013 - 19:32:11 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 15/02/2011 - 13:19:04 - [] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 07/08/2014 - 23:22:11 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 02/06/2013 - 11:43:42 - [0] ----D C:\ProgramData\Babylon  =>PUP.Babylon
O43 - CFD: 22/08/2009 - 08:24:05 - [] ----D C:\ProgramData\BackupManager
O43 - CFD: 19/06/2012 - 18:49:25 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 19/01/2010 - 20:17:06 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 12/01/2012 - 22:42:40 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 26/05/2014 - 06:33:43 - [] ----D C:\ProgramData\deal2dealliat  =>PUP.Deal2Dealit
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 10/11/2011 - 10:46:53 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 19/01/2010 - 20:17:06 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 16/02/2012 - 17:38:31 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 28/09/2012 - 21:50:35 - [] ----D C:\ProgramData\fluxDVD
O43 - CFD: 21/06/2012 - 16:44:16 - [] ----D C:\ProgramData\Google
O43 - CFD: 23/05/2013 - 15:46:23 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 23/05/2013 - 14:37:41 - [] ----D C:\ProgramData\HP
O43 - CFD: 08/03/2010 - 16:55:58 - [] ----D C:\ProgramData\HP Product Assistant
O43 - CFD: 23/05/2013 - 14:36:52 - [] ----D C:\ProgramData\HPSSUPPLY
O43 - CFD: 02/05/2014 - 11:44:22 - [] ----D C:\ProgramData\IePluginService  =>PUP.IePluginService
O43 - CFD: 19/11/2011 - 16:20:56 - [] ----D C:\ProgramData\InstallMate  =>PUP.Tarma
O43 - CFD: 07/08/2014 - 23:20:04 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 03/06/2014 - 10:15:41 - [] ----D C:\ProgramData\LuckyShoppeR  =>PUP.LuckyShopper
O43 - CFD: 22/06/2012 - 11:16:27 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 28/11/2012 - 19:15:02 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 19/01/2010 - 20:17:06 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 08/08/2014 - 12:10:38 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 10/05/2012 - 08:08:40 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 19/01/2010 - 20:17:06 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 12/06/2012 - 08:15:34 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 28/09/2012 - 21:50:40 - [] ----D C:\ProgramData\mpDRM
O43 - CFD: 16/08/2009 - 07:59:30 - [] ----D C:\ProgramData\Nero
O43 - CFD: 11/07/2011 - 10:40:46 - [] ----D C:\ProgramData\Norton
O43 - CFD: 16/08/2009 - 07:53:24 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 03/11/2009 - 06:15:49 - [] ----D C:\ProgramData\OEM
O43 - CFD: 16/08/2009 - 08:10:22 - [] ----D C:\ProgramData\Packard Bell
O43 - CFD: 13/02/2011 - 10:19:06 - [] ----D C:\ProgramData\Partner
O43 - CFD: 19/11/2011 - 16:19:19 - [] ----D C:\ProgramData\Premium
O43 - CFD: 04/06/2014 - 15:45:01 - [] ----D C:\ProgramData\QuuEenCoupon  =>PUP.QueenCoupon
O43 - CFD: 10/06/2014 - 10:16:05 - [] ----D C:\ProgramData\Skype
O43 - CFD: 22/06/2012 - 11:12:47 - [] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 04/05/2010 - 21:45:09 - [] ----D C:\ProgramData\Sun
O43 - CFD: 15/06/2014 - 20:59:46 - [] ---AD C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 08/03/2010 - 17:13:06 - [] ----D C:\ProgramData\WEBREG
O43 - CFD: 09/10/2013 - 16:32:13 - [] ----D C:\ProgramData\WindSolutions
O43 - CFD: 15/03/2011 - 13:04:40 - [0] ----D C:\ProgramData\WinZip
O43 - CFD: 21/02/2014 - 09:52:55 - [] ----D C:\ProgramData\WPM  =>PUP.WpManager
O43 - CFD: 12/08/2010 - 18:05:22 - [] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 19/01/2011 - 11:34:00 - [0] -SH-D C:\Users\Audrey\AppData\Roaming\.#
O43 - CFD: 08/08/2014 - 11:57:15 - [] ----D C:\Users\Audrey\AppData\Roaming\Adobe
O43 - CFD: 22/06/2012 - 16:38:21 - [] ----D C:\Users\Audrey\AppData\Roaming\Apple Computer
O43 - CFD: 21/02/2014 - 09:52:11 - [] ----D C:\Users\Audrey\AppData\Roaming\awesomehp  =>PUP.Awesomehp
O43 - CFD: 22/01/2014 - 18:02:52 - [] ----D C:\Users\Audrey\AppData\Roaming\BabSolution  =>Hijacker.BabSolution
O43 - CFD: 02/06/2013 - 11:43:41 - [] ----D C:\Users\Audrey\AppData\Roaming\Babylon  =>PUP.Babylon
O43 - CFD: 22/02/2010 - 22:24:38 - [] ----D C:\Users\Audrey\AppData\Roaming\CyberLink
O43 - CFD: 02/06/2013 - 12:04:04 - [] ----D C:\Users\Audrey\AppData\Roaming\Dealply  =>PUP.DealPly
O43 - CFD: 13/03/2014 - 20:07:34 - [] ----D C:\Users\Audrey\AppData\Roaming\Desk 365  =>Hijacker.22Find
O43 - CFD: 18/06/2010 - 17:34:28 - [] ----D C:\Users\Audrey\AppData\Roaming\Facebook
O43 - CFD: 04/07/2012 - 10:44:15 - [] ----D C:\Users\Audrey\AppData\Roaming\GetRightToGo
O43 - CFD: 19/01/2010 - 20:20:19 - [] ----D C:\Users\Audrey\AppData\Roaming\Google
O43 - CFD: 08/03/2010 - 17:30:50 - [] ----D C:\Users\Audrey\AppData\Roaming\HP
O43 - CFD: 23/07/2013 - 10:22:01 - [] ----D C:\Users\Audrey\AppData\Roaming\HpUpdate
O43 - CFD: 19/01/2010 - 20:17:47 - [] ----D C:\Users\Audrey\AppData\Roaming\Identities
O43 - CFD: 01/04/2014 - 20:34:06 - [] ----D C:\Users\Audrey\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
O43 - CFD: 01/04/2014 - 20:34:10 - [] ----D C:\Users\Audrey\AppData\Roaming\IminentToolbar  =>Adware.IMBooster
O43 - CFD: 23/07/2014 - 20:16:11 - [] ----D C:\Users\Audrey\AppData\Roaming\LimeWire
O43 - CFD: 20/01/2010 - 16:58:22 - [] ----D C:\Users\Audrey\AppData\Roaming\Macromedia
O43 - CFD: 22/06/2012 - 11:16:37 - [] ----D C:\Users\Audrey\AppData\Roaming\Malwarebytes
O43 - CFD: 16/08/2009 - 08:31:47 - [0] ----D C:\Users\Audrey\AppData\Roaming\Media Center Programs
O43 - CFD: 06/12/2013 - 17:39:16 - [] -S--D C:\Users\Audrey\AppData\Roaming\Microsoft
O43 - CFD: 08/11/2011 - 15:36:21 - [] ----D C:\Users\Audrey\AppData\Roaming\Mozilla
O43 - CFD: 20/11/2013 - 19:55:31 - [] ----D C:\Users\Audrey\AppData\Roaming\mysearchdial  =>Adware.MyWebSearch
O43 - CFD: 11/01/2013 - 15:42:18 - [] ----D C:\Users\Audrey\AppData\Roaming\Nero
O43 - CFD: 05/05/2014 - 15:55:46 - [] ----D C:\Users\Audrey\AppData\Roaming\Optimizer Pro  =>PUP.OptimizerPro
O43 - CFD: 18/03/2014 - 17:22:26 - [] ----D C:\Users\Audrey\AppData\Roaming\PDF Architect
O43 - CFD: 18/03/2014 - 17:06:33 - [] ----D C:\Users\Audrey\AppData\Roaming\pdfforge
O43 - CFD: 01/04/2014 - 20:37:20 - [] ----D C:\Users\Audrey\AppData\Roaming\PerfectTablePlan
O43 - CFD: 01/04/2014 - 20:34:24 - [0] ----D C:\Users\Audrey\AppData\Roaming\SimilarSites
O43 - CFD: 08/08/2014 - 11:32:05 - [] ----D C:\Users\Audrey\AppData\Roaming\Skype
O43 - CFD: 21/02/2014 - 09:52:38 - [] ----D C:\Users\Audrey\AppData\Roaming\SupTab  =>PUP.SupTab
O43 - CFD: 21/02/2014 - 09:52:38 - [] ----D C:\Users\Audrey\AppData\Roaming\Uniblue
O43 - CFD: 14/12/2013 - 10:15:41 - [] ----D C:\Users\Audrey\AppData\Roaming\vlc
O43 - CFD: 21/02/2014 - 09:52:28 - [] ----D C:\Users\Audrey\AppData\Roaming\VOPackage  =>Adware.Downware
O43 - CFD: 14/03/2011 - 18:58:53 - [0] ----D C:\Users\Audrey\AppData\Roaming\Windows Live Writer
O43 - CFD: 09/10/2013 - 17:47:56 - [] ----D C:\Users\Audrey\AppData\Roaming\WindSolutions
O43 - CFD: 14/03/2011 - 19:07:43 - [] ----D C:\Users\Audrey\AppData\Roaming\WinRAR
O43 - CFD: 08/08/2014 - 13:59:18 - [] ----D C:\Users\Audrey\AppData\Roaming\ZHP  =>.Nicolas Coolman
O43 - CFD: 25/05/2013 - 16:15:07 - [] ----D C:\Users\Audrey\AppData\Local\3DVIA
O43 - CFD: 26/06/2014 - 20:19:51 - [] ----D C:\Users\Audrey\AppData\Local\737cb9b671dd9293a47dd49f27300c48
O43 - CFD: 08/08/2014 - 12:03:09 - [] ----D C:\Users\Audrey\AppData\Local\Adobe
O43 - CFD: 22/02/2012 - 21:16:18 - [] ----D C:\Users\Audrey\AppData\Local\adslTV
O43 - CFD: 09/02/2010 - 17:32:32 - [] ----D C:\Users\Audrey\AppData\Local\Apple
O43 - CFD: 09/02/2010 - 18:16:48 - [] ----D C:\Users\Audrey\AppData\Local\Apple Computer
