Script ZHPFix [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application [MD5.E8CBB656EFDA37D20691E5FB57A994E0] - (...) -- C:\Program Files (x86)\PacFunction\bin\PacFunction.BrowserAdapter.exe [96544] [PID.1052] =>PUP.PacFunction [MD5.D33A77404BDEA4A96401DB4991428F06] - (...) -- C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe [317728] [PID.2808] =>PUP.PacFunction G2 - GCE: Preference [User Data\Default] [aaaaihhnfnbnpbhpagnmoplpcjbediml] Music Toolbar v.35.9, (Désactivé) =>Adware.Bandoo G2 - GCE: Preference [User Data\Default] [booedmolknjekdopkepjjeckmjkdpfgl] Extutil v.0.1 (Activé) =>PUP.Manager G2 - GCE: Preference [User Data\Default] [edlchmjpkigfamcbjeabnagknognhjcf] save nnet v.5.14 (Activé) =>PUP.SaveNet G2 - GCE: Preference [User Data\Default] [flpcjncodpafbgdpnkljologafpionhb] Managera v.0.1 (Activé) =>PUP.Manager G2 - GCE: Preference [User Data\Default] [ggogalleghekmhpoemeibokpjldhmjin] YoutubeAdblocker v.1.0 (Activé) =>PUP.TubeAdBlocker G2 - GCE: Preference [User Data\Default] [jljheddigenhleadfofeccneimcmlefp] Speed Test 127 v.3.0.0.0 (Désactivé) =>Adware.ScriptHost G2 - GCE: Preference [User Data\Default] [kjngnkgllomakhniekmficlkdhanfnmm] save net v.5.14 (Activé) =>PUP.SaveNet G2 - GCE: Preference [User Data\Default] [lbgfiglojokgabdbhegbpjgojgppppgf] Free Games 111 v.3.0.0.0 (Désactivé) =>Adware.ScriptHost G2 - GCE: Preference [User Data\Default] [lgpgadkkcfgdlnbhohacfaoijbbcbbjj] ExstRaSSaavInggs v.4.2 (Activé) =>PUP.ExtraSavings G2 - GCE: Preference [User Data\Default] [mkaplhdbgkcmjnbdflmhkkioklkffcla] FTdownloader V9.0 v.1.26.9, (Désactivé) =>Adware.Downware G2 - GCE: Preference [User Data\Default] [ncpbkgnlfaagoiikamhpbdiajaaeobhd] Seiarchh-NEwTab v.2.1 (Activé) =>Adware.FastSaveApp G2 - GCE: Preference [User Data\Default] [pdfihilebknoahnlalekfpcaclhobnnc] save naett v.5.14 (Activé) =>PUP.SaveNet G2 - GCE: Preference [User Data\Default] [pfmopbbadnfoelckkcmjjeaaegjpjjbk] GoPhoto.it v.1.6, (Désactivé) =>Spyware.GophotoIt G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml [Music Toolbar] =>Adware.Bandoo G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlchmjpkigfamcbjeabnagknognhjcf [save nnet] =>PUP.SaveNet G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggogalleghekmhpoemeibokpjldhmjin [YoutubeAdblocker] =>PUP.TubeAdBlocker G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp [Speed Test 127] =>Adware.ScriptHost G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjngnkgllomakhniekmficlkdhanfnmm [save net] =>PUP.SaveNet G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj [ExstRaSSaavInggs] =>PUP.ExtraSavings G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaplhdbgkcmjnbdflmhkkioklkffcla [FTdownloader V9.0] =>Adware.Downware G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpbkgnlfaagoiikamhpbdiajaaeobhd [Seiarchh-NEwTab] =>Adware.FastSaveApp G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdfihilebknoahnlalekfpcaclhobnnc [save naett] =>PUP.SaveNet G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [GoPhoto.it] =>Spyware.GophotoIt R3 - URLSearchHook: SiteFinder [64Bits] - {CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} . (...) (No version) -- C:\Program Files (x86)\SiteFinder\SiteFinder.dll =>Adware.ShoppingReport O2 - BHO: PacFunction [64Bits] - {9aa72d95-59d7-4421-a02c-f93a1187a165} . (...) -- C:\Program Files (x86)\PacFunction\PacFunctionbho.dll (.not file.) =>PUP.PacFunction O2 - BHO: CrossriderApp0051108 [64Bits] - {11111111-1111-1111-1111-110511111108} Clé orpheline =>PUP.CrossRider O4 - GS\Desktop [sv]: TornTV.lnk . (...) -- C:\Program Files (x86)\TornTV.com\Torntv Downloader.exe (.not file.) =>Hijacker.TornTV O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SW-BOO~1\ASSIST~2.dll (.not file.) =>PUP.SafeWeb O23 - Service: Update PacFunction (Update PacFunction) . (...) - C:\Program Files (x86)\PacFunction\updatePacFunction.exe (.not file.) =>PUP.PacFunction O23 - Service: Util PacFunction (Util PacFunction) . (...) - C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe =>PUP.PacFunction [MD5.20EF7EED836BB8F1C11C4E371A60BD52] [APT] [YourFile DownloaderUpdate] (.http://yourfiledownloader.com.) -- C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe [399472] =>PUP.YourFileDownloader [MD5.00000000000000000000000000000000] [APT] [{9785FF2A-8AED-4B87-95BA-8AE86B97E68A}] (...) -- C:\Program Files (x86)\Minilyrics\MLSetup.exe (.not file.) [0] =>Adware.AddLyrics [MD5.00000000000000000000000000000000] [APT] [{F1718888-704F-4B54-98DA-67AE0C5A7348}] (...) -- C:\Users\sv\Documents\setup\Minilyrics\MLSetup.exe (.not file.) [0] =>Adware.AddLyrics O39 - APT: - (..) -- C:\Windows\Tasks\BXGPMZQGNH.job [312] =>Hijacker.iHaveNet O39 - APT: plushd8.1-codedownloader - (...) -- C:\Windows\Tasks\plushd8.1-codedownloader.job [1444] =>PUP.CrossRider O39 - APT: plushd8.1-codedownloader - (...) -- C:\Windows\System32\Tasks\plushd8.1-codedownloader [1444] =>PUP.CrossRider O41 - Driver: ({19854aff-7c07-4859-9831-cd028ac55dd0}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys =>PUP.LinkiDoo O42 - Logiciel: PacFunction - (.PacFunction.) [HKLM][64Bits] -- PacFunction =>PUP.PacFunction O42 - Logiciel: Seiarchh-NEwTab - (.SSearCho-NewTaab.) [HKLM][64Bits] -- {C670DCAE-E392-AA32-6F42-143C7FC4BDFD} =>Adware.FastSaveApp O42 - Logiciel: SiteFinder - (.SiteFinder.) [HKLM][64Bits] -- SiteFinder =>Adware.ShoppingReport O42 - Logiciel: TornTV - (.TornTV.com.) [HKLM][64Bits] -- 1ClickDownload =>PUP.1ClickDownloader O42 - Logiciel: YoutubeAdblocker - (.YoutubeAdblocker.) [HKLM][64Bits] -- {4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.TubeAdBlocker O42 - Logiciel: YoutubeAdblocker - (.YoutubeAdblocker.) [HKLM][64Bits] -- {CF830981-8F31-C561-C7A0-FE2CE1878B40} =>PUP.TubeAdBlocker O42 - Logiciel: save naett - (.save neT.) [HKLM][64Bits] -- {7DD5E91C-3864-77EC-7635-D14910C2A03E} =>PUP.SaveNet [HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\FTdownloader V9.0] =>Adware.Downware [HKCU\Software\AppDataLow\Software\SmartBar] =>Hijacker.SmartBar [HKCU\Software\AppDataLow\Software\Torntv V9.0] =>Hijacker.TornTV [HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}] [HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}] [HKCU\Software\FileScout] =>PUP.FileScout [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver [HKCU\Software\MiniLyrics] =>Adware.AddLyrics [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro [HKCU\Software\PacFunction] =>PUP.PacFunction [HKCU\Software\RegisteredApplicationsEx] =>PUP.SfKpCouponApp [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKCU\Software\UpToDown] =>PUP.UpToDown [HKCU\Software\UpdateStar] =>Adware.Boxore [HKCU\Software\iLivid] =>Adware.Bandoo [HKCU\Software\iMesh] =>PUP.iMesh [HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver [HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon [HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon [HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver [HKLM\Software\Wow6432Node\PacFunction] =>PUP.PacFunction [HKLM\Software\Wow6432Node\SW-Booster] =>PUP.SafeWeb [HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\Wow6432Node\Vittalia] =>Adware.Vittalia [HKLM\Software\Wow6432Node\WS-Enabler] =>PUP.WowSearch O43 - CFD: 22/05/2014 - 23:22:15 - [] ----D C:\Program Files (x86)\FTDownloader.com =>Adware.Downware O43 - CFD: 17/01/2014 - 12:04:37 - [] ----D C:\Program Files (x86)\Gophoto.it =>Spyware.GophotoIt O43 - CFD: 23/05/2014 - 09:37:35 - [] ----D C:\Program Files (x86)\PacFunction =>PUP.PacFunction O43 - CFD: 21/05/2014 - 15:09:43 - [0] ----D C:\Program Files (x86)\save naett =>PUP.SaveNet O43 - CFD: 21/05/2014 - 19:12:42 - [] ----D C:\Program Files (x86)\save nnet =>PUP.SaveNet O43 - CFD: 13/01/2014 - 09:41:28 - [] ----D C:\Program Files (x86)\Search Results Toolbar =>PUP.SearchResults O43 - CFD: 21/05/2014 - 19:12:42 - [] ----D C:\Program Files (x86)\Seiarchh-NEwTab =>Adware.FastSaveApp O43 - CFD: 22/05/2014 - 23:11:20 - [] ----D C:\Program Files (x86)\SiteFinder =>Adware.ShoppingReport O43 - CFD: 18/04/2014 - 11:12:10 - [] ----D C:\Program Files (x86)\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 21/05/2014 - 19:12:42 - [] ----D C:\Program Files (x86)\ssAAve net =>PUP.SaveNet O43 - CFD: 21/05/2014 - 19:11:05 - [] ----D C:\Program Files (x86)\SW-Booster =>PUP.SafeWeb O43 - CFD: 22/05/2014 - 23:04:39 - [] ----D C:\Program Files (x86)\TornTV.com =>Hijacker.TornTV O43 - CFD: 28/04/2014 - 10:10:31 - [0] ----D C:\Program Files (x86)\WS-Enabler =>PUP.WowSearch O43 - CFD: 21/05/2014 - 19:12:42 - [] ----D C:\Program Files (x86)\YoutubeAdblocker =>PUP.TubeAdBlocker O43 - CFD: 06/03/2013 - 20:40:41 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon O43 - CFD: 13/01/2014 - 10:40:10 - [0] ----D C:\ProgramData\BitGuard =>PUP.BitGuard O43 - CFD: 13/01/2014 - 10:40:10 - [0] ----D C:\ProgramData\Browser Manager O43 - CFD: 13/01/2014 - 10:40:10 - [0] ----D C:\ProgramData\BrowserProtect =>Hijacker.Eazel O43 - CFD: 21/03/2014 - 08:43:27 - [] ----D C:\ProgramData\ExstRaSSaavInggs =>PUP.ExtraSavings O43 - CFD: 17/01/2014 - 15:58:04 - [0] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain O43 - CFD: 21/05/2014 - 15:05:58 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma O43 - CFD: 21/05/2014 - 15:09:43 - [] ----D C:\ProgramData\save naett =>PUP.SaveNet O43 - CFD: 21/05/2014 - 13:49:46 - [] ----D C:\ProgramData\save nnet =>PUP.SaveNet O43 - CFD: 21/05/2014 - 13:59:01 - [] ----D C:\ProgramData\Seiarchh-NEwTab =>Adware.FastSaveApp O43 - CFD: 18/04/2014 - 12:37:17 - [] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 21/05/2014 - 13:26:42 - [] ----D C:\ProgramData\ssAAve net =>PUP.SaveNet O43 - CFD: 22/05/2014 - 23:13:33 - [] ----D C:\ProgramData\YoutubeAdblocker =>PUP.TubeAdBlocker O43 - CFD: 06/03/2013 - 20:40:41 - [] ----D C:\Users\sv\AppData\Roaming\Babylon =>PUP.Babylon O43 - CFD: 18/04/2014 - 11:14:20 - [] ----D C:\Users\sv\AppData\Roaming\DriverCure =>PUP.DriverCure O43 - CFD: 13/01/2014 - 09:25:10 - [] ----D C:\Users\sv\AppData\Roaming\freegames111 O43 - CFD: 28/04/2014 - 09:19:41 - [] ----D C:\Users\sv\AppData\Roaming\OpenCandy =>Adware.OpenCandy O43 - CFD: 15/06/2013 - 09:41:02 - [] ----D C:\Users\sv\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis O43 - CFD: 18/04/2014 - 11:14:20 - [] ----D C:\Users\sv\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 13/01/2014 - 09:26:19 - [] ----D C:\Users\sv\AppData\Roaming\speedtest4354 O43 - CFD: 18/04/2014 - 12:21:39 - [0] ----D C:\Users\sv\AppData\Roaming\YourFileDownloader O43 - CFD: 06/03/2013 - 20:40:42 - [] ----D C:\Users\sv\AppData\Local\Babylon =>PUP.Babylon O43 - CFD: 08/04/2014 - 15:01:31 - [] ----D C:\Users\sv\AppData\Local\BearShare =>PUP.BearShare O43 - CFD: 16/01/2014 - 13:56:36 - [] ----D C:\Users\sv\AppData\Local\genienext =>PUP.NextLive O43 - CFD: 17/01/2014 - 15:54:27 - [0] ----D C:\Users\sv\AppData\Local\iLivid =>Adware.Bandoo O43 - CFD: 13/01/2014 - 09:41:48 - [] ----D C:\Users\sv\AppData\Local\imeshmusicboxtoolbar181 =>PUP.iMesh O43 - CFD: 20/05/2014 - 11:53:04 - [] ----D C:\Users\sv\AppData\Local\Mobogenie =>PUP.Mobogenie O43 - CFD: 21/05/2014 - 12:58:34 - [] ----D C:\Users\sv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com =>Hijacker.TornTV O45 - LFCP:[MD5.B9AF08FC68C9E6A969329A9B9FDE6733] - 23/05/2014 - 08:04:58 ---A- - C:\Windows\Prefetch\PACFUNCTION.BROWSERADAPTER.EX-2183B385.pf =>PUP.PacFunction O45 - LFCP:[MD5.5F7D97EF0719397D23C4F9D36A7ECA17] - 23/05/2014 - 08:35:18 ---A- - C:\Windows\Prefetch\PACFUNCTION.PURBROWSE64.EXE-70D2A6FB.pf =>PUP.PacFunction O45 - LFCP:[MD5.EBD898CE479AB2D9601959E6C2B399A7] - 22/05/2014 - 08:34:38 ---A- - C:\Windows\Prefetch\UPDATEPACFUNCTION.EXE-679EEFBC.pf =>PUP.PacFunction O45 - LFCP:[MD5.86E28B56C1318F5FF047896BD5759465] - 23/05/2014 - 08:04:22 ---A- - C:\Windows\Prefetch\UTILPACFUNCTION.EXE-6E7E7FC4.pf =>PUP.PacFunction O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (...) -- C:\Program Files (x86)\SEARCH~1\Datamngr\DATAMN~2.exe (.not file.) =>PUP.Datamngr O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie O58 - SDL:24/04/2014 - 11:33:14 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys [61120] =>PUP.LinkiDoo O61 - LFC: 19/05/2014 - 12:29:23 ---A- . (.SoftCity.) -- C:\Users\sv\Downloads\PCSpeedMaximizer.exe [2857072] =>Rogue.PCSpeedMaximizer O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{19854aff-7c07-4859-9831-cd028ac55dd0}Gw64.sys ({19854aff-7c07-4859-9831-cd028ac55dd0}Gw64) .(.StdLib - StdLib.) - LEGACY_{19854AFF-7C07-4859-9831-CD028AC55DD0}GW64 =>PUP.LinkiDoo O69 - SBI: SearchScopes [HKCU] {094AE69A-F1F6-4807-964F-752BEE9B0F49} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bueno Search) - http://www.buenosearch.com =>PUP.BuenoSearch O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (Search The Web) - http://www.mystart.com =>Adware.IMBooster O69 - SBI: SearchScopes [HKCU] {7F4EFF06-7032-458e-AE16-1C1D8255C28A} [DefaultScope] - (Speedbit) - http://home.speedbit.com O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.eazytosearch.info [MD5.CAC59EB85CD9EF691F2AD462AAD17FFF] [WIS][24/02/2014] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\6068d.msi [813568] =>Adware.Bandoo HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32 =>Adware.Downware HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS =>Adware.Downware HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>Hijacker.TornTV HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>Hijacker.TornTV HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bi_client_RASAPI32 =>Adware.MegaSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bi_client_RASMANCS =>Adware.MegaSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32 =>Adware.Bloson HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS =>Adware.Bloson HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividMediaBar_RASAPI32 =>Adware.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividMediaBar_RASMANCS =>Adware.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r207-n-bc_RASAPI32 =>Adware.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r207-n-bc_RASMANCS =>Adware.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r706-n-bi_RASAPI32 =>Adware.