Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v1.34.76 par Nicolas Coolman, Update du 01/02/2013
Run by yoy at 03/02/2013 21:59:55
State : Version � jour.
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 18.0.1 v18.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3764 MB (39% free)
System Restore: Activ� (Enable)
System drive C: has 613 GB (89%) free of 686 GB
---\\ Logged in mode
~ Computer Name: YOY-PC
~ User Name: yoy
~ All Users Names: yoy, UpdatusUser, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\yoy\AppData\Roaming\
~ %Desktop% : C:\Users\yoy\Desktop\
~ %Favorites% : C:\Users\yoy\Favorites\
~ %LocalAppData% : C:\Users\yoy\AppData\Local\
~ %StartMenu% : C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 613 Go of 686 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.5121DB613E10A46A3C5085B479026AA7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2012 - 07:04:11.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/1797
~ Mes musiques (My Musics) : 1/530
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 1/115
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/41
~ Scan Hidden Files in 00mn 01s
---\\ Processus lanc�s
[MD5.B2958F59C2DAFB76348224832FB7C26F] - (...) -- C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2554472] [PID.1876]
[MD5.70C305067B3D543870597C57F74D9EC3] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [964024] [PID.4144]
[MD5.8E689D83B243C229A683559FF98CF047] - (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.4380]
[MD5.CC02FBA3F124E56ECDB77BCFA4DAEB9E] - (.Anuman Interactive - Anuman Live.) -- C:\Users\yoy\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe [347648] [PID.4604]
[MD5.C723B02BA5BF788C9F91746BF37EACD9] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.313\SSScheduler.exe [271808] [PID.4848]
[MD5.0D360F06B168A6F37ACA9D9F958245DA] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.4836]
[MD5.9ABC4E3B00CFA3A47D5569F5B49FE42F] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1103440] [PID.4892]
[MD5.DE0B89579462C30C9E9861870E97052C] - (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1453704] [PID.4532]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4412]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.4708]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.3908]
[MD5.2C5BA148BA7936D9BB6BB1F4945BA469] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\yoy\AppData\Roaming\Dropbox\bin\Dropbox.exe [28539272] [PID.4408]
[MD5.6B115CE521D96900373775ECAC975D59] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536] [PID.5116]
[MD5.B77081F8221968C7DAB794B0BA55C43E] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896] [PID.1064]
[MD5.84A878D2D4A84CC73D53733F80FB57CE] - (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768] [PID.1516]
[MD5.A824317EA303679481EF1039A5D66212] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.1056]
[MD5.5BE9E66F6CAD73DE4D45072A43800327] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2223872] [PID.5272]
[MD5.D7826A7440444F40E0406CF37FD2FA88] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [917400] [PID.6340]
[MD5.9A4841A0CE83A768F7A5F4BA97DE02B5] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.6780]
[MD5.4EBF0CF9B48781DA145A147AA7E9E505] - (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe [1808392] [PID.6796]
[MD5.72CB29B523061FF64B3F66B8F3A5E034] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [5648896] [PID.31816]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1484]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1724]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1764]
[MD5.58174B8E1673C90751F6B70AA71DFE70] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [87552] [PID.1912]
[MD5.9DD3A22F804697606C2B7FF9E912FF6B] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [353360] [PID.1992]
[MD5.21ACFD2B4BF6C0F4D9080A437E400E88] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [418896] [PID.1104]
[MD5.C9B2D1D3F86FD3673EF847DEF73B6F9E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [36456] [PID.1368]
[MD5.B705C7097F9A0EC941D02DCE7C7D426C] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624] [PID.796]
[MD5.3F3D6E8BD31B3C017D0AB24CD5EC0D05] - (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [124832] [PID.1936]
[MD5.1873214666F6F0A883742DF91FBC48C9] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832] [PID.2124]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2380]
[MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064] [PID.2460]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2536]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.2900]
[MD5.9D8B95C0EAE145C46BC4A727B23DA395] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.6192]
[MD5.C97CC4B1A00E94494093C08A39BC33FC] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120] [PID.6300]
[MD5.0B0B9F55B12767A755932C26B5FED715] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2538520] [PID.6628]
~ Scan Processes Running in 00mn 02s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\yoy\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://search.conduit.com
G0 - GCSP: Preference [User Data\Default] http://search.conduit.com
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\prefs.js
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\user.js
M3 - MFPP: Plugins - [yoy] -- C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\searchplugins\01netcom-customized-web-search.xml
M3 - MFPP: Plugins - [yoy] -- C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\searchplugins\babylon1.xml
M3 - MFPP: Plugins - [yoy] -- C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\searchplugins\mngr.xml
M3 - MFPP: Plugins - [yoy] -- C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\searchplugins\sweetim.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [yoy - 5v3bpiug.default] google.fr
M2 - MFEP: prefs.js [yoy - 5v3bpiug.default\crossriderapp4352@crossrider.com] [] CouponDropDown v (.215 Apps.)
M2 - MFEP: prefs.js [yoy - 5v3bpiug.default\plugin@yontoo.com] [] Yontoo v1.20.00 (.Yontoo LLC.)
M2 - MFEP: prefs.js [yoy - 5v3bpiug.default\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}] [] DealPly v2.0 (.DealPly.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\yoy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\yoy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll
R3 - URLSearchHook: (no name) [64Bits] - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) (6.10.3.0) -- C:\Program Files (x86)\01NET.com\prxtb01NE.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: uTorrentBar_FR [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll
O2 - BHO: MSS+ Identifier [64Bits] - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0021810 [64Bits] - {11111111-1111-1111-1111-110211181110} . (.215 Apps - Giant Savings Extension BHO.) -- C:\Program Files (x86)\Giant Savings Extension\Giant Savings Extension.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper [64Bits] - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - Pas de description.) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: 01NET.com [64Bits] - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\01NET.com\prxtb01NE.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: DealPly [64Bits] - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} . (.DealPly Technologies Ltd - DealPly for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: Wajam IE BHO [64Bits] - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl� orpheline
~ Scan Toolbar in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\yoy\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [AnumanLive] . (.Anuman Interactive - Anuman Live.) -- C:\Users\yoy\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O4 - HKLM\..\Wow6432Node\Run: [CommonToolkitTray] . (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [offerbox] . (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files (x86)\OfferBox\OfferBox.exe
O4 - HKLM\..\Wow6432Node\Run: [Sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Wow6432Node\Run: [SearchProtectAll] . (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-362935419-2504595531-3900738282-1001-362935419-2504595531-3900738282-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-362935419-2504595531-3900738282-1001-362935419-2504595531-3900738282-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\yoy\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\yoy\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\yoy\Desktop\Microsoft Flight Simulator X - Raccourci.lnk - Cl� orpheline
O4 - Global Startup: C:\Users\yoy\Desktop\raccourci bureau - Raccourci.lnk . (...) -- C:\Users\yoy\Documents\raccourci bureau
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk . (.www.motioninjoy.com.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MP3 Rocket 6.0.6.lnk . (...) -- C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
~ Scan Global Startup in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft� Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft� Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E05FB2DE-2E72-46D7-A3C9-BA655D7B17C5}: DhcpNameServer = 172.22.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0705878-FDE2-4694-AAD4-388A971F27DE}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{E05FB2DE-2E72-46D7-A3C9-BA655D7B17C5}: DhcpNameServer = 172.22.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E0705878-FDE2-4694-AAD4-388A971F27DE}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{E05FB2DE-2E72-46D7-A3C9-BA655D7B17C5}: DhcpNameServer = 172.22.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E0705878-FDE2-4694-AAD4-388A971F27DE}: DhcpNameServer = 192.168.0.254
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contr�le ActiveX pour le flux vid�o.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft� InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft� InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contr�le ActiveX pour le flux vid�o.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 285.) - C:\Windows\system32\nvinitx.dll
~ Scan AppInit DLL in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Search Protect by Conduit Updater (CltMngSvc) . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Live Updater Service (Live Updater Service) . (.Acer Incorporated - Updater Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) . (.Yuna Software - Service - Messenger Plus! for Skype.) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NTI Corporation - Backup Manager Module.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 285.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: OfferBox update service (OfferBox update service) . (.Aedge Performance BCN SL - OfferBox.) - C:\Program Files (x86)\OfferBox\OfferBoxUpdateService.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 19s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362935419-2504595531-3900738282-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362935419-2504595531-3900738282-1001UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HP Photo Creations Messager.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter64-yoy-Notification.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter64-yoy-Startup.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[MD5.424877CB9D5517F980FF7BACA2EB379D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.7F19838AC317C34FCED020BE529AF71E] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[MD5.88C511BE2C6649DAA9DABA888BBDA77E] [APT] [DealPly] (...) -- C:\Users\yoy\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe
[MD5.4EE862402A5ECEE9A6F291E08B79F2C7] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe
[MD5.9834D0C33581BE9975783BFD56E2242C] [APT] [EgisUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\EgisUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-362935419-2504595531-3900738282-1001Core] (.Google Inc..) -- C:\Users\yoy\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-362935419-2504595531-3900738282-1001UA] (.Google Inc..) -- C:\Users\yoy\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.B087C25AFD565F0DC01FCAF565FE19C7] [APT] [HP Photo Creations Messager] (...) -- C:\ProgramData\HP Photo Creations\MessageCheck.exe
[MD5.E84C580843F2C0D548539C2F1FD19E0C] [APT] [HPCustParticipation HP Deskjet 3050A J611 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
[MD5.5E885A8475F9EB11038C1AFF6036525C] [APT] [HPCustParticipation HP Photosmart 5510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe
[MD5.CD0D8016C17F4D08C4EE3990C4D86351] [APT] [hpUrlLauncher.exe_{73B6F7A6-5046-46B4-8CAC-CF8B1052E061}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe
[MD5.1E43B2277941DA49EECCFD0375294F68] [APT] [hpUrlLauncher.exe_{E17A8FFF-97B0-44A2-96E8-349E4FFC1CD1}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\utils\hpUrlLauncher.exe
[MD5.0285670FD75CB7626EE51B0B32ED0769] [APT] [PMMUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\PMMUpdate.exe
[MD5.BD13B6E4F250358DCE617047FF3512D4] [APT] [ScanToPCActivationApp.exe_{06E4F6B7-BB4D-4B76-A400-292672F707D5}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
[MD5.BD13B6E4F250358DCE617047FF3512D4] [APT] [ScanToPCActivationApp.exe_{2116007C-E4D7-412E-842A-C401AF3B4E3A}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
[MD5.BD13B6E4F250358DCE617047FF3512D4] [APT] [ScanToPCActivationApp.exe_{869711F9-6971-4629-968F-7B4E6921F60A}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
[MD5.E00A5136DB2958250CD6C2C8436B9E79] [APT] [SLOW-PCfighter64-yoy-Notification] (.SPAMfighter ApS.) -- C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe
[MD5.15B6A9017C22ACCFA4597A5BA2820F42] [APT] [SLOW-PCfighter64-yoy-Startup] (.SPAMfighter ApS.) -- C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{B9D2F50E-219A-4491-9E1B-D46384899113}] (...) -- C:\Users\yoy\Downloads\msn-messenger_msn_messenger_7.5_version_compatible_windows_2000_anglais_13499.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{C5B5C9E0-1315-490D-8A4C-48578A7D45D7}] (...) -- C:\Users\yoy\Downloads\Install_CopyTrans_Suite.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 05s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d�IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Mini Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst�me de mise en m�moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: 01NET.com Toolbar - (.01NET.com.) [HKLM][64Bits] -- 01NET.com Toolbar
O42 - Logiciel: Acer Backup Manager - (.NTI Corporation.) [HKLM][64Bits] -- InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}
O42 - Logiciel: Acer Crystal Eye Webcam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Acer Crystal Eye Webcam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Acer Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent acer Master Uninstall
O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Registration
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Screensaver
O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.01) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WTA-0666b674-d4b4-4d11-9e72-eac2ff769b08
O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {63EC2120-1742-4625-AA47-C6A8AEC9C64C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Babylon toolbar - (.BabylonToolbar.) [HKLM][64Bits] -- BabylonToolbar
O42 - Logiciel: Backup Manager V3 - (.NTI Corporation.) [HKLM][64Bits] -- {0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-8a76024c-be37-4bac-b70f-56aee4f02ee5
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {C28D96C0-6A90-459E-A077-A6706F4EC0FC}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {D745B017-4336-4718-83A6-3AE1A9DE88C3}
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-248b539d-72c7-43fc-808f-b18baf0672c0
O42 - Logiciel: Complemento Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}
O42 - Logiciel: Compl�ment Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: CopyTrans Suite d�sinstallation uniquement - (.WindSolutions.) [HKCU][64Bits] -- CopyTrans Suite
O42 - Logiciel: Crazy Chicken Kart 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-242ad961-ae3f-45d3-8df4-56dde55526ae
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DealPly - (.DealPly Technologies Ltd.) [HKLM][64Bits] -- DealPly
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM][64Bits] -- Defraggler
O42 - Logiciel: Doplnok programu Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: Easy Burner - (.Aedge Performance BCN SL.) [HKLM][64Bits] -- {520C2939-555B-40BF-A91B-8B671AB560EB}
O42 - Logiciel: Euro Truck Simulator 2 - (.SCS Software.) [HKLM][64Bits] -- {1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1
O42 - Logiciel: Evernote v. 4.5.1 - (.Evernote Corp..) [HKLM][64Bits] -- {28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WTA-221e47f2-af62-4ac5-821a-154ac51a95e3
O42 - Logiciel: Final Drive: Nitro - (.WildTangent.) [HKLM][64Bits] -- WTA-f9336108-236e-4b12-918e-5ce2b4a8306a
O42 - Logiciel: Fooz Kids - (.FUHU, Inc..) [HKLM][64Bits] -- FoozKids
O42 - Logiciel: Fooz Kids - (.FUHU, Inc..) [HKLM][64Bits] -- {4C774C35-E0AF-72E1-136A-2BF666702268}
O42 - Logiciel: Fooz Kids Platform - (.FUHU, Inc..) [HKLM][64Bits] -- {8D68CE08-9A14-4B7B-9857-3C646A2F34C7}
O42 - Logiciel: Giant Savings Extension - (.215 Apps.) [HKLM][64Bits] -- Giant Savings Extension
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {71972D00-4596-11E2-B6EA-B8AC6F97B88E}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Deskjet 3050A J611 series - Enqu�te sur l'am�lioration du produit - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {2FFFDE2C-9861-4003-AE65-BD13A29E074A}
O42 - Logiciel: HP Deskjet 3050A J611 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {97DDCAB8-B770-4089-A10F-67568069D78A}
O42 - Logiciel: HP FWUpdateEDO2 - (.Hewlett-Packard.) [HKLM][64Bits] -- {415FA9AD-DA10-4ABE-97B6-5051D4795C90}
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations.) [HKLM][64Bits] -- HP Photo Creations
O42 - Logiciel: HP Photosmart 5510 series - Enqu�te sur l'am�lioration du produit - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {EF266618-8712-4A13-B10C-C1D3578250FB}
O42 - Logiciel: HP Photosmart 5510 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {E02964EA-0E1B-4620-A26E-CBAB0341B1BB}
O42 - Logiciel: HP Product Detection - (.HP.) [HKLM][64Bits] -- {A436F67F-687E-4736-BD2B-537121A804CF}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.0.0 - (.Hewlett-Packard.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: INFORAD MANAGER 3.9 - (.Pas de propri�taire.) [HKLM][64Bits] -- INFORAD MANAGER 3.9_is1
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-21c944df-8f1d-4296-860f-e60f6efbb8cf
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
O42 - Logiciel: Java(TM) 6 Update 39 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216032FF}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-d2e680ce-5383-4b06-9ebe-8f4c632aedce
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM][64Bits] -- WTA-9505a9ce-4817-45fb-a16c-50700960c463
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WTA-5b52d470-c64b-403b-b2ad-9ccd7b7e958c
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM][64Bits] -- LManager
O42 - Logiciel: Logiciel de base du p�riph�rique HP Deskjet 3050A J611 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {6B6856BE-3ADD-4C18-9396-CAE664CCEF8E}
O42 - Logiciel: Logiciel de base du p�riph�rique HP Photosmart 5510 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {94641C2B-3419-4B5A-97E1-757BA7D2ECAD}
O42 - Logiciel: MP3 Rocket - (.Pas de propri�taire.) [HKLM][64Bits] -- MP3 Rocket
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Messenger Assistent - (.Microsoft Corporation.) [HKLM][64Bits] -- {56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {0535A238-D489-430E-9851-88E78BF84AAB}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {066219C8-4BE6-46D7-9E01-60FCFA6B32DC}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {082E37F5-3924-4168-A69A-1B6B1FEA587C}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {3889988F-762B-4B85-AB17-71C9CC3AE445}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {50816F92-1652-4A7C-B9BC-48F682742C4B}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DD3B54B-F0D0-4A69-8344-F52033225A02}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {781E0319-15CD-4A4C-A47E-D9FFF697E7A1}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {8142D25E-028A-4563-86ED-5755783C8029}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {847C879C-1467-4924-A491-1302B4C58F70}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {939C80FA-96C9-44A6-B318-8E7D8BD8481B}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {96403552-88D1-429F-9C92-388B814B885E}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {B44F3823-52DD-45CA-A916-8B320778715D}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {C7DAD22D-29D4-438F-B986-03B9ED582EA4}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {D58E381C-DE02-46A9-B9D1-A2CB807D2676}
O42 - Logiciel: Messenger Plus! for Skype - (.Yuna Software.) [HKLM][64Bits] -- Messenger Plus! for Skype
O42 - Logiciel: Messenger Suradnik - (.Microsoft Corporation.) [HKLM][64Bits] -- {3FD1CB9F-807F-451B-926C-9D19C84CFC61}
O42 - Logiciel: Messenger k�s�ro - (.Microsoft Corporation.) [HKLM][64Bits] -- {F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}
O42 - Logiciel: Messenger ???? - (.Microsoft Corporation.) [HKLM][64Bits] -- {CF088261-BC81-4FB9-9BA0-7B5B9602D01A}
O42 - Logiciel: Messenger-kumppani - (.Microsoft Corporation.) [HKLM][64Bits] -- {D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}
O42 - Logiciel: Microsoft Flight Simulator X - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: MotioninJoy DS3 driver version 0.6.0004 - (.www.motioninjoy.com.) [HKLM][64Bits] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1
O42 - Logiciel: Mozilla Firefox 18.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 18.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mozilla Thunderbird 17.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 17.0.2 (x86 fr)
O42 - Logiciel: MyFreeCodec - (.Pas de propri�taire.) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
O42 - Logiciel: MyWinLocker 4 - (.Egis Technology Inc..) [HKLM][64Bits] -- {39F15B50-A977-4CA6-B1C3-6A8724CDA025}
O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- {17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
O42 - Logiciel: Mystery of Mortlake Mansion - (.WildTangent.) [HKLM][64Bits] -- WTA-b2990de1-0767-4e4a-8f79-d5fa2ef08b5f
O42 - Logiciel: NTI Media Maker 9 - (.NTI Corporation.) [HKLM][64Bits] -- InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
O42 - Logiciel: NVIDIA Pilote graphique 285.25 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}
O42 - Logiciel: OfferBox - (.Aedge Performance BCN SL.) [HKLM][64Bits] -- OfferBox
O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM][64Bits] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WTA-9ec7287c-6bcc-4fa9-b247-059bab4655c2
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-2b03a6c7-4c6d-4493-9cee-faa9b78846bb
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-2b82f067-8a6e-457f-b246-cdedbcb81cd1
O42 - Logiciel: Pomocnik Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {BD8DA595-F501-4ABE-85A0-5C23E82472A0}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: SLOW-PCfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- {046C9272-6E16-4C47-8BEF-4880417304DF}
O42 - Logiciel: SLOW-PCfighter - (.SPAMfighter ApS..) [HKLM][64Bits] -- SLOW-PCfighter
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Search Protect by conduit - (.Conduit.) [HKLM][64Bits] -- SearchProtect
O42 - Logiciel: Shredder - (.Egis Technology Inc..) [HKLM][64Bits] -- {C2695E83-CF1D-43D1-84FE-B3BEC561012A}
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype� 5.10 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-e10eb1c5-3eaf-4a1f-a7d6-6894a9d63586
O42 - Logiciel: Spremljevalec Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {F14F9EE9-9B68-42B4-90F7-0924F7619281}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TRS2008 - (.Pas de propri�taire.) [HKLM][64Bits] -- {DD282D0E-AC08-4539-84B0-959350576BEC}
O42 - Logiciel: Torchlight - (.WildTangent.) [HKLM][64Bits] -- WTA-17532a50-450c-40c2-b1b0-fb5b909f62d9
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
O42 - Logiciel: Virtual Villagers 4 - The Tree of Life - (.WildTangent.) [HKLM][64Bits] -- WTA-756b5932-ea12-4047-8a3e-35b1254f98dd
O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-76dfafd8-66a3-4b3b-ae37-b20c35ab4f4f
O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Welcome Center
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-31d957c9-d1cd-402f-a840-a3528273c6c9
O42 - Logiciel: avast! Free Antivirus v7.0.1474.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: e-Carte Bleue LCL - (.Pas de propri�taire.) [HKLM][64Bits] -- {3D6B54EF-65E4-4624-8709-03A3BBE2C240}
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {D3E5A972-9A15-427D-AE78-8181A5FD943C}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}
O42 - Logiciel: newsXpresso - (.esobi Inc..) [HKLM][64Bits] -- InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}
O42 - Logiciel: newsXpresso - (.esobi Inc..) [HKLM][64Bits] -- {613C0AC5-3A67-4B94-8B13-9176AD83F5BF}
O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM][64Bits] -- uTorrentBar_FR Toolbar
O42 - Logiciel: �Torrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent
O42 - Logiciel: ????????? Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {3705D53F-BB01-4BEE-8585-289E71CAC4B4}
O42 - Logiciel: ???????? ?? Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}
O42 - Logiciel: ????? Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {AB5977C5-11AE-4003-BA7D-261C48F2BC35}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\01NET.com]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\CouponDropDown]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Giant Savings Extension]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Auran]
[HKCU\Software\Avast Software]
[HKCU\Software\BabylonToolbar]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Cr_Installer]
[HKCU\Software\Cyberlink]
[HKCU\Software\DataMngr]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\DealPly]
[HKCU\Software\Dritek]
[HKCU\Software\Fighters]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore]
[HKCU\Software\InstalledBrowserExtensions]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\MyFree Codec]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OfferBox]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\SearchProtect]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Softonic]
[HKCU\Software\SweetIM]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VSO]
[HKCU\Software\Visan]
[HKCU\Software\Wajam]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yuna Software]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\a53dedeb73feb15]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\EgisTec IPS]
[HKLM\Software\EgisTec Shredder]
[HKLM\Software\Fighters]
[HKLM\Software\GEAR Software]
[HKLM\Software\HP]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\McFPDetect]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SRS Labs]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\01NET.com]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AedgePerformanceBCN]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Auran]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\EasyBurner]
[HKLM\Software\Wow6432Node\EgisTec IPS]
[HKLM\Software\Wow6432Node\EgisTec MyWinLockerSuite]
[HKLM\Software\Wow6432Node\EgisTec MyWinLocker]
[HKLM\Software\Wow6432Node\EgisTec Shredder]
[HKLM\Software\Wow6432Node\Evernote]
[HKLM\Software\Wow6432Node\FUHU, Inc.]