O43 - CFD: 19/01/2010 - 20:17:19 - [] -SH-D C:\Users\Audrey\AppData\Local\Application Data
O43 - CFD: 24/07/2014 - 21:02:30 - [] ----D C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock
O43 - CFD: 24/07/2014 - 21:02:31 - [0] ----D C:\Users\Audrey\AppData\Local\CheckCode
O43 - CFD: 05/06/2014 - 13:56:12 - [] ----D C:\Users\Audrey\AppData\Local\d4729c8bbf6e51b71760b3778fad0c06
O43 - CFD: 13/02/2014 - 11:36:14 - [0] ----D C:\Users\Audrey\AppData\Local\Diagnostics
O43 - CFD: 02/06/2013 - 11:44:27 - [] ----D C:\Users\Audrey\AppData\Local\Downloaded Installations
O43 - CFD: 30/06/2013 - 13:38:08 - [0] ----D C:\Users\Audrey\AppData\Local\ElevatedDiagnostics
O43 - CFD: 02/06/2013 - 11:44:00 - [] ----D C:\Users\Audrey\AppData\Local\eorezo  =>PUP.Eorezo
O43 - CFD: 15/05/2013 - 11:17:17 - [0] ----D C:\Users\Audrey\AppData\Local\FastReport
O43 - CFD: 08/08/2014 - 10:20:15 - [] ----D C:\Users\Audrey\AppData\Local\fst_fr_244  =>Adware.FreeSoftToday
O43 - CFD: 08/07/2014 - 16:07:31 - [] ----D C:\Users\Audrey\AppData\Local\fst_fr_287  =>Adware.FreeSoftToday
O43 - CFD: 10/07/2014 - 12:27:56 - [] ----D C:\Users\Audrey\AppData\Local\Genesis  =>PUP.Genesis
O43 - CFD: 21/06/2012 - 16:44:16 - [] ----D C:\Users\Audrey\AppData\Local\Google
O43 - CFD: 19/01/2010 - 20:17:19 - [] -SH-D C:\Users\Audrey\AppData\Local\Historique
O43 - CFD: 08/03/2010 - 17:30:49 - [] ----D C:\Users\Audrey\AppData\Local\HP
O43 - CFD: 19/06/2012 - 19:03:06 - [] ----D C:\Users\Audrey\AppData\Local\Macromedia
O43 - CFD: 23/01/2014 - 15:00:38 - [] ----D C:\Users\Audrey\AppData\Local\Microsoft
O43 - CFD: 01/04/2013 - 12:36:25 - [] ----D C:\Users\Audrey\AppData\Local\Microsoft Games
O43 - CFD: 06/09/2010 - 16:08:53 - [] ----D C:\Users\Audrey\AppData\Local\Microsoft Help
O43 - CFD: 20/08/2013 - 20:53:50 - [] ----D C:\Users\Audrey\AppData\Local\Mozilla
O43 - CFD: 25/07/2011 - 09:19:37 - [0] ----D C:\Users\Audrey\AppData\Local\PackageAware
O43 - CFD: 26/05/2014 - 06:33:38 - [] ----D C:\Users\Audrey\AppData\Local\Packages
O43 - CFD: 27/06/2014 - 20:15:32 - [] ----D C:\Users\Audrey\AppData\Local\Pay-By-Ads
O43 - CFD: 15/05/2013 - 10:19:18 - [] ----D C:\Users\Audrey\AppData\Local\Programs
O43 - CFD: 17/11/2010 - 18:40:25 - [] ----D C:\Users\Audrey\AppData\Local\Quick_Zip_Dev
O43 - CFD: 02/05/2014 - 10:24:49 - [] ----D C:\Users\Audrey\AppData\Local\Skype
O43 - CFD: 08/08/2014 - 13:53:16 - [] ----D C:\Users\Audrey\AppData\Local\Temp
O43 - CFD: 19/01/2010 - 20:17:19 - [] -SH-D C:\Users\Audrey\AppData\Local\Temporary Internet Files
O43 - CFD: 09/11/2013 - 17:21:38 - [] ----D C:\Users\Audrey\AppData\Local\tuto4pc_fr_38  =>PUP.AgenceExclusive
O43 - CFD: 15/05/2014 - 19:45:55 - [] ----D C:\Users\Audrey\AppData\Local\VirtualStore
O43 - CFD: 02/06/2013 - 11:44:08 - [] ----D C:\Users\Audrey\AppData\Local\Wajam  =>PUP.Wajam
O43 - CFD: 14/03/2011 - 18:58:51 - [] ----D C:\Users\Audrey\AppData\Local\Windows Live
O43 - CFD: 14/03/2011 - 18:59:00 - [] ----D C:\Users\Audrey\AppData\Local\Windows Live Writer
O43 - CFD: 23/01/2014 - 15:02:22 - [0] ----D C:\Users\Audrey\AppData\Local\WMTools Downloaded Files
O43 - CFD: 22/08/2009 - 09:52:43 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/11/2010 - 18:24:12 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Add-in ODF pour Microsoft Office
O43 - CFD: 10/07/2011 - 11:30:19 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 09/10/2013 - 15:53:46 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
O43 - CFD: 19/01/2010 - 20:19:50 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
O43 - CFD: 11/11/2011 - 11:24:59 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GotClip
O43 - CFD: 18/09/2012 - 14:54:14 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 04/07/2012 - 10:44:38 - [0] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LimeWire
O43 - CFD: 22/08/2009 - 09:52:43 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 28/01/2010 - 18:08:35 - [0] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pvm
O43 - CFD: 17/11/2010 - 18:39:55 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Zip 5.1
O43 - CFD: 23/09/2010 - 11:18:52 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SoftwareNetz
O43 - CFD: 05/05/2014 - 15:50:15 - [] R---D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/01/2013 - 15:03:04 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
O43 - CFD: 02/06/2013 - 11:44:08 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam  =>PUP.Wajam
O43 - CFD: 25/06/2013 - 08:27:42 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watermark Software
O43 - CFD: 09/06/2011 - 09:51:03 - [0] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinGrosMaigre
O43 - CFD: 01/07/2011 - 09:47:47 - [] ----D C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Program Folder: 263 Scanned in 00mn 02s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6FD0DA30D14D34018E9541E77F1D1ADB] - 07/08/2014 - 22:36:54 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin   [512]
O44 - LFC:[MD5.965141737861196F2705E2D2FB2E6D68] - 08/08/2014 - 12:48:56 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.F724D96BD77374DC777DF9D2FCD71534] - 08/08/2014 - 12:48:57 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1543492]
O44 - LFC:[MD5.7BA84CF3E3EAD94901B51A13B26E8AC5] - 08/08/2014 - 12:48:57 ---A- . (...) -- C:\Windows\setupact.log   [28705]
O44 - LFC:[MD5.1B4BF4624E5549E7DF7B90FE3B0836D1] - 08/08/2014 - 12:49:26 ---A- . (...) -- C:\Windows\win.ini   [713]
~ Files: 5 Scanned in 00mn 06s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.761631575DDFA83240C94EDBB601D2D3] - 08/08/2014 - 09:20:15 ---A- - C:\Windows\Prefetch\UPFST_FR_244.EXE-324E3055.pf  =>Adware.FreeSoftToday
O45 - LFCP:[MD5.6766E913934BE95369AEC73B5F687109] - 06/08/2014 - 19:40:00 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-CA64286E.pf  =>Adware.Downware
~ Prefetcher: 2 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ LSA: 8 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{3554fafb-1ae9-11df-b253-00262d61db87}\AutoRun\command. (...) -- E:\USBAutoRun.exe (.not file.)
O51 - MPSK:{e50ff4c8-1e3b-11df-b108-00262d61db87}\AutoRun\command. (...) -- E:\VMC_PBStarter.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2
O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1
~ MWPS: 18 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=28
~ MWPE Keys: 5 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys   [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys   [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys   [15440]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys   [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys   [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys   [27008]
O58 - SDL:25/05/2009 - 04:57:42 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys   [243760]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys   [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys   [97856]
O58 - SDL:05/10/2009 - 15:34:00 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys   [1542656]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys   [270848]
O58 - SDL:10/06/2009 - 21:34:38 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS   [1311232]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys   [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys   [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys   [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys   [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys   [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys   [14720]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys   [468480]