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetup-r706-n-bi_RASMANCS =>Adware.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASAPI32 =>PUP.iMesh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshMediaBar_RASMANCS =>PUP.iMesh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshSetup-r393-n-bc_RASAPI32 =>PUP.iMesh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMeshSetup-r393-n-bc_RASMANCS =>PUP.iMesh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMesh_RASAPI32 =>PUP.iMesh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iMesh_RASMANCS =>PUP.iMesh HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_RASAPI32 =>PUP.Mobogenie HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Mobogenie_RASMANCS =>PUP.Mobogenie HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PacFunction_RASAPI32 =>PUP.PacFunction HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PacFunction_RASMANCS =>PUP.PacFunction HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASAPI32 =>Rogue.PCSpeedMaximizer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PCSpeedMaximizer_RASMANCS =>Rogue.PCSpeedMaximizer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_iMesh_RASAPI32 =>PUP.Datamngr HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SetupDataMngr_iMesh_RASMANCS =>PUP.Datamngr HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatePacFunction_RASAPI32 =>PUP.PacFunction HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updatePacFunction_RASMANCS =>PUP.PacFunction HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilPacFunction_RASAPI32 =>PUP.PacFunction HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilPacFunction_RASMANCS =>PUP.PacFunction [HKCR\CLSID\{22222222-2222-2222-2222-220522112208}] (CrossriderApp0051108.Sandbox) =>PUP.CrossRider SS - | Auto 10/07/1658 0 | (Update PacFunction) . (...) - C:\Program Files (x86)\PacFunction\updatePacFunction.exe =>PUP.PacFunction SR - | Auto 23/05/2014 317728 | (Util PacFunction) . (...) - C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe =>PUP.PacFunction [HKLM\Software\Google\Chrome\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml] =>Adware.Bandoo^ [HKLM\Software\Google\Chrome\Extensions\booedmolknjekdopkepjjeckmjkdpfgl] =>PUP.Manager^ [HKLM\Software\Google\Chrome\Extensions\edlchmjpkigfamcbjeabnagknognhjcf] =>PUP.SaveNet^ [HKLM\Software\Google\Chrome\Extensions\flpcjncodpafbgdpnkljologafpionhb] =>PUP.Manager^ [HKLM\Software\Google\Chrome\Extensions\ggogalleghekmhpoemeibokpjldhmjin] =>PUP.TubeAdBlocker^ [HKLM\Software\Google\Chrome\Extensions\jljheddigenhleadfofeccneimcmlefp] =>Adware.ScriptHost^ [HKLM\Software\Google\Chrome\Extensions\kjngnkgllomakhniekmficlkdhanfnmm] =>PUP.SaveNet^ [HKLM\Software\Google\Chrome\Extensions\lbgfiglojokgabdbhegbpjgojgppppgf] =>Adware.ScriptHost^ [HKLM\Software\Google\Chrome\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj] =>PUP.ExtraSavings^ [HKLM\Software\Google\Chrome\Extensions\mkaplhdbgkcmjnbdflmhkkioklkffcla] =>Adware.Downware^ [HKLM\Software\Google\Chrome\Extensions\ncpbkgnlfaagoiikamhpbdiajaaeobhd] =>Adware.FastSaveApp^ [HKLM\Software\Google\Chrome\Extensions\pdfihilebknoahnlalekfpcaclhobnnc] =>PUP.SaveNet^ [HKLM\Software\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9AA72D95-59D7-4421-A02C-F93A1187A165}] =>PUP.PacFunction^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}] =>PUP.CrossRider^ [HKLM\SYSTEM\CurrentControlSet\Services\Update PacFunction] =>PUP.PacFunction^ [HKLM\SYSTEM\CurrentControlSet\Services\Util PacFunction] =>PUP.PacFunction^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PacFunction] =>PUP.PacFunction^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}] =>Adware.FastSaveApp^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SiteFinder] =>Adware.ShoppingReport^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload] =>PUP.1ClickDownloader^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}] =>PUP.TubeAdBlocker^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CF830981-8F31-C561-C7A0-FE2CE1878B40}] =>PUP.TubeAdBlocker^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7DD5E91C-3864-77EC-7635-D14910C2A03E}] =>PUP.SaveNet^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] =>PUP.Datamngr^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] =>PUP.Mobogenie^ [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4e42-A125-57C0A11DBCDE}] =>PUP.iMesh [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>PUP.ToolbarCleaner [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}] =>PUP.iMesh [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits [HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits [HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader [HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKCU\Software\ilivid] =>Adware.Bandoo [HKCU\Software\iMesh] =>PUP.iMesh [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\Wow6432Node\Microsoft\Tracing\Mobogenie_RASMANCS] =>PUP.Mobogenie [HKLM\Software\Wow6432Node\Microsoft\Tracing\Mobogenie_RASAPI32] =>PUP.Mobogenie [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Associations]:bak_Application =>Hijacker.Agent [HKLM\Software\Classes\Prod.cap] =>PUP.Babylon [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload] =>PUP.1ClickDownloader [HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}] =>Adware.Browse2Save [HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic [HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}] =>PUP.Datamngr [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}] =>PUP.Datamngr [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}] =>PUP.Datamngr [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt [HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider [HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider [HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider [HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector [HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector [HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511111108}] =>PUP.CrossRider [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522112208}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220522112208}] =>PUP.CrossRider [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}] =>Adware.Bandoo^ [HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{CCC7B159-1D8C-11E3-B2AD-F3EF3D58318D} =>Adware.ShoppingReport^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaihhnfnbnpbhpagnmoplpcjbediml =>Adware.Bandoo^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\booedmolknjekdopkepjjeckmjkdpfgl =>PUP.Manager^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\edlchmjpkigfamcbjeabnagknognhjcf =>PUP.SaveNet^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\flpcjncodpafbgdpnkljologafpionhb =>PUP.Manager^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggogalleghekmhpoemeibokpjldhmjin =>PUP.TubeAdBlocker^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljheddigenhleadfofeccneimcmlefp =>Adware.ScriptHost^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjngnkgllomakhniekmficlkdhanfnmm =>PUP.SaveNet^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbgfiglojokgabdbhegbpjgojgppppgf =>Adware.ScriptHost^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpgadkkcfgdlnbhohacfaoijbbcbbjj =>PUP.ExtraSavings^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaplhdbgkcmjnbdflmhkkioklkffcla =>Adware.Downware^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpbkgnlfaagoiikamhpbdiajaaeobhd =>Adware.FastSaveApp^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdfihilebknoahnlalekfpcaclhobnnc =>PUP.SaveNet^ C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk =>Spyware.GophotoIt^ C:\Program Files (x86)\FTDownloader.com =>Adware.Downware^ C:\Program Files (x86)\Gophoto.it =>Spyware.GophotoIt^ C:\Program Files (x86)\PacFunction =>PUP.PacFunction^ C:\Program Files (x86)\save naett =>PUP.SaveNet^ C:\Program Files (x86)\save nnet =>PUP.SaveNet^ C:\Program Files (x86)\Search Results Toolbar =>PUP.SearchResults^ C:\Program Files (x86)\Seiarchh-NEwTab =>Adware.FastSaveApp^ C:\Program Files (x86)\SiteFinder =>Adware.ShoppingReport^ C:\Program Files (x86)\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Program Files (x86)\ssAAve net =>PUP.SaveNet^ C:\Program Files (x86)\SW-Booster =>PUP.SafeWeb^ C:\Program Files (x86)\TornTV.com =>Hijacker.TornTV^ C:\Program Files (x86)\WS-Enabler =>PUP.WowSearch^ C:\Program Files (x86)\YoutubeAdblocker =>PUP.TubeAdBlocker^ C:\ProgramData\Babylon =>PUP.Babylon^ C:\ProgramData\BitGuard =>PUP.BitGuard^ C:\ProgramData\BrowserProtect =>Hijacker.Eazel^ C:\ProgramData\ExstRaSSaavInggs =>PUP.ExtraSavings^ C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^ C:\ProgramData\InstallMate =>PUP.Tarma^ C:\ProgramData\save naett =>PUP.SaveNet^ C:\ProgramData\save nnet =>PUP.SaveNet^ C:\ProgramData\Seiarchh-NEwTab =>Adware.FastSaveApp^ C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\ProgramData\ssAAve net =>PUP.SaveNet^ C:\ProgramData\YoutubeAdblocker =>PUP.TubeAdBlocker^ C:\Users\sv\AppData\Roaming\Babylon =>PUP.Babylon^ C:\Users\sv\AppData\Roaming\DriverCure =>PUP.DriverCure^ C:\Users\sv\AppData\Roaming\OpenCandy =>Adware.OpenCandy^ C:\Users\sv\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis^ C:\Users\sv\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Users\sv\AppData\Local\Babylon =>PUP.Babylon^ C:\Users\sv\AppData\Local\BearShare =>PUP.BearShare^ C:\Users\sv\AppData\Local\genienext =>PUP.NextLive^ C:\Users\sv\AppData\Local\iLivid =>Adware.Bandoo^ C:\Users\sv\AppData\Local\imeshmusicboxtoolbar181 =>PUP.iMesh^ C:\Users\sv\AppData\Local\Mobogenie =>PUP.Mobogenie^ C:\Users\sv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com =>Hijacker.TornTV^ C:\Program Files (x86)\SimilarSites =>Adware.SimilarSites C:\ProgramData\Browser Manager =>PUP.Babylon C:\Users\sv\AppData\Roaming\yourfiledownloader =>PUP.YourFileDownloader C:\Users\sv\AppData\Roaming\SimilarSites =>Adware.SimilarSites [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^ C:\Program Files (x86)\PacFunction\bin\PacFunction.BrowserAdapter.exe =>PUP.PacFunction^ C:\Program Files (x86)\PacFunction\bin\utilPacFunction.exe =>PUP.PacFunction^ C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe =>PUP.YourFileDownloader^ C:\Windows\Tasks\BXGPMZQGNH.job =>Hijacker.iHaveNet^ C:\Windows\Tasks\plushd8.1-codedownloader.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\plushd8.1-codedownloader =>PUP.CrossRider^ [HKCU\Software\AppDataLow\Software\FTdownloader V9.0] =>Adware.Downware^ [HKCU\Software\AppDataLow\Software\SmartBar] =>Hijacker.SmartBar^ [HKCU\Software\AppDataLow\Software\Torntv V9.0] =>Hijacker.TornTV^ [HKCU\Software\FileScout] =>PUP.FileScout^ [HKCU\Software\MiniLyrics] =>Adware.AddLyrics^ [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^ [HKCU\Software\PacFunction] =>PUP.PacFunction^ [HKCU\Software\RegisteredApplicationsEx] =>PUP.SfKpCouponApp^ [HKCU\Software\UpToDown] =>PUP.UpToDown^ [HKCU\Software\UpdateStar] =>Adware.Boxore^ [HKCU\Software\iLivid] =>Adware.Bandoo^ [HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^ [HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr^ [HKLM\Software\Wow6432Node\PacFunction] =>PUP.PacFunction^ [HKLM\Software\Wow6432Node\SW-Booster] =>PUP.SafeWeb^ [HKLM\Software\Wow6432Node\Vittalia] =>Adware.Vittalia^ [HKLM\Software\Wow6432Node\WS-Enabler] =>PUP.WowSearch^ C:\Windows\Installer\6068d.msi =>Adware.Bandoo^ [HKCR\CLSID\{22222222-2222-2222-2222-220522112208}] (CrossriderApp0051108.Sandbox) =>PUP.CrossRider^ G2 - GCE: Preference [User Data\Default] [kbhplonhjleiopohgmppianogioknked] New Tab Launch v.1.0 (Désactivé) G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbhplonhjleiopohgmppianogioknked [New Tab Launch] [HKLM\Software\Wow6432Node\MediaPlayerV1] O43 - CFD: 03/02/2014 - 12:19:47 - [] ----D C:\Program Files (x86)\MediaPlayerV1 [MD5.926D373B7C52DB332C872FA9470114FB] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe [2557976] [PID.3660] =>Toolbar.AVGSearch [MD5.95F3F024B8EE19D1B8FD32E9536C5268] - (.APN LLC. - Virtual New Tab Loader.) -- C:\Users\sv\AppData\Local\VNT\vntldr.exe [195536] [PID.3764] =>Toolbar.Ask [MD5.B342CD9AA44E4AE99E2368EBDBC2E17A] - (.APN LLC. - APN Updater.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.1156] =>Toolbar.Ask [MD5.7451065A6047CBF7332EB76F5ED5F362] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240] [PID.2732] =>Toolbar.AVGSearch [MD5.74AF6F3DFE5A107754A1453F6A0EDD5D] - (.Pas de propriétaire - loggings Application.) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe [159768] [PID.3292] =>Toolbar.AVGSearch B1 - OSP: search.ini [sv] URL=http://home.speedbit.com/search.aspx?q=%s G2 - GCE: Preference [User Data\Default] [pcoohmdcpejoeggdnihdfhohjgdbllgm] Avira SearchFree Toolbar plus Web Protection v.32.5, (Désactivé) =>Toolbar.Avira G2 - EXT: C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm [Avira SearchFree Toolbar plus Web Protection] =>Toolbar.Avira O2 - BHO: Avira SearchFree Toolbar BHO [64Bits] - {41564952-412D-5637-4300-7A786E7484D7} . (...) -- "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (.not file.) =>Toolbar.Avira O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O2 - BHO: Avira SearchFree Toolbar [64Bits] - {41564952-412D-5637-4300-7A786E7484D7} . (...) -- "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (.not file.) =>Toolbar.Avira O3 - Toolbar: Avira SearchFree Toolbar - [HKLM]{41564952-412D-5637-4300-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll =>Toolbar.Ask O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [VNT] . (.APN LLC. - Virtual New Tab Loader.) -- C:\Program Files (x86)\VNT\vntldr.exe =>Toolbar.Ask O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask O23 - Service: (vToolbarUpdater18.1.