[HKLM\Software\Wow6432Node\Fighters]
[HKLM\Software\Wow6432Node\Garmin]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Myfree Codec]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Prolific Technology INC]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RocketLife]
[HKLM\Software\Wow6432Node\SCS Software]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\VSO]
[HKLM\Software\Wow6432Node\VirualDiskRedist]
[HKLM\Software\Wow6432Node\Visan]
[HKLM\Software\Wow6432Node\Vittalia]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Yuna Software]
[HKLM\Software\Wow6432Node\a53dedeb73feb15]
[HKLM\Software\Wow6432Node\e-Carte Bleue LCL]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\uTorrentBar_FR]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/01/2013 - 22:35:30 - [4,874] ----D C:\Program Files (x86)\01NET.com
O43 - CFD: 19/12/2012 - 21:02:11 - [90,890] ----D C:\Program Files (x86)\Acer
O43 - CFD: 27/10/2011 - 12:40:57 - [601,628] ----D C:\Program Files (x86)\Acer Games
O43 - CFD: 17/10/2012 - 20:55:32 - [119,713] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 08/05/2012 - 19:15:58 - [2,316] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 22/12/2012 - 12:11:06 - [1278,590] ----D C:\Program Files (x86)\Auran
O43 - CFD: 18/01/2013 - 21:38:05 - [2,371] ----D C:\Program Files (x86)\BabylonToolbar
O43 - CFD: 08/05/2012 - 19:15:13 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 14/12/2012 - 06:53:52 - [0] ----D C:\Program Files (x86)\Boxore
O43 - CFD: 22/12/2012 - 18:24:44 - [284,915] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 07/12/2012 - 21:55:40 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 03/02/2013 - 21:38:02 - [0,811] ----D C:\Program Files (x86)\DealPly
O43 - CFD: 25/10/2012 - 21:04:13 - [0,466] ----D C:\Program Files (x86)\e-Carte Bleue LCL
O43 - CFD: 12/01/2013 - 21:12:53 - [8,152] ----D C:\Program Files (x86)\EasyBurner
O43 - CFD: 27/10/2011 - 13:08:42 - [3,489] ----D C:\Program Files (x86)\EgisTec IPS
O43 - CFD: 27/10/2011 - 13:08:56 - [19,986] ----D C:\Program Files (x86)\EgisTec MyWinLocker
O43 - CFD: 27/10/2011 - 13:07:30 - [2,563] ----D C:\Program Files (x86)\EgisTec MyWinLockerSuite
O43 - CFD: 27/10/2011 - 13:09:28 - [5,335] ----D C:\Program Files (x86)\EgisTec Shredder
O43 - CFD: 22/12/2012 - 13:04:19 - [1579,593] ----D C:\Program Files (x86)\Euro Truck Simulator 2
O43 - CFD: 27/10/2011 - 12:41:27 - [151,629] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 08/05/2012 - 17:21:25 - [4,634] ----D C:\Program Files (x86)\Fighters
O43 - CFD: 27/10/2011 - 13:18:59 - [21,609] ----D C:\Program Files (x86)\Fooz Kids
O43 - CFD: 12/01/2013 - 20:29:27 - [5,059] ----D C:\Program Files (x86)\Giant Savings Extension
O43 - CFD: 18/01/2013 - 22:45:54 - [125,061] ----D C:\Program Files (x86)\Google
O43 - CFD: 14/05/2012 - 20:01:24 - [5,939] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 17/05/2012 - 22:18:05 - [11,881] ----D C:\Program Files (x86)\HP
O43 - CFD: 06/05/2012 - 16:04:59 - [0,421] ----D C:\Program Files (x86)\HP Photo Creations
O43 - CFD: 08/12/2012 - 19:04:37 - [3,770] ----D C:\Program Files (x86)\INFORAD
O43 - CFD: 08/12/2012 - 19:04:37 - [0,520] ----D C:\Program Files (x86)\INFORAD_DRIVERS
O43 - CFD: 22/12/2012 - 18:24:51 - [195,884] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 28/11/2011 - 12:11:56 - [19,096] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/12/2012 - 21:08:49 - [4,933] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 13/09/2012 - 18:21:08 - [142,398] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 03/02/2013 - 17:38:46 - [163,459] ----D C:\Program Files (x86)\Java
O43 - CFD: 28/11/2011 - 12:16:41 - [8,896] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 03/01/2013 - 13:07:44 - [12,328] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 21/09/2012 - 22:05:59 - [2,414] ----D C:\Program Files (x86)\MarkAny
O43 - CFD: 28/01/2013 - 19:28:00 - [11,322] ----D C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 28/11/2011 - 12:22:21 - [19,953] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 19/07/2012 - 13:28:34 - [12,399] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 22/12/2012 - 17:58:16 - [808,688] ----D C:\Program Files (x86)\Microsoft Games
O43 - CFD: 17/07/2012 - 17:07:30 - [6,425] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 10/05/2012 - 19:22:40 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 27/10/2011 - 12:59:54 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 04/05/2012 - 23:21:08 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30/01/2013 - 19:51:02 - [48,884] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/02/2013 - 22:16:16 - [0,212] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 10/01/2013 - 23:24:08 - [43,370] ----D C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD: 08/05/2012 - 17:51:37 - [33,103] ----D C:\Program Files (x86)\MP3 Rocket
O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 22/12/2012 - 18:24:47 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 26/09/2012 - 22:43:29 - [10,577] ----D C:\Program Files (x86)\MyFree Codec
O43 - CFD: 27/10/2011 - 13:20:21 - [6,828] ----D C:\Program Files (x86)\newsXpresso
O43 - CFD: 28/11/2011 - 12:25:51 - [1320,383] ----D C:\Program Files (x86)\NTI
O43 - CFD: 28/11/2011 - 12:20:13 - [82,777] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 03/05/2012 - 22:00:41 - [0,105] ----D C:\Program Files (x86)\OEM
O43 - CFD: 08/12/2012 - 09:11:36 - [6,212] ----D C:\Program Files (x86)\OfferBox
O43 - CFD: 08/12/2012 - 19:06:46 - [0,318] ----D C:\Program Files (x86)\Prolific Technology INC
O43 - CFD: 28/11/2011 - 12:18:02 - [13,771] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 21/09/2012 - 22:06:59 - [246,232] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 18/01/2013 - 22:34:52 - [5,941] ----D C:\Program Files (x86)\SearchProtect
O43 - CFD: 05/09/2012 - 18:21:31 - [31,415] R---D C:\Program Files (x86)\Skype
O43 - CFD: 08/12/2012 - 20:44:19 - [1,079] ----D C:\Program Files (x86)\Software
O43 - CFD: 12/01/2013 - 20:36:53 - [6,858] ----D C:\Program Files (x86)\SweetIM
O43 - CFD: 27/10/2011 - 13:10:02 - [6,154] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 28/11/2011 - 12:18:23 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 08/12/2012 - 12:29:23 - [0,924] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 07/12/2012 - 21:55:39 - [4,849] ----D C:\Program Files (x86)\uTorrentBar_FR
O43 - CFD: 01/11/2012 - 20:48:19 - [0] ----D C:\Program Files (x86)\VSO
O43 - CFD: 18/01/2013 - 22:34:01 - [0,572] ----D C:\Program Files (x86)\Wajam
O43 - CFD: 07/12/2012 - 17:43:58 - [6,982] ----D C:\Program Files (x86)\Webgameplay setup
O43 - CFD: 18/01/2013 - 19:53:41 - [11,096] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 28/11/2011 - 21:00:53 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 08/05/2012 - 15:00:01 - [524,978] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 28/11/2011 - 21:00:53 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 28/11/2011 - 21:00:53 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 28/11/2011 - 21:00:53 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 04:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 28/11/2011 - 21:00:53 - [7,008] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 07/12/2012 - 21:51:09 - [0,319] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 08/05/2012 - 15:11:26 - [38,791] ----D C:\Program Files (x86)\Yuna Software
O43 - CFD: 03/02/2013 - 22:00:10 - [11,884] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 17/10/2012 - 20:55:37 - [6,274] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 27/10/2011 - 13:18:58 - [30,069] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 13/09/2012 - 18:20:32 - [105,867] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 17/07/2012 - 17:07:30 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 27/10/2011 - 13:08:39 - [0,165] ----D C:\Program Files (x86)\Common Files\EgisTec
O43 - CFD: 02/12/2012 - 20:13:06 - [6,882] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 28/11/2011 - 12:11:55 - [12,691] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 23/10/2012 - 20:03:53 - [33,454] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 28/11/2011 - 12:25:25 - [0,625] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 17/06/2012 - 20:30:28 - [0,789] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 22/12/2012 - 18:24:44 - [0,043] ----D C:\Program Files (x86)\Common Files\Microsoft Games
O43 - CFD: 17/07/2012 - 17:07:31 - [36,781] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 27/10/2011 - 12:30:18 - [0,154] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 08/05/2012 - 13:24:56 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 04/05/2012 - 20:48:11 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 27/10/2011 - 12:46:40 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 13/09/2012 - 18:21:09 - [2,775] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 27/10/2011 - 12:45:44 - [0,518] ----D C:\ProgramData\Acer
O43 - CFD: 27/11/2012 - 21:05:30 - [152,730] ----D C:\ProgramData\Adobe
O43 - CFD: 08/05/2012 - 19:15:45 - [95,857] ----D C:\ProgramData\Apple
O43 - CFD: 08/05/2012 - 19:16:30 - [49,870] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 10/06/2012 - 18:51:03 - [39,157] ----D C:\ProgramData\AVAST Software
O43 - CFD: 07/12/2012 - 17:02:26 - [0] ----D C:\ProgramData\Babylon
O43 - CFD: 27/10/2011 - 13:15:53 - [0,385] ----D C:\ProgramData\BackupManager
O43 - CFD: 18/01/2013 - 21:38:17 - [7,621] ----D C:\ProgramData\BrowserProtect
O43 - CFD: 03/05/2012 - 22:00:07 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 28/11/2011 - 12:31:36 - [0,000] ----D C:\ProgramData\CLSK
O43 - CFD: 19/12/2012 - 21:01:44 - [0,008] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 28/11/2011 - 12:09:34 - [0] ----D C:\ProgramData\EgisTec
O43 - CFD: 28/11/2011 - 12:31:49 - [0,268] ----D C:\ProgramData\EgisTec IPS
O43 - CFD: 27/10/2011 - 12:41:15 - [0] ----D C:\ProgramData\Evernote
O43 - CFD: 03/05/2012 - 22:00:07 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 08/05/2012 - 17:21:25 - [9,026] ----D C:\ProgramData\Fighters
O43 - CFD: 28/11/2011 - 12:25:26 - [0,003] ----D C:\ProgramData\FLEXnet
O43 - CFD: 27/10/2011 - 13:19:00 - [0] ----D C:\ProgramData\Fooz Kids
O43 - CFD: 17/05/2012 - 22:18:14 - [21,160] ----D C:\ProgramData\HP
O43 - CFD: 06/05/2012 - 16:04:59 - [58,591] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 28/11/2011 - 12:22:15 - [0,001] ----D C:\ProgramData\Intel
O43 - CFD: 04/05/2012 - 21:37:13 - [17,382] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 28/08/2012 - 16:45:14 - [0,281] ----D C:\ProgramData\McAfee
O43 - CFD: 17/10/2012 - 20:55:56 - [0,001] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 03/05/2012 - 22:00:07 - [0] --H-D C:\ProgramData\Menu D�marrer
O43 - CFD: 26/07/2012 - 21:37:15 - [0,038] ----D C:\ProgramData\Messenger Plus! for Skype
O43 - CFD: 22/12/2012 - 18:24:01 - [-1607,656] -S--D C:\ProgramData\Microsoft
O43 - CFD: 03/05/2012 - 22:00:07 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 03/05/2012 - 23:17:02 - [0,034] ----D C:\ProgramData\Mozilla
O43 - CFD: 27/10/2011 - 13:20:25 - [0,000] ----D C:\ProgramData\newsXpresso
O43 - CFD: 28/11/2011 - 12:26:29 - [0] ----D C:\ProgramData\NTI Launcher
O43 - CFD: 28/11/2011 - 12:21:43 - [18,961] ----D C:\ProgramData\NVIDIA
O43 - CFD: 28/11/2011 - 12:14:46 - [0,955] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 03/05/2012 - 22:03:26 - [0,001] ----D C:\ProgramData\oem
O43 - CFD: 26/09/2012 - 21:34:09 - [9,775] ----D C:\ProgramData\Samsung
O43 - CFD: 05/09/2012 - 18:21:29 - [42,769] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 08/05/2012 - 22:55:03 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 12/01/2013 - 20:36:54 - [0,000] ----D C:\ProgramData\SweetIM
O43 - CFD: 27/10/2011 - 13:10:02 - [0,054] ----D C:\ProgramData\Symantec
O43 - CFD: 07/12/2012 - 21:51:07 - [1,661] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 05/12/2012 - 20:00:32 - [0,911] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 20/07/2012 - 15:57:55 - [0] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 18/01/2013 - 19:55:35 - [1389,528] ----D C:\ProgramData\WildTangent
O43 - CFD: 08/05/2012 - 20:52:18 - [0,179] ----D C:\ProgramData\WindSolutions
O43 - CFD: 08/05/2012 - 19:17:34 - [0,002] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 06/05/2012 - 09:58:11 - [3,494] ----D C:\Users\yoy\AppData\Roaming\Adobe
O43 - CFD: 22/12/2012 - 12:26:31 - [0,332] ----D C:\Users\yoy\AppData\Roaming\Anuman Interactive
O43 - CFD: 08/05/2012 - 19:21:28 - [787,057] ----D C:\Users\yoy\AppData\Roaming\Apple Computer
O43 - CFD: 07/12/2012 - 17:02:26 - [0,024] ----D C:\Users\yoy\AppData\Roaming\Babylon
O43 - CFD: 06/05/2012 - 09:33:24 - [0,003] ----D C:\Users\yoy\AppData\Roaming\CyberLink
O43 - CFD: 18/01/2013 - 21:38:17 - [0,087] ----D C:\Users\yoy\AppData\Roaming\DealPly
O43 - CFD: 03/02/2013 - 17:58:22 - [48,458] ----D C:\Users\yoy\AppData\Roaming\Dropbox
O43 - CFD: 12/01/2013 - 21:14:30 - [0,005] ----D C:\Users\yoy\AppData\Roaming\EasyBurner
O43 - CFD: 08/05/2012 - 17:18:04 - [0,589] ----D C:\Users\yoy\AppData\Roaming\Fighters
O43 - CFD: 01/07/2012 - 09:58:18 - [0,001] ----D C:\Users\yoy\AppData\Roaming\Garmin
O43 - CFD: 08/05/2012 - 13:35:42 - [0] ----D C:\Users\yoy\AppData\Roaming\GetRightToGo
O43 - CFD: 03/07/2012 - 19:54:35 - [0,013] ----D C:\Users\yoy\AppData\Roaming\HpUpdate
O43 - CFD: 03/05/2012 - 22:03:05 - [0] ----D C:\Users\yoy\AppData\Roaming\Identities
O43 - CFD: 27/10/2011 - 13:18:58 - [0,059] ----D C:\Users\yoy\AppData\Roaming\Macromedia
O43 - CFD: 04/05/2012 - 21:37:30 - [8,027] ----D C:\Users\yoy\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - 08:16:41 - [0] ----D C:\Users\yoy\AppData\Roaming\Media Center Programs
O43 - CFD: 22/12/2012 - 18:09:30 - [13,011] -S--D C:\Users\yoy\AppData\Roaming\Microsoft
O43 - CFD: 09/01/2013 - 22:16:45 - [0,006] ----D C:\Users\yoy\AppData\Roaming\MotioninJoy
O43 - CFD: 03/05/2012 - 23:17:49 - [53,505] ----D C:\Users\yoy\AppData\Roaming\Mozilla
O43 - CFD: 08/05/2012 - 17:43:17 - [1,851] ----D C:\Users\yoy\AppData\Roaming\MP3Rocket
O43 - CFD: 08/12/2012 - 10:11:46 - [0,542] ----D C:\Users\yoy\AppData\Roaming\OfferBox
O43 - CFD: 01/12/2012 - 08:49:00 - [0] ----D C:\Users\yoy\AppData\Roaming\PerformerSoft
O43 - CFD: 26/11/2012 - 19:56:21 - [5,688] ----D C:\Users\yoy\AppData\Roaming\Samsung
O43 - CFD: 18/01/2013 - 22:40:12 - [5,963] ----D C:\Users\yoy\AppData\Roaming\SearchProtect
O43 - CFD: 26/07/2012 - 21:41:31 - [2,506] ----D C:\Users\yoy\AppData\Roaming\Skype
O43 - CFD: 29/08/2012 - 09:12:33 - [0,608] ----D C:\Users\yoy\AppData\Roaming\SoftGrid Client
O43 - CFD: 04/05/2012 - 20:16:45 - [59,996] ----D C:\Users\yoy\AppData\Roaming\Thunderbird
O43 - CFD: 17/07/2012 - 17:08:34 - [0] ----D C:\Users\yoy\AppData\Roaming\TP
O43 - CFD: 09/01/2013 - 23:25:17 - [1,669] ----D C:\Users\yoy\AppData\Roaming\uTorrent
O43 - CFD: 26/11/2012 - 19:11:47 - [0,009] ----D C:\Users\yoy\AppData\Roaming\VSO
O43 - CFD: 18/01/2013 - 19:53:53 - [3,120] ----D C:\Users\yoy\AppData\Roaming\WildTangent
O43 - CFD: 08/05/2012 - 20:52:20 - [48,894] ----D C:\Users\yoy\AppData\Roaming\WindSolutions
O43 - CFD: 03/05/2012 - 22:00:37 - [0,016] ----D C:\Users\yoy\AppData\Local\Acer
O43 - CFD: 06/05/2012 - 09:58:11 - [31,938] ----D C:\Users\yoy\AppData\Local\Adobe
O43 - CFD: 08/05/2012 - 19:16:01 - [0] ----D C:\Users\yoy\AppData\Local\Apple
O43 - CFD: 08/05/2012 - 19:17:45 - [23,550] ----D C:\Users\yoy\AppData\Local\Apple Computer
O43 - CFD: 03/05/2012 - 22:00:18 - [0] ----D C:\Users\yoy\AppData\Local\Application Data
O43 - CFD: 18/01/2013 - 22:35:22 - [1,836] ----D C:\Users\yoy\AppData\Local\Conduit
O43 - CFD: 07/12/2012 - 21:51:27 - [0] ----D C:\Users\yoy\AppData\Local\CouponDropDown
O43 - CFD: 18/01/2013 - 22:35:07 - [5,232] ----D C:\Users\yoy\AppData\Local\CRE
O43 - CFD: 19/12/2012 - 21:00:02 - [0] ----D C:\Users\yoy\AppData\Local\Cyberlink
O43 - CFD: 21/09/2012 - 21:52:29 - [89,646] ----D C:\Users\yoy\AppData\Local\Downloaded Installations
O43 - CFD: 03/05/2012 - 22:10:19 - [0,000] ----D C:\Users\yoy\AppData\Local\EgisTec IPS
O43 - CFD: 12/01/2013 - 20:29:11 - [0,041] ----D C:\Users\yoy\AppData\Local\Giant Savings Extension
O43 - CFD: 18/01/2013 - 22:45:46 - [422,434] ----D C:\Users\yoy\AppData\Local\Google
O43 - CFD: 03/05/2012 - 22:00:18 - [0] ----D C:\Users\yoy\AppData\Local\Historique
O43 - CFD: 17/05/2012 - 22:28:37 - [0,220] ----D C:\Users\yoy\AppData\Local\HP
O43 - CFD: 08/12/2012 - 19:04:39 - [20,752] ----D C:\Users\yoy\AppData\Local\IFM39
O43 - CFD: 10/06/2012 - 18:35:19 - [0] ----D C:\Users\yoy\AppData\Local\Macromedia
O43 - CFD: 22/12/2012 - 18:28:05 - [1821,818] ----D C:\Users\yoy\AppData\Local\Microsoft
O43 - CFD: 04/05/2012 - 21:55:40 - [0,195] ----D C:\Users\yoy\AppData\Local\MigWiz
O43 - CFD: 03/05/2012 - 23:17:13 - [81,329] ----D C:\Users\yoy\AppData\Local\Mozilla
O43 - CFD: 07/12/2012 - 17:02:01 - [0] ----D C:\Users\yoy\AppData\Local\Programs
O43 - CFD: 26/09/2012 - 21:35:39 - [0,015] ----D C:\Users\yoy\AppData\Local\Samsung
O43 - CFD: 17/07/2012 - 17:08:25 - [0,434] ----D C:\Users\yoy\AppData\Local\SoftGrid Client
O43 - CFD: 08/12/2012 - 20:44:19 - [0] ----D C:\Users\yoy\AppData\Local\Software
O43 - CFD: 03/02/2013 - 21:57:10 - [1647,484] ----D C:\Users\yoy\AppData\Local\Temp
O43 - CFD: 03/05/2012 - 22:00:18 - [0] ----D C:\Users\yoy\AppData\Local\Temporary Internet Files
O43 - CFD: 17/06/2012 - 18:14:47 - [22,145] ----D C:\Users\yoy\AppData\Local\Thunderbird
O43 - CFD: 03/05/2012 - 23:14:14 - [0,215] ----D C:\Users\yoy\AppData\Local\VirtualStore
O43 - CFD: 07/12/2012 - 21:51:15 - [0,054] ----D C:\Users\yoy\AppData\Local\Wajam
O43 - CFD: 12/01/2013 - 20:36:57 - [0,109] ----D C:\Users\yoy\AppData\Local\Windows Live
O43 - CFD: 18/10/2012 - 19:12:31 - [0] ----D C:\Users\yoy\AppData\Local\{292547B5-4C78-4075-8AD9-B2D6DCC08C1F}
O43 - CFD: 24/09/2012 - 18:53:15 - [0] ----D C:\Users\yoy\AppData\Local\{46C542AD-9F53-4EA8-9298-5BBF54647E94}
O43 - CFD: 08/05/2012 - 15:12:23 - [0] ----D C:\Users\yoy\AppData\Local\{4964E5EE-31EA-4F76-ADA2-F81EE31FD97F}
O43 - CFD: 08/05/2012 - 13:39:03 - [0] ----D C:\Users\yoy\AppData\Local\{4D8A6A9E-500A-4FE1-A3F9-FE2216D7F547}
O43 - CFD: 22/06/2012 - 20:35:59 - [0] ----D C:\Users\yoy\AppData\Local\{6748E41A-5879-41D8-AE91-7ED1980C2246}
O43 - CFD: 08/05/2012 - 15:12:12 - [0] ----D C:\Users\yoy\AppData\Local\{6A02E4E5-60BD-459C-9C30-08A86A8D46D4}
O43 - CFD: 22/06/2012 - 20:35:40 - [0] ----D C:\Users\yoy\AppData\Local\{84529358-3D3B-40FC-909D-45D91ADAF8D9}
O43 - CFD: 08/06/2012 - 21:10:39 - [0] ----D C:\Users\yoy\AppData\Local\{9999B59E-E59C-40BA-83CF-5F593EB61B56}
O43 - CFD: 16/08/2012 - 18:43:01 - [0] ----D C:\Users\yoy\AppData\Local\{9E8A2772-72D3-4FEF-BA37-B9214E9F76AC}
O43 - CFD: 08/06/2012 - 21:11:08 - [0] ----D C:\Users\yoy\AppData\Local\{9F32CB9D-59C8-46EF-9D26-2BC93CAA4212}
O43 - CFD: 08/06/2012 - 21:10:50 - [0] ----D C:\Users\yoy\AppData\Local\{A24F7032-DF48-4E35-B8BE-180F1C5A2226}
O43 - CFD: 12/01/2013 - 20:30:02 - [0] ----D C:\Users\yoy\AppData\Local\{ABC27EDF-AB0B-49A3-A089-A3D30680825E}
O43 - CFD: 19/09/2012 - 19:31:52 - [0] ----D C:\Users\yoy\AppData\Local\{AC9C9F0B-B899-410E-B78E-4F29E963C388}
O43 - CFD: 16/08/2012 - 18:43:12 - [0] ----D C:\Users\yoy\AppData\Local\{AFF94A9A-A462-4D8C-9C4E-C665F467A63E}
O43 - CFD: 26/10/2012 - 19:24:07 - [0] ----D C:\Users\yoy\AppData\Local\{BD94E9A0-AF8D-4B9D-923F-81B2107D0F8D}
O43 - CFD: 08/05/2012 - 14:01:20 - [0] ----D C:\Users\yoy\AppData\Local\{CD37E56F-C1B7-4FC1-B4A2-96C5357EB9E7}
O43 - CFD: 15/08/2012 - 19:23:38 - [0] ----D C:\Users\yoy\AppData\Local\{D64003DD-F870-4AC7-BA85-F0858AFD2940}
O43 - CFD: 15/08/2012 - 19:23:27 - [0] ----D C:\Users\yoy\AppData\Local\{D6933E4F-72CB-4BC6-B328-D95C718C9140}
O43 - CFD: 14/07/2009 - 05:54:32 - [0,014] R---D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/07/2012 - 20:20:01 - [0,000] R---D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 18/01/2013 - 21:38:23 - [0,001] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
O43 - CFD: 08/05/2012 - 20:37:42 - [0,003] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
O43 - CFD: 18/01/2013 - 21:38:22 - [0,004] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
O43 - CFD: 02/02/2013 - 22:25:06 - [0,002] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 15/01/2013 - 20:57:47 - [0,002] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 08/12/2012 - 19:04:39 - [0,003] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INFORAD
O43 - CFD: 14/07/2009 - 05:49:38 - [0,001] R---D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 08/05/2012 - 17:41:21 - [0,003] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 Rocket
O43 - CFD: 02/02/2013 - 22:25:15 - [0,005] R---D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 07/12/2012 - 21:51:18 - [0,001] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
~ Scan Program Folder in 00mn 11s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.BEFC97A51F5CE59295B0EA0E54AE733E] - 03/02/2013 - 18:54:23 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1302331]
O44 - LFC:[MD5.93A81DBEBF437DF6138816DBCB72696E] - 03/02/2013 - 17:56:53 ---A- . (...) -- C:\Windows\setupact.log [68435]
O44 - LFC:[MD5.42F461B829E46E3DD4E4048DDF7B5A14] - 03/02/2013 - 17:56:41 --HA- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.F9F8F4116A9998F33F30290B7A7D3235] - 02/02/2013 - 22:25:15 ---A- . (...) -- C:\Windows\wininit.ini [343]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/02/2013 - 22:17:14 ---A- . (...) -- C:\END [0]
O44 - LFC:[MD5.0BEF5E5ED6CD6FADE40CC4D1CD3DE5EB] - 22/01/2013 - 18:45:17 ---A- . (...) -- C:\Windows\PFRO.log [63510]
O44 - LFC:[MD5.94BCE5A03EF5F9340AD9095E0D409C82] - 17/01/2013 - 01:28:58 . (...) -- C:\Windows\System32\MpSigStub.exe [420064]
O44 - LFC:[MD5.3FBF25752E780075E563AB3B1005C418] - 12/01/2013 - 20:45:53 . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\perfc009.dat [44544]
O44 - LFC:[MD5.3908E647D6FBF32B4F1C27F019D8BEEF] - 12/01/2013 - 20:45:53 . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\perfc00C.dat [44544]
O44 - LFC:[MD5.B7E99D1E746573A2954EBDFAA8DA78E6] - 12/01/2013 - 20:45:53 . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\perfh009.dat [44544]
O44 - LFC:[MD5.B9545561387FD9BB0FEA09B3CDF6F2A8] - 12/01/2013 - 20:45:53 . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\perfh00C.dat [44544]
O44 - LFC:[MD5.0FEF016D05E89AB65457862CBA408EFA] - 12/01/2013 - 20:45:53 ----- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1551212]
O44 - LFC:[MD5.0FEF016D05E89AB65457862CBA408EFA] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1551212]
O44 - LFC:[MD5.3FBF25752E780075E563AB3B1005C418] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106574]
O44 - LFC:[MD5.3908E647D6FBF32B4F1C27F019D8BEEF] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130940]
O44 - LFC:[MD5.B7E99D1E746573A2954EBDFAA8DA78E6] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616452]
O44 - LFC:[MD5.B9545561387FD9BB0FEA09B3CDF6F2A8] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704924]
O44 - LFC:[MD5.4B4050855236C4656EEBDF225E3480FA] - 09/01/2013 - 22:16:45 ---A- . (.Logicool Co. Ltd. - Logicool Force Feedback Driver.) -- C:\Windows\SysNative\MijFrc.dll [328712]
O44 - LFC:[MD5.CA1B2BC368A853E77F48E223E47B7FDE] - 09/01/2013 - 18:42:39 . (.Microsoft - Syst�me de classement ESRB.) -- C:\Windows\System32\FNTCACHE.DAT [51712]
O44 - LFC:[MD5.CA1B2BC368A853E77F48E223E47B7FDE] - 09/01/2013 - 18:42:39 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [289200]
O44 - LFC:[MD5.997938D423CE830161CB6059434E3C9F] - 09/01/2013 - 00:05:06 ---A- . (.Microsoft - Syst�me de classification OFLC-NZ.) -- C:\Windows\SysNative\oflc-nz.rs [45568]
O44 - LFC:[MD5.997938D423CE830161CB6059434E3C9F] - 09/01/2013 - 00:05:06 ---A- . (.Microsoft - Syst�me de classification OFLC-NZ.) -- C:\Windows\System32\oflc-nz.rs [45568]
O44 - LFC:[MD5.EBB73E4E8CA01089CF74ECE506EB7607] - 09/01/2013 - 00:05:06 ---A- . (.Microsoft - Syst�me de notation CSRR.) -- C:\Windows\SysNative\csrr.rs [43520]
O44 - LFC:[MD5.EBB73E4E8CA01089CF74ECE506EB7607] - 09/01/2013 - 00:05:06 ---A- . (.Microsoft - Syst�me de notation CSRR.) -- C:\Windows\System32\csrr.rs [43520]
O44 - LFC:[MD5.54B11BB2AFBC3D5EBA9C96F0C1820B9B] - 09/01/2013 - 00:05:04 ---A- . (.Microsoft - Syst�me de classification FPB.) -- C:\Windows\SysNative\fpb.rs [46592]
O44 - LFC:[MD5.54B11BB2AFBC3D5EBA9C96F0C1820B9B] - 09/01/2013 - 00:05:04 ---A- . (.Microsoft - Syst�me de classification FPB.) -- C:\Windows\System32\fpb.rs [46592]
O44 - LFC:[MD5.C4B0793E4B97AA36A2A8C81A7AA1979A] - 09/01/2013 - 00:05:03 ---A- . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\SysNative\pegibbfc.rs [44544]
O44 - LFC:[MD5.C4B0793E4B97AA36A2A8C81A7AA1979A] - 09/01/2013 - 00:05:03 ---A- . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\pegibbfc.rs [44544]
O44 - LFC:[MD5.A2E0F1E01A0983E9C94565BBEC862BF7] - 09/01/2013 - 00:05:03 ---A- . (.Microsoft - Syst�me de classification COB-AU.) -- C:\Windows\SysNative\cob-au.rs [40960]
O44 - LFC:[MD5.A2E0F1E01A0983E9C94565BBEC862BF7] - 09/01/2013 - 00:05:03 ---A- . (.Microsoft - Syst�me de classification COB-AU.) -- C:\Windows\System32\cob-au.rs [40960]
O44 - LFC:[MD5.5C48A43FC30FC61ECB1335DC646686BC] - 09/01/2013 - 00:05:01 ---A- . (.Microsoft - Syst�me de classement USK.) -- C:\Windows\SysNative\usk.rs [30720]
O44 - LFC:[MD5.5C48A43FC30FC61ECB1335DC646686BC] - 09/01/2013 - 00:05:01 ---A- . (.Microsoft - Syst�me de classement USK.) -- C:\Windows\System32\usk.rs [30720]
O44 - LFC:[MD5.65A8302C7551CFE45FAA2BC085C9E7E2] - 09/01/2013 - 00:05:00 ---A- . (.Microsoft - Syst�me de classification DJCTQ.) -- C:\Windows\SysNative\djctq.rs [15360]
O44 - LFC:[MD5.65A8302C7551CFE45FAA2BC085C9E7E2] - 09/01/2013 - 00:05:00 ---A- . (.Microsoft - Syst�me de classification DJCTQ.) -- C:\Windows\System32\djctq.rs [15360]
O44 - LFC:[MD5.4489D5D2CB4BA0799F3FB4625DE181CF] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement GRB.) -- C:\Windows\SysNative\grb.rs [21504]
O44 - LFC:[MD5.4489D5D2CB4BA0799F3FB4625DE181CF] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement GRB.) -- C:\Windows\System32\grb.rs [21504]
O44 - LFC:[MD5.6D540AF9B183FC97DC4CC54369561548] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement PEGI au Portugal.) -- C:\Windows\SysNative\pegi-pt.rs [20480]
O44 - LFC:[MD5.6D540AF9B183FC97DC4CC54369561548] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement PEGI au Portugal.) -- C:\Windows\System32\pegi-pt.rs [20480]
O44 - LFC:[MD5.661AE5EAC62C4598DD01795CEB915BAE] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement PEGI.) -- C:\Windows\SysNative\pegi.rs [20480]
O44 - LFC:[MD5.661AE5EAC62C4598DD01795CEB915BAE] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement PEGI.) -- C:\Windows\System32\pegi.rs [20480]
O44 - LFC:[MD5.51D25C805A01A2C4F930F9720CF51FFE] - 09/01/2013 - 00:04:55 ---A- . (.Microsoft - Syst�me de classement ESRB.) -- C:\Windows\SysNative\esrb.rs [51712]
O44 - LFC:[MD5.51D25C805A01A2C4F930F9720CF51FFE] - 09/01/2013 - 00:04:55 ---A- . (.Microsoft - Syst�me de classement ESRB.) -- C:\Windows\System32\esrb.rs [51712]
O44 - LFC:[MD5.9BB05674E013C35F4DAED51F5015355D] - 09/01/2013 - 00:04:55 ---A- . (.Microsoft - Syst�me de classement PEGI en Finlande.) -- C:\Windows\SysNative\pegi-fi.rs [20480]