O58 - SDL:11/08/2009 - 21:59:50 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys   [686080]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys   [17488]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys   [3286016]
O58 - SDL:21/08/2012 - 13:01:20 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys   [33240]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:20/11/2010 - 14:33:35 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys   [78720]
O58 - SDL:05/06/2009 - 02:54:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys   [408600]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys   [410496]
O58 - SDL:02/09/2009 - 17:54:20 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys   [7369728]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys   [44112]
O58 - SDL:26/05/2009 - 13:13:10 ---A- . (.Intel(R) Corporation - Intel(R) High Definition Audio HDMI.) -- C:\Windows\System32\Drivers\IntcHdmi.sys   [138752]
O58 - SDL:10/06/2009 - 21:34:36 ---A- . (.Broadcom Corporation - Broadcom NetLink (TM) Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\k57nd60a.sys   [270848]
O58 - SDL:20/06/2009 - 03:09:57 ---A- . (.Atheros Communications, Inc. - Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20.) -- C:\Windows\System32\Drivers\L1E62x64.sys   [54272]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys   [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys   [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys   [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys   [115776]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys   [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys   [284736]
O58 - SDL:10/06/2009 - 21:35:28 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\netw5v64.sys   [5434368]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys   [51264]
O58 - SDL:06/05/2009 - 00:46:08 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\System32\Drivers\NTIDrvr.sys   [18432]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys   [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys   [166272]
O58 - SDL:16/06/2008 - 03:00:00 ----- . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\Drivers\PxHlpa64.sys   [55024]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys   [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys   [128592]
O58 - SDL:05/06/2009 - 01:46:50 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\System32\Drivers\RtsUStor.sys   [216064]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys   [23040]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys   [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys   [80464]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:06/05/2009 - 00:46:08 ---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\System32\Drivers\UBHelper.sys   [16896]
O58 - SDL:13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [54784]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys   [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys   [161872]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\System32\Drivers\VSTAZL6.SYS   [292864]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\Drivers\VSTCNXT6.SYS   [740864]
O58 - SDL:10/06/2009 - 22:01:11 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\Drivers\VSTDPV6.SYS   [1485312]
O58 - SDL:03/07/2014 - 15:22:50 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64.sys   [61120]  =>PUP.LinkiDoo
O58 - SDL:09/06/2014 - 11:15:16 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}w64.sys   [61120]  =>PUP.LinkiDoo
O58 - SDL:24/04/2014 - 11:21:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{ba099a85-e825-4802-83e7-d386a5b4a734}w64.sys   [61120]  =>PUP.LinkiDoo
O58 - SDL:26/03/2009 - 20:16:06 ---A- . (.Dritek System Inc. - Dritek 64-bit PS/2 Keyboard Filter Driver.) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys   [25608]
~ Drivers: 64 Scanned in 00mn 06s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 03/08/2014 - 14:00:01 ----- . (...) -- C:\Users\Audrey\AppData\Local\Temp\is45637729\390713212_stp\Generic_vo.exe   [172515]
O61 - LFC: 03/08/2014 - 14:00:03 ---A- . (...) -- C:\Users\Audrey\AppData\LocalLow\SkwConfig.bin   [18608]
O61 - LFC: 06/08/2014 - 14:00:01 ----- . (...) -- C:\Users\Audrey\AppData\Local\Temp\is45637729\137547047_stp\Generic_vo.exe   [172272]
O61 - LFC: 07/08/2014 - 14:00:26 ---A- . (.AVAST Software.) -- C:\Users\Audrey\Downloads\avast_free_antivirus_setup_online.exe   [4862664]
O61 - LFC: 07/08/2014 - 14:00:26 ---A- . (.Nicolas Coolman.) -- C:\Users\Audrey\Downloads\ZHPDiag2.exe   [6854876]  =>.Nicolas Coolman
~ 1056 Fichiers temporaires (Temporary files)
~ 395 Fichiers cookies (Cookies files)
~ Files: 5 Scanned in 00mn 36s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 24/07/1744 - C:\Windows\System32\DRIVERS\kl1.sys (KL1) .(...) - LEGACY_KL1
O64 - Services: CurCS - 24/07/1744 - C:\Windows\System32\DRIVERS\kl2.sys (kl2) .(...) - LEGACY_KL2
O64 - Services: CurCS - 24/07/1744 - C:\Windows\System32\DRIVERS\klif.sys (KLIF) .(...) - LEGACY_KLIF
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 03/07/2014 - C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64.sys ({9a9157bb-003e-4fef-8bd1-c09bc4586a28}w64)  .(.StdLib - StdLib.) - LEGACY_{9A9157BB-003E-4FEF-8BD1-C09BC4586A28}W64  =>PUP.LinkiDoo
O64 - Services: CurCS - 09/06/2014 - C:\Windows\System32\drivers\{af16abf4-eac1-49b4-93fc-58f6ca799135}w64.sys ({af16abf4-eac1-49b4-93fc-58f6ca799135}w64)  .(.StdLib - StdLib.) - LEGACY_{AF16ABF4-EAC1-49B4-93FC-58F6CA799135}W64  =>PUP.LinkiDoo
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{ba099a85-e825-4802-83e7-d386a5b4a734}w64.sys ({ba099a85-e825-4802-83e7-d386a5b4a734}w64)  .(.StdLib - StdLib.) - LEGACY_{BA099A85-E825-4802-83E7-D386A5B4A734}W64  =>PUP.LinkiDoo
~ Legacy: 78 Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) --  C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com  =>PUP.Awesomehp
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Mysearchdial) - http://start.mysearchdial.com  =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {460C3D19-B3D4-4964-A550-77D263B0CCCB} - (awesomehp) - http://www.awesomehp.com  =>PUP.Awesomehp
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} - (Yahoo! Search) - http://rts.dsrlte.com
O69 - SBI: SearchScopes [HKCU] {EBFA67B9-58D1-47AF-B3BB-660B626984DD} [DefaultScope] - (StartWeb) - http://start.iminent.com  =>Adware.IMBooster
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [2420736]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [370688]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [136192]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [100864]
~ Services: 31 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.62B7C506B092D460898F3296DA94B728] [SPRF][18/07/2009] (.Oberon Media - FullRemove.) -- C:\ProgramData\FullRemove.exe   [36136]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][03/04/2012] (...) -- C:\Users\Audrey\AppData\Roaming\wklnhst.dat   [0]
[MD5.087E3A7D8752CEB81A274E971C3FD805] [SPRF][26/01/2011] (.Remote Mouse Server - Remote Mouse Server Setup.) -- C:\Users\Audrey\Desktop\RemoteMouse.exe   [8107752]
~ Files: 3 Scanned in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "5EC33E4FBA7A86F47A7E0FAA48FED2E9" . (.Internet Explorer Toolbar 4.9 by SweetPacks.) -- C:\Windows\Installer\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}\ARPPRODUCTICON.exe  =>PUP.SweetIM
~ Update Products: 1 Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7253826FD00B972095260E17EF0DD7BF] [WIS][20/11/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\393e3e38.msi   [2732544]  =>PUP.SweetIM