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch O42 - Logiciel: AVG Security Toolbar - (.AVG Technologies.) [HKLM][64Bits] -- AVG Secure Search =>Toolbar.AVGSearch O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>Toolbar.Google O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google [HKCU\Software\APNDTX] =>Toolbar.Ask [HKCU\Software\AVG Secure Search] =>Toolbar.AVGSearch [HKCU\Software\AskPartnerNetwork] [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\ForumerIT] =>Toolbar.Forumer [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\VNT] [HKLM\Software\AskPartnerNetwork] [HKLM\Software\Wow6432Node\AVG Security Toolbar] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\AskPartnerNetwork] [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit O43 - CFD: 13/02/2014 - 14:46:03 - [] ----D C:\Program Files (x86)\AskPartnerNetwork O43 - CFD: 28/04/2014 - 15:27:20 - [] ----D C:\Program Files (x86)\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 12/03/2014 - 13:44:07 - [0] ----D C:\Program Files (x86)\SimilarSites O43 - CFD: 25/02/2014 - 08:45:09 - [] ----D C:\Program Files (x86)\VNT O43 - CFD: 28/04/2014 - 15:28:05 - [] ----D C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 13/02/2014 - 11:22:43 - [] ----D C:\ProgramData\APN O43 - CFD: 13/02/2014 - 14:46:03 - [] ----D C:\ProgramData\AskPartnerNetwork O43 - CFD: 28/04/2014 - 15:28:07 - [] ----D C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 25/11/2013 - 06:02:09 - [] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 12/03/2014 - 13:43:21 - [0] ----D C:\Users\sv\AppData\Roaming\SimilarSites O43 - CFD: 29/04/2014 - 14:45:36 - [] ----D C:\Users\sv\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 25/02/2014 - 08:45:12 - [] ----D C:\Users\sv\AppData\Local\VNT O53 - SMSR:HKLM\...\startupreg\ApnTBMon [Key] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask O53 - SMSR:HKLM\...\startupreg\Softonic for Windows [Key] . (...) -- C:\Users\sv\AppData\Local\Softonic\Softonic.exe (.not file.) =>Toolbar.Conduit O53 - SMSR:HKLM\...\startupreg\VNT [Key] . (.APN LLC. - Virtual New Tab Loader.) -- C:\Program Files (x86)\VNT\vntldr.exe =>Toolbar.Ask O61 - LFC: 19/05/2014 - 12:29:28 ---A- . (.Softonic.) -- C:\Users\sv\Downloads\SoftonicDownloader_for_firefox-1.exe [386880] =>Toolbar.Conduit O61 - LFC: 19/05/2014 - 12:29:34 ---A- . (.Softonic.) -- C:\Users\sv\Downloads\SoftonicDownloader_pour_windows-8-theme (1).exe [386928] =>Toolbar.Conduit O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask O69 - SBI: SearchScopes [HKCU] {2BFE1C29-D38B-45AE-9624-BF3C92B92D6D} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} - (Ask.com) - http://dts.search.ask.com [MD5.33492D075AAC7CE1D12E83843F5242C0] [WIS][28/04/2014] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\432688.msi [28672] =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32 =>Toolbar.Ask HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS =>Toolbar.Ask HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_all-free-video-converter_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_all-free-video-converter_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_artistic-font-collection_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_artistic-font-collection_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_avg-anti-virus-free-2014_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_avg-anti-virus-free-2014_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_burn4free_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_burn4free_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_custopack-tools_2_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_custopack-tools_2_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_custopack-tools_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_custopack-tools_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_express-scribe_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_express-scribe_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_gadwin-printscreen_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_gadwin-printscreen_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_internet-download-manager_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_internet-download-manager_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_kaspersky-anti-virus_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_kaspersky-anti-virus_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_pdfcreator_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_pdfcreator_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_supercopier_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_supercopier_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_theme-naruto-shippuden-5_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_theme-naruto-shippuden-5_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_viber-pour-windows_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_viber-pour-windows_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_vlc-media-player_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