O44 - LFC:[MD5.9BB05674E013C35F4DAED51F5015355D] - 09/01/2013 - 00:04:55 ---A- . (.Microsoft - Syst�me de classement PEGI en Finlande.) -- C:\Windows\System32\pegi-fi.rs [20480]
O44 - LFC:[MD5.D0C01412FBF59C1C25630C49F0C1B803] - 09/01/2013 - 00:04:54 ---A- . (.Microsoft - Syst�me de classement CERO.) -- C:\Windows\SysNative\cero.rs [55296]
O44 - LFC:[MD5.D0C01412FBF59C1C25630C49F0C1B803] - 09/01/2013 - 00:04:54 ---A- . (.Microsoft - Syst�me de classement CERO.) -- C:\Windows\System32\cero.rs [55296]
O44 - LFC:[MD5.4773EB5962548068547214A620E9ACC3] - 09/01/2013 - 00:04:54 ---A- . (.Microsoft - Syst�me de classement OFLC.) -- C:\Windows\SysNative\oflc.rs [23552]
O44 - LFC:[MD5.4773EB5962548068547214A620E9ACC3] - 09/01/2013 - 00:04:54 ---A- . (.Microsoft - Syst�me de classement OFLC.) -- C:\Windows\System32\oflc.rs [23552]
O44 - LFC:[MD5.1BCDB508143B517F21BBDAC10F5777BF] - 09/01/2013 - 00:04:23 . (.Microsoft - Syst�me de classification COB-AU.) -- C:\Windows\System32\conhost.exe [40960]
O44 - LFC:[MD5.8ACC1EFC15C4EA1243FF0A48B397BCC1] - 09/01/2013 - 00:02:58 . (...) -- C:\Windows\System32\MRT.exe [420064]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30/11/2012 - 00:15:43 ---A- . (...) -- C:\Windows\SysNative\locale.nls [420064]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30/11/2012 - 00:15:43 ---A- . (...) -- C:\Windows\System32\locale.nls [420064]
O44 - LFC:[MD5.639774C9ACD063F028F6084ABF5593AD] - 23/11/2012 - 04:13:57 . (...) -- C:\Windows\System32\taskhost.exe [1551212]
O44 - LFC:[MD5.4B4050855236C4656EEBDF225E3480FA] - 03/05/2010 - 16:12:42 . (...) -- C:\Windows\System32\MijFrc.dll [420064]
~ Scan Files in 00mn 09s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l��diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.6CE397C482BEDE91A38E56A8C4A0DC6D] - 28/06/2004 - 15:08:56 ----- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\Windows\SysWOW64\drivers\ser2pl.sys [42752]
O58 - SDL:[MD5.A16FB34E56C781DC56BE7492315655B9] - 03/08/2005 - 16:05:02 ----- . (.Prolific Technology Inc. - USB-Serial USB Driver.) -- C:\Windows\SysWOW64\SER9PL.sys [35892]
~ Scan Drivers in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.34 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 30/10/2012 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 15/10/2012 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 27/10/2011 - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys (mwlPSDFilter) .(.Egis Technology Inc. - PSD Mini Filter Driver.) - LEGACY_MWLPSDFILTER
O64 - Services: CurCS - 27/10/2011 - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys (mwlPSDNServ) .(.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV
O64 - Services: CurCS - 27/10/2011 - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys (mwlPSDVDisk) .(.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 01/10/2011 - C:\Windows\System32\DRIVERS\Sftvollh.sys (Sftvol) .(.Microsoft Corporation - Microsoft Application Virtualization Volume.) - LEGACY_SFTVOL
O64 - Services: CurCS - 14/07/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de clich� instantan� du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
~ Scan Services in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\yoy\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\yoy\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\yoy\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\yoy\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1354996656258,\"isWithState\"[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("avg.install.userHPSettings", "^http://www\\.claro-search\\.com/\\?affID=114506.*");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("avg.install.userSPSettings", "Claro Search");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("browser.newtab.url", "http://search.babylon.com/?affID=113357&tt=0313_6&babsrc=NT_ss&mntrId=ae07337d00000000000016de2b9[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("browser.search.defaultenginename", "SweetIM Search");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("browser.search.selectedEngine", "SweetIM Search");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.admin", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.aflt", "babsst");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.dfltLng", "en");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.excTlbr", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.id", "ae07337d00000000000016de2b938653");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.instlDay", "15723");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.instlRef", "sst");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.rvrt", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.tlbrId", "base");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=ae07337d00000000000016de2b9386[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.babExt", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113357&tt=0313_6");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.excTlbr", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.newTab", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.221:38:06");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.admin", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.aflt", "babsst");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.dfltLng", "en");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.excTlbr", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.id", "ae07337d00000000000074de2b938653");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.instlDay", "15675");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.instlRef", "sst");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.prdct", "claro");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.prtnrId", "claro");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.tlbrId", "irhnew");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.tlbrSrchUrl", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.vrsn", "1.8.3.10");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.vrsni", "1.8.3.10");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro_i.smplGrp", "none");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro_i.vrsnTs", "1.8.3.108:47:06");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossrider.bic", "13b77271fed949b034f766cd14a62ff8");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp21810.adsOldValue", 14);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationThankYouPage", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationTime", 1354913482);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationUserSettings.searchUserConifrmation", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationUserSettings.setHomepage", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationUserSettings.setNewTab", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationUserSettings.setSearch", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.active", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.addressbar", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.addressbarenhanced", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.backgroundjs", "\n\n//\n");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.backgroundver", 32);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.can_run_bg_code", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.certdomaininstaller", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.changeprevious", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.InstallationTime.value", "1354913482");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_aoi.value", "1354913482");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_arbitrary_code.expiration", "Sun Feb 03 2013 18:09:56 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_arbitrary_code.value", "%22%28function%28%29%7B_GPL_PLUGIN.countryCode%26[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_blocklist.expiration", "Sun Feb 03 2013 18:09:56 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_cf_bu1.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_cf_bu1.value", "1359911100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_country_code.expiration", "Sun Feb 10 2013 17:59:52 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_country_code.value", "%22FR%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_crr.value", "1359910997");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_currenttime.value", "%221359648346%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_hotfix20111102645.value", "%221%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_parent_zoneid.value", "%2214019%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_pc_20120828.value", "1354990977596");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_product_id.value", "%221162%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_sr[megavod.fr].expiration", "Sun Feb 10 2013 18:00:52 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_sr[megavod.fr].value", "1359910852");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_sr_halt.expiration", "Sun Feb 03 2013 18:15:52 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_sr_halt.value", "1359910852");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_zoneid.value", "%22116513%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.dbtest.value", "1354990901301");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.lastrequest.value", "%7B%22path%22%3A%22/home.asp%22%2C%22host%22%3A%22www.gay[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.description", "CouponDropDown saves you money by displaying coupons while you shop on[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.domain", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.enablesearch", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.fbremoteurl", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.group", 0);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.homepage", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.iframe", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22DA8A9276941F4885[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_appVer.value", "85");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_lastVersion.value", "0");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_meta.value", "%7B%7D");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_nextCheck.expiration", "Sun Feb 03 2013 23:59:55 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_nextCheck.value", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_queue.value", "%7B%7D");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.SoftwareDetected.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%22%3Afalse%2C%22Wireshark%22%3[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.star[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.manifesturl", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.name", "CouponDropDown");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.newtab", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.opensearch", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if([...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1.ver", 3);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=func[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000014.ver", 15);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},r[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000015.ver", 27);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(w[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_13.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={}}var CR__bIsIEW[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_14.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!=true[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_16.ver", 4);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScri[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_17.ver", 3);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_21.name", "debug");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_21.ver", 3);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:functio[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_22.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:a[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_28.name", "initializer");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_28.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com | jquery.org/license */\n(funct[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_4.name", "jquery_1_7_1");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_4.ver", 3);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isRea[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_47.name", "resources_background");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_47.ver", 1);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_64.name", "appApiMessage");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_64.ver", 1);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function([...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_72.name", "appApiValidation");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_72.ver", 1);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigato[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_78.name", "CrossriderInfo");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_78.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins_lists.plugins_0", "4,14,78,16,64,47,72,1000015");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,1000014,28");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.pluginsurl", "http://app-static.crossrider.com/plugin/apps/4352/plugins/087/ff/plugin[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.pluginsversion", 52);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.publisher", "215 Apps");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.searchstatus", 0);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.setnewtab", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.settingsurl", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.thankyou", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.updateinterval", 360);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.ver", 85);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.apps", "4352");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.bic", "13b77271fed949b034f766cd14a62ff8");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.cid", 4352);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.firstrun", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.hadappinstalled", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.installationdate", 1354913751);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.lastcheck", 22665180);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.lastcheckitem", 22665185);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.modetype", "production");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.reportInstall", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("keyword.URL", "http://search.sweetim.com/search.asp?barid={359410EE-BD53-4A37-8A4D-6892AAC14AF9}&src=2&q=");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.Visibility.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.cda.returnValue", "disable");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.height", "335");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.width", "761");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.height", "300");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.width", "500");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.height", "150");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.url", "http://www.sweetim.com/simffbar/simcdadialog.asp");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.width", "530");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.mode.debug", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.newtab.created", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.newtab.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://www.google.fr/");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.previous.keyword.URL", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.callback", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.search.external", "
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.searchguard.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.simapp_id", "{359410EE-BD53-4A37-8A4D-6892AAC14AF9}");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.10025&barid={359410EE-BD53-4A37-8A4D-6892AAC14A[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.version", "1.9.0.0");
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {B37FCEE9-5F20-4F9A-9FB4-1D22907669A0} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {B800F3E4-E299-4532-98B9-FB51619DDB4F} - (01NET.com Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} [DefaultScope] - (SweetIM Search) - http://search.sweetim.com
~ Scan Keys in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d�acc�s distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l�application d�assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur h�te de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d�ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau � distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th�mes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Scan Services in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.57236868E9AF1882AE04132B13B2FA6F] [SPRF][05/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\1304.exe [47453208]
[MD5.D283A95A5031061534507A8C9B84EC2B] [SPRF][08/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\39624-92479-flight-simulator-x.exe [837844312]
[MD5.F59F192D75396538912A87A5A8447E70] [SPRF][07/06/2012] (.Ask.com - AskStub Application.) -- C:\Users\yoy\AppData\Local\Temp\ApnStub.exe [357032]
[MD5.602AE45EEB85FCE002C2BD541F5E3F89] [SPRF][18/01/2013] (.Conduit - Pas de description.) -- C:\Users\yoy\AppData\Local\Temp\conduitinstaller.exe [86080]
[MD5.953F9AE5A36C5C281FB0A1A75727FD37] [SPRF][08/12/2012] (.DealPly - DealPly.) -- C:\Users\yoy\AppData\Local\Temp\dealply.exe [484624]
[MD5.944DD52A7CC16D5D337630117D78002A] [SPRF][10/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe [1129600]
[MD5.B45C02C5D4CD2EC90A2D6F0CAA9FFE07] [SPRF][12/01/2013] (...) -- C:\Users\yoy\AppData\Local\Temp\ICReinstall_Nero12.exe [1210760]
[MD5.05FECA1B4B1F7F9D924191716AD3F0BA] [SPRF][16/01/2013] (.Pas de propri�taire - IncrediMail Installer.) -- C:\Users\yoy\AppData\Local\Temp\incredibar_installer.exe [463184]
[MD5.10CAFDC317E81EDB72089D6C93DAD2D7] [SPRF][01/11/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\InstallerBT.exe [1048039]
[MD5.B680820CEB9BD04E4A1814E1264C34D1] [SPRF][07/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\instloffer.exe [120544]
[MD5.107167F15D30AA71D7CAFC0326AFB315] [SPRF][08/06/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\yoy\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe [909104]
[MD5.8E51D3D38A26EEAC819974C9295AF35F] [SPRF][29/08/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\yoy\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe [908272]
[MD5.47C6B9B408CBB4DEE11A1EE517CD89BE] [SPRF][01/10/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\yoy\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe [912880]
[MD5.C6AA274F69EBDD86F75B7E3E4FA58AF4] [SPRF][31/01/2013] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\yoy\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe [915376]
[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [SPRF][12/01/2013] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\yoy\AppData\Local\Temp\mgsqlite3.dll [393016]
[MD5.69B84179CECF098858AD9B1E99E780B0] [SPRF][27/02/2012] (.Yuna Software - Messenger Plus! 5 Uninstaller.) -- C:\Users\yoy\AppData\Local\Temp\MsgPlusUninstall.exe [834560]
[MD5.77DFB27D68CE46659A3D5E93410C0B75] [SPRF][16/01/2013] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\yoy\AppData\Local\Temp\MyBabylonTB_google_20120807.exe [899224]
[MD5.B06CFD9F34B1678952AF713EA24B2F38] [SPRF][08/12/2012] (.Aedge Performance BCN SL - OfferBox setup.) -- C:\Users\yoy\AppData\Local\Temp\OB.exe [2446808]
[MD5.DA1DC01147EF4F882C39A2DFED5047AA] [SPRF][08/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\offerbox.exe [187344]
[MD5.D9DA3FDE1AEE64CEE57D4C57A538A53B] [SPRF][22/10/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\yoy\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe [7739736]
[MD5.831FFBBD4F25531DDE034A6879FFB565] [SPRF][08/05/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\yoy\AppData\Local\Temp\Shortcut_sweetimsetup.exe [334128]
[MD5.C6D792E4583FC46DB0953FBF6E46348A] [SPRF][12/01/2013] (.SweetIM Technologies Lt - This installer.) -- C:\Users\yoy\AppData\Local\Temp\SIMEEI2Installer.exe [2962432]
[MD5.7704B843006444B69486FD27D4660845] [SPRF][12/01/2013] (.SweetIM Technologies Lt - This installer.) -- C:\Users\yoy\AppData\Local\Temp\SIMEEIInstaller.exe [3380216]
[MD5.1BFD2D72861FF7DA31F33212DF2EA40B] [SPRF][26/07/2012] (.Skype Technologies S.A. - Skype.) -- C:\Users\yoy\AppData\Local\Temp\SkypeSetup.exe [25653936]
[MD5.73406FA9287B36CA4163797C73A2CD04] [SPRF][16/07/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\yoy\AppData\Local\Temp\tbedrs.dll [4451144]
[MD5.73406FA9287B36CA4163797C73A2CD04] [SPRF][16/07/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\yoy\AppData\Local\Temp\tbuTor.dll [4451144]
[MD5.E35C4CA0FC282238E0A2BAFB1CAAFE5A] [SPRF][17/10/2012] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\yoy\AppData\Local\Temp\uninst1.exe [340632]
[MD5.42A4A556174887662EE0E00DC7B0A6B2] [SPRF][01/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\utt761C.tmp.exe [7732736]
[MD5.CBF9C44A4C35599989CA8BDA97DDC586] [SPRF][07/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\utt8AF0.tmp.bat [77]
[MD5.42A4A556174887662EE0E00DC7B0A6B2] [SPRF][07/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\utt9C04.tmp.exe [7732736]
[MD5.C82AB54C276A1734876D911EC622A7C2] [SPRF][07/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\uttB8C5.tmp.bat [53]
[MD5.225CCDCFE5625795647043679CB77112] [SPRF][18/01/2013] (...) -- C:\Users\yoy\AppData\Local\Temp\wajam_install.exe [417256]
[MD5.AE7E0C99C5BC7D28325C0CD7885C851F] [SPRF][24/10/2012] (.Yontoo LLC - Installer.) -- C:\Users\yoy\AppData\Local\Temp\YontooSetup-S.exe [1062504]
~ Scan Files in 00mn 19s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{657B6721-50DE-45AA-B01F-2DA024949CFD}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "{DCCD532B-945D-48E1-A6A2-1316A746286C}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.)
O87 - FAEL: "{9D28F029-9406-4905-A33A-9BBEF3EA40F7}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.)
O87 - FAEL: "{A2A34D0D-C88D-4B2E-B636-C17924D569FB}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{2D81732E-DE78-46E1-8586-2606AA9355C0}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{A255435A-6CE6-4A52-B4EF-209240D337C9}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{503FA021-5D7C-466D-B5BF-D89965DFB293}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{86CAEC61-1743-4BF1-A95E-E35FD868D591}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{C16A2F41-DDF6-4389-8D01-5160F531AAE8}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{B538D20B-F6DD-449A-8C8A-B2F3ACB98814}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe (.not file.)
O87 - FAEL: "{8F60D09A-F5EB-42C4-83F7-FFF1711CE338}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (.not file.)
O87 - FAEL: "{EF3B227A-A2FE-4D62-98CA-C908E1CC3F3D}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe (.not file.)
O87 - FAEL: "{52BAFA50-91C2-4467-B152-8825B754E80C}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (.not file.)
O87 - FAEL: "{1E5998EB-16A3-47CF-996B-56254D2834F8}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (.not file.)
O87 - FAEL: "{B5DDF9B2-7728-42BD-96E2-32FFE837C1DE}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (.not file.)
O87 - FAEL: "{32718FDE-6EA5-4822-81D4-57392EF4A6BC}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe (.not file.)
O87 - FAEL: "{DBD35181-F14F-4FA6-AF1F-60E60C4A7A05}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe (.not file.)
O87 - FAEL: "{C72BF584-FB71-4E99-8822-A969E4CAC166}" | In - None - P17 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
O87 - FAEL: "{6C697FD8-D42D-407C-8131-C657F9528CDE}" | In - None - P17 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
O87 - FAEL: "{2CB1D982-FDBA-45CD-A950-FE4E8907C5C0}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O87 - FAEL: "{131DA0AB-A174-4F1B-8454-D5F76057FC49}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O87 - FAEL: "{59EC8DD8-66D8-49E7-B4FC-9108E46EC715}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{7696402F-FB16-4FCC-99F7-103E16F64EB9}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{6C543062-D51F-4323-81CA-7B49A73E8CE4}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{345956B6-D8F1-4A8A-9FAF-C12B2FBB7CC4}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{CD87C3DB-6477-4FD6-A640-FFC7DC9715A7}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{6FA5AC23-C1A7-4CE4-BA45-E1C14C0ABC81}" | In - None - P17 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
O87 - FAEL: "{1C2354C3-A810-4F88-88AB-FD46FD3823E8}" | In - None - P17 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
O87 - FAEL: "{362AE083-B5AF-4DF4-9DBC-0B4A0A14685C}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Invit�\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.)
O87 - FAEL: "{9CC62362-8BAB-4409-A666-651EEF107646}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Invit�\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.)
O87 - FAEL: "{CB7B5BB6-5588-4747-AA80-3A6A881F00FD}" | In - Private - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\yoy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "{07616B73-5BAB-47FC-90A4-E62E7E16933B}" | In - Private - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\yoy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "TCP Query User{7C31412B-4AC0-4357-A5EB-991A4A21F4F5}C:\users\yoy\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\yoy\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "UDP Query User{24E8F986-A85C-4726-AE5E-AED33508B929}C:\users\yoy\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\yoy\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "{1600DA24-C394-48C0-ACBE-25889A7012E7}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O87 - FAEL: "{8A27E962-438D-4AFB-8A09-82E382D5E623}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe
O87 - FAEL: "{616F6202-0D65-4A89-9B9B-84B837D73C27}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe
O87 - FAEL: "TCP Query User{EF408BCB-2D66-4517-BFAB-DEFCE1C411A6}C:\users\yoy\downloads\utorrent.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\yoy\downloads\utorrent.exe (.not file.)
O87 - FAEL: "UDP Query User{6D06215D-F3D9-48A7-9275-971142ECBC24}C:\users\yoy\downloads\utorrent.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\yoy\downloads\utorrent.exe (.not file.)