~ WIS: 1 Scanned in 00mn 05s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32  =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS  =>Adware.PredictAd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BandooUI_RASAPI32  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BandooUI_RASMANCS  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32  =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS  =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BuzzSearch_RASAPI32  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BuzzSearch_RASMANCS  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASAPI32  =>Adware.Bloson
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\conduitinstaller_RASMANCS  =>Adware.Bloson
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASAPI32  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\datamngrUI_RASMANCS  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\desk365_RASAPI32  =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\desk365_RASMANCS  =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASAPI32  =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\deskSvc_RASMANCS  =>Hijacker.22Find
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32  =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS  =>Adware.Incredibar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\facemoodssrv_RASAPI32  =>Adware.Facemoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\facemoodssrv_RASMANCS  =>Adware.Facemoods
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven Pro-chromeinstaller_RASAPI32  =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Feven Pro-chromeinstaller_RASMANCS  =>PUP.CrossRider
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\fst_fr_244_RASAPI32  =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\fst_fr_244_RASMANCS  =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Genesis_RASAPI32  =>PUP.Genesis
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Genesis_RASMANCS  =>PUP.Genesis
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASAPI32  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASMANCS  =>Adware.Bandoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IMinentToolbar_RASAPI32  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\IMinentToolbar_RASMANCS  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS  =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\InstallManagerR_RASAPI32  =>PUP.Manager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\InstallManagerR_RASMANCS  =>PUP.Manager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LyricsFanUpdater_RASAPI32  =>Adware.AddLyrics
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LyricsFanUpdater_RASMANCS  =>Adware.AddLyrics
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32  =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS  =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASAPI32  =>Adware.MyWebSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MySearchDial_RASMANCS  =>Adware.MyWebSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MYSEAR~1_RASAPI32  =>Adware.MyWebSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MYSEAR~1_RASMANCS  =>Adware.MyWebSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBox_RASAPI32  =>PUP.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBox_RASMANCS  =>PUP.OfferBox
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptimizerPro_RASAPI32  =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptimizerPro_RASMANCS  =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASAPI32  =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OptProStart_RASMANCS  =>PUP.OptimizerPro
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASAPI32  =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASMANCS  =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PirritDesktop_RASAPI32  =>PUP.PirritSuggestor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PirritDesktop_RASMANCS  =>PUP.PirritSuggestor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PirritSuggestor_0104-1d309b60_RASAPI32  =>PUP.PirritSuggestor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PirritSuggestor_0104-1d309b60_RASMANCS  =>PUP.PirritSuggestor
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-3_RASAPI32  =>Adware.PlusHD
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-3_RASMANCS  =>Adware.PlusHD
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QtraxInstaller_RASAPI32  =>P2P.Qtrax
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QtraxInstaller_RASMANCS  =>P2P.Qtrax
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchProtectINT_RASAPI32  =>PUP.SearchProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchProtectINT_RASMANCS  =>PUP.SearchProtect
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_searchqu_RASAPI32  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_searchqu_RASMANCS  =>PUP.Datamngr
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_perfecttableplan_RASAPI32  =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_perfecttableplan_RASMANCS  =>Toolbar.Conduit
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\speedupmypc_RASAPI32  =>PUP.SpeedUpMyPC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\speedupmypc_RASMANCS  =>PUP.SpeedUpMyPC
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASAPI32  =>PUP.SupTab
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SupTab_RASMANCS  =>PUP.SupTab
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASAPI32  =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASMANCS  =>PUP.SweetIM
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_fr_38_RASAPI32  =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tuto4pc_fr_38_RASMANCS  =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tuto4PC_widget_RASAPI32  =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Tuto4PC_widget_RASMANCS  =>PUP.AgenceExclusive
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASAPI32  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBuzzSearch_RASMANCS  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upfst_fr_244_RASAPI32  =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upfst_fr_244_RASMANCS  =>Adware.FreeSoftToday
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upt4pc_fr_38_RASAPI32  =>PUP.Eorezo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\upt4pc_fr_38_RASMANCS  =>PUP.Eorezo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASAPI32  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBuzzSearch_RASMANCS  =>PUP.BuzzSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASAPI32  =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VOPackage_RASMANCS  =>Adware.Downware
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASAPI32  =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASMANCS  =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_download_RASAPI32  =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_download_RASMANCS  =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASAPI32  =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASMANCS  =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Widestream6-setup_RASAPI32  =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Widestream6-setup_RASMANCS  =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\widestream6_air_RASAPI32  =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\widestream6_air_RASMANCS  =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WideStream_RASAPI32  =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WideStream_RASMANCS  =>Adware.SPointer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_RASAPI32  =>PUP.WpManager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wpm_RASMANCS  =>PUP.WpManager
