Script ZHPFix G0 - GCSP: Preference [User Data\Default][HomePage] http://www.search.ask.com G2 - GCE: Preference [User Data\Default] [aaaaihhnfnbnpbhpagnmoplpcjbediml] Music Toolbar v.35.9, (Désactivé) G2 - GCE: Preference [User Data\Default] [ifohbjbgfchkkfhphahclmkpgejiplfo] Lightning Newtab v.1.1.8.4, (Désactivé) M3 - MFPP: Plugins - [annick] -- C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\53msnu70.default\searchplugins\Mysearchdial.xml M3 - MFPP: Plugins - [annick] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\nationzoom.xml M2 - MFEP: prefs.js [annick - 53msnu70.default\support@tubedimmerapp.com] [] Tube Dimmer v2.6.49 (..) M2 - MFEP: prefs.js [annick - 53msnu70.default\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}] [] MySearchDial NewTab v2.6.49 (..) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com O2 - BHO: Browser Guard BHO [64Bits] - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} . (.Threat Expert Ltd. - Browser Defender Toolbar.) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll O4 - GS\Desktop [Public]: Installer iMesh.lnk . (...) -- C:\Users\annick\Downloads\iMeshSetup-r333-w-bc.exe (.not file.) O4 - GS\QuickLaunch [annick]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.nationzoom.com O4 - GS\QuickLaunch [annick]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.nationzoom.com O4 - GS\TaskBar [annick]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com O4 - GS\Program [annick]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com O4 - GS\SystemTools [annick]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com O4 - HKLM\..\Wow6432Node\Run: [Registry Helper] C:\Program Files (x86)\Registry Helper\RegistryHelper.exe (.not file.) O23 - Service: Update webget (Update webget) . (...) - C:\Program Files (x86)\webget\updatewebget.exe (.not file.) O36 - AppCertDlls: (x64) . (...) -- C:\Program Files (x86)\Music Toolbar\Datamngr\x64\apcrtldr.dll O36 - AppCertDlls: (x86) . (...) -- c:\program files (x86)\music toolbar\datamngr\apcrtldr.dll [MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] O41 - Driver: (wStLibG64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\wStLibG64.sys O41 - Driver: ({9edd0ea8-2819-47c2-8320-b007d5996f8a}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys O41 - Driver: ({b99c8534-7800-48fa-bd71-519a46cdc7e1}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w64.sys O42 - Logiciel: MyPC Backup - (.MyPC Backup.) [HKLM][64Bits] -- MyPC Backup O43 - CFD: 06/05/2014 - 14:15:42 - [] ----D C:\Program Files (x86)\GetNowUpdater O43 - CFD: 23/05/2014 - 19:34:37 - [] ----D C:\Program Files (x86)\iMesh O43 - CFD: 31/05/2014 - 17:04:06 - [0] ----D C:\Program Files (x86)\Music Toolbar O43 - CFD: 26/02/2014 - 15:10:09 - [] ----D C:\Program Files (x86)\SupTab O43 - CFD: 19/02/2014 - 21:32:37 - [0] ----D C:\Program Files (x86)\Systweak Support Dock O43 - CFD: 17/05/2014 - 22:11:52 - [0] ----D C:\Program Files (x86)\webget O43 - CFD: 23/01/2014 - 13:18:09 - [] ----D C:\ProgramData\Updater O43 - CFD: 31/05/2014 - 17:04:03 - [] ----D C:\ProgramData\WPM O43 - CFD: 31/05/2014 - 16:56:30 - [0] ----D C:\Users\annick\AppData\Roaming\SupTab O43 - CFD: 19/02/2014 - 12:14:52 - [] ----D C:\Users\annick\AppData\Local\bearsharemusicboxtoolbar181 O43 - CFD: 18/12/2013 - 01:27:42 - [] ----D C:\Users\annick\AppData\Local\Duuqu O43 - CFD: 18/05/2014 - 10:37:04 - [0] ----D C:\Users\annick\AppData\Local\genienext O43 - CFD: 06/05/2014 - 14:07:13 - [] ----D C:\Users\annick\AppData\Local\imeshmusicboxtoolbar181 O43 - CFD: 18/12/2013 - 01:31:05 - [] ----D C:\Users\annick\AppData\Local\Mobogenie O45 - LFCP:[MD5.BEE132866E20F837621AFDC27CD369C3] - 31/05/2014 - 15:29:35 ---A- - C:\Windows\Prefetch\DATAMNGRUI.EXE-D6BCB7D3.pf O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe O50 - IFEO:Image File Execution Options - browsemngr.exe - tasklist.exe O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe O50 - IFEO:Image File Execution Options - browsermngr.exe - tasklist.exe O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe O50 - IFEO:Image File Execution Options - bundlesweetimsetup.exe - tasklist.exe O50 - IFEO:Image File Execution Options - cltmngsvc.exe - tasklist.exe O50 - IFEO:Image File Execution Options - delta babylon.exe - tasklist.exe O50 - IFEO:Image File Execution Options - delta tb.exe - tasklist.exe O50 - IFEO:Image File Execution Options - delta2.exe - tasklist.exe O50 - IFEO:Image File Execution Options - deltainstaller.exe - tasklist.exe O50 - IFEO:Image File Execution Options - deltasetup.exe - tasklist.exe O50 - IFEO:Image File Execution Options - deltatb.exe - tasklist.exe O50 - IFEO:Image File Execution Options - deltatb_2501-c733154b.exe - tasklist.exe O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe O50 - IFEO:Image File Execution Options - iminentsetup.exe - tasklist.exe O50 - IFEO:Image File Execution Options - jumpflip - tasklist.exe O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe O50 - IFEO:Image File Execution Options - rjatydimofu.exe - tasklist.exe O50 - IFEO:Image File Execution Options - searchinstaller.exe - tasklist.exe O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe O50 - IFEO:Image File Execution Options - searchsettings.exe - tasklist.exe O50 - IFEO:Image File Execution Options - searchsettings64.exe - tasklist.exe O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe O50 - IFEO:Image File Execution Options - sweetimsetup.exe - tasklist.exe O50 - IFEO:Image File Execution Options - tbdelta.exetoolbar783881609.exe - tasklist.exe O50 - IFEO:Image File Execution Options - umbrella.exe - tasklist.exe O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe O50 - IFEO:Image File Execution Options - volaro - tasklist.exe O50 - IFEO:Image File Execution Options - vonteera - tasklist.exe O50 - IFEO:Image File Execution Options - websteroids.exe - tasklist.exe O50 - IFEO:Image File Execution Options - websteroidsservice.exe - tasklist.exe O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Updater [Key] . (...) -- C:\ProgramData\Updater\Updater.exe (.not file.) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O58 - SDL:24/04/2014 - 13:06:26 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLibG64.sys [61120] O58 - SDL:12/05/2014 - 15:40:58 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys [61112] O58 - SDL:24/04/2014 - 11:25:04 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w64.sys [61120] O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\wStLibG64.sys (wStLibG64) .(.StdLib - StdLib.) - LEGACY_WSTLIBG64 O64 - Services: CurCS - 12/05/2014 - C:\Windows\System32\drivers\{9edd0ea8-2819-47c2-8320-b007d5996f8a}w64.sys ({9edd0ea8-2819-47c2-8320-b007d5996f8a}w64) .(.StdLib - StdLib.) - LEGACY_{9EDD0EA8-2819-47C2-8320-B007D5996F8A}W64 O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w64.sys ({b99c8534-7800-48fa-bd71-519a46cdc7e1}w64) .(.StdLib - StdLib.) - LEGACY_{B99C8534-7800-48FA-BD71-519A46CDC7E1}W64 O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("browser.search.defaultenginename", "Mysearchdial"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.AL", 2); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.aflt", "aw0202ch"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1Qzu0B0C0A0E0CyDzy0FtAtDyCtBtAyD0B0AtN0D0Tzu0CyBzztDtN1L2XzutBtFtBtFtCyDtFtCy[...] O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.cr", "1226823196"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.dfltLng", ""); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.dfltSrch", true); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.dnsErr", true); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.excTlbr", false); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.hmpg", true); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=aw0202ch&cd=2XzuyEtN2Y1L1Qzu0B0C0A0E0CyDzy0FtAt[...] O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.id", "BCAEC59F306235BA"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.instlDay", "16120"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.instlRef", ""); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=aw0202ch&cd=2XzuyEtN2Y1L1Qzu0B0C0A0E0CyDzy0Ft[...] O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.prdct", "mysearchdial"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.tlbrId", "base"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=aw0202ch&cd=2XzuyEtN2Y1L1Qzu0B0C0A0E0CyDzy0[...] O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.vrsn", "1.8.21.0"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial.vrsni", "1.8.21.0"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial_i.hmpg", true); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial_i.newTab", false); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial_i.smplGrp", "none"); O69 - SBI: prefs.js [annick - 53msnu70.default] user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.011:47:10"); O69 - SBI: SearchScopes [HKCU] {1945e092-ce7a-4b44-a259-a105b5dab2fd} - (lookineo) - http://www.lookineo.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (nationzoom) - http://www.nationzoom.com O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASDLG HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseMark_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BrowseMark_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBrowseMark_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBrowseMark_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateFindRight_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatewebget_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBrowseMark_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBrowseMark_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilwebget_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz10_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz10_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\webget_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseConvert_1_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WiseConvert_1_RASMANCS C:\Users\annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml C:\Users\annick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\53msnu70.default\extensions\support@tubedimmerapp.com C:\Users\annick\AppData\Roaming\Mozilla\Firefox\Profiles\53msnu70.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} C:\Program Files (x86)\GetNowUpdater C:\Program Files (x86)\iMesh C:\Program Files (x86)\Music Toolbar C:\Program Files (x86)\SupTab C:\Program Files (x86)\Systweak Support Dock C:\Program Files (x86)\webget C:\ProgramData\Updater C:\ProgramData\WPM C:\Users\annick\AppData\Roaming\SupTab C:\Users\annick\AppData\Local\bearsharemusicboxtoolbar181 C:\Users\annick\AppData\Local\Duuqu C:\Users\annick\AppData\Local\genienext C:\Users\annick\AppData\Local\imeshmusicboxtoolbar181 C:\Users\annick\AppData\Local\Mobogenie [HKCU\Software\APNDTX] ServiceDisabled:Update webget EmptyTemp EmptyPrefetch EmptyFlash EmptyCLSID FirewallRAZ IFEOFix ShortCutFix ProxyFix SysRestore