O87 - FAEL: "{F900CF54-15A8-47BF-9208-C6292BF6513B}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "{E9E6326F-3CDB-45E5-AB5B-0F6BAADEF8B6}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan Firewall in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : v2.10502 - (01/02/2013)
Cl�s trouv�es (Keys found) : 241
Valeurs trouv�es (Values found) : 4
Dossiers trouv�s (Folders found) : 30
Fichiers trouv�s (Files found) : 42
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}] =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0EE02110-967B-4256-ACA6-BC8AC7CB7E61}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Toolbar.Alot
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{8216BD4A-4DC2-4DCE-9AFF-C86C5ACC6757}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8216BD4A-4DC2-4DCE-9AFF-C86C5ACC6757}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{8ABB9FA2-0740-4AD9-8F54-1192254B3CF4}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Toolbar.Alot
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}] =>Toolbar.Alot
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{D4D390BE-98E6-4633-AD1B-B18B54BE5E76}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{D4D390BE-98E6-4633-AD1B-B18B54BE5E76}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D745B017-4336-4718-83A6-3AE1A9DE88C3}] =>Adware.Boxore
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Toolbar.Alot
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>Adware.BHO
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Alot
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Alot
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Classes\b] =>Toolbar.Babylon
[HKLM\Software\Classes\Babylon.dskBnd] =>Toolbar.Babylon
[HKLM\Software\Classes\Babylon.dskBnd.1] =>Toolbar.Babylon
[HKLM\Software\Classes\bbylnApp.appCore] =>Toolbar.Babylon
[HKLM\Software\Classes\bbylnApp.appCore.1] =>Toolbar.Babylon
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\esrv.BabylonESrvc] =>Toolbar.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc.1] =>Toolbar.Babylon
[HKLM\Software\Classes\OfferBoxUI.TheBoxCtrl] =>PUP.OfferBox
[HKLM\Software\Classes\OfferBoxUI.TheBoxCtrl.1] =>PUP.OfferBox
[HKLM\Software\Classes\Software.OneClickCtrl.8] =>Adware.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater] =>Toolbar.Wajam
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>Toolbar.Wajam
[HKCU\Software\AppDataLow\Software\01NET.com] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\01NET.com] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\CouponDropDown] =>PUP.RewardsArcade
[HKCU\Software\Cr_Installer] =>Adware.VidSaver
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\Giant Savings Extension] =>Adware.VidSaver
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>Toolbar.Agent
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\01NET.com Toolbar] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings Extension] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar] =>Toolbar.Conduit
[HKCU\Software\InstalledBrowserExtensions\215 Apps] =>PUP.SpecialSavings
[HKLM\Software\Classes\Prod.cap] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Classes\AppID\priam_bho.DLL] =>Toolbar.Wajam
[HKLM\Software\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Classes\TypeLib\{44444444-4444-4444-4444-440244184410}] =>Adware.VidSaver
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKLM\Software\Classes\CrossriderApp0021810.BHO] =>Adware.VidSaver
[HKLM\Software\Classes\CrossriderApp0021810.BHO.1] =>Adware.VidSaver
[HKLM\Software\Classes\CrossriderApp0021810.Sandbox] =>Adware.VidSaver
[HKLM\Software\Classes\CrossriderApp0021810.Sandbox.1] =>Adware.VidSaver
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT3128284] =>Toolbar.Conduit
[HKLM\Software\Classes\wajam.WajamBHO] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam
[HKLM\Software\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.BHO] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.BHO.1] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.Sandbox] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.Sandbox.1] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3128284] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\\YontooIEClient.DLL] =>Adware.Yontoo
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
C:\Program Files (x86)\yontoo =>Toolbar.Alot
C:\Program Files (x86)\BabylonToolbar =>Toolbar.Babylon
C:\Program Files (x86)\Boxore =>Adware.Boxore
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\DealPly =>PUP.DealPly
C:\Program Files (x86)\Giant Savings Extension =>Adware.VidSaver
C:\Program Files (x86)\OfferBox =>PUP.OfferBox
C:\Program Files (x86)\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\SweetIM =>PUP.SweetIM
C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit
C:\Program Files (x86)\Webgameplay setup =>Toolbar.Agent
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\SweetIM =>PUP.SweetIM
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
C:\Users\yoy\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\yoy\AppData\Roaming\DealPly =>PUP.DealPly
C:\Users\yoy\AppData\Roaming\OfferBox =>PUP.OfferBox
C:\Users\yoy\AppData\Roaming\SearchProtect =>Toolbar.Conduit
C:\Users\yoy\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\yoy\AppData\Local\CouponDropDown =>
C:\Users\yoy\AppData\Local\Giant Savings Extension =>Adware.VidSaver
C:\Users\yoy\AppData\Local\Software =>Adware.Boxore
C:\Users\yoy\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\yoy\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\yoy\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\yoy\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit
C:\Users\yoy\AppData\Local\Temp\AskSearch =>Toolbar.AskBarDis
C:\Users\yoy\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc =>Toolbar.Alot
C:\Users\yoy\AppData\Local\Google\Chrome\User Data\Default\Extensions\halffneccaebicfdfajnbfgpglahfgoe =>Adware.VidSaver
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\bprotector_prefs.js =>PUP.BProtector
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\SearchPlugins\sweetim.xml =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\Shortcut_sweetimsetup.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\SweetIESetup.exe.7z =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\SweetIMSetup.exe.7z =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\SIMEEI2Installer.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\SIMEEIInstaller.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\incredibar_installer.exe =>Adware.IncrediBar
C:\Users\yoy\AppData\Local\Temp\yontoo.bmp =>Toolbar.Alot
C:\Users\yoy\AppData\Local\Temp\YontooSetup-S.exe =>Toolbar.Alot
C:\Users\yoy\AppData\Local\Temp\MyBabylonTB_google_20120807.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\square_babylon.bmp =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\square_babylonv2.bmp =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\square_babylonv3.bmp =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\conduitinstaller.exe => Infection PUP (Toolbar.Conduit)
C:\Users\yoy\AppData\Local\Temp\dealply.exe => Infection PUP (Toolbar.Conduit)
C:\Users\yoy\AppData\Local\Temp\mgsqlite3.dll => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\MyBabylonTB_google_20120807.exe => Infection PUP (Toolbar.Babylon)
C:\Users\yoy\AppData\Local\Temp\OB.exe => Infection PUP (PUP.Offecbox)
C:\Users\yoy\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\Shortcut_sweetimsetup.exe => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\SIMEEI2Installer.exe => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\SIMEEIInstaller.exe => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\tbedrs.dll => Infection PUP (Toolbar.Conduit)
C:\Users\yoy\AppData\Local\Temp\tbuTor.dll => Infection PUP (Toolbar.Conduit)
C:\Users\yoy\AppData\Local\Temp\uninst1.exe => Infection PUP (Toolbar.Babylon)
C:\Users\yoy\AppData\Local\Temp\YontooSetup-S.exe => Infection PUP (Adware.Yontoo)
~ Scan Additionnel in 00mn 21s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office 2010.) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "00B24D65C2759EA4CBBFDC543A5B0D1E" . (.Messenger Assistent.) -- C:\Windows\Installer\{56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}\CompanionIcon
O90 - PUC: "00D2791769542E116BAE8BCAF6798BE8" . (.Google Earth Plug-in.) -- C:\Windows\Installer\{71972D00-4596-11E2-B6EA-B8AC6F97B88E}\ARPPRODUCTICON.exe
O90 - PUC: "0212CE3624715264AA746C8AEA9C6CC4" . (.Apple Application Support.) -- C:\Windows\Installer\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}\WinInstall.ico
O90 - PUC: "05B51F93779A6AC41B3CA67842DC0A52" . (.MyWinLocker 4.) -- C:\Windows\Installer\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "08512982BB4E0E11F97DC11CED0FC7EB" . (.Evernote v. 4.5.1.) -- C:\Windows\Installer\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}\Evernote.ico
O90 - PUC: "0BCE87B0B6A1D6E4987DE0C77EF74072" . (.MyWinLocker.) -- C:\Windows\Installer\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}\ARPPRODUCTICON.exe
O90 - PUC: "0C69D82C09A6E9540A776A07F6E40CCF" . (.Bing Bar.) -- C:\Windows\Installer\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}\icon_installer_ico
O90 - PUC: "1038C85769625584FA5435B4210089A0" . (.Samsung Kies.) -- C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "162880FC18CB9BF4B90AB7B569200DA1" . (.Messenger ????.) -- C:\Windows\Installer\{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}\CompanionIcon
O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Compl�ment Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "255304691D88F924C92983B818B488E5" . (.Messenger Companion.) -- C:\Windows\Installer\{96403552-88D1-429F-9C92-388B814B885E}\CompanionIcon
O90 - PUC: "2729C64061E674C4B8FE8408143740FD" . (.SLOW-PCfighter.) -- C:\Windows\Installer\{046C9272-6E16-4C47-8BEF-4880417304DF}\ARPPRODUCTICON.exe
O90 - PUC: "279A5E3D51A9D724EA8718185ADF49C3" . (.eBay Worldwide.) -- c:\Windows\Installer\{D3E5A972-9A15-427D-AE78-8181A5FD943C}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "29F618052561C7A49BCB846F2847C2B4" . (.Messenger Companion.) -- C:\Windows\Installer\{50816F92-1652-4A7C-B9BC-48F682742C4B}\CompanionIcon
O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype� 5.10.) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
O90 - PUC: "3283F44BDD25AC549A61B823708717D5" . (.Messenger Companion.) -- C:\Windows\Installer\{B44F3823-52DD-45CA-A916-8B320778715D}\CompanionIcon
O90 - PUC: "38E5962CD1FC1D3448EF3BEB5C1610A2" . (.Shredder.) -- C:\Windows\Installer\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\ARPPRODUCTICON.exe
O90 - PUC: "4179FD719C069C349A2C23CBEA4DC4EB" . (.MyWinLocker Suite.) -- C:\Windows\Installer\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\ARPPRODUCTICON.exe
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "595AD8DB105FEBA4580AC5328E42270A" . (.Pomocnik Messenger.) -- C:\Windows\Installer\{BD8DA595-F501-4ABE-85A0-5C23E82472A0}\CompanionIcon
O90 - PUC: "5BCC756DF2F9C3D49BD37FE7EB7FB966" . (.Messenger-kumppani.) -- C:\Windows\Installer\{D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}\CompanionIcon
O90 - PUC: "5C7795BAEA113004ABD762C1842FCB53" . (.????? Messenger.) -- C:\Windows\Installer\{AB5977C5-11AE-4003-BA7D-261C48F2BC35}\CompanionIcon
O90 - PUC: "5CA0C31676A349B4B8311967DA385FFB" . (.newsXpresso.) -- C:\Windows\Installer\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\ARPPRODUCTICON.exe
O90 - PUC: "5DBB16B0C3ADA9047803C0D33C0B2F07" . (.Backup Manager V3.) -- C:\Windows\Installer\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}\ARPPRODUCTICON.exe
O90 - PUC: "5F73E280429386146AA9B1B6F1AE85C7" . (.Messenger Companion.) -- C:\Windows\Installer\{082E37F5-3924-4168-A69A-1B6B1FEA587C}\CompanionIcon
O90 - PUC: "613755F10CFCDB14FA7FB84CC94E447D" . (.Shredder.) -- C:\Windows\Installer\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}\ARPPRODUCTICON.exe
O90 - PUC: "62A0F2D6AECEEC9438C3A916523F5D8E" . (.Doplnok programu Messenger.) -- C:\Windows\Installer\{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}\CompanionIcon
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.01) - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "694A72599FD5A214DA7C61B85A73C96A" . (.Microsoft Flight Simulator X.) -- C:\Windows\Installer\{9527A496-5DF9-412A-ADC7-168BA5379CA6}\ARPPRODUCTICON.exe
O90 - PUC: "6FD66A043D225B447A3D381B812A0CCD" . (.Norton Online Backup.) -- C:\Windows\Installer\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}\MainIcon.ico
O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.1.0.0.) -- C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe
O90 - PUC: "710B547D63348174386AA31E9AED883C" . (.Boxore Client.) -- C:\Windows\Installer\{D745B017-4336-4718-83A6-3AE1A9DE88C3}\boxore.ico
O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco
O90 - PUC: "76EA78D0BE4101C4885AADC61318BE81" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}\fssicon.ico
O90 - PUC: "816662FE217831A41BC01C3D752805BF" . (.HP Photosmart 5510 series - Enqu�te sur l'am�lioration du produit.) -- C:\Windows\Installer\{EF266618-8712-4A13-B10C-C1D3578250FB}\ARP_Icon
O90 - PUC: "832A5350984DE0348915887EB88FA4BA" . (.Messenger Companion.) -- C:\Windows\Installer\{0535A238-D489-430E-9851-88E78BF84AAB}\CompanionIcon
O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.Vedio WebCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe
O90 - PUC: "8BACDD79077B98041AF0766508967DA8" . (.HP Deskjet 3050A J611 series Aide.) -- C:\Windows\Installer\{97DDCAB8-B770-4089-A10F-67568069D78A}\ARP_Icon
O90 - PUC: "8C9126606EB47D64E91006CFAFB623CD" . (.Messenger Companion.) -- C:\Windows\Installer\{066219C8-4BE6-46D7-9E01-60FCFA6B32DC}\CompanionIcon
O90 - PUC: "8E4C5D3DF040F6C41850144DC39FF444" . (.NTI Media Maker 9.) -- C:\Windows\Installer\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}\ARPPRODUCTICON.exe
O90 - PUC: "9130E187DC51C4A44AE79DFF6F797E1A" . (.Messenger Companion.) -- C:\Windows\Installer\{781E0319-15CD-4A4C-A47E-D9FFF697E7A1}\CompanionIcon
O90 - PUC: "9392C025B555FB049AB1B876A15B06BE" . (.Easy Burner.) -- C:\Windows\Installer\{520C2939-555B-40BF-A91B-8B671AB560EB}\ARPPRODUCTICON.exe
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe
O90 - PUC: "9EE9F41F86B94B24097F90427F162918" . (.Spremljevalec Messenger.) -- C:\Windows\Installer\{F14F9EE9-9B68-42B4-90F7-0924F7619281}\CompanionIcon
O90 - PUC: "A0BECE3F0A289BD4BB4493A366AB8017" . (.Messenger k�s�ro.) -- C:\Windows\Installer\{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}\CompanionIcon
O90 - PUC: "AE2A1840D1AD01D47A3C8F3297846F5B" . (.Messenger Companion.) -- C:\Windows\Installer\{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}\CompanionIcon
O90 - PUC: "AE46920EB1E002642AE6BCBA30141BBB" . (.HP Photosmart 5510 series Aide.) -- C:\Windows\Installer\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}\ARP_Icon
O90 - PUC: "AF08C9399C696A443B81E8D7B88D84B1" . (.Messenger Companion.) -- C:\Windows\Installer\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}\CompanionIcon
O90 - PUC: "B2C146499143A5B4791E57B77A2DCEDA" . (.Logiciel de base du p�riph�rique HP Photosmart 5510 series.) -- C:\Windows\Installer\{94641C2B-3419-4B5A-97E1-757BA7D2ECAD}\ARP_Icon
O90 - PUC: "B45B3DD60D0F96A438445F023322A520" . (.Messenger Companion.) -- C:\Windows\Installer\{6DD3B54B-F0D0-4A69-8344-F52033225A02}\CompanionIcon
O90 - PUC: "C183E85D20ED9A649B1D2ABC08D76267" . (.Messenger Companion.) -- C:\Windows\Installer\{D58E381C-DE02-46A9-B9D1-A2CB807D2676}\CompanionIcon
O90 - PUC: "C2EDFFF216893004EA56DB312AE970A4" . (.HP Deskjet 3050A J611 series - Enqu�te sur l'am�lioration du produit.) -- C:\Windows\Installer\{2FFFDE2C-9861-4003-AE65-BD13A29E074A}\ARP_Icon
O90 - PUC: "C4E4AFE2F5B77F841A0CA18A287B9A3C" . (.HP Update.) -- C:\Windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe
O90 - PUC: "C978C748764142944A1931204B5CF807" . (.Messenger Companion.) -- C:\Windows\Installer\{847C879C-1467-4924-A491-1302B4C58F70}\CompanionIcon
O90 - PUC: "D22DAD7C4D92F8349B68309BDE85E24A" . (.Messenger Companion.) -- C:\Windows\Installer\{C7DAD22D-29D4-438F-B986-03B9ED582EA4}\CompanionIcon
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D8EF64479F1C24D4AAEAD5CB5E68506A" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}\Installer.ico
O90 - PUC: "E52D2418A820365468DE755587C30892" . (.Messenger Companion.) -- C:\Windows\Installer\{8142D25E-028A-4563-86ED-5755783C8029}\CompanionIcon
O90 - PUC: "EA2B394116202D741BAA4FAD0D6F4CB8" . (.iTunes.) -- C:\Windows\Installer\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}\Installer.ico
O90 - PUC: "EB6586B6DDA381C43969AC6E46CCFEE8" . (.Logiciel de base du p�riph�rique HP Deskjet 3050A J611 series.) -- C:\Windows\Installer\{6B6856BE-3ADD-4C18-9396-CAE664CCEF8E}\ARP_Icon
O90 - PUC: "F0DE90A3FDD8BB745BD348A19B1D3D7A" . (.Complemento Messenger.) -- C:\Windows\Installer\{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}\CompanionIcon
O90 - PUC: "F1810AEF8573AD647BCE3FDCAFE7C07E" . (.???????? ?? Messenger.) -- C:\Windows\Installer\{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}\CompanionIcon
O90 - PUC: "F35D507310BBEEB4585882E917AC4C4B" . (.????????? Messenger.) -- C:\Windows\Installer\{3705D53F-BB01-4BEE-8585-289E71CAC4B4}\CompanionIcon
O90 - PUC: "F8899883B26758B4BA71179CCCA34E54" . (.Messenger Companion.) -- C:\Windows\Installer\{3889988F-762B-4B85-AB17-71C9CC3AE445}\CompanionIcon
O90 - PUC: "F9BC1DF3F708B15429C6D9918CC4CF16" . (.Messenger Suradnik.) -- C:\Windows\Installer\{3FD1CB9F-807F-451B-926C-9D19C84CFC61}\CompanionIcon
~ Scan Files in 00mn 00s
---\\ Random Export Key (O91)
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:dllName="pcpmngr.dll"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:exeName="pcpmngr.exe"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:folderName="PC Performer Manager"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:serviceName="PC Performer Manager"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:version="2.3.811.154"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:dllName="pcpmngr.dll"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:exeName="pcpmngr.exe"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:folderName="PC Performer Manager"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:serviceName="PC Performer Manager"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:version="2.4.897.175"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:dllName="mngr.dll"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:exeName="mngr.exe"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:folderName="Browser Manager"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:serviceName="Browser Manager"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:version="2.5.911.18"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:dllName="mngr.dll"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:exeName="mngr.exe"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:folderName="Browser Manager"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:serviceName="Browser Manager"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:version="2.5.976.107"
[HKCU\Software\a53dedeb73feb15]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\a53dedeb73feb15]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:INSTALL_FOLDER_NAME="BrowserProtect"
[HKCU\Software\a53dedeb73feb15]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKCU\Software\a53dedeb73feb15]:NTFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:NTFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:NTFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:PROTECTOR_DLL_NAME="BrowserProtect.dll"
[HKCU\Software\a53dedeb73feb15]:PROTECT_EXE_NAME="BrowserProtect.exe"
[HKCU\Software\a53dedeb73feb15]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:SERVICE_NAME="BrowserProtect"
[HKCU\Software\a53dedeb73feb15]:usrcheckbox="0"
[HKCU\Software\a53dedeb73feb15]:version="2.6.1070.41"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:INSTALL_FOLDER_NAME="BrowserProtect"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:NTFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:NTFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:NTFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:PROTECTOR_DLL_NAME="BrowserProtect.dll"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:PROTECT_EXE_NAME="BrowserProtect.exe"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SERVICE_NAME="BrowserProtect"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:usrcheckbox="0"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:version="2.6.1070.41"
~ Scan Export Key Software in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 08/01/2013 251400 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 07/06/2011 191752 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 12/05/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 2554472 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
SR - | Auto 10/01/2013 87552 | (CltMngSvc) . (.Conduit.) - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
SR - | Auto 01/07/2011 353360 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SS - | Demand 21/06/2011 173424 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 02/08/2011 872552 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SS - | Demand 28/11/2011 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 30/05/2011 36456 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 28/11/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28/11/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 09/09/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 22/04/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 16/09/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 26/10/2012 234776 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.0.313\McCHSvc.exe
SS - | Demand 22/01/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 22/01/2012 124832 | (MsgPlusService) . (.Yuna Software.) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
SR - | Auto 24/04/2011 256832 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 08/09/2011 1640768 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 08/09/2011 2253120 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SS - | Auto 26/06/2012 335240 | (OfferBox update service) . (.Aedge Performance BCN SL.) - C:\Program Files (x86)\OfferBox\OfferBoxUpdateService.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 16/09/2010 2538520 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 05/10/2012 109064 | (WajamUpdater) . (.Wajam.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 02s
End of the scan (2289 lines in 01mn 56s)(0)
Run by yoy at 03/02/2013 21:59:55
State : Version � jour.
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 18.0.1 v18.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3764 MB (39% free)
System Restore: Activ� (Enable)
System drive C: has 613 GB (89%) free of 686 GB
---\\ Logged in mode
~ Computer Name: YOY-PC
~ User Name: yoy
~ All Users Names: yoy, UpdatusUser, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\yoy\AppData\Roaming\
~ %Desktop% : C:\Users\yoy\Desktop\
~ %Favorites% : C:\Users\yoy\Favorites\
~ %LocalAppData% : C:\Users\yoy\AppData\Local\
~ %StartMenu% : C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 613 Go of 686 Go)
D:\ CD-ROM drive (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.5121DB613E10A46A3C5085B479026AA7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2012 - 07:04:11.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/1797
~ Mes musiques (My Musics) : 1/530
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 1/115
~ Mon Bureau (My Desktop) : 1/6
~ Menu demarrer (Programs) : 1/41
~ Scan Hidden Files in 00mn 01s
---\\ Processus lanc�s
[MD5.B2958F59C2DAFB76348224832FB7C26F] - (...) -- C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [2554472] [PID.1876]
[MD5.70C305067B3D543870597C57F74D9EC3] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [964024] [PID.4144]
[MD5.8E689D83B243C229A683559FF98CF047] - (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.4380]
[MD5.CC02FBA3F124E56ECDB77BCFA4DAEB9E] - (.Anuman Interactive - Anuman Live.) -- C:\Users\yoy\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe [347648] [PID.4604]
[MD5.C723B02BA5BF788C9F91746BF37EACD9] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.313\SSScheduler.exe [271808] [PID.4848]
[MD5.0D360F06B168A6F37ACA9D9F958245DA] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.4836]
[MD5.9ABC4E3B00CFA3A47D5569F5B49FE42F] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1103440] [PID.4892]
[MD5.DE0B89579462C30C9E9861870E97052C] - (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1453704] [PID.4532]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.4412]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.4708]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.3908]
[MD5.2C5BA148BA7936D9BB6BB1F4945BA469] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\yoy\AppData\Roaming\Dropbox\bin\Dropbox.exe [28539272] [PID.4408]
[MD5.6B115CE521D96900373775ECAC975D59] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3524536] [PID.5116]
[MD5.B77081F8221968C7DAB794B0BA55C43E] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254896] [PID.1064]
[MD5.84A878D2D4A84CC73D53733F80FB57CE] - (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768] [PID.1516]
[MD5.A824317EA303679481EF1039A5D66212] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.1056]
[MD5.5BE9E66F6CAD73DE4D45072A43800327] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2223872] [PID.5272]
[MD5.D7826A7440444F40E0406CF37FD2FA88] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [917400] [PID.6340]
[MD5.9A4841A0CE83A768F7A5F4BA97DE02B5] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.6780]
[MD5.4EBF0CF9B48781DA145A147AA7E9E505] - (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe [1808392] [PID.6796]
[MD5.72CB29B523061FF64B3F66B8F3A5E034] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [5648896] [PID.31816]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1484]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1724]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1764]
[MD5.58174B8E1673C90751F6B70AA71DFE70] - (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [87552] [PID.1912]
[MD5.9DD3A22F804697606C2B7FF9E912FF6B] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [353360] [PID.1992]
[MD5.21ACFD2B4BF6C0F4D9080A437E400E88] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [418896] [PID.1104]
[MD5.C9B2D1D3F86FD3673EF847DEF73B6F9E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [36456] [PID.1368]
[MD5.B705C7097F9A0EC941D02DCE7C7D426C] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624] [PID.796]
[MD5.3F3D6E8BD31B3C017D0AB24CD5EC0D05] - (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [124832] [PID.1936]
[MD5.1873214666F6F0A883742DF91FBC48C9] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832] [PID.2124]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2380]
[MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064] [PID.2460]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2536]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.2900]
[MD5.9D8B95C0EAE145C46BC4A727B23DA395] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656] [PID.6192]
[MD5.C97CC4B1A00E94494093C08A39BC33FC] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2253120] [PID.6300]
[MD5.0B0B9F55B12767A755932C26B5FED715] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2538520] [PID.6628]
~ Scan Processes Running in 00mn 02s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\yoy\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://search.conduit.com
G0 - GCSP: Preference [User Data\Default] http://search.conduit.com
G1 - GCS: Preference [User Data\Default] http://search.conduit.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\prefs.js
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\user.js
M3 - MFPP: Plugins - [yoy] -- C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\searchplugins\01netcom-customized-web-search.xml
M3 - MFPP: Plugins - [yoy] -- C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\searchplugins\babylon1.xml
M3 - MFPP: Plugins - [yoy] -- C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\searchplugins\mngr.xml
M3 - MFPP: Plugins - [yoy] -- C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\searchplugins\sweetim.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [yoy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [yoy - 5v3bpiug.default] google.fr
M2 - MFEP: prefs.js [yoy - 5v3bpiug.default\crossriderapp4352@crossrider.com] [] CouponDropDown v (.215 Apps.)