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-074C_RASAPI32  =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-074C_RASMANCS  =>Adware.Yontoo
~ BTK: 617 Scanned in 00mn 01s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110311711180}] (Plus-HD-3.5)  =>Adware.PlusHD
[HKCR\CLSID\{22222222-2222-2222-2222-220322712280}] (CrossriderApp0037180.Sandbox)  =>PUP.CrossRider
[HKCR\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] (IMinent WebBooster (BHO))  =>Adware.IMBooster
[HKCR\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106}] (Updater By Sweetpacks)  =>PUP.SweetIM
~ BCK: 4636 Scanned in 00mn 13s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 10/07/1658 0 |  (0580bc2010c6cb3cc1f4a298c3e08a5c.exe) . (...) - C:\Users\Audrey\AppData\Local\0580bc2010c6cb3cc1f4a298c3e08a5c\0580bc2010c6cb3cc1f4a298c3e08a5c.exe
SS - | Demand 07/06/2014 257712 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/07/1658 0 |  (ClassCompilerMetafile.exe) . (...) - C:\Users\Audrey\AppData\Local\737cb9b671dd9293a47dd49f27300c48\ClassCompilerMetafile.exe
SS - | Auto 10/07/1658 0 |  (e2731bae2e84854.exe) . (...) - C:\Users\Audrey\AppData\Local\d4729c8bbf6e51b71760b3778fad0c06\e2731bae2e84854.exe
SS - | Auto 05/04/2010 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 05/04/2010 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/08/2009 182768 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 06/08/2014 114288 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 28/07/2009 935208 |  (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/07/1658 0 |  (PirritDesktop) . (...) - C:\Users\Audrey\AppData\Local\PirritSuggestor\PirritService.exe  =>PUP.PirritSuggestor
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Demand 06/03/2012 932240 |  (Service CANALPLAY) . (.Canal+ Distribution.) - C:\Program Files (x86)\Lecteur CANALPLAY\CanalPlayService.exe
SS - | Auto 23/10/2013 172192 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 08/12/2008 169312 |  (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
SR - | Auto 24/07/2014 98340 |  (ArchiveSoftwareWinsock.exe) . (...) - C:\Users\Audrey\AppData\Local\ArchiveSoftwareWinsock\ArchiveSoftwareWinsock.exe
SR - | Auto 06/07/2010 188416 |  (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files (x86)\Canal+\CANAL+ CANALSAT A LA DEMANDE\VOD\CanalPlus.VOD.exe
SR - | Auto 21/02/2014 425008 |  (desksvc) . (.337 Technology Limited..) - C:\Program Files (x86)\Desk 365\deskSvc.exe  =>Hijacker.22Find
SR - | Auto 05/08/2009 844320 |  (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Demand 03/11/2009 651720 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 04/06/2009 1150496 |  (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
SR - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 05/06/2009 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 24/07/2014 2637104 |  (IBUpdaterService) . (...) - C:\Windows\System32\dmwu.exe  =>Adware.InstallBrain
SR - | Auto 11/04/2014 705136 |  (IePluginService) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginService\PluginService.exe  =>PUP.IePluginService
SR - | Auto 21/08/2009 62720 |  (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
SR - | Auto 08/04/2013 1320496 |  (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SR - | Auto 08/04/2013 799280 |  (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SR - | Auto 18/07/2014 3088192 |  (SProtection) . (.Iminent.) - C:\Program Files (x86)\Common Files\Umbrella\Umbrella213.exe  =>Adware.IMBooster
SR - | Auto 06/08/2014 323360 |  (Update ToggleMark) . (...) - C:\Program Files (x86)\ToggleMark\updateToggleMark.exe
SR - | Auto 01/07/2013 188760 |  (Updater By Sweetpacks) . (...) - C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe  =>PUP.SweetIM
SR - | Auto 04/07/2009 240160 |  (Updater Service) . (.Acer.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 06/08/2014 323360 |  (Util ToggleMark) . (...) - C:\Program Files (x86)\ToggleMark\bin\utilToggleMark.exe
SR - | Auto 15/02/2014 61456 |  (VOsrv) . (...) - C:\Users\Audrey\AppData\Roaming\VOPackage\VOsrv.exe  =>Adware.Downware
SR - | Auto 02/05/2013 109064 |  (WajamUpdater) . (.Wajam.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe  =>PUP.Wajam
SR - | Auto 26/03/2014 425792 |  (WinkHandler) . (...) - C:\Program Files (x86)\Iminent\WinkHandler.exe  =>Adware.IMBooster
SR - | Auto 18/03/2014 59904 |  (WinRST) . (...) - C:\Program Files (x86)\WinRST\WinRST.exe  =>PUP.WinRST
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 21/02/2014 493568 |  (Wpm) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\WPM\wprotectmanager.exe  =>PUP.WpManager
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 16s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Audrey at 08/08/2014 14:01:35
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Audrey at 08/08/2014 14:01:37
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (06/08/2014)
Clés trouvées (Keys found) : 291
Valeurs trouvées (Values found) : 5
Dossiers trouvés  (Folders found) : 57
Fichiers trouvés  (Files found) : 59

[HKLM\Software\Google\Chrome\Extensions\cmkjneookggmljgfilgemfeefneiibdi]   =>PUP.BlockAndSurf^
[HKLM\Software\Google\Chrome\Extensions\gooamedlnddjgokhlnkgohghifdcnplp]   =>PUP.BlockAndSurf^
[HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>PUP.Wajam^
[HKLM\Software\Google\Chrome\Extensions\kpjdjfkkmlgacmnenfhafmkldaogiglb]   =>PUP.CrossRider^
[HKLM\Software\Google\Chrome\Extensions\ldikpdnngdmeceeameoaannjilbjppnm]   =>Adware.PlusHD^
[HKLM\Software\Google\Chrome\Extensions\nfeonecgpoepapkmdgdmjolonaakdknd]   =>Adware.AddLyrics^
[HKLM\Software\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma]   =>PUP.QuickStart^
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff]   =>Adware.MyWebSearch^
[HKLM\Software\Google\Chrome\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm]   =>PUP.LuckyCoupon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311711180}]   =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}]   =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]   =>PUP.SupTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{74904F58-1176-7FB1-441C-5285E88CB94F}]   =>PUP.LuckyShopper^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]   =>PUP.Minibar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3A24936-AE9E-3C21-9C0F-42BFD7FD8EE4}]   =>PUP.BlockAndSurf^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8720491-9558-4C0D-9E35-30EED15DFB2B}]   =>Adware.AddLyrics^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB78C489-7731-6FFF-21E0-CDBC5602E895}]   =>PUP.QueenCoupon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEDAF650-12B8-48F5-A843-BBA100716106}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}]   =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70D8F4B6-CE22-A20E-F71C-8B6B9300DCF8}]   =>PUP.Deal2Dealit^
[HKLM\SYSTEM\CurrentControlSet\Services\desksvc]   =>Hijacker.22Find^
[HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService]   =>Adware.InstallBrain^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginService]   =>PUP.IePluginService^
[HKLM\SYSTEM\CurrentControlSet\Services\PirritDesktop]   =>PUP.PirritSuggestor^
[HKLM\SYSTEM\CurrentControlSet\Services\SProtection]   =>Adware.IMBooster^
[HKLM\SYSTEM\CurrentControlSet\Services\Updater By Sweetpacks]   =>PUP.SweetIM^
[HKLM\SYSTEM\CurrentControlSet\Services\VOsrv]   =>Adware.Downware^
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater]   =>PUP.Wajam^