_vlc-media-player_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_windows-7-theme_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_windows-7-theme_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_winrar_2_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_winrar_2_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_zuma-deluxe_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_pour_zuma-deluxe_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Softonic_chr_1_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Softonic_chr_1_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Softonic_FR_1-5-4_FR_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Softonic_FR_1-5-4_FR_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Softonic_FR_1-5-6_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Softonic_FR_1-5-6_RASMANCS =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Softonic_RASAPI32 =>Toolbar.Conduit HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Softonic_RASMANCS =>Toolbar.Conduit [HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google [HKCR\CLSID\{41564952-412D-5637-4300-7A786E7484D7}] (Avira SearchFree Toolbar) =>Toolbar.Avira [HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google SR - | Auto 13/02/2014 166352 | (APNMCP) . (.APN LLC..) - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask SR - | Auto 28/04/2014 1801240 | (vToolbarUpdater18.1.0) . (.AVG Secure Search.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch [HKLM\Software\Google\Chrome\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm] =>Toolbar.Avira^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}] =>Toolbar.Avira^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4D91-8333-CF10577473F7}] =>Toolbar.Google^ [HKLM\SYSTEM\CurrentControlSet\Services\APNMCP] =>Toolbar.Ask^ [HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.0] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] =>Toolbar.Google^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\ApnTBMon] =>Toolbar.Ask^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Softonic for Windows] =>Toolbar.Conduit^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\VNT] =>Toolbar.Ask^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar [HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask [HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch [HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.Ask [HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch [HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch [HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch [HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch [HKCU\Software\Softonic] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch [HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit [HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask [HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask [HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{41564952-412D-5637-4300-7A786E7484D7} =>Toolbar.Ask^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:VNT =>Toolbar.Ask^ [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira C:\Users\sv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm =>Toolbar.Avira^ C:\Program Files (x86)\AVG Secure Search =>Toolbar.AVGSearch^ C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch^ C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch^ C:\Users\sv\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch^ C:\Program Files (x86)\AskPartnerNetwork =>Toolbar.Ask C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask C:\Users\sv\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch C:\Users\sv\AppData\LocalLow\searchresultstb =>Toolbar.Agent C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^ C:\Users\sv\AppData\Local\VNT\vntldr.exe =>Toolbar.Ask^ C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask^ C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe =>Toolbar.AVGSearch^ C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe =>Toolbar.AVGSearch^ [HKCU\Software\APNDTX] =>Toolbar.Ask^ [HKCU\Software\AVG Secure Search] =>Toolbar.AVGSearch^ [HKCU\Software\Conduit] =>Toolbar.Conduit^ [HKCU\Software\ForumerIT] =>Toolbar.Forumer^ [HKLM\Software\Wow6432Node\AVG Security Toolbar] =>Toolbar.AVGSearch^ [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^ C:\Windows\Installer\432688.msi =>Toolbar.Google^ [HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^ [HKCR\CLSID\{41564952-412D-5637-4300-7A786E7484D7}] (Avira SearchFree Toolbar) =>Toolbar.Avira^ [HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^ EmptyPrefetch FirewallRaz PROXYFix EmptyTemp EmptyFlash EmptyClsid SysRestore