M2 - MFEP: prefs.js [yoy - 5v3bpiug.default\plugin@yontoo.com] [] Yontoo v1.20.00 (.Yontoo LLC.)
M2 - MFEP: prefs.js [yoy - 5v3bpiug.default\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}] [] DealPly v2.0 (.DealPly.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\yoy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\yoy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://acer.msn.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll
R3 - URLSearchHook: (no name) [64Bits] - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) (6.10.3.0) -- C:\Program Files (x86)\01NET.com\prxtb01NE.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: uTorrentBar_FR [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll
O2 - BHO: MSS+ Identifier [64Bits] - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll
O2 - BHO: CrossriderApp0021810 [64Bits] - {11111111-1111-1111-1111-110211181110} . (.215 Apps - Giant Savings Extension BHO.) -- C:\Program Files (x86)\Giant Savings Extension\Giant Savings Extension.dll
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Babylon toolbar helper [64Bits] - {2EECD738-5844-4a99-B4B6-146BF802613B} . (.Babylon BHO - Pas de description.) -- C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: 01NET.com [64Bits] - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\01NET.com\prxtb01NE.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: DealPly [64Bits] - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} . (.DealPly Technologies Ltd - DealPly for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: Wajam IE BHO [64Bits] - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files (x86)\Wajam\IE\priam_bho.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll
~ Scan BHO in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl� orpheline
~ Scan Toolbar in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\yoy\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [AnumanLive] . (.Anuman Interactive - Anuman Live.) -- C:\Users\yoy\AppData\Roaming\Anuman Interactive\AnumanLive\AnumanLive.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O4 - HKLM\..\Wow6432Node\Run: [CommonToolkitTray] . (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [offerbox] . (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files (x86)\OfferBox\OfferBox.exe
O4 - HKLM\..\Wow6432Node\Run: [Sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Wow6432Node\Run: [SearchProtectAll] . (.Conduit - Search Protect by Conduit.) -- C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-362935419-2504595531-3900738282-1001-362935419-2504595531-3900738282-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-362935419-2504595531-3900738282-1001-362935419-2504595531-3900738282-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\yoy\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\yoy\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\yoy\Desktop\Microsoft Flight Simulator X - Raccourci.lnk - Cl� orpheline
O4 - Global Startup: C:\Users\yoy\Desktop\raccourci bureau - Raccourci.lnk . (...) -- C:\Users\yoy\Documents\raccourci bureau
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DS3 Tool.lnk . (.www.motioninjoy.com.) -- C:\Program Files\MotioninJoy\ds3\DS3_Tool.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MP3 Rocket 6.0.6.lnk . (...) -- C:\Program Files (x86)\MP3 Rocket\MP3Rocket.exe
O4 - Global Startup: C:\Users\yoy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
~ Scan Global Startup in 00mn 00s
---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d�affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft� Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft� Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{E05FB2DE-2E72-46D7-A3C9-BA655D7B17C5}: DhcpNameServer = 172.22.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{E0705878-FDE2-4694-AAD4-388A971F27DE}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{E05FB2DE-2E72-46D7-A3C9-BA655D7B17C5}: DhcpNameServer = 172.22.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{E0705878-FDE2-4694-AAD4-388A971F27DE}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{E05FB2DE-2E72-46D7-A3C9-BA655D7B17C5}: DhcpNameServer = 172.22.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{E0705878-FDE2-4694-AAD4-388A971F27DE}: DhcpNameServer = 192.168.0.254
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contr�le ActiveX pour le flux vid�o.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft� InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft� InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contr�le ActiveX pour le flux vid�o.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 285.) - C:\Windows\system32\nvinitx.dll
~ Scan AppInit DLL in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserProtect (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: Search Protect by Conduit Updater (CltMngSvc) . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Live Updater Service (Live Updater Service) . (.Acer Incorporated - Updater Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Messenger Plus! Service (MsgPlusService) . (.Yuna Software - Service - Messenger Plus! for Skype.) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NTI Corporation - Backup Manager Module.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 285.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: OfferBox update service (OfferBox update service) . (.Aedge Performance BCN SL - OfferBox.) - C:\Program Files (x86)\OfferBox\OfferBoxUpdateService.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Intel(R) Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Scan Services in 00mn 19s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362935419-2504595531-3900738282-1001Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-362935419-2504595531-3900738282-1001UA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HP Photo Creations Messager.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter64-yoy-Notification.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter64-yoy-Startup.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
[MD5.424877CB9D5517F980FF7BACA2EB379D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.7F19838AC317C34FCED020BE529AF71E] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[MD5.88C511BE2C6649DAA9DABA888BBDA77E] [APT] [DealPly] (...) -- C:\Users\yoy\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe
[MD5.4EE862402A5ECEE9A6F291E08B79F2C7] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe
[MD5.9834D0C33581BE9975783BFD56E2242C] [APT] [EgisUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\EgisUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-362935419-2504595531-3900738282-1001Core] (.Google Inc..) -- C:\Users\yoy\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-362935419-2504595531-3900738282-1001UA] (.Google Inc..) -- C:\Users\yoy\AppData\Local\Google\Update\GoogleUpdate.exe
[MD5.B087C25AFD565F0DC01FCAF565FE19C7] [APT] [HP Photo Creations Messager] (...) -- C:\ProgramData\HP Photo Creations\MessageCheck.exe
[MD5.E84C580843F2C0D548539C2F1FD19E0C] [APT] [HPCustParticipation HP Deskjet 3050A J611 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
[MD5.5E885A8475F9EB11038C1AFF6036525C] [APT] [HPCustParticipation HP Photosmart 5510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe
[MD5.CD0D8016C17F4D08C4EE3990C4D86351] [APT] [hpUrlLauncher.exe_{73B6F7A6-5046-46B4-8CAC-CF8B1052E061}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe
[MD5.1E43B2277941DA49EECCFD0375294F68] [APT] [hpUrlLauncher.exe_{E17A8FFF-97B0-44A2-96E8-349E4FFC1CD1}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\utils\hpUrlLauncher.exe
[MD5.0285670FD75CB7626EE51B0B32ED0769] [APT] [PMMUpdate] (.Egis Technology Inc..) -- C:\Program Files\EgisTec IPS\PMMUpdate.exe
[MD5.BD13B6E4F250358DCE617047FF3512D4] [APT] [ScanToPCActivationApp.exe_{06E4F6B7-BB4D-4B76-A400-292672F707D5}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
[MD5.BD13B6E4F250358DCE617047FF3512D4] [APT] [ScanToPCActivationApp.exe_{2116007C-E4D7-412E-842A-C401AF3B4E3A}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
[MD5.BD13B6E4F250358DCE617047FF3512D4] [APT] [ScanToPCActivationApp.exe_{869711F9-6971-4629-968F-7B4E6921F60A}] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
[MD5.E00A5136DB2958250CD6C2C8436B9E79] [APT] [SLOW-PCfighter64-yoy-Notification] (.SPAMfighter ApS.) -- C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe
[MD5.15B6A9017C22ACCFA4597A5BA2820F42] [APT] [SLOW-PCfighter64-yoy-Startup] (.SPAMfighter ApS.) -- C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{B9D2F50E-219A-4491-9E1B-D46384899113}] (...) -- C:\Users\yoy\Downloads\msn-messenger_msn_messenger_7.5_version_compatible_windows_2000_anglais_13499.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{C5B5C9E0-1315-490D-8A4C-48578A7D45D7}] (...) -- C:\Users\yoy\Downloads\Install_CopyTrans_Suite.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 05s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d�IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\Drivers\aswrdr2.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Mini Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-syst�me de mise en m�moire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: 01NET.com Toolbar - (.01NET.com.) [HKLM][64Bits] -- 01NET.com Toolbar
O42 - Logiciel: Acer Backup Manager - (.NTI Corporation.) [HKLM][64Bits] -- InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}
O42 - Logiciel: Acer Crystal Eye Webcam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Acer Crystal Eye Webcam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Acer Games - (.WildTangent.) [HKLM][64Bits] -- WildTangent acer Master Uninstall
O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Registration
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Screensaver
O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM][64Bits] -- {EE171732-BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM][64Bits] -- {3DB0448D-AD82-4923-B305-D001E521A964}
O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FDB3B167-F4FA-461D-976F-286304A57B2A}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.01) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Agatha Christie - Death on the Nile - (.WildTangent.) [HKLM][64Bits] -- WTA-0666b674-d4b4-4d11-9e72-eac2ff769b08
O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {63EC2120-1742-4625-AA47-C6A8AEC9C64C}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Babylon toolbar - (.BabylonToolbar.) [HKLM][64Bits] -- BabylonToolbar
O42 - Logiciel: Backup Manager V3 - (.NTI Corporation.) [HKLM][64Bits] -- {0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}
O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-8a76024c-be37-4bac-b70f-56aee4f02ee5
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {C28D96C0-6A90-459E-A077-A6706F4EC0FC}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {D745B017-4336-4718-83A6-3AE1A9DE88C3}
O42 - Logiciel: BrowserProtect - (.Bit89 Inc.) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-248b539d-72c7-43fc-808f-b18baf0672c0
O42 - Logiciel: Complemento Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}
O42 - Logiciel: Compl�ment Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: CopyTrans Suite d�sinstallation uniquement - (.WindSolutions.) [HKCU][64Bits] -- CopyTrans Suite
O42 - Logiciel: Crazy Chicken Kart 2 - (.WildTangent.) [HKLM][64Bits] -- WTA-242ad961-ae3f-45d3-8df4-56dde55526ae
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DealPly - (.DealPly Technologies Ltd.) [HKLM][64Bits] -- DealPly
O42 - Logiciel: Defraggler - (.Piriform.) [HKLM][64Bits] -- Defraggler
O42 - Logiciel: Doplnok programu Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox
O42 - Logiciel: Easy Burner - (.Aedge Performance BCN SL.) [HKLM][64Bits] -- {520C2939-555B-40BF-A91B-8B671AB560EB}
O42 - Logiciel: Euro Truck Simulator 2 - (.SCS Software.) [HKLM][64Bits] -- {1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1
O42 - Logiciel: Evernote v. 4.5.1 - (.Evernote Corp..) [HKLM][64Bits] -- {28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}
O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WTA-221e47f2-af62-4ac5-821a-154ac51a95e3
O42 - Logiciel: Final Drive: Nitro - (.WildTangent.) [HKLM][64Bits] -- WTA-f9336108-236e-4b12-918e-5ce2b4a8306a
O42 - Logiciel: Fooz Kids - (.FUHU, Inc..) [HKLM][64Bits] -- FoozKids
O42 - Logiciel: Fooz Kids - (.FUHU, Inc..) [HKLM][64Bits] -- {4C774C35-E0AF-72E1-136A-2BF666702268}
O42 - Logiciel: Fooz Kids Platform - (.FUHU, Inc..) [HKLM][64Bits] -- {8D68CE08-9A14-4B7B-9857-3C646A2F34C7}
O42 - Logiciel: Giant Savings Extension - (.215 Apps.) [HKLM][64Bits] -- Giant Savings Extension
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {71972D00-4596-11E2-B6EA-B8AC6F97B88E}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Deskjet 3050A J611 series - Enqu�te sur l'am�lioration du produit - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {2FFFDE2C-9861-4003-AE65-BD13A29E074A}
O42 - Logiciel: HP Deskjet 3050A J611 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {97DDCAB8-B770-4089-A10F-67568069D78A}
O42 - Logiciel: HP FWUpdateEDO2 - (.Hewlett-Packard.) [HKLM][64Bits] -- {415FA9AD-DA10-4ABE-97B6-5051D4795C90}
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations.) [HKLM][64Bits] -- HP Photo Creations
O42 - Logiciel: HP Photosmart 5510 series - Enqu�te sur l'am�lioration du produit - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {EF266618-8712-4A13-B10C-C1D3578250FB}
O42 - Logiciel: HP Photosmart 5510 series Aide - (.Hewlett Packard.) [HKLM][64Bits] -- {E02964EA-0E1B-4620-A26E-CBAB0341B1BB}
O42 - Logiciel: HP Product Detection - (.HP.) [HKLM][64Bits] -- {A436F67F-687E-4736-BD2B-537121A804CF}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.0.0 - (.Hewlett-Packard.) [HKLM][64Bits] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}
O42 - Logiciel: INFORAD MANAGER 3.9 - (.Pas de propri�taire.) [HKLM][64Bits] -- INFORAD MANAGER 3.9_is1
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM][64Bits] -- Identity Card
O42 - Logiciel: Insaniquarium Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-21c944df-8f1d-4296-860f-e60f6efbb8cf
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
O42 - Logiciel: Java(TM) 6 Update 39 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216032FF}
O42 - Logiciel: Java(TM) SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}
O42 - Logiciel: Jewel Match 3 - (.WildTangent.) [HKLM][64Bits] -- WTA-d2e680ce-5383-4b06-9ebe-8f4c632aedce
O42 - Logiciel: Jewel Quest Solitaire - (.WildTangent.) [HKLM][64Bits] -- WTA-9505a9ce-4817-45fb-a16c-50700960c463
O42 - Logiciel: John Deere Drive Green - (.WildTangent.) [HKLM][64Bits] -- WTA-5b52d470-c64b-403b-b2ad-9ccd7b7e958c
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM][64Bits] -- LManager
O42 - Logiciel: Logiciel de base du p�riph�rique HP Deskjet 3050A J611 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {6B6856BE-3ADD-4C18-9396-CAE664CCEF8E}
O42 - Logiciel: Logiciel de base du p�riph�rique HP Photosmart 5510 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {94641C2B-3419-4B5A-97E1-757BA7D2ECAD}
O42 - Logiciel: MP3 Rocket - (.Pas de propri�taire.) [HKLM][64Bits] -- MP3 Rocket
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Messenger Assistent - (.Microsoft Corporation.) [HKLM][64Bits] -- {56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {0535A238-D489-430E-9851-88E78BF84AAB}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {066219C8-4BE6-46D7-9E01-60FCFA6B32DC}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {082E37F5-3924-4168-A69A-1B6B1FEA587C}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {3889988F-762B-4B85-AB17-71C9CC3AE445}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {50816F92-1652-4A7C-B9BC-48F682742C4B}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {6DD3B54B-F0D0-4A69-8344-F52033225A02}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {781E0319-15CD-4A4C-A47E-D9FFF697E7A1}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {8142D25E-028A-4563-86ED-5755783C8029}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {847C879C-1467-4924-A491-1302B4C58F70}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {939C80FA-96C9-44A6-B318-8E7D8BD8481B}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {96403552-88D1-429F-9C92-388B814B885E}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {B44F3823-52DD-45CA-A916-8B320778715D}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {C7DAD22D-29D4-438F-B986-03B9ED582EA4}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] -- {D58E381C-DE02-46A9-B9D1-A2CB807D2676}
O42 - Logiciel: Messenger Plus! for Skype - (.Yuna Software.) [HKLM][64Bits] -- Messenger Plus! for Skype
O42 - Logiciel: Messenger Suradnik - (.Microsoft Corporation.) [HKLM][64Bits] -- {3FD1CB9F-807F-451B-926C-9D19C84CFC61}
O42 - Logiciel: Messenger k�s�ro - (.Microsoft Corporation.) [HKLM][64Bits] -- {F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}
O42 - Logiciel: Messenger ???? - (.Microsoft Corporation.) [HKLM][64Bits] -- {CF088261-BC81-4FB9-9BA0-7B5B9602D01A}
O42 - Logiciel: Messenger-kumppani - (.Microsoft Corporation.) [HKLM][64Bits] -- {D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}
O42 - Logiciel: Microsoft Flight Simulator X - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: MotioninJoy DS3 driver version 0.6.0004 - (.www.motioninjoy.com.) [HKLM][64Bits] -- {330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1
O42 - Logiciel: Mozilla Firefox 18.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 18.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: Mozilla Thunderbird 17.0.2 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Thunderbird 17.0.2 (x86 fr)
O42 - Logiciel: MyFreeCodec - (.Pas de propri�taire.) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
O42 - Logiciel: MyWinLocker 4 - (.Egis Technology Inc..) [HKLM][64Bits] -- {39F15B50-A977-4CA6-B1C3-6A8724CDA025}
O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
O42 - Logiciel: MyWinLocker Suite - (.Egis Technology Inc..) [HKLM][64Bits] -- {17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
O42 - Logiciel: Mystery of Mortlake Mansion - (.WildTangent.) [HKLM][64Bits] -- WTA-b2990de1-0767-4e4a-8f79-d5fa2ef08b5f
O42 - Logiciel: NTI Media Maker 9 - (.NTI Corporation.) [HKLM][64Bits] -- InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
O42 - Logiciel: NVIDIA Pilote graphique 285.25 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}
O42 - Logiciel: OfferBox - (.Aedge Performance BCN SL.) [HKLM][64Bits] -- OfferBox
O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM][64Bits] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WTA-9ec7287c-6bcc-4fa9-b247-059bab4655c2
O42 - Logiciel: Plants vs. Zombies - Game of the Year - (.WildTangent.) [HKLM][64Bits] -- WTA-2b03a6c7-4c6d-4493-9cee-faa9b78846bb
O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WTA-2b82f067-8a6e-457f-b246-cdedbcb81cd1
O42 - Logiciel: Pomocnik Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {BD8DA595-F501-4ABE-85A0-5C23E82472A0}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44}
O42 - Logiciel: SLOW-PCfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- {046C9272-6E16-4C47-8BEF-4880417304DF}
O42 - Logiciel: SLOW-PCfighter - (.SPAMfighter ApS..) [HKLM][64Bits] -- SLOW-PCfighter
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A}
O42 - Logiciel: Search Protect by conduit - (.Conduit.) [HKLM][64Bits] -- SearchProtect
O42 - Logiciel: Shredder - (.Egis Technology Inc..) [HKLM][64Bits] -- {C2695E83-CF1D-43D1-84FE-B3BEC561012A}
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM][64Bits] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}
O42 - Logiciel: Skype� 5.10 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: Slingo Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-e10eb1c5-3eaf-4a1f-a7d6-6894a9d63586
O42 - Logiciel: Spremljevalec Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {F14F9EE9-9B68-42B4-90F7-0924F7619281}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TRS2008 - (.Pas de propri�taire.) [HKLM][64Bits] -- {DD282D0E-AC08-4539-84B0-959350576BEC}
O42 - Logiciel: Torchlight - (.WildTangent.) [HKLM][64Bits] -- WTA-17532a50-450c-40c2-b1b0-fb5b909f62d9
O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
O42 - Logiciel: Virtual Villagers 4 - The Tree of Life - (.WildTangent.) [HKLM][64Bits] -- WTA-756b5932-ea12-4047-8a3e-35b1254f98dd
O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam
O42 - Logiciel: Wedding Dash - (.WildTangent.) [HKLM][64Bits] -- WTA-76dfafd8-66a3-4b3b-ae37-b20c35ab4f4f
O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM][64Bits] -- Acer Welcome Center
O42 - Logiciel: WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B}
O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WTA-31d957c9-d1cd-402f-a840-a3528273c6c9
O42 - Logiciel: avast! Free Antivirus v7.0.1474.0 - (.AVAST Software.) [HKLM][64Bits] -- avast
O42 - Logiciel: e-Carte Bleue LCL - (.Pas de propri�taire.) [HKLM][64Bits] -- {3D6B54EF-65E4-4624-8709-03A3BBE2C240}
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM][64Bits] -- {D3E5A972-9A15-427D-AE78-8181A5FD943C}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}
O42 - Logiciel: newsXpresso - (.esobi Inc..) [HKLM][64Bits] -- InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}
O42 - Logiciel: newsXpresso - (.esobi Inc..) [HKLM][64Bits] -- {613C0AC5-3A67-4B94-8B13-9176AD83F5BF}
O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM][64Bits] -- uTorrentBar_FR Toolbar
O42 - Logiciel: �Torrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent
O42 - Logiciel: ????????? Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {3705D53F-BB01-4BEE-8585-289E71CAC4B4}
O42 - Logiciel: ???????? ?? Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}
O42 - Logiciel: ????? Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {AB5977C5-11AE-4003-BA7D-261C48F2BC35}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\01NET.com]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\CouponDropDown]
[HKCU\Software\AppDataLow\Software\Crossrider]
[HKCU\Software\AppDataLow\Software\Giant Savings Extension]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Auran]
[HKCU\Software\Avast Software]
[HKCU\Software\BabylonToolbar]
[HKCU\Software\BitTorrent]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\Cr_Installer]
[HKCU\Software\Cyberlink]
[HKCU\Software\DataMngr]
[HKCU\Software\DataMngr_Toolbar]
[HKCU\Software\DealPly]
[HKCU\Software\Dritek]
[HKCU\Software\Fighters]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\InstallCore]
[HKCU\Software\InstalledBrowserExtensions]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\MyFree Codec]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OfferBox]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\SearchProtect]
[HKCU\Software\Skype]
[HKCU\Software\SoftVTU]
[HKCU\Software\Softonic]
[HKCU\Software\SweetIM]
[HKCU\Software\Symantec]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\VSO]
[HKCU\Software\Visan]
[HKCU\Software\Wajam]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yuna Software]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\a53dedeb73feb15]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\Cyberlink]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\EgisTec IPS]
[HKLM\Software\EgisTec Shredder]
[HKLM\Software\Fighters]
[HKLM\Software\GEAR Software]
[HKLM\Software\HP]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Knowles]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\McFPDetect]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\OemSetup]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SRS Labs]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\Tarma Installer]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\01NET.com]
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AedgePerformanceBCN]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Auran]
[HKLM\Software\Wow6432Node\Babylon]
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DataMngr]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\EasyBurner]
[HKLM\Software\Wow6432Node\EgisTec IPS]
[HKLM\Software\Wow6432Node\EgisTec MyWinLockerSuite]
[HKLM\Software\Wow6432Node\EgisTec MyWinLocker]
[HKLM\Software\Wow6432Node\EgisTec Shredder]
[HKLM\Software\Wow6432Node\Evernote]
[HKLM\Software\Wow6432Node\FUHU, Inc.]