[HKLM\SYSTEM\CurrentControlSet\Services\WinkHandler]   =>Adware.IMBooster^
[HKLM\SYSTEM\CurrentControlSet\Services\WinRST]   =>PUP.WinRST^
[HKLM\SYSTEM\CurrentControlSet\Services\Wpm]   =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\EE23210E-F588-A06F-CCE1-3B48D7F4EF69]   =>PUP.BlockAndSurf^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365]   =>Hijacker.22Find^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Feven Pro]   =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\FreeSoftToday_is1]   =>Adware.FreeSoftToday^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\genesis]   =>PUP.Genesis^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins]   =>PUP.IePluginService^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP]   =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iminent]   =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AE9B04F2-E9E8-162C-829B-52C116B3EFCC}]   =>PUP.LuckyShopper^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\lrcfan@fansoft.br]   =>Adware.AddLyrics^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial]   =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1]   =>PUP.OptimizerPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-3.5]   =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3DE8A1D7-C77F-E02A-70DD-31D29EC5B988}]   =>PUP.QueenCoupon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SiteFinder]   =>Adware.ShoppingReport^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1]   =>PUP.SpeedUpMyPC^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SupTab]   =>PUP.SupTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DEDAF650-12B8-48f5-A843-BBA100716106}_is1]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage]   =>Adware.Downware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM]   =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam]   =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464}]   =>PUP.Deal2Dealit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_244_is1]   =>Adware.FreeSoftToday^
[HKLM\Software\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}]   =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}]   =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]   =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}]   =>Toolbar.Expresso
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}]   =>PUP.V9Software
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}]   =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]   =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}]   =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]   =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}]   =>Spyware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]   =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]   =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}]   =>Toolbar.Expresso
[HKLM\Software\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}]   =>Toolbar.Expresso
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}]   =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}]   =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}]   =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}]   =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}]   =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}]   =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}]   =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\speedupmypc_RASMANCS]   =>PUP.SpeedUpMyPC
[HKLM\Software\Classes\AppID\BrowserConnection.dll]   =>Adware.Bandoo
[HKLM\Software\Classes\AppID\Complitly.DLL]   =>Adware.PredictAd
[HKLM\Software\Classes\AppID\DNSBHO.dll]   =>Adware.Bandoo
[HKLM\Software\Classes\AppID\escort.dll]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE]   =>PUP.Babylon
[HKLM\Software\Classes\AppID\Extension.DLL]   =>Toolbar.Expresso
[HKLM\Software\Classes\escort.escortIEPane]   =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1]   =>PUP.Funmoods
[HKLM\Software\Classes\Extension.ExtensionHelperObject]   =>Toolbar.Expresso
[HKLM\Software\Classes\Extension.ExtensionHelperObject.1]   =>Toolbar.Expresso
[HKLM\Software\Classes\I]   =>Adware.IncrediBar
[HKLM\Software\Classes\SpeedUpMyPC]   =>PUP.SpeedUpMyPC
[HKLM\Software\Wow6432Node\Microsoft\Tracing\speedupmypc_RASAPI32]   =>PUP.SpeedUpMyPC
[HKLM\Software\Wow6432Node\Microsoft\Tracing\optimizerpro_RASMANCS]   =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp]   =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\optimizerpro_RASAPI32]   =>PUP.OptimizerPro
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater]   =>Toolbar.Wajam
[HKCU\Software\DataMngr]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr]   =>Adware.Bandoo
[HKCU\Software\Iminent]   =>Adware.IMBooster
[HKLM\Software\Iminent]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent]   =>Adware.IMBooster
[HKCU\Software\Softonic]   =>Toolbar.Conduit
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM]   =>PUP.SweetIM
[HKCU\Software\Tutorials]   =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials]   =>Spyware.AgenceExclusive
[HKCU\Software\WNLT]   =>Adware.IncrediBar
[HKLM\Software\WNLT]   =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\SimplyGen]   =>Adware.PredictAd
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS]   =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\optprostart_RASMANCS]   =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Microsoft\Tracing\optprostart_RASAPI32]   =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT]   =>Adware.IncrediBar
[HKLM\Software\Classes\Prod.cap]   =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS]   =>PUP.OfferBox
[HKLM\Software\Classes\AppID\priam_bho.DLL]   =>Toolbar.Wajam
[HKCU\Software\InstallCore]   =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore]   =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}]   =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}]   =>Adware.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365]   =>Hijacker.22find
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]   =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}]   =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc]   =>Hijacker.22find
[HKCU\Software\AppDataLow\Software\Crossrider]   =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1]   =>PUP.SpeedUpMyPC
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff]   =>Adware.MyWebSearch
[HKCU\Software\AppDataLow\Software\LyricsFan]   =>Adware.AddLyrics
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\lrcfan@fansoft.br]   =>Adware.AddLyrics
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8720491-9558-4C0D-9E35-30EED15DFB2B}]   =>Adware.AddLyrics
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A8720491-9558-4C0D-9E35-30EED15DFB2B}]   =>Adware.AddLyrics
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8720491-9558-4C0D-9E35-30EED15DFB2B}]   =>Adware.AddLyrics
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\nfeonecgpoepapkmdgdmjolonaakdknd]   =>Adware.AddLyrics
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}]   =>Adware.MyWebSearch
[HKCU\Software\InstalledBrowserExtensions]   =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]   =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}]   =>PUP.OptimizerPro
[HKLM\Software\Classes\CrossriderApp0037180.BHO]   =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0037180.BHO.1]   =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0037180.Sandbox]   =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0037180.Sandbox.1]   =>PUP.CrossRider
[HKLM\Software\Classes\esrv.iminentESrvc]   =>Adware.IMBooster