[HKLM\Software\Wow6432Node\Fighters]
[HKLM\Software\Wow6432Node\Garmin]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\Myfree Codec]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Prolific Technology INC]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RocketLife]
[HKLM\Software\Wow6432Node\SCS Software]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\VSO]
[HKLM\Software\Wow6432Node\VirualDiskRedist]
[HKLM\Software\Wow6432Node\Visan]
[HKLM\Software\Wow6432Node\Vittalia]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Yuna Software]
[HKLM\Software\Wow6432Node\a53dedeb73feb15]
[HKLM\Software\Wow6432Node\e-Carte Bleue LCL]
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\uTorrentBar_FR]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 18/01/2013 - 22:35:30 - [4,874] ----D C:\Program Files (x86)\01NET.com
O43 - CFD: 19/12/2012 - 21:02:11 - [90,890] ----D C:\Program Files (x86)\Acer
O43 - CFD: 27/10/2011 - 12:40:57 - [601,628] ----D C:\Program Files (x86)\Acer Games
O43 - CFD: 17/10/2012 - 20:55:32 - [119,713] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 08/05/2012 - 19:15:58 - [2,316] ----D C:\Program Files (x86)\Apple Software Update
O43 - CFD: 22/12/2012 - 12:11:06 - [1278,590] ----D C:\Program Files (x86)\Auran
O43 - CFD: 18/01/2013 - 21:38:05 - [2,371] ----D C:\Program Files (x86)\BabylonToolbar
O43 - CFD: 08/05/2012 - 19:15:13 - [0,602] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 14/12/2012 - 06:53:52 - [0] ----D C:\Program Files (x86)\Boxore
O43 - CFD: 22/12/2012 - 18:24:44 - [284,915] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 07/12/2012 - 21:55:40 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 03/02/2013 - 21:38:02 - [0,811] ----D C:\Program Files (x86)\DealPly
O43 - CFD: 25/10/2012 - 21:04:13 - [0,466] ----D C:\Program Files (x86)\e-Carte Bleue LCL
O43 - CFD: 12/01/2013 - 21:12:53 - [8,152] ----D C:\Program Files (x86)\EasyBurner
O43 - CFD: 27/10/2011 - 13:08:42 - [3,489] ----D C:\Program Files (x86)\EgisTec IPS
O43 - CFD: 27/10/2011 - 13:08:56 - [19,986] ----D C:\Program Files (x86)\EgisTec MyWinLocker
O43 - CFD: 27/10/2011 - 13:07:30 - [2,563] ----D C:\Program Files (x86)\EgisTec MyWinLockerSuite
O43 - CFD: 27/10/2011 - 13:09:28 - [5,335] ----D C:\Program Files (x86)\EgisTec Shredder
O43 - CFD: 22/12/2012 - 13:04:19 - [1579,593] ----D C:\Program Files (x86)\Euro Truck Simulator 2
O43 - CFD: 27/10/2011 - 12:41:27 - [151,629] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 08/05/2012 - 17:21:25 - [4,634] ----D C:\Program Files (x86)\Fighters
O43 - CFD: 27/10/2011 - 13:18:59 - [21,609] ----D C:\Program Files (x86)\Fooz Kids
O43 - CFD: 12/01/2013 - 20:29:27 - [5,059] ----D C:\Program Files (x86)\Giant Savings Extension
O43 - CFD: 18/01/2013 - 22:45:54 - [125,061] ----D C:\Program Files (x86)\Google
O43 - CFD: 14/05/2012 - 20:01:24 - [5,939] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 17/05/2012 - 22:18:05 - [11,881] ----D C:\Program Files (x86)\HP
O43 - CFD: 06/05/2012 - 16:04:59 - [0,421] ----D C:\Program Files (x86)\HP Photo Creations
O43 - CFD: 08/12/2012 - 19:04:37 - [3,770] ----D C:\Program Files (x86)\INFORAD
O43 - CFD: 08/12/2012 - 19:04:37 - [0,520] ----D C:\Program Files (x86)\INFORAD_DRIVERS
O43 - CFD: 22/12/2012 - 18:24:51 - [195,884] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 28/11/2011 - 12:11:56 - [19,096] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13/12/2012 - 21:08:49 - [4,933] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 13/09/2012 - 18:21:08 - [142,398] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 03/02/2013 - 17:38:46 - [163,459] ----D C:\Program Files (x86)\Java
O43 - CFD: 28/11/2011 - 12:16:41 - [8,896] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 03/01/2013 - 13:07:44 - [12,328] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 21/09/2012 - 22:05:59 - [2,414] ----D C:\Program Files (x86)\MarkAny
O43 - CFD: 28/01/2013 - 19:28:00 - [11,322] ----D C:\Program Files (x86)\McAfee Security Scan
O43 - CFD: 28/11/2011 - 12:22:21 - [19,953] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 19/07/2012 - 13:28:34 - [12,399] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 22/12/2012 - 17:58:16 - [808,688] ----D C:\Program Files (x86)\Microsoft Games
O43 - CFD: 17/07/2012 - 17:07:30 - [6,425] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 10/05/2012 - 19:22:40 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 27/10/2011 - 12:59:54 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 04/05/2012 - 23:21:08 - [0,015] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 30/01/2013 - 19:51:02 - [48,884] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/02/2013 - 22:16:16 - [0,212] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 10/01/2013 - 23:24:08 - [43,370] ----D C:\Program Files (x86)\Mozilla Thunderbird
O43 - CFD: 08/05/2012 - 17:51:37 - [33,103] ----D C:\Program Files (x86)\MP3 Rocket
O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 22/12/2012 - 18:24:47 - [0] ----D C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 26/09/2012 - 22:43:29 - [10,577] ----D C:\Program Files (x86)\MyFree Codec
O43 - CFD: 27/10/2011 - 13:20:21 - [6,828] ----D C:\Program Files (x86)\newsXpresso
O43 - CFD: 28/11/2011 - 12:25:51 - [1320,383] ----D C:\Program Files (x86)\NTI
O43 - CFD: 28/11/2011 - 12:20:13 - [82,777] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 03/05/2012 - 22:00:41 - [0,105] ----D C:\Program Files (x86)\OEM
O43 - CFD: 08/12/2012 - 09:11:36 - [6,212] ----D C:\Program Files (x86)\OfferBox
O43 - CFD: 08/12/2012 - 19:06:46 - [0,318] ----D C:\Program Files (x86)\Prolific Technology INC
O43 - CFD: 28/11/2011 - 12:18:02 - [13,771] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 06:32:38 - [37,357] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 21/09/2012 - 22:06:59 - [246,232] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 18/01/2013 - 22:34:52 - [5,941] ----D C:\Program Files (x86)\SearchProtect
O43 - CFD: 05/09/2012 - 18:21:31 - [31,415] R---D C:\Program Files (x86)\Skype
O43 - CFD: 08/12/2012 - 20:44:19 - [1,079] ----D C:\Program Files (x86)\Software
O43 - CFD: 12/01/2013 - 20:36:53 - [6,858] ----D C:\Program Files (x86)\SweetIM
O43 - CFD: 27/10/2011 - 13:10:02 - [6,154] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 28/11/2011 - 12:18:23 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 08/12/2012 - 12:29:23 - [0,924] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 07/12/2012 - 21:55:39 - [4,849] ----D C:\Program Files (x86)\uTorrentBar_FR
O43 - CFD: 01/11/2012 - 20:48:19 - [0] ----D C:\Program Files (x86)\VSO
O43 - CFD: 18/01/2013 - 22:34:01 - [0,572] ----D C:\Program Files (x86)\Wajam
O43 - CFD: 07/12/2012 - 17:43:58 - [6,982] ----D C:\Program Files (x86)\Webgameplay setup
O43 - CFD: 18/01/2013 - 19:53:41 - [11,096] ----D C:\Program Files (x86)\WildTangent Games
O43 - CFD: 28/11/2011 - 21:00:53 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 08/05/2012 - 15:00:01 - [524,978] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 28/11/2011 - 21:00:53 - [5,895] ----D C:\Program Files (x86)\Windows Mail
O43 - CFD: 28/11/2011 - 21:00:53 - [4,791] ----D C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 28/11/2011 - 21:00:53 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 04:31:38 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 28/11/2011 - 21:00:53 - [7,008] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 07/12/2012 - 21:51:09 - [0,319] ----D C:\Program Files (x86)\Yontoo
O43 - CFD: 08/05/2012 - 15:11:26 - [38,791] ----D C:\Program Files (x86)\Yuna Software
O43 - CFD: 03/02/2013 - 22:00:10 - [11,884] ----D C:\Program Files (x86)\ZHPDiag
O43 - CFD: 17/10/2012 - 20:55:37 - [6,274] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 27/10/2011 - 13:18:58 - [30,069] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 13/09/2012 - 18:20:32 - [105,867] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 17/07/2012 - 17:07:30 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 27/10/2011 - 13:08:39 - [0,165] ----D C:\Program Files (x86)\Common Files\EgisTec
O43 - CFD: 02/12/2012 - 20:13:06 - [6,882] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 28/11/2011 - 12:11:55 - [12,691] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 23/10/2012 - 20:03:53 - [33,454] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 28/11/2011 - 12:25:25 - [0,625] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 17/06/2012 - 20:30:28 - [0,789] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 22/12/2012 - 18:24:44 - [0,043] ----D C:\Program Files (x86)\Common Files\Microsoft Games
O43 - CFD: 17/07/2012 - 17:07:31 - [36,781] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 27/10/2011 - 12:30:18 - [0,154] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 08/05/2012 - 13:24:56 - [2,056] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 04/05/2012 - 20:48:11 - [9,767] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 27/10/2011 - 12:46:40 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 13/09/2012 - 18:21:09 - [2,775] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 27/10/2011 - 12:45:44 - [0,518] ----D C:\ProgramData\Acer
O43 - CFD: 27/11/2012 - 21:05:30 - [152,730] ----D C:\ProgramData\Adobe
O43 - CFD: 08/05/2012 - 19:15:45 - [95,857] ----D C:\ProgramData\Apple
O43 - CFD: 08/05/2012 - 19:16:30 - [49,870] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 10/06/2012 - 18:51:03 - [39,157] ----D C:\ProgramData\AVAST Software
O43 - CFD: 07/12/2012 - 17:02:26 - [0] ----D C:\ProgramData\Babylon
O43 - CFD: 27/10/2011 - 13:15:53 - [0,385] ----D C:\ProgramData\BackupManager
O43 - CFD: 18/01/2013 - 21:38:17 - [7,621] ----D C:\ProgramData\BrowserProtect
O43 - CFD: 03/05/2012 - 22:00:07 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 28/11/2011 - 12:31:36 - [0,000] ----D C:\ProgramData\CLSK
O43 - CFD: 19/12/2012 - 21:01:44 - [0,008] ----D C:\ProgramData\CyberLink
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 28/11/2011 - 12:09:34 - [0] ----D C:\ProgramData\EgisTec
O43 - CFD: 28/11/2011 - 12:31:49 - [0,268] ----D C:\ProgramData\EgisTec IPS
O43 - CFD: 27/10/2011 - 12:41:15 - [0] ----D C:\ProgramData\Evernote
O43 - CFD: 03/05/2012 - 22:00:07 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 08/05/2012 - 17:21:25 - [9,026] ----D C:\ProgramData\Fighters
O43 - CFD: 28/11/2011 - 12:25:26 - [0,003] ----D C:\ProgramData\FLEXnet
O43 - CFD: 27/10/2011 - 13:19:00 - [0] ----D C:\ProgramData\Fooz Kids
O43 - CFD: 17/05/2012 - 22:18:14 - [21,160] ----D C:\ProgramData\HP
O43 - CFD: 06/05/2012 - 16:04:59 - [58,591] ----D C:\ProgramData\HP Photo Creations
O43 - CFD: 28/11/2011 - 12:22:15 - [0,001] ----D C:\ProgramData\Intel
O43 - CFD: 04/05/2012 - 21:37:13 - [17,382] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 28/08/2012 - 16:45:14 - [0,281] ----D C:\ProgramData\McAfee
O43 - CFD: 17/10/2012 - 20:55:56 - [0,001] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 03/05/2012 - 22:00:07 - [0] --H-D C:\ProgramData\Menu D�marrer
O43 - CFD: 26/07/2012 - 21:37:15 - [0,038] ----D C:\ProgramData\Messenger Plus! for Skype
O43 - CFD: 22/12/2012 - 18:24:01 - [-1607,656] -S--D C:\ProgramData\Microsoft
O43 - CFD: 03/05/2012 - 22:00:07 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 03/05/2012 - 23:17:02 - [0,034] ----D C:\ProgramData\Mozilla
O43 - CFD: 27/10/2011 - 13:20:25 - [0,000] ----D C:\ProgramData\newsXpresso
O43 - CFD: 28/11/2011 - 12:26:29 - [0] ----D C:\ProgramData\NTI Launcher
O43 - CFD: 28/11/2011 - 12:21:43 - [18,961] ----D C:\ProgramData\NVIDIA
O43 - CFD: 28/11/2011 - 12:14:46 - [0,955] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 03/05/2012 - 22:03:26 - [0,001] ----D C:\ProgramData\oem
O43 - CFD: 26/09/2012 - 21:34:09 - [9,775] ----D C:\ProgramData\Samsung
O43 - CFD: 05/09/2012 - 18:21:29 - [42,769] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 08/05/2012 - 22:55:03 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 12/01/2013 - 20:36:54 - [0,000] ----D C:\ProgramData\SweetIM
O43 - CFD: 27/10/2011 - 13:10:02 - [0,054] ----D C:\ProgramData\Symantec
O43 - CFD: 07/12/2012 - 21:51:07 - [1,661] ----D C:\ProgramData\Tarma Installer
O43 - CFD: 05/12/2012 - 20:00:32 - [0,911] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 06:08:56 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 20/07/2012 - 15:57:55 - [0] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 18/01/2013 - 19:55:35 - [1389,528] ----D C:\ProgramData\WildTangent
O43 - CFD: 08/05/2012 - 20:52:18 - [0,179] ----D C:\ProgramData\WindSolutions
O43 - CFD: 08/05/2012 - 19:17:34 - [0,002] ----D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
O43 - CFD: 06/05/2012 - 09:58:11 - [3,494] ----D C:\Users\yoy\AppData\Roaming\Adobe
O43 - CFD: 22/12/2012 - 12:26:31 - [0,332] ----D C:\Users\yoy\AppData\Roaming\Anuman Interactive
O43 - CFD: 08/05/2012 - 19:21:28 - [787,057] ----D C:\Users\yoy\AppData\Roaming\Apple Computer
O43 - CFD: 07/12/2012 - 17:02:26 - [0,024] ----D C:\Users\yoy\AppData\Roaming\Babylon
O43 - CFD: 06/05/2012 - 09:33:24 - [0,003] ----D C:\Users\yoy\AppData\Roaming\CyberLink
O43 - CFD: 18/01/2013 - 21:38:17 - [0,087] ----D C:\Users\yoy\AppData\Roaming\DealPly
O43 - CFD: 03/02/2013 - 17:58:22 - [48,458] ----D C:\Users\yoy\AppData\Roaming\Dropbox
O43 - CFD: 12/01/2013 - 21:14:30 - [0,005] ----D C:\Users\yoy\AppData\Roaming\EasyBurner
O43 - CFD: 08/05/2012 - 17:18:04 - [0,589] ----D C:\Users\yoy\AppData\Roaming\Fighters
O43 - CFD: 01/07/2012 - 09:58:18 - [0,001] ----D C:\Users\yoy\AppData\Roaming\Garmin
O43 - CFD: 08/05/2012 - 13:35:42 - [0] ----D C:\Users\yoy\AppData\Roaming\GetRightToGo
O43 - CFD: 03/07/2012 - 19:54:35 - [0,013] ----D C:\Users\yoy\AppData\Roaming\HpUpdate
O43 - CFD: 03/05/2012 - 22:03:05 - [0] ----D C:\Users\yoy\AppData\Roaming\Identities
O43 - CFD: 27/10/2011 - 13:18:58 - [0,059] ----D C:\Users\yoy\AppData\Roaming\Macromedia
O43 - CFD: 04/05/2012 - 21:37:30 - [8,027] ----D C:\Users\yoy\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - 08:16:41 - [0] ----D C:\Users\yoy\AppData\Roaming\Media Center Programs
O43 - CFD: 22/12/2012 - 18:09:30 - [13,011] -S--D C:\Users\yoy\AppData\Roaming\Microsoft
O43 - CFD: 09/01/2013 - 22:16:45 - [0,006] ----D C:\Users\yoy\AppData\Roaming\MotioninJoy
O43 - CFD: 03/05/2012 - 23:17:49 - [53,505] ----D C:\Users\yoy\AppData\Roaming\Mozilla
O43 - CFD: 08/05/2012 - 17:43:17 - [1,851] ----D C:\Users\yoy\AppData\Roaming\MP3Rocket
O43 - CFD: 08/12/2012 - 10:11:46 - [0,542] ----D C:\Users\yoy\AppData\Roaming\OfferBox
O43 - CFD: 01/12/2012 - 08:49:00 - [0] ----D C:\Users\yoy\AppData\Roaming\PerformerSoft
O43 - CFD: 26/11/2012 - 19:56:21 - [5,688] ----D C:\Users\yoy\AppData\Roaming\Samsung
O43 - CFD: 18/01/2013 - 22:40:12 - [5,963] ----D C:\Users\yoy\AppData\Roaming\SearchProtect
O43 - CFD: 26/07/2012 - 21:41:31 - [2,506] ----D C:\Users\yoy\AppData\Roaming\Skype
O43 - CFD: 29/08/2012 - 09:12:33 - [0,608] ----D C:\Users\yoy\AppData\Roaming\SoftGrid Client
O43 - CFD: 04/05/2012 - 20:16:45 - [59,996] ----D C:\Users\yoy\AppData\Roaming\Thunderbird
O43 - CFD: 17/07/2012 - 17:08:34 - [0] ----D C:\Users\yoy\AppData\Roaming\TP
O43 - CFD: 09/01/2013 - 23:25:17 - [1,669] ----D C:\Users\yoy\AppData\Roaming\uTorrent
O43 - CFD: 26/11/2012 - 19:11:47 - [0,009] ----D C:\Users\yoy\AppData\Roaming\VSO
O43 - CFD: 18/01/2013 - 19:53:53 - [3,120] ----D C:\Users\yoy\AppData\Roaming\WildTangent
O43 - CFD: 08/05/2012 - 20:52:20 - [48,894] ----D C:\Users\yoy\AppData\Roaming\WindSolutions
O43 - CFD: 03/05/2012 - 22:00:37 - [0,016] ----D C:\Users\yoy\AppData\Local\Acer
O43 - CFD: 06/05/2012 - 09:58:11 - [31,938] ----D C:\Users\yoy\AppData\Local\Adobe
O43 - CFD: 08/05/2012 - 19:16:01 - [0] ----D C:\Users\yoy\AppData\Local\Apple
O43 - CFD: 08/05/2012 - 19:17:45 - [23,550] ----D C:\Users\yoy\AppData\Local\Apple Computer
O43 - CFD: 03/05/2012 - 22:00:18 - [0] ----D C:\Users\yoy\AppData\Local\Application Data
O43 - CFD: 18/01/2013 - 22:35:22 - [1,836] ----D C:\Users\yoy\AppData\Local\Conduit
O43 - CFD: 07/12/2012 - 21:51:27 - [0] ----D C:\Users\yoy\AppData\Local\CouponDropDown
O43 - CFD: 18/01/2013 - 22:35:07 - [5,232] ----D C:\Users\yoy\AppData\Local\CRE
O43 - CFD: 19/12/2012 - 21:00:02 - [0] ----D C:\Users\yoy\AppData\Local\Cyberlink
O43 - CFD: 21/09/2012 - 21:52:29 - [89,646] ----D C:\Users\yoy\AppData\Local\Downloaded Installations
O43 - CFD: 03/05/2012 - 22:10:19 - [0,000] ----D C:\Users\yoy\AppData\Local\EgisTec IPS
O43 - CFD: 12/01/2013 - 20:29:11 - [0,041] ----D C:\Users\yoy\AppData\Local\Giant Savings Extension
O43 - CFD: 18/01/2013 - 22:45:46 - [422,434] ----D C:\Users\yoy\AppData\Local\Google
O43 - CFD: 03/05/2012 - 22:00:18 - [0] ----D C:\Users\yoy\AppData\Local\Historique
O43 - CFD: 17/05/2012 - 22:28:37 - [0,220] ----D C:\Users\yoy\AppData\Local\HP
O43 - CFD: 08/12/2012 - 19:04:39 - [20,752] ----D C:\Users\yoy\AppData\Local\IFM39
O43 - CFD: 10/06/2012 - 18:35:19 - [0] ----D C:\Users\yoy\AppData\Local\Macromedia
O43 - CFD: 22/12/2012 - 18:28:05 - [1821,818] ----D C:\Users\yoy\AppData\Local\Microsoft
O43 - CFD: 04/05/2012 - 21:55:40 - [0,195] ----D C:\Users\yoy\AppData\Local\MigWiz
O43 - CFD: 03/05/2012 - 23:17:13 - [81,329] ----D C:\Users\yoy\AppData\Local\Mozilla
O43 - CFD: 07/12/2012 - 17:02:01 - [0] ----D C:\Users\yoy\AppData\Local\Programs
O43 - CFD: 26/09/2012 - 21:35:39 - [0,015] ----D C:\Users\yoy\AppData\Local\Samsung
O43 - CFD: 17/07/2012 - 17:08:25 - [0,434] ----D C:\Users\yoy\AppData\Local\SoftGrid Client
O43 - CFD: 08/12/2012 - 20:44:19 - [0] ----D C:\Users\yoy\AppData\Local\Software
O43 - CFD: 03/02/2013 - 21:57:10 - [1647,484] ----D C:\Users\yoy\AppData\Local\Temp
O43 - CFD: 03/05/2012 - 22:00:18 - [0] ----D C:\Users\yoy\AppData\Local\Temporary Internet Files
O43 - CFD: 17/06/2012 - 18:14:47 - [22,145] ----D C:\Users\yoy\AppData\Local\Thunderbird
O43 - CFD: 03/05/2012 - 23:14:14 - [0,215] ----D C:\Users\yoy\AppData\Local\VirtualStore
O43 - CFD: 07/12/2012 - 21:51:15 - [0,054] ----D C:\Users\yoy\AppData\Local\Wajam
O43 - CFD: 12/01/2013 - 20:36:57 - [0,109] ----D C:\Users\yoy\AppData\Local\Windows Live
O43 - CFD: 18/10/2012 - 19:12:31 - [0] ----D C:\Users\yoy\AppData\Local\{292547B5-4C78-4075-8AD9-B2D6DCC08C1F}
O43 - CFD: 24/09/2012 - 18:53:15 - [0] ----D C:\Users\yoy\AppData\Local\{46C542AD-9F53-4EA8-9298-5BBF54647E94}
O43 - CFD: 08/05/2012 - 15:12:23 - [0] ----D C:\Users\yoy\AppData\Local\{4964E5EE-31EA-4F76-ADA2-F81EE31FD97F}
O43 - CFD: 08/05/2012 - 13:39:03 - [0] ----D C:\Users\yoy\AppData\Local\{4D8A6A9E-500A-4FE1-A3F9-FE2216D7F547}
O43 - CFD: 22/06/2012 - 20:35:59 - [0] ----D C:\Users\yoy\AppData\Local\{6748E41A-5879-41D8-AE91-7ED1980C2246}
O43 - CFD: 08/05/2012 - 15:12:12 - [0] ----D C:\Users\yoy\AppData\Local\{6A02E4E5-60BD-459C-9C30-08A86A8D46D4}
O43 - CFD: 22/06/2012 - 20:35:40 - [0] ----D C:\Users\yoy\AppData\Local\{84529358-3D3B-40FC-909D-45D91ADAF8D9}
O43 - CFD: 08/06/2012 - 21:10:39 - [0] ----D C:\Users\yoy\AppData\Local\{9999B59E-E59C-40BA-83CF-5F593EB61B56}
O43 - CFD: 16/08/2012 - 18:43:01 - [0] ----D C:\Users\yoy\AppData\Local\{9E8A2772-72D3-4FEF-BA37-B9214E9F76AC}
O43 - CFD: 08/06/2012 - 21:11:08 - [0] ----D C:\Users\yoy\AppData\Local\{9F32CB9D-59C8-46EF-9D26-2BC93CAA4212}
O43 - CFD: 08/06/2012 - 21:10:50 - [0] ----D C:\Users\yoy\AppData\Local\{A24F7032-DF48-4E35-B8BE-180F1C5A2226}
O43 - CFD: 12/01/2013 - 20:30:02 - [0] ----D C:\Users\yoy\AppData\Local\{ABC27EDF-AB0B-49A3-A089-A3D30680825E}
O43 - CFD: 19/09/2012 - 19:31:52 - [0] ----D C:\Users\yoy\AppData\Local\{AC9C9F0B-B899-410E-B78E-4F29E963C388}
O43 - CFD: 16/08/2012 - 18:43:12 - [0] ----D C:\Users\yoy\AppData\Local\{AFF94A9A-A462-4D8C-9C4E-C665F467A63E}
O43 - CFD: 26/10/2012 - 19:24:07 - [0] ----D C:\Users\yoy\AppData\Local\{BD94E9A0-AF8D-4B9D-923F-81B2107D0F8D}
O43 - CFD: 08/05/2012 - 14:01:20 - [0] ----D C:\Users\yoy\AppData\Local\{CD37E56F-C1B7-4FC1-B4A2-96C5357EB9E7}
O43 - CFD: 15/08/2012 - 19:23:38 - [0] ----D C:\Users\yoy\AppData\Local\{D64003DD-F870-4AC7-BA85-F0858AFD2940}
O43 - CFD: 15/08/2012 - 19:23:27 - [0] ----D C:\Users\yoy\AppData\Local\{D6933E4F-72CB-4BC6-B328-D95C718C9140}
O43 - CFD: 14/07/2009 - 05:54:32 - [0,014] R---D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/07/2012 - 20:20:01 - [0,000] R---D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 18/01/2013 - 21:38:23 - [0,001] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
O43 - CFD: 08/05/2012 - 20:37:42 - [0,003] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
O43 - CFD: 18/01/2013 - 21:38:22 - [0,004] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
O43 - CFD: 02/02/2013 - 22:25:06 - [0,002] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 15/01/2013 - 20:57:47 - [0,002] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 08/12/2012 - 19:04:39 - [0,003] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\INFORAD
O43 - CFD: 14/07/2009 - 05:49:38 - [0,001] R---D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 08/05/2012 - 17:41:21 - [0,003] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3 Rocket
O43 - CFD: 02/02/2013 - 22:25:15 - [0,005] R---D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 07/12/2012 - 21:51:18 - [0,001] ----D C:\Users\yoy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
~ Scan Program Folder in 00mn 11s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.BEFC97A51F5CE59295B0EA0E54AE733E] - 03/02/2013 - 18:54:23 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1302331]
O44 - LFC:[MD5.93A81DBEBF437DF6138816DBCB72696E] - 03/02/2013 - 17:56:53 ---A- . (...) -- C:\Windows\setupact.log [68435]
O44 - LFC:[MD5.42F461B829E46E3DD4E4048DDF7B5A14] - 03/02/2013 - 17:56:41 --HA- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.F9F8F4116A9998F33F30290B7A7D3235] - 02/02/2013 - 22:25:15 ---A- . (...) -- C:\Windows\wininit.ini [343]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/02/2013 - 22:17:14 ---A- . (...) -- C:\END [0]
O44 - LFC:[MD5.0BEF5E5ED6CD6FADE40CC4D1CD3DE5EB] - 22/01/2013 - 18:45:17 ---A- . (...) -- C:\Windows\PFRO.log [63510]
O44 - LFC:[MD5.94BCE5A03EF5F9340AD9095E0D409C82] - 17/01/2013 - 01:28:58 . (...) -- C:\Windows\System32\MpSigStub.exe [420064]
O44 - LFC:[MD5.3FBF25752E780075E563AB3B1005C418] - 12/01/2013 - 20:45:53 . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\perfc009.dat [44544]
O44 - LFC:[MD5.3908E647D6FBF32B4F1C27F019D8BEEF] - 12/01/2013 - 20:45:53 . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\perfc00C.dat [44544]
O44 - LFC:[MD5.B7E99D1E746573A2954EBDFAA8DA78E6] - 12/01/2013 - 20:45:53 . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\perfh009.dat [44544]
O44 - LFC:[MD5.B9545561387FD9BB0FEA09B3CDF6F2A8] - 12/01/2013 - 20:45:53 . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\perfh00C.dat [44544]
O44 - LFC:[MD5.0FEF016D05E89AB65457862CBA408EFA] - 12/01/2013 - 20:45:53 ----- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1551212]
O44 - LFC:[MD5.0FEF016D05E89AB65457862CBA408EFA] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1551212]
O44 - LFC:[MD5.3FBF25752E780075E563AB3B1005C418] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106574]
O44 - LFC:[MD5.3908E647D6FBF32B4F1C27F019D8BEEF] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130940]
O44 - LFC:[MD5.B7E99D1E746573A2954EBDFAA8DA78E6] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [616452]
O44 - LFC:[MD5.B9545561387FD9BB0FEA09B3CDF6F2A8] - 12/01/2013 - 20:45:53 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704924]
O44 - LFC:[MD5.4B4050855236C4656EEBDF225E3480FA] - 09/01/2013 - 22:16:45 ---A- . (.Logicool Co. Ltd. - Logicool Force Feedback Driver.) -- C:\Windows\SysNative\MijFrc.dll [328712]
O44 - LFC:[MD5.CA1B2BC368A853E77F48E223E47B7FDE] - 09/01/2013 - 18:42:39 . (.Microsoft - Syst�me de classement ESRB.) -- C:\Windows\System32\FNTCACHE.DAT [51712]
O44 - LFC:[MD5.CA1B2BC368A853E77F48E223E47B7FDE] - 09/01/2013 - 18:42:39 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [289200]
O44 - LFC:[MD5.997938D423CE830161CB6059434E3C9F] - 09/01/2013 - 00:05:06 ---A- . (.Microsoft - Syst�me de classification OFLC-NZ.) -- C:\Windows\SysNative\oflc-nz.rs [45568]
O44 - LFC:[MD5.997938D423CE830161CB6059434E3C9F] - 09/01/2013 - 00:05:06 ---A- . (.Microsoft - Syst�me de classification OFLC-NZ.) -- C:\Windows\System32\oflc-nz.rs [45568]
O44 - LFC:[MD5.EBB73E4E8CA01089CF74ECE506EB7607] - 09/01/2013 - 00:05:06 ---A- . (.Microsoft - Syst�me de notation CSRR.) -- C:\Windows\SysNative\csrr.rs [43520]
O44 - LFC:[MD5.EBB73E4E8CA01089CF74ECE506EB7607] - 09/01/2013 - 00:05:06 ---A- . (.Microsoft - Syst�me de notation CSRR.) -- C:\Windows\System32\csrr.rs [43520]
O44 - LFC:[MD5.54B11BB2AFBC3D5EBA9C96F0C1820B9B] - 09/01/2013 - 00:05:04 ---A- . (.Microsoft - Syst�me de classification FPB.) -- C:\Windows\SysNative\fpb.rs [46592]
O44 - LFC:[MD5.54B11BB2AFBC3D5EBA9C96F0C1820B9B] - 09/01/2013 - 00:05:04 ---A- . (.Microsoft - Syst�me de classification FPB.) -- C:\Windows\System32\fpb.rs [46592]
O44 - LFC:[MD5.C4B0793E4B97AA36A2A8C81A7AA1979A] - 09/01/2013 - 00:05:03 ---A- . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\SysNative\pegibbfc.rs [44544]
O44 - LFC:[MD5.C4B0793E4B97AA36A2A8C81A7AA1979A] - 09/01/2013 - 00:05:03 ---A- . (.Microsoft - Syst�me de classement PEGI/BBFC.) -- C:\Windows\System32\pegibbfc.rs [44544]
O44 - LFC:[MD5.A2E0F1E01A0983E9C94565BBEC862BF7] - 09/01/2013 - 00:05:03 ---A- . (.Microsoft - Syst�me de classification COB-AU.) -- C:\Windows\SysNative\cob-au.rs [40960]
O44 - LFC:[MD5.A2E0F1E01A0983E9C94565BBEC862BF7] - 09/01/2013 - 00:05:03 ---A- . (.Microsoft - Syst�me de classification COB-AU.) -- C:\Windows\System32\cob-au.rs [40960]
O44 - LFC:[MD5.5C48A43FC30FC61ECB1335DC646686BC] - 09/01/2013 - 00:05:01 ---A- . (.Microsoft - Syst�me de classement USK.) -- C:\Windows\SysNative\usk.rs [30720]
O44 - LFC:[MD5.5C48A43FC30FC61ECB1335DC646686BC] - 09/01/2013 - 00:05:01 ---A- . (.Microsoft - Syst�me de classement USK.) -- C:\Windows\System32\usk.rs [30720]
O44 - LFC:[MD5.65A8302C7551CFE45FAA2BC085C9E7E2] - 09/01/2013 - 00:05:00 ---A- . (.Microsoft - Syst�me de classification DJCTQ.) -- C:\Windows\SysNative\djctq.rs [15360]
O44 - LFC:[MD5.65A8302C7551CFE45FAA2BC085C9E7E2] - 09/01/2013 - 00:05:00 ---A- . (.Microsoft - Syst�me de classification DJCTQ.) -- C:\Windows\System32\djctq.rs [15360]
O44 - LFC:[MD5.4489D5D2CB4BA0799F3FB4625DE181CF] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement GRB.) -- C:\Windows\SysNative\grb.rs [21504]
O44 - LFC:[MD5.4489D5D2CB4BA0799F3FB4625DE181CF] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement GRB.) -- C:\Windows\System32\grb.rs [21504]
O44 - LFC:[MD5.6D540AF9B183FC97DC4CC54369561548] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement PEGI au Portugal.) -- C:\Windows\SysNative\pegi-pt.rs [20480]
O44 - LFC:[MD5.6D540AF9B183FC97DC4CC54369561548] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement PEGI au Portugal.) -- C:\Windows\System32\pegi-pt.rs [20480]
O44 - LFC:[MD5.661AE5EAC62C4598DD01795CEB915BAE] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement PEGI.) -- C:\Windows\SysNative\pegi.rs [20480]
O44 - LFC:[MD5.661AE5EAC62C4598DD01795CEB915BAE] - 09/01/2013 - 00:04:59 ---A- . (.Microsoft - Syst�me de classement PEGI.) -- C:\Windows\System32\pegi.rs [20480]
O44 - LFC:[MD5.51D25C805A01A2C4F930F9720CF51FFE] - 09/01/2013 - 00:04:55 ---A- . (.Microsoft - Syst�me de classement ESRB.) -- C:\Windows\SysNative\esrb.rs [51712]
O44 - LFC:[MD5.51D25C805A01A2C4F930F9720CF51FFE] - 09/01/2013 - 00:04:55 ---A- . (.Microsoft - Syst�me de classement ESRB.) -- C:\Windows\System32\esrb.rs [51712]
O44 - LFC:[MD5.9BB05674E013C35F4DAED51F5015355D] - 09/01/2013 - 00:04:55 ---A- . (.Microsoft - Syst�me de classement PEGI en Finlande.) -- C:\Windows\SysNative\pegi-fi.rs [20480]
O44 - LFC:[MD5.9BB05674E013C35F4DAED51F5015355D] - 09/01/2013 - 00:04:55 ---A- . (.Microsoft - Syst�me de classement PEGI en Finlande.) -- C:\Windows\System32\pegi-fi.rs [20480]
O44 - LFC:[MD5.D0C01412FBF59C1C25630C49F0C1B803] - 09/01/2013 - 00:04:54 ---A- . (.Microsoft - Syst�me de classement CERO.) -- C:\Windows\SysNative\cero.rs [55296]
O44 - LFC:[MD5.D0C01412FBF59C1C25630C49F0C1B803] - 09/01/2013 - 00:04:54 ---A- . (.Microsoft - Syst�me de classement CERO.) -- C:\Windows\System32\cero.rs [55296]
O44 - LFC:[MD5.4773EB5962548068547214A620E9ACC3] - 09/01/2013 - 00:04:54 ---A- . (.Microsoft - Syst�me de classement OFLC.) -- C:\Windows\SysNative\oflc.rs [23552]
O44 - LFC:[MD5.4773EB5962548068547214A620E9ACC3] - 09/01/2013 - 00:04:54 ---A- . (.Microsoft - Syst�me de classement OFLC.) -- C:\Windows\System32\oflc.rs [23552]
O44 - LFC:[MD5.1BCDB508143B517F21BBDAC10F5777BF] - 09/01/2013 - 00:04:23 . (.Microsoft - Syst�me de classification COB-AU.) -- C:\Windows\System32\conhost.exe [40960]
O44 - LFC:[MD5.8ACC1EFC15C4EA1243FF0A48B397BCC1] - 09/01/2013 - 00:02:58 . (...) -- C:\Windows\System32\MRT.exe [420064]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30/11/2012 - 00:15:43 ---A- . (...) -- C:\Windows\SysNative\locale.nls [420064]
O44 - LFC:[MD5.1153AC6E133AA849853DFD407B086B80] - 30/11/2012 - 00:15:43 ---A- . (...) -- C:\Windows\System32\locale.nls [420064]
O44 - LFC:[MD5.639774C9ACD063F028F6084ABF5593AD] - 23/11/2012 - 04:13:57 . (...) -- C:\Windows\System32\taskhost.exe [1551212]
O44 - LFC:[MD5.4B4050855236C4656EEBDF225E3480FA] - 03/05/2010 - 16:12:42 . (...) -- C:\Windows\System32\MijFrc.dll [420064]
~ Scan Files in 00mn 09s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l��diteur de configuration de s�curit� Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package�v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d�extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:[MD5.6CE397C482BEDE91A38E56A8C4A0DC6D] - 28/06/2004 - 15:08:56 ----- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\Windows\SysWOW64\drivers\ser2pl.sys [42752]
O58 - SDL:[MD5.A16FB34E56C781DC56BE7492315655B9] - 03/08/2005 - 16:05:02 ----- . (.Prolific Technology Inc. - USB-Serial USB Driver.) -- C:\Windows\SysWOW64\SER9PL.sys [35892]
~ Scan Drivers in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.34 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 30/10/2012 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 15/10/2012 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 27/10/2011 - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys (mwlPSDFilter) .(.Egis Technology Inc. - PSD Mini Filter Driver.) - LEGACY_MWLPSDFILTER
O64 - Services: CurCS - 27/10/2011 - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys (mwlPSDNServ) .(.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV
O64 - Services: CurCS - 27/10/2011 - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys (mwlPSDVDisk) .(.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 01/10/2011 - C:\Windows\System32\DRIVERS\Sftvollh.sys (Sftvol) .(.Microsoft Corporation - Microsoft Application Virtualization Volume.) - LEGACY_SFTVOL
O64 - Services: CurCS - 14/07/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de clich� instantan� du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
~ Scan Services in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1354996656258,\"isWithState\"[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("avg.install.userHPSettings", "^http://www\\.claro-search\\.com/\\?affID=114506.*");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("avg.install.userSPSettings", "Claro Search");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("browser.newtab.url", "http://search.babylon.com/?affID=113357&tt=0313_6&babsrc=NT_ss&mntrId=ae07337d00000000000016de2b9[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("browser.search.defaultenginename", "SweetIM Search");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("browser.search.selectedEngine", "SweetIM Search");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.admin", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.aflt", "babsst");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.dfltLng", "en");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.excTlbr", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.id", "ae07337d00000000000016de2b938653");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.instlDay", "15723");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.instlRef", "sst");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.rvrt", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.tlbrId", "base");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=ae07337d00000000000016de2b9386[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.babExt", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113357&tt=0313_6");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.excTlbr", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.newTab", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.221:38:06");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.admin", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.aflt", "babsst");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.dfltLng", "en");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.excTlbr", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.id", "ae07337d00000000000074de2b938653");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.instlDay", "15675");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.instlRef", "sst");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.prdct", "claro");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.prtnrId", "claro");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.tlbrId", "irhnew");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.tlbrSrchUrl", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.vrsn", "1.8.3.10");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro.vrsni", "1.8.3.10");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro_i.smplGrp", "none");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.claro_i.vrsnTs", "1.8.3.108:47:06");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossrider.bic", "13b77271fed949b034f766cd14a62ff8");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp21810.adsOldValue", 14);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationThankYouPage", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationTime", 1354913482);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationUserSettings.searchUserConifrmation", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationUserSettings.setHomepage", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationUserSettings.setNewTab", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.InstallationUserSettings.setSearch", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.active", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.addressbar", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.addressbarenhanced", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.backgroundjs", "\n\n//\n");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.backgroundver", 32);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.can_run_bg_code", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.certdomaininstaller", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.changeprevious", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.InstallationTime.value", "1354913482");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_aoi.value", "1354913482");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_arbitrary_code.expiration", "Sun Feb 03 2013 18:09:56 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_arbitrary_code.value", "%22%28function%28%29%7B_GPL_PLUGIN.countryCode%26[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_blocklist.expiration", "Sun Feb 03 2013 18:09:56 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_cf_bu1.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_cf_bu1.value", "1359911100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_country_code.expiration", "Sun Feb 10 2013 17:59:52 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_country_code.value", "%22FR%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_crr.value", "1359910997");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_currenttime.value", "%221359648346%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_hotfix20111102645.value", "%221%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_parent_zoneid.value", "%2214019%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_pc_20120828.value", "1354990977596");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_product_id.value", "%221162%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_sr[megavod.fr].expiration", "Sun Feb 10 2013 18:00:52 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_sr[megavod.fr].value", "1359910852");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_sr_halt.expiration", "Sun Feb 03 2013 18:15:52 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_sr_halt.value", "1359910852");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie._GPL_zoneid.value", "%22116513%22");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.dbtest.value", "1354990901301");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.cookie.lastrequest.value", "%7B%22path%22%3A%22/home.asp%22%2C%22host%22%3A%22www.gay[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.description", "CouponDropDown saves you money by displaying coupons while you shop on[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.domain", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.enablesearch", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.fbremoteurl", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.group", 0);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.homepage", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.iframe", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22DA8A9276941F4885[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_appVer.value", "85");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_lastVersion.value", "0");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_meta.value", "%7B%7D");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_nextCheck.expiration", "Sun Feb 03 2013 23:59:55 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_nextCheck.value", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_queue.value", "%7B%7D");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.SoftwareDetected.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%22%3Afalse%2C%22Wireshark%22%3[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.star[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.manifesturl", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.name", "CouponDropDown");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.newtab", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.opensearch", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if([...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1.ver", 3);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=func[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000014.ver", 15);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},r[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_1000015.ver", 27);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(w[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_13.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={}}var CR__bIsIEW[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_14.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!=true[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_16.ver", 4);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScri[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_17.ver", 3);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_21.name", "debug");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_21.ver", 3);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:functio[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_22.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:a[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_28.name", "initializer");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_28.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com | jquery.org/license */\n(funct[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_4.name", "jquery_1_7_1");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_4.ver", 3);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isRea[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_47.name", "resources_background");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_47.ver", 1);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function(j[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_64.name", "appApiMessage");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_64.ver", 1);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function([...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_72.name", "appApiValidation");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_72.ver", 1);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof navigato[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_78.name", "CrossriderInfo");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins.plugin_78.ver", 2);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins_lists.plugins_0", "4,14,78,16,64,47,72,1000015");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,1000014,28");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.pluginsurl", "http://app-static.crossrider.com/plugin/apps/4352/plugins/087/ff/plugin[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.pluginsversion", 52);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.publisher", "215 Apps");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.searchstatus", 0);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.setnewtab", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.settingsurl", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.thankyou", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.updateinterval", 360);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.4352.ver", 85);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.apps", "4352");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.bic", "13b77271fed949b034f766cd14a62ff8");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.cid", 4352);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.firstrun", false);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.hadappinstalled", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.installationdate", 1354913751);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.lastcheck", 22665180);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.lastcheckitem", 22665185);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.modetype", "production");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("extensions.crossriderapp4352.reportInstall", true);
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("keyword.URL", "http://search.sweetim.com/search.asp?barid={359410EE-BD53-4A37-8A4D-6892AAC14AF9}&src=2&q=");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.RevertDialog.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.Visibility.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.cda.returnValue", "disable");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.height", "335");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.0.width", "761");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.height", "300");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.1.width", "500");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.height", "150");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.url", "http://www.sweetim.com/simffbar/simcdadialog.asp");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dialogs.2.width", "530");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.mode.debug", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.newtab.created", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.newtab.enable", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "Search the web (Babylon)");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://www.google.fr/");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.previous.keyword.URL", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.callback", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.search.external", "
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.searchguard.enable", "false");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.simapp_id", "{359410EE-BD53-4A37-8A4D-6892AAC14AF9}");
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.10025&barid={359410EE-BD53-4A37-8A4D-6892AAC14A[...]
O69 - SBI: prefs.js [yoy - 5v3bpiug.default] user_pref("sweetim.toolbar.version", "1.9.0.0");
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {B37FCEE9-5F20-4F9A-9FB4-1D22907669A0} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {B800F3E4-E299-4532-98B9-FB51619DDB4F} - (01NET.com Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} [DefaultScope] - (SweetIM Search) - http://search.sweetim.com
~ Scan Keys in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d�acc�s distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l�application d�assistance � Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur h�te de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2428952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d�ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\Windows\System32\appinfo.dll [70656]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau � distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des th�mes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
~ Scan Services in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.57236868E9AF1882AE04132B13B2FA6F] [SPRF][05/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\1304.exe [47453208]
[MD5.D283A95A5031061534507A8C9B84EC2B] [SPRF][08/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\39624-92479-flight-simulator-x.exe [837844312]
[MD5.F59F192D75396538912A87A5A8447E70] [SPRF][07/06/2012] (.Ask.com - AskStub Application.) -- C:\Users\yoy\AppData\Local\Temp\ApnStub.exe [357032]
[MD5.602AE45EEB85FCE002C2BD541F5E3F89] [SPRF][18/01/2013] (.Conduit - Pas de description.) -- C:\Users\yoy\AppData\Local\Temp\conduitinstaller.exe [86080]
[MD5.953F9AE5A36C5C281FB0A1A75727FD37] [SPRF][08/12/2012] (.DealPly - DealPly.) -- C:\Users\yoy\AppData\Local\Temp\dealply.exe [484624]
[MD5.944DD52A7CC16D5D337630117D78002A] [SPRF][10/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe [1129600]
[MD5.B45C02C5D4CD2EC90A2D6F0CAA9FFE07] [SPRF][12/01/2013] (...) -- C:\Users\yoy\AppData\Local\Temp\ICReinstall_Nero12.exe [1210760]
[MD5.05FECA1B4B1F7F9D924191716AD3F0BA] [SPRF][16/01/2013] (.Pas de propri�taire - IncrediMail Installer.) -- C:\Users\yoy\AppData\Local\Temp\incredibar_installer.exe [463184]
[MD5.10CAFDC317E81EDB72089D6C93DAD2D7] [SPRF][01/11/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\InstallerBT.exe [1048039]
[MD5.B680820CEB9BD04E4A1814E1264C34D1] [SPRF][07/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\instloffer.exe [120544]
[MD5.107167F15D30AA71D7CAFC0326AFB315] [SPRF][08/06/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\yoy\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe [909104]
[MD5.8E51D3D38A26EEAC819974C9295AF35F] [SPRF][29/08/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\yoy\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe [908272]
[MD5.47C6B9B408CBB4DEE11A1EE517CD89BE] [SPRF][01/10/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\yoy\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe [912880]
[MD5.C6AA274F69EBDD86F75B7E3E4FA58AF4] [SPRF][31/01/2013] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\yoy\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe [915376]
[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [SPRF][12/01/2013] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\yoy\AppData\Local\Temp\mgsqlite3.dll [393016]
[MD5.69B84179CECF098858AD9B1E99E780B0] [SPRF][27/02/2012] (.Yuna Software - Messenger Plus! 5 Uninstaller.) -- C:\Users\yoy\AppData\Local\Temp\MsgPlusUninstall.exe [834560]
[MD5.77DFB27D68CE46659A3D5E93410C0B75] [SPRF][16/01/2013] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\yoy\AppData\Local\Temp\MyBabylonTB_google_20120807.exe [899224]
[MD5.B06CFD9F34B1678952AF713EA24B2F38] [SPRF][08/12/2012] (.Aedge Performance BCN SL - OfferBox setup.) -- C:\Users\yoy\AppData\Local\Temp\OB.exe [2446808]
[MD5.DA1DC01147EF4F882C39A2DFED5047AA] [SPRF][08/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\offerbox.exe [187344]
[MD5.D9DA3FDE1AEE64CEE57D4C57A538A53B] [SPRF][22/10/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\yoy\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe [7739736]
[MD5.831FFBBD4F25531DDE034A6879FFB565] [SPRF][08/05/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\yoy\AppData\Local\Temp\Shortcut_sweetimsetup.exe [334128]
[MD5.C6D792E4583FC46DB0953FBF6E46348A] [SPRF][12/01/2013] (.SweetIM Technologies Lt - This installer.) -- C:\Users\yoy\AppData\Local\Temp\SIMEEI2Installer.exe [2962432]
[MD5.7704B843006444B69486FD27D4660845] [SPRF][12/01/2013] (.SweetIM Technologies Lt - This installer.) -- C:\Users\yoy\AppData\Local\Temp\SIMEEIInstaller.exe [3380216]
[MD5.1BFD2D72861FF7DA31F33212DF2EA40B] [SPRF][26/07/2012] (.Skype Technologies S.A. - Skype.) -- C:\Users\yoy\AppData\Local\Temp\SkypeSetup.exe [25653936]
[MD5.73406FA9287B36CA4163797C73A2CD04] [SPRF][16/07/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\yoy\AppData\Local\Temp\tbedrs.dll [4451144]
[MD5.73406FA9287B36CA4163797C73A2CD04] [SPRF][16/07/2012] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\yoy\AppData\Local\Temp\tbuTor.dll [4451144]
[MD5.E35C4CA0FC282238E0A2BAFB1CAAFE5A] [SPRF][17/10/2012] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\yoy\AppData\Local\Temp\uninst1.exe [340632]
[MD5.42A4A556174887662EE0E00DC7B0A6B2] [SPRF][01/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\utt761C.tmp.exe [7732736]
[MD5.CBF9C44A4C35599989CA8BDA97DDC586] [SPRF][07/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\utt8AF0.tmp.bat [77]
[MD5.42A4A556174887662EE0E00DC7B0A6B2] [SPRF][07/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\utt9C04.tmp.exe [7732736]
[MD5.C82AB54C276A1734876D911EC622A7C2] [SPRF][07/12/2012] (...) -- C:\Users\yoy\AppData\Local\Temp\uttB8C5.tmp.bat [53]
[MD5.225CCDCFE5625795647043679CB77112] [SPRF][18/01/2013] (...) -- C:\Users\yoy\AppData\Local\Temp\wajam_install.exe [417256]
[MD5.AE7E0C99C5BC7D28325C0CD7885C851F] [SPRF][24/10/2012] (.Yontoo LLC - Installer.) -- C:\Users\yoy\AppData\Local\Temp\YontooSetup-S.exe [1062504]
~ Scan Files in 00mn 19s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)
O87 - FAEL: "{657B6721-50DE-45AA-B01F-2DA024949CFD}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O87 - FAEL: "{DCCD532B-945D-48E1-A6A2-1316A746286C}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.)
O87 - FAEL: "{9D28F029-9406-4905-A33A-9BBEF3EA40F7}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.)
O87 - FAEL: "{A2A34D0D-C88D-4B2E-B636-C17924D569FB}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{2D81732E-DE78-46E1-8586-2606AA9355C0}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{A255435A-6CE6-4A52-B4EF-209240D337C9}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{503FA021-5D7C-466D-B5BF-D89965DFB293}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{86CAEC61-1743-4BF1-A95E-E35FD868D591}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{C16A2F41-DDF6-4389-8D01-5160F531AAE8}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
O87 - FAEL: "{B538D20B-F6DD-449A-8C8A-B2F3ACB98814}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe (.not file.)
O87 - FAEL: "{8F60D09A-F5EB-42C4-83F7-FFF1711CE338}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (.not file.)
O87 - FAEL: "{EF3B227A-A2FE-4D62-98CA-C908E1CC3F3D}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe (.not file.)
O87 - FAEL: "{52BAFA50-91C2-4467-B152-8825B754E80C}" |In - Domain - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (.not file.)
O87 - FAEL: "{1E5998EB-16A3-47CF-996B-56254D2834F8}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (.not file.)
O87 - FAEL: "{B5DDF9B2-7728-42BD-96E2-32FFE837C1DE}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (.not file.)
O87 - FAEL: "{32718FDE-6EA5-4822-81D4-57392EF4A6BC}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe (.not file.)
O87 - FAEL: "{DBD35181-F14F-4FA6-AF1F-60E60C4A7A05}" |In - None - P6 - TRUE | .(...) -- C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe (.not file.)
O87 - FAEL: "{C72BF584-FB71-4E99-8822-A969E4CAC166}" | In - None - P17 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
O87 - FAEL: "{6C697FD8-D42D-407C-8131-C657F9528CDE}" | In - None - P17 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
O87 - FAEL: "{2CB1D982-FDBA-45CD-A950-FE4E8907C5C0}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O87 - FAEL: "{131DA0AB-A174-4F1B-8454-D5F76057FC49}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O87 - FAEL: "{59EC8DD8-66D8-49E7-B4FC-9108E46EC715}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{7696402F-FB16-4FCC-99F7-103E16F64EB9}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{6C543062-D51F-4323-81CA-7B49A73E8CE4}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{345956B6-D8F1-4A8A-9FAF-C12B2FBB7CC4}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{CD87C3DB-6477-4FD6-A640-FFC7DC9715A7}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O87 - FAEL: "{6FA5AC23-C1A7-4CE4-BA45-E1C14C0ABC81}" | In - None - P17 - TRUE | .(.Hewlett-Packard Co. - DeviceSetup.exe.) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
O87 - FAEL: "{1C2354C3-A810-4F88-88AB-FD46FD3823E8}" | In - None - P17 - TRUE | .(.Hewlett-Packard Co. - HPNetworkCommunicator.) -- C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
O87 - FAEL: "{362AE083-B5AF-4DF4-9DBC-0B4A0A14685C}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Invit�\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.)
O87 - FAEL: "{9CC62362-8BAB-4409-A666-651EEF107646}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Invit�\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.)