[HKLM\Software\Classes\esrv.iminentESrvc.1]   =>Adware.IMBooster
[HKLM\Software\Classes\Iminent]   =>Adware.IMBooster
[HKLM\Software\Classes\iminent.iminentappCore]   =>Adware.IMBooster
[HKLM\Software\Classes\iminent.iminentappCore.1]   =>Adware.IMBooster
[HKLM\Software\Classes\iminent.iminentdskBnd]   =>Adware.IMBooster
[HKLM\Software\Classes\iminent.iminentdskBnd.1]   =>Adware.IMBooster
[HKLM\Software\Classes\iminent.iminentHlpr]   =>Adware.IMBooster
[HKLM\Software\Classes\iminent.iminentHlpr.1]   =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject]   =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject.1]   =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender]   =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender.1]   =>Adware.IMBooster
[HKLM\Software\Classes\esrv.mysearchdialESrvc]   =>Adware.MyWebSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore]   =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd]   =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr]   =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\SWEETIE.IEToolbar]   =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1]   =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook]   =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1]   =>PUP.SweetIM
[HKLM\Software\Classes\wajam.WajamBHO]   =>PUP.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1]   =>PUP.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader]   =>PUP.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1]   =>PUP.Wajam
[HKCU\Software\Classes\keepmysearch]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311711180}]   =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322712280}]   =>PUP.CrossRider
[HKLM\Software\Classes\AppID\escorTlbr.DLL]   =>PUP.Funmoods
[HKLM\Software\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0037180.BHO]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0037180.BHO.1]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0037180.Sandbox]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0037180.Sandbox.1]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\esrv.iminentESrvc]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\esrv.iminentESrvc.1]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\iminent.iminentappCore]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\iminent.iminentappCore.1]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\iminent.iminentdskBnd]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\iminent.iminentdskBnd.1]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\iminent.iminentHlpr]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\iminent.iminentHlpr.1]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject.1]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender.1]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc.1]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore.1]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd.1]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr.1]   =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO]   =>PUP.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO.1]   =>PUP.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader]   =>PUP.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader.1]   =>PUP.Wajam
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311711180}]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322712280}]   =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL]   =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL]   =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311711180}]   =>PUP.CrossRider
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E7F552EF334C802D75A55F0F6344722]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D}   =>Adware.ShoppingReport^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Desk 365   =>Hijacker.22Find^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_38   =>PUP.AgenceExclusive^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:upfst_fr_244.exe   =>Adware.FreeSoftToday^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{84FF7BD6-B47F-46F8-9130-01B2696B36CB}   =>Adware.IMBooster
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmkjneookggmljgfilgemfeefneiibdi   =>PUP.BlockAndSurf^
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gooamedlnddjgokhlnkgohghifdcnplp   =>PUP.BlockAndSurf^
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp   =>PUP.Wajam^
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpjdjfkkmlgacmnenfhafmkldaogiglb   =>PUP.CrossRider^
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldikpdnngdmeceeameoaannjilbjppnm   =>Adware.PlusHD^
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfeonecgpoepapkmdgdmjolonaakdknd   =>Adware.AddLyrics^
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma   =>PUP.QuickStart^
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff   =>Adware.MyWebSearch^
C:\Users\Audrey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinnimcikdbhhfcgdmcdcbingagfgelm   =>PUP.LuckyCoupon^
C:\Program Files (x86)\-BlockAndSurfS   =>PUP.BlockAndSurf^
C:\Program Files (x86)\Desk 365   =>Hijacker.22Find^
C:\Program Files (x86)\Feven Pro   =>PUP.CrossRider^
C:\Program Files (x86)\FindLyrics   =>Adware.AddLyrics^
C:\Program Files (x86)\fst_fr_244   =>Adware.FreeSoftToday^
C:\Program Files (x86)\fst_fr_287   =>Adware.FreeSoftToday^
C:\Program Files (x86)\Iminent   =>Adware.IMBooster^
C:\Program Files (x86)\IminentToolbar   =>Adware.IMBooster^
C:\Program Files (x86)\LyricsFan   =>Adware.AddLyrics^
C:\Program Files (x86)\Mysearchdial   =>Adware.MyWebSearch^
C:\Program Files (x86)\Optimizer Pro   =>PUP.OptimizerPro^
C:\Program Files (x86)\Plus-HD-3.5   =>Adware.PlusHD^
C:\Program Files (x86)\SiteFinder   =>Adware.ShoppingReport^
C:\Program Files (x86)\SupTab   =>PUP.SupTab^
C:\Program Files (x86)\SweetIM   =>PUP.SweetIM^
C:\Program Files (x86)\v01BlockAndSurf   =>PUP.BlockAndSurf^
C:\Program Files (x86)\Wajam   =>PUP.Wajam^
C:\Program Files (x86)\WinRST   =>PUP.WinRST^
C:\ProgramData\Babylon   =>PUP.Babylon^
C:\ProgramData\deal2dealliat   =>PUP.Deal2Dealit^
C:\ProgramData\IePluginService   =>PUP.IePluginService^
C:\ProgramData\InstallMate   =>PUP.Tarma^
C:\ProgramData\LuckyShoppeR   =>PUP.LuckyShopper^
C:\ProgramData\QuuEenCoupon   =>PUP.QueenCoupon^
C:\ProgramData\WPM   =>PUP.WpManager^
C:\Users\Audrey\AppData\Roaming\awesomehp   =>PUP.Awesomehp^
C:\Users\Audrey\AppData\Roaming\BabSolution   =>Hijacker.BabSolution^
C:\Users\Audrey\AppData\Roaming\Babylon   =>PUP.Babylon^
C:\Users\Audrey\AppData\Roaming\Dealply   =>PUP.DealPly^
C:\Users\Audrey\AppData\Roaming\Desk 365   =>Hijacker.22Find^
C:\Users\Audrey\AppData\Roaming\IminentToolbar   =>Adware.IMBooster^
C:\Users\Audrey\AppData\Roaming\mysearchdial   =>Adware.MyWebSearch^
C:\Users\Audrey\AppData\Roaming\Optimizer Pro   =>PUP.OptimizerPro^
C:\Users\Audrey\AppData\Roaming\SupTab   =>PUP.SupTab^
C:\Users\Audrey\AppData\Roaming\VOPackage   =>Adware.Downware^
C:\Users\Audrey\AppData\Local\eorezo   =>PUP.Eorezo^
C:\Users\Audrey\AppData\Local\fst_fr_244   =>Adware.FreeSoftToday^
C:\Users\Audrey\AppData\Local\fst_fr_287   =>Adware.FreeSoftToday^
C:\Users\Audrey\AppData\Local\Genesis   =>PUP.Genesis^
C:\Users\Audrey\AppData\Local\tuto4pc_fr_38   =>PUP.AgenceExclusive^
C:\Users\Audrey\AppData\Local\Wajam   =>PUP.Wajam^
C:\Users\Audrey\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam   =>PUP.Wajam^
C:\Program Files (x86)\Software   =>Adware.Boxore
C:\Program Files (x86)\Common Files\Umbrella   =>Adware.IMBooster
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365   =>Hijacker.22find