O87 - FAEL: "{CB7B5BB6-5588-4747-AA80-3A6A881F00FD}" | In - Private - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\yoy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "{07616B73-5BAB-47FC-90A4-E62E7E16933B}" | In - Private - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\Users\yoy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O87 - FAEL: "TCP Query User{7C31412B-4AC0-4357-A5EB-991A4A21F4F5}C:\users\yoy\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P6 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\yoy\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "UDP Query User{24E8F986-A85C-4726-AE5E-AED33508B929}C:\users\yoy\appdata\roaming\dropbox\bin\dropbox.exe" | In - Public - P17 - TRUE | .(.Dropbox, Inc. - Dropbox.) -- C:\users\yoy\appdata\roaming\dropbox\bin\dropbox.exe
O87 - FAEL: "{1600DA24-C394-48C0-ACBE-25889A7012E7}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O87 - FAEL: "{8A27E962-438D-4AFB-8A09-82E382D5E623}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe
O87 - FAEL: "{616F6202-0D65-4A89-9B9B-84B837D73C27}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe
O87 - FAEL: "TCP Query User{EF408BCB-2D66-4517-BFAB-DEFCE1C411A6}C:\users\yoy\downloads\utorrent.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\yoy\downloads\utorrent.exe (.not file.)
O87 - FAEL: "UDP Query User{6D06215D-F3D9-48A7-9275-971142ECBC24}C:\users\yoy\downloads\utorrent.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\yoy\downloads\utorrent.exe (.not file.)
O87 - FAEL: "{F900CF54-15A8-47BF-9208-C6292BF6513B}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "{E9E6326F-3CDB-45E5-AB5B-0F6BAADEF8B6}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
~ Scan Firewall in 00mn 01s
---\\ Scan Additionnel (O88)
Database Version : v2.10502 - (01/02/2013)
Cl�s trouv�es (Keys found) : 241
Valeurs trouv�es (Values found) : 4
Dossiers trouv�s (Folders found) : 30
Fichiers trouv�s (Files found) : 42
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}] =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0EE02110-967B-4256-ACA6-BC8AC7CB7E61}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Toolbar.Alot
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{8216BD4A-4DC2-4DCE-9AFF-C86C5ACC6757}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8216BD4A-4DC2-4DCE-9AFF-C86C5ACC6757}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{8ABB9FA2-0740-4AD9-8F54-1192254B3CF4}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Toolbar.Alot
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}] =>Toolbar.Alot
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{D4D390BE-98E6-4633-AD1B-B18B54BE5E76}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{D4D390BE-98E6-4633-AD1B-B18B54BE5E76}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D745B017-4336-4718-83A6-3AE1A9DE88C3}] =>Adware.Boxore
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Toolbar.Alot
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{eee6c35b-6118-11dc-9c72-001320c79847}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>Adware.BHO
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{eee6c360-6118-11dc-9c72-001320c79847}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Alot
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Alot
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Toolbar.Alot
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Classes\b] =>Toolbar.Babylon
[HKLM\Software\Classes\Babylon.dskBnd] =>Toolbar.Babylon
[HKLM\Software\Classes\Babylon.dskBnd.1] =>Toolbar.Babylon
[HKLM\Software\Classes\bbylnApp.appCore] =>Toolbar.Babylon
[HKLM\Software\Classes\bbylnApp.appCore.1] =>Toolbar.Babylon
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\esrv.BabylonESrvc] =>Toolbar.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc.1] =>Toolbar.Babylon
[HKLM\Software\Classes\OfferBoxUI.TheBoxCtrl] =>PUP.OfferBox
[HKLM\Software\Classes\OfferBoxUI.TheBoxCtrl.1] =>PUP.OfferBox
[HKLM\Software\Classes\Software.OneClickCtrl.8] =>Adware.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater] =>Toolbar.Wajam
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>Toolbar.Wajam
[HKCU\Software\AppDataLow\Software\01NET.com] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\01NET.com] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\CouponDropDown] =>PUP.RewardsArcade
[HKCU\Software\Cr_Installer] =>Adware.VidSaver
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\Giant Savings Extension] =>Adware.VidSaver
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>Toolbar.Agent
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\01NET.com Toolbar] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings Extension] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar] =>Toolbar.Conduit
[HKCU\Software\InstalledBrowserExtensions\215 Apps] =>PUP.SpecialSavings
[HKLM\Software\Classes\Prod.cap] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Classes\AppID\priam_bho.DLL] =>Toolbar.Wajam
[HKLM\Software\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Classes\TypeLib\{44444444-4444-4444-4444-440244184410}] =>Adware.VidSaver
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKLM\Software\Classes\CrossriderApp0021810.BHO] =>Adware.VidSaver
[HKLM\Software\Classes\CrossriderApp0021810.BHO.1] =>Adware.VidSaver
[HKLM\Software\Classes\CrossriderApp0021810.Sandbox] =>Adware.VidSaver
[HKLM\Software\Classes\CrossriderApp0021810.Sandbox.1] =>Adware.VidSaver
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT3128284] =>Toolbar.Conduit
[HKLM\Software\Classes\wajam.WajamBHO] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam
[HKLM\Software\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.BHO] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.BHO.1] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.Sandbox] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0021810.Sandbox.1] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3128284] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\\YontooIEClient.DLL] =>Adware.Yontoo
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
C:\Program Files (x86)\yontoo =>Toolbar.Alot
C:\Program Files (x86)\BabylonToolbar =>Toolbar.Babylon
C:\Program Files (x86)\Boxore =>Adware.Boxore
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\DealPly =>PUP.DealPly
C:\Program Files (x86)\Giant Savings Extension =>Adware.VidSaver
C:\Program Files (x86)\OfferBox =>PUP.OfferBox
C:\Program Files (x86)\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\SweetIM =>PUP.SweetIM
C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit
C:\Program Files (x86)\Webgameplay setup =>Toolbar.Agent
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\SweetIM =>PUP.SweetIM
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
C:\Users\yoy\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\yoy\AppData\Roaming\DealPly =>PUP.DealPly
C:\Users\yoy\AppData\Roaming\OfferBox =>PUP.OfferBox
C:\Users\yoy\AppData\Roaming\SearchProtect =>Toolbar.Conduit
C:\Users\yoy\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\yoy\AppData\Local\CouponDropDown =>
C:\Users\yoy\AppData\Local\Giant Savings Extension =>Adware.VidSaver
C:\Users\yoy\AppData\Local\Software =>Adware.Boxore
C:\Users\yoy\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\yoy\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\yoy\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\yoy\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit
C:\Users\yoy\AppData\Local\Temp\AskSearch =>Toolbar.AskBarDis
C:\Users\yoy\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc =>Toolbar.Alot
C:\Users\yoy\AppData\Local\Google\Chrome\User Data\Default\Extensions\halffneccaebicfdfajnbfgpglahfgoe =>Adware.VidSaver
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\bprotector_prefs.js =>PUP.BProtector
C:\Users\yoy\AppData\Roaming\Mozilla\Firefox\Profiles\5v3bpiug.default\SearchPlugins\sweetim.xml =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\Shortcut_sweetimsetup.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\SweetIESetup.exe.7z =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\SweetIMSetup.exe.7z =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\SIMEEI2Installer.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\SIMEEIInstaller.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\incredibar_installer.exe =>Adware.IncrediBar
C:\Users\yoy\AppData\Local\Temp\yontoo.bmp =>Toolbar.Alot
C:\Users\yoy\AppData\Local\Temp\YontooSetup-S.exe =>Toolbar.Alot
C:\Users\yoy\AppData\Local\Temp\MyBabylonTB_google_20120807.exe =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\square_babylon.bmp =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\square_babylonv2.bmp =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\square_babylonv3.bmp =>PUP.SweetIM
C:\Users\yoy\AppData\Local\Temp\conduitinstaller.exe => Infection PUP (Toolbar.Conduit)
C:\Users\yoy\AppData\Local\Temp\dealply.exe => Infection PUP (Toolbar.Conduit)
C:\Users\yoy\AppData\Local\Temp\mgsqlite3.dll => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\MyBabylonTB_google_20120807.exe => Infection PUP (Toolbar.Babylon)
C:\Users\yoy\AppData\Local\Temp\OB.exe => Infection PUP (PUP.Offecbox)
C:\Users\yoy\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\Shortcut_sweetimsetup.exe => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\SIMEEI2Installer.exe => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\SIMEEIInstaller.exe => Infection PUP (PUP.SweetIM)
C:\Users\yoy\AppData\Local\Temp\tbedrs.dll => Infection PUP (Toolbar.Conduit)
C:\Users\yoy\AppData\Local\Temp\tbuTor.dll => Infection PUP (Toolbar.Conduit)
C:\Users\yoy\AppData\Local\Temp\uninst1.exe => Infection PUP (Toolbar.Babylon)
C:\Users\yoy\AppData\Local\Temp\YontooSetup-S.exe => Infection PUP (Adware.Yontoo)
~ Scan Additionnel in 00mn 21s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "00004159070000000000000000F01FEC" . (.Microsoft Office 2010.) -- C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe
O90 - PUC: "00B24D65C2759EA4CBBFDC543A5B0D1E" . (.Messenger Assistent.) -- C:\Windows\Installer\{56D42B00-572C-4AE9-BCFB-CD45A3B5D0E1}\CompanionIcon
O90 - PUC: "00D2791769542E116BAE8BCAF6798BE8" . (.Google Earth Plug-in.) -- C:\Windows\Installer\{71972D00-4596-11E2-B6EA-B8AC6F97B88E}\ARPPRODUCTICON.exe
O90 - PUC: "0212CE3624715264AA746C8AEA9C6CC4" . (.Apple Application Support.) -- C:\Windows\Installer\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}\WinInstall.ico
O90 - PUC: "05B51F93779A6AC41B3CA67842DC0A52" . (.MyWinLocker 4.) -- C:\Windows\Installer\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\ARPPRODUCTICON.exe
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "08512982BB4E0E11F97DC11CED0FC7EB" . (.Evernote v. 4.5.1.) -- C:\Windows\Installer\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}\Evernote.ico
O90 - PUC: "0BCE87B0B6A1D6E4987DE0C77EF74072" . (.MyWinLocker.) -- C:\Windows\Installer\{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}\ARPPRODUCTICON.exe
O90 - PUC: "0C69D82C09A6E9540A776A07F6E40CCF" . (.Bing Bar.) -- C:\Windows\Installer\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}\icon_installer_ico
O90 - PUC: "1038C85769625584FA5435B4210089A0" . (.Samsung Kies.) -- C:\Windows\Installer\{758C8301-2696-4855-AF45-534B1200980A}\ARPPRODUCTICON.exe
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "162880FC18CB9BF4B90AB7B569200DA1" . (.Messenger ????.) -- C:\Windows\Installer\{CF088261-BC81-4FB9-9BA0-7B5B9602D01A}\CompanionIcon
O90 - PUC: "1C4235E6CF4867F4A9A36CE5708FE06E" . (.Compl�ment Messenger.) -- C:\Windows\Installer\{6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}\CompanionIcon
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "255304691D88F924C92983B818B488E5" . (.Messenger Companion.) -- C:\Windows\Installer\{96403552-88D1-429F-9C92-388B814B885E}\CompanionIcon
O90 - PUC: "2729C64061E674C4B8FE8408143740FD" . (.SLOW-PCfighter.) -- C:\Windows\Installer\{046C9272-6E16-4C47-8BEF-4880417304DF}\ARPPRODUCTICON.exe
O90 - PUC: "279A5E3D51A9D724EA8718185ADF49C3" . (.eBay Worldwide.) -- c:\Windows\Installer\{D3E5A972-9A15-427D-AE78-8181A5FD943C}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "29F618052561C7A49BCB846F2847C2B4" . (.Messenger Companion.) -- C:\Windows\Installer\{50816F92-1652-4A7C-B9BC-48F682742C4B}\CompanionIcon
O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype� 5.10.) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
O90 - PUC: "2B0163E6D0340BE4183EB2758E9BEDD8" . (.Bonjour.) -- C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico
O90 - PUC: "3283F44BDD25AC549A61B823708717D5" . (.Messenger Companion.) -- C:\Windows\Installer\{B44F3823-52DD-45CA-A916-8B320778715D}\CompanionIcon
O90 - PUC: "38E5962CD1FC1D3448EF3BEB5C1610A2" . (.Shredder.) -- C:\Windows\Installer\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\ARPPRODUCTICON.exe
O90 - PUC: "4179FD719C069C349A2C23CBEA4DC4EB" . (.MyWinLocker Suite.) -- C:\Windows\Installer\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\ARPPRODUCTICON.exe
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "595AD8DB105FEBA4580AC5328E42270A" . (.Pomocnik Messenger.) -- C:\Windows\Installer\{BD8DA595-F501-4ABE-85A0-5C23E82472A0}\CompanionIcon
O90 - PUC: "5BCC756DF2F9C3D49BD37FE7EB7FB966" . (.Messenger-kumppani.) -- C:\Windows\Installer\{D657CCB5-9F2F-4D3C-B93D-F77EBEF79B66}\CompanionIcon
O90 - PUC: "5C7795BAEA113004ABD762C1842FCB53" . (.????? Messenger.) -- C:\Windows\Installer\{AB5977C5-11AE-4003-BA7D-261C48F2BC35}\CompanionIcon
O90 - PUC: "5CA0C31676A349B4B8311967DA385FFB" . (.newsXpresso.) -- C:\Windows\Installer\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\ARPPRODUCTICON.exe
O90 - PUC: "5DBB16B0C3ADA9047803C0D33C0B2F07" . (.Backup Manager V3.) -- C:\Windows\Installer\{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}\ARPPRODUCTICON.exe
O90 - PUC: "5F73E280429386146AA9B1B6F1AE85C7" . (.Messenger Companion.) -- C:\Windows\Installer\{082E37F5-3924-4168-A69A-1B6B1FEA587C}\CompanionIcon
O90 - PUC: "613755F10CFCDB14FA7FB84CC94E447D" . (.Shredder.) -- C:\Windows\Installer\{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}\ARPPRODUCTICON.exe
O90 - PUC: "62A0F2D6AECEEC9438C3A916523F5D8E" . (.Doplnok programu Messenger.) -- C:\Windows\Installer\{6D2F0A26-ECEA-49CE-833C-9A6125F3D5E8}\CompanionIcon
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.01) - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "694A72599FD5A214DA7C61B85A73C96A" . (.Microsoft Flight Simulator X.) -- C:\Windows\Installer\{9527A496-5DF9-412A-ADC7-168BA5379CA6}\ARPPRODUCTICON.exe
O90 - PUC: "6FD66A043D225B447A3D381B812A0CCD" . (.Norton Online Backup.) -- C:\Windows\Installer\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}\MainIcon.ico
O90 - PUC: "701043F6AA9F6C745BC43C1AF91155F3" . (.Hewlett-Packard ACLM.NET v1.1.0.0.) -- C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe
O90 - PUC: "710B547D63348174386AA31E9AED883C" . (.Boxore Client.) -- C:\Windows\Installer\{D745B017-4336-4718-83A6-3AE1A9DE88C3}\boxore.ico
O90 - PUC: "7692FC6BE18C0C0489510C7547EF1F02" . (.Skype Click to Call.) -- C:\Windows\Installer\{B6CF2967-C81E-40C0-9815-C05774FEF120}\IconUninstallIco
O90 - PUC: "76EA78D0BE4101C4885AADC61318BE81" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}\fssicon.ico
O90 - PUC: "816662FE217831A41BC01C3D752805BF" . (.HP Photosmart 5510 series - Enqu�te sur l'am�lioration du produit.) -- C:\Windows\Installer\{EF266618-8712-4A13-B10C-C1D3578250FB}\ARP_Icon
O90 - PUC: "832A5350984DE0348915887EB88FA4BA" . (.Messenger Companion.) -- C:\Windows\Installer\{0535A238-D489-430E-9851-88E78BF84AAB}\CompanionIcon
O90 - PUC: "8994BF104C33134458DE70E9E3FE7ED5" . (.Vedio WebCam.) -- C:\Windows\Installer\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\ARPPRODUCTICON.exe
O90 - PUC: "8BACDD79077B98041AF0766508967DA8" . (.HP Deskjet 3050A J611 series Aide.) -- C:\Windows\Installer\{97DDCAB8-B770-4089-A10F-67568069D78A}\ARP_Icon
O90 - PUC: "8C9126606EB47D64E91006CFAFB623CD" . (.Messenger Companion.) -- C:\Windows\Installer\{066219C8-4BE6-46D7-9E01-60FCFA6B32DC}\CompanionIcon
O90 - PUC: "8E4C5D3DF040F6C41850144DC39FF444" . (.NTI Media Maker 9.) -- C:\Windows\Installer\{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}\ARPPRODUCTICON.exe
O90 - PUC: "9130E187DC51C4A44AE79DFF6F797E1A" . (.Messenger Companion.) -- C:\Windows\Installer\{781E0319-15CD-4A4C-A47E-D9FFF697E7A1}\CompanionIcon
O90 - PUC: "9392C025B555FB049AB1B876A15B06BE" . (.Easy Burner.) -- C:\Windows\Installer\{520C2939-555B-40BF-A91B-8B671AB560EB}\ARPPRODUCTICON.exe
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe
O90 - PUC: "9EE9F41F86B94B24097F90427F162918" . (.Spremljevalec Messenger.) -- C:\Windows\Installer\{F14F9EE9-9B68-42B4-90F7-0924F7619281}\CompanionIcon
O90 - PUC: "A0BECE3F0A289BD4BB4493A366AB8017" . (.Messenger k�s�ro.) -- C:\Windows\Installer\{F3ECEB0A-82A0-4DB9-BB44-393A66BA0871}\CompanionIcon
O90 - PUC: "AE2A1840D1AD01D47A3C8F3297846F5B" . (.Messenger Companion.) -- C:\Windows\Installer\{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}\CompanionIcon
O90 - PUC: "AE46920EB1E002642AE6BCBA30141BBB" . (.HP Photosmart 5510 series Aide.) -- C:\Windows\Installer\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}\ARP_Icon
O90 - PUC: "AF08C9399C696A443B81E8D7B88D84B1" . (.Messenger Companion.) -- C:\Windows\Installer\{939C80FA-96C9-44A6-B318-8E7D8BD8481B}\CompanionIcon
O90 - PUC: "B2C146499143A5B4791E57B77A2DCEDA" . (.Logiciel de base du p�riph�rique HP Photosmart 5510 series.) -- C:\Windows\Installer\{94641C2B-3419-4B5A-97E1-757BA7D2ECAD}\ARP_Icon
O90 - PUC: "B45B3DD60D0F96A438445F023322A520" . (.Messenger Companion.) -- C:\Windows\Installer\{6DD3B54B-F0D0-4A69-8344-F52033225A02}\CompanionIcon
O90 - PUC: "C183E85D20ED9A649B1D2ABC08D76267" . (.Messenger Companion.) -- C:\Windows\Installer\{D58E381C-DE02-46A9-B9D1-A2CB807D2676}\CompanionIcon
O90 - PUC: "C2EDFFF216893004EA56DB312AE970A4" . (.HP Deskjet 3050A J611 series - Enqu�te sur l'am�lioration du produit.) -- C:\Windows\Installer\{2FFFDE2C-9861-4003-AE65-BD13A29E074A}\ARP_Icon
O90 - PUC: "C4E4AFE2F5B77F841A0CA18A287B9A3C" . (.HP Update.) -- C:\Windows\Installer\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}\ARPPRODUCTICON.exe
O90 - PUC: "C978C748764142944A1931204B5CF807" . (.Messenger Companion.) -- C:\Windows\Installer\{847C879C-1467-4924-A491-1302B4C58F70}\CompanionIcon
O90 - PUC: "D22DAD7C4D92F8349B68309BDE85E24A" . (.Messenger Companion.) -- C:\Windows\Installer\{C7DAD22D-29D4-438F-B986-03B9ED582EA4}\CompanionIcon
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D8EF64479F1C24D4AAEAD5CB5E68506A" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}\Installer.ico
O90 - PUC: "E52D2418A820365468DE755587C30892" . (.Messenger Companion.) -- C:\Windows\Installer\{8142D25E-028A-4563-86ED-5755783C8029}\CompanionIcon
O90 - PUC: "EA2B394116202D741BAA4FAD0D6F4CB8" . (.iTunes.) -- C:\Windows\Installer\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}\Installer.ico
O90 - PUC: "EB6586B6DDA381C43969AC6E46CCFEE8" . (.Logiciel de base du p�riph�rique HP Deskjet 3050A J611 series.) -- C:\Windows\Installer\{6B6856BE-3ADD-4C18-9396-CAE664CCEF8E}\ARP_Icon
O90 - PUC: "F0DE90A3FDD8BB745BD348A19B1D3D7A" . (.Complemento Messenger.) -- C:\Windows\Installer\{3A09ED0F-8DDF-47BB-B53D-841AB9D1D3A7}\CompanionIcon
O90 - PUC: "F1810AEF8573AD647BCE3FDCAFE7C07E" . (.???????? ?? Messenger.) -- C:\Windows\Installer\{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}\CompanionIcon
O90 - PUC: "F35D507310BBEEB4585882E917AC4C4B" . (.????????? Messenger.) -- C:\Windows\Installer\{3705D53F-BB01-4BEE-8585-289E71CAC4B4}\CompanionIcon
O90 - PUC: "F8899883B26758B4BA71179CCCA34E54" . (.Messenger Companion.) -- C:\Windows\Installer\{3889988F-762B-4B85-AB17-71C9CC3AE445}\CompanionIcon
O90 - PUC: "F9BC1DF3F708B15429C6D9918CC4CF16" . (.Messenger Suradnik.) -- C:\Windows\Installer\{3FD1CB9F-807F-451B-926C-9D19C84CFC61}\CompanionIcon
~ Scan Files in 00mn 00s
---\\ Random Export Key (O91)
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:dllName="pcpmngr.dll"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:exeName="pcpmngr.exe"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:folderName="PC Performer Manager"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:serviceName="PC Performer Manager"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:version="2.3.811.154"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:dllName="pcpmngr.dll"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:exeName="pcpmngr.exe"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:folderName="PC Performer Manager"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:serviceName="PC Performer Manager"
[HKCU\Software\a53dedeb73feb15\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:version="2.4.897.175"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:dllName="mngr.dll"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:exeName="mngr.exe"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:folderName="Browser Manager"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:serviceName="Browser Manager"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:version="2.5.911.18"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:dllName="mngr.dll"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:exeName="mngr.exe"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:folderName="Browser Manager"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:serviceName="Browser Manager"
[HKCU\Software\a53dedeb73feb15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:version="2.5.976.107"
[HKCU\Software\a53dedeb73feb15]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\a53dedeb73feb15]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:INSTALL_FOLDER_NAME="BrowserProtect"
[HKCU\Software\a53dedeb73feb15]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKCU\Software\a53dedeb73feb15]:NTFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:NTFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:NTFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:PROTECTOR_DLL_NAME="BrowserProtect.dll"
[HKCU\Software\a53dedeb73feb15]:PROTECT_EXE_NAME="BrowserProtect.exe"
[HKCU\Software\a53dedeb73feb15]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKCU\Software\a53dedeb73feb15]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKCU\Software\a53dedeb73feb15]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKCU\Software\a53dedeb73feb15]:SERVICE_NAME="BrowserProtect"
[HKCU\Software\a53dedeb73feb15]:usrcheckbox="0"
[HKCU\Software\a53dedeb73feb15]:version="2.6.1070.41"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:GUID="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPCHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPCHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPCHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:HPIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:INSTALL_FOLDER_NAME="BrowserProtect"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:KWFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:KWFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:KWFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:NTFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:NTFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:NTFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:PROTECTOR_DLL_NAME="BrowserProtect.dll"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:PROTECT_EXE_NAME="BrowserProtect.exe"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SECHREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SECHREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SECHREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEFFREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEFFREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEFFREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEIEREGEXP0="FO81jovjQUF+5S6+hb1oqXHuCoautLvICxmXOjZS8Nofjp1mrjnE"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEIEREGEXP1="FO81jovjQUF+5S6+hb1oqXHuCoao6JCRNVbcOGoRr/tSgZN57jqd6juo5odlV7RITopCig=="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SEIEREGEXP2="FO81jovjQUF+5S6+hb1oqXHuCoautLvIDR2ZNzsQ7eNQn5Fj3TmN4Df1q8U="
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:SERVICE_NAME="BrowserProtect"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:usrcheckbox="0"
[HKLM\Software\Wow6432Node\a53dedeb73feb15]:version="2.6.1070.41"
~ Scan Export Key Software in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 08/01/2013 251400 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 07/06/2011 191752 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 12/05/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 2554472 | (BrowserProtect) . (...) - C:\ProgramData\BrowserProtect\2.6.1070.41\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
SR - | Auto 10/01/2013 87552 | (CltMngSvc) . (.Conduit.) - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
SR - | Auto 01/07/2011 353360 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SS - | Demand 21/06/2011 173424 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 02/08/2011 872552 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SS - | Demand 28/11/2011 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 30/05/2011 36456 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 28/11/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28/11/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Demand 09/09/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 22/04/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 16/09/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 26/10/2012 234776 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.0.313\McCHSvc.exe
SS - | Demand 22/01/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 22/01/2012 124832 | (MsgPlusService) . (.Yuna Software.) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
SR - | Auto 24/04/2011 256832 | (NTI IScheduleSvc) . (.NTI Corporation.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
SR - | Auto 08/09/2011 1640768 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 08/09/2011 2253120 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SS - | Auto 26/06/2012 335240 | (OfferBox update service) . (.Aedge Performance BCN SL.) - C:\Program Files (x86)\OfferBox\OfferBoxUpdateService.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 16/09/2010 2538520 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 05/10/2012 109064 | (WajamUpdater) . (.Wajam.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 02s
End of the scan (2289 lines in 01mn 56s)(0)