C:\Users\Audrey\AppData\Roaming\SimilarSites   =>Adware.SimilarSites
C:\Users\Audrey\AppData\LocalLow\SweetIM   =>PUP.SweetIM
C:\Users\Audrey\AppData\Local\Temp\Iminent   =>Adware.IMBooster
C:\Program Files (x86)\Common Files\Umbrella\Umbrella213.exe   =>Adware.IMBooster^
C:\Program Files (x86)\Iminent\WinkHandler.exe   =>Adware.IMBooster^
C:\Program Files (x86)\Desk 365\desk365.exe   =>Hijacker.22Find^
C:\Users\Audrey\AppData\Local\fst_fr_244\upfst_fr_244.exe   =>Adware.FreeSoftToday^
C:\Program Files (x86)\v01BlockAndSurf\BlockAndSurf.exe   =>PUP.BlockAndSurf^
C:\Program Files (x86)\fst_fr_244\fst_fr_244.exe   =>Adware.FreeSoftToday^
C:\Program Files (x86)\fst_fr_287\fst_fr_287.exe   =>Adware.FreeSoftToday^
C:\Program Files (x86)\Desk 365\deskSvc.exe   =>Hijacker.22Find^
C:\ProgramData\IePluginService\PluginService.exe   =>PUP.IePluginService^
C:\ProgramData\WPM\wprotectmanager.exe   =>PUP.WpManager^
C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe   =>PUP.SweetIM^
C:\Users\Audrey\AppData\Roaming\VOPackage\VOsrv.exe   =>Adware.Downware^
C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe   =>PUP.Wajam^
C:\Program Files (x86)\WinRST\WinRST.exe   =>PUP.WinRST^
C:\Windows\Tasks\BlockAndSurf Update.job   =>PUP.BlockAndSurf^
C:\Windows\Tasks\BlockAndSurf_wd.job   =>PUP.BlockAndSurf^
C:\Windows\Tasks\Feven Pro-chromeinstaller.job   =>PUP.CrossRider^
C:\Windows\Tasks\Feven Pro-firefoxinstaller.job   =>PUP.CrossRider^
C:\Windows\Tasks\Plus-HD-3.5-chromeinstaller.job   =>PUP.CrossRider^
C:\Windows\Tasks\Plus-HD-3.5-codedownloader.job   =>PUP.CrossRider^
C:\Windows\Tasks\Plus-HD-3.5-enabler.job   =>PUP.CrossRider^
C:\Windows\Tasks\Plus-HD-3.5-firefoxinstaller.job   =>PUP.CrossRider^
C:\Windows\Tasks\Plus-HD-3.5-updater.job   =>PUP.CrossRider^
C:\Windows\Tasks\SpeedUpMyPC Maintenance.job   =>PUP.SpeedUpMyPC^
C:\Windows\Tasks\SpeedUpMyPC Startup.job   =>PUP.SpeedUpMyPC^
[HKCU\Software\AppDataLow\Software\BlockAndSurf]   =>PUP.BlockAndSurf^
[HKCU\Software\AppDataLow\Software\Plus-HD-3.5]   =>Adware.PlusHD^
[HKCU\Software\BabSolution]   =>Hijacker.BabSolution^
[HKCU\Software\Genesis]   =>PUP.Genesis^
[HKCU\Software\IminentToolbar]   =>Adware.IMBooster^
[HKCU\Software\Optimizer Pro]   =>PUP.OptimizerPro^
[HKCU\Software\Qtrax]   =>P2P.Qtrax^
[HKCU\Software\SearchProtectINT2]   =>PUP.SearchProtect^
[HKCU\Software\TutoTag]   =>PUP.AgenceExclusive^
[HKCU\Software\UpdateStar]   =>Adware.Boxore^
[HKCU\Software\Wajam]   =>PUP.Wajam^
[HKCU\Software\WinkHandler]   =>Adware.IMBooster^
[HKCU\Software\freesofttoday]   =>Adware.FreeSoftToday^
[HKCU\Software\mysearchdial]   =>Adware.MyWebSearch^
[HKLM\Software\Pirrit]   =>PUP.PirritSuggestor^
[HKLM\Software\Updater By Sweetpacks]   =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\Babylon]   =>PUP.Babylon^
[HKLM\Software\Wow6432Node\FREE_SOFTTODAY]   =>Adware.FreeSoftToday^
[HKLM\Software\Wow6432Node\IminentToolbar]   =>Adware.IMBooster^
[HKLM\Software\Wow6432Node\Pirrit Solutions]   =>PUP.PirritSuggestor^
[HKLM\Software\Wow6432Node\Pirrit]   =>PUP.PirritSuggestor^
[HKLM\Software\Wow6432Node\Updater By Sweetpacks]   =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\Wpm]   =>PUP.WpManager^
[HKLM\Software\Wow6432Node\awesomehpSoftware]   =>PUP.Awesomehp^
[HKLM\Software\Wow6432Node\deskSvc]   =>Hijacker.22Find^
[HKLM\Software\Wow6432Node\supTab]   =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM]   =>PUP.WpManager^
C:\Windows\Installer\393e3e38.msi   =>PUP.SweetIM^
[HKCR\CLSID\{11111111-1111-1111-1111-110311711180}] (Plus-HD-3.5)   =>Adware.PlusHD^
[HKCR\CLSID\{22222222-2222-2222-2222-220322712280}] (CrossriderApp0037180.Sandbox)   =>PUP.CrossRider^
[HKCR\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] (IMinent WebBooster (BHO))   =>Adware.IMBooster^
[HKCR\CLSID\{DEDAF650-12B8-48f5-A843-BBA100716106}] (Updater By Sweetpacks)   =>PUP.SweetIM^
C:\Users\Audrey\AppData\Local\Temp\SearchProtectINT.exe  =>Toolbar.Conduit
~ Additionnel Scan: 312168 Items scanned in 00mn 53s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g0-page-de-demarrage-google-chrome/  =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/g2-google-chrome-extensions/  =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/  =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/  =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/  =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
~ AMI: 7 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/adware-imbooster  =>Adware.IMBooster
http://nicolascoolman.fr/hijacker-22find  =>Hijacker.22Find
http://nicolascoolman.fr/adware-freesofttoday  =>Adware.FreeSoftToday
http://nicolascoolman.fr/pup-blockandsurf  =>PUP.BlockAndSurf
http://nicolascoolman.fr/pup-wpmanager  =>PUP.WpManager
http://nicolascoolman.fr/pup-sweetim  =>PUP.SweetIM
http://nicolascoolman.fr/adware-downware  =>Adware.Downware
http://nicolascoolman.fr/pup-wajam  =>PUP.Wajam
http://nicolascoolman.fr/pup-crossrider  =>PUP.CrossRider
http://nicolascoolman.fr/adware-plushd  =>Adware.PlusHD
http://nicolascoolman.fr/adware-addlyrics  =>Adware.AddLyrics
http://nicolascoolman.fr/pup-quickstart  =>PUP.QuickStart
http://nicolascoolman.fr/adware-mywebsearch  =>Adware.MyWebSearch
http://nicolascoolman.fr/hijacker-trovicom  =>Hijacker.TroviCom
http://nicolascoolman.fr/pup-awesomehp  =>PUP.Awesomehp
http://nicolascoolman.fr/adware-shoppingreport  =>Adware.ShoppingReport
http://nicolascoolman.fr/hijacker-proxy  =>Hijacker.Proxy
http://nicolascoolman.fr/pup-suptab  =>PUP.SupTab
http://nicolascoolman.fr/pup-minibar  =>PUP.Minibar
http://nicolascoolman.fr/40296242-pup-deal2dealit  =>PUP.Deal2Dealit
http://nicolascoolman.fr/pup-vuupc  =>PUP.VuuPC
http://nicolascoolman.fr/pup-genesis  =>PUP.Genesis
http://nicolascoolman.fr/pup-optimizerpro  =>PUP.OptimizerPro
http://nicolascoolman.fr/spyware-agenceexclusive  =>PUP.AgenceExclusive
http://nicolascoolman.fr/adware-installbrain  =>Adware.InstallBrain
http://nicolascoolman.fr/pup-pirritsuggestor  =>PUP.PirritSuggestor
http://nicolascoolman.fr/adware-spointer  =>Adware.SPointer
http://nicolascoolman.fr/pup-linkidoo  =>PUP.LinkiDoo
http://nicolascoolman.fr/hijacker-babsolution  =>Hijacker.BabSolution
http://nicolascoolman.fr/pup-datamngr  =>PUP.Datamngr
http://nicolascoolman.fr/adware-installcore  =>Adware.InstallCore
http://nicolascoolman.fr/adware-vidsaver  =>Adware.VidSaver
http://nicolascoolman.fr/pup-searchprotect  =>PUP.SearchProtect
http://nicolascoolman.fr/toolbar-conduit  =>Toolbar.Conduit
http://nicolascoolman.fr/adware-boxore  =>Adware.Boxore
http://nicolascoolman.fr/adware-incredibar  =>Adware.IncrediBar
http://nicolascoolman.fr/pup-babylon  =>PUP.Babylon
http://nicolascoolman.fr/adware-predictad  =>Adware.PredictAd
http://nicolascoolman.fr/pup-tarma  =>PUP.Tarma
http://nicolascoolman.fr/pup-dealply  =>PUP.DealPly
http://nicolascoolman.fr/pup-eorezo  =>PUP.Eorezo
http://nicolascoolman.fr/adware-bandoo  =>Adware.Bandoo
http://nicolascoolman.fr/pup-buzzsearch  =>PUP.BuzzSearch
http://nicolascoolman.fr/adware-bloson  =>Adware.Bloson
http://nicolascoolman.fr/adware-facemoods  =>Adware.Facemoods
http://nicolascoolman.fr/pup-manager  =>PUP.Manager
http://nicolascoolman.fr/pup-offerbox  =>PUP.OfferBox
http://nicolascoolman.fr/rogue-pcspeedmaximizer  =>Rogue.PCSpeedMaximizer
http://nicolascoolman.fr/adware-yontoo  =>Adware.Yontoo
http://nicolascoolman.fr/pup-v9software  =>PUP.V9Software
http://nicolascoolman.fr/pup-funmoods  =>PUP.Funmoods
http://nicolascoolman.fr/toolbar-deltasearch  =>Toolbar.DeltaSearch
http://nicolascoolman.fr/adware-similarsites  =>Adware.SimilarSites
~ MSI: 53 link(s) detected in 00mn 00s



End of the scan (2193 lines in 04mn 12s)(0)