cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.3.2.6 - Nicolas Coolman (03/03/2014)
~ Lancé par HELENE (08/03/2014 08:50:23)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16518
MFIE: Mozilla Firefox 27.0.1 (Defaut)
GCIE: Google Chrome v33.0.1750.146

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Microsoft Security Client v4.4.0304.0
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.01 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
Qtrax Player v01.001.0001 =>P2P.Qtrax

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 4090 MB (84% free)
System Restore: Activé (Enable)
System drive C: has 375 GB (82%) free of 453 GB

---\\ Mode de connexion au système
~ Computer Name: CATHERINEPC
~ User Name: HELENE
~ All Users Names: HELENE, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\HELENE\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\HELENE\AppData\Roaming\
~ %Desktop% : C:\Users\HELENE\Desktop\
~ %Favorites% : C:\Users\HELENE\Favorites\
~ %LocalAppData% : C:\Users\HELENE\AppData\Local\
~ %StartMenu% : C:\Users\HELENE\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 375 Go of 453 Go)
D: CD-ROM drive (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Free 0 Go of 1 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.263B6E451526A90FF8B1CEC759F22956] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.06/02/2014 - 10:24:52.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/124
~ Mes Favoris (My Favorites) : 1/54
~ Mes Documents (My Documents) : 1/16
~ Mon Bureau (My Desktop) : 1/494
~ Menu demarrer (Programs) : 1/14
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lancés
[MD5.66EA3B698F9A7EA2DBF0E4B246B6C958] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8349696] [PID.1916]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\HELENE\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\HELENE\AppData\Roaming\Mozilla\Firefox\Profiles\1x32al45.default\prefs.js (.not file.)
C:\Users\HELENE\AppData\Roaming\Mozilla\Firefox\Profiles\3mru65kf.default\prefs.js
M3 - MFPP: Plugins - [HELENE] -- C:\Users\HELENE\AppData\Roaming\Mozilla\Firefox\Profiles\1x32al45.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [HELENE] -- C:\Users\HELENE\AppData\Roaming\Mozilla\Firefox\Profiles\3mru65kf.default\searchplugins\conduit-search.xml =>Toolbar.Conduit
M0 - MFSP: prefs.js [HELENE - 3mru65kf.default] http://www.qvo6.com =>Hijacker.Qvo6
M2 - MFEP: prefs.js [HELENE - 3mru65kf.default\dcf3d940-5475-4c1f-9347-73a47512ee99@8520e31e-fc61-48c8-ae31-09d4d65bc369.com] [] Plus-HD-1.7 v (..) =>Adware.PlusHD
~ Firefox Browser: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
~ IE Browser: 22 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49182;https=127.0.0.1:49182 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 44



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0032154 [64Bits] - {11111111-1111-1111-1111-110311211154} . (.Plus HD - Plus-HD-1.7 BHO.) -- C:\Program Files (x86)\Plus-HD-1.7\Plus-HD-1.7-bho.dll =>PUP.CrossRider
O2 - BHO: Snap.DoEngine [64Bits] - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>Hijacker.SmartBar
O2 - BHO: AppGraffiti [64Bits] - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} . (.Omega Partners Ltd - AppGraffiti Browser Helper Object.) -- C:\Program Files (x86)\AppGraffiti\AppGraffiti.dll =>PUP.AppGraffiti
O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.SIEN - Minibar.) -- C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll =>PUP.Minibar
O2 - BHO: Minibar BHO [64Bits] - {AA74D58F-ACD0-450D-A85E-6C04B171C044} Clé orpheline =>PUP.Minibar
O2 - BHO: Interest recogniser for Playerside (powered by Spointer) [64Bits] - {ed656b4a-95ca-4f2c-b95a-1ecdcb49cd9e} . (.Playerside - Interest Recognizer for Playerside.) -- C:\Program Files (x86)\PlayerSide\spointer\extensions\playerside_air_ie.dll =>Adware.SPointer
~ BHO: 18 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Snap.Do - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{724D43A0-0D85-11D4-9908-00400523E39A} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: MyFinePix Studio.lnk . (...) -- C:\Program Files (x86)\FUJIFILM\MyFinePix Studio\Loader.exe
O4 - GS\Desktop [Public]: PDF Speed Converter.lnk . (...) -- C:\Program Files\PDF Speed Converter\PDFSpeedConverter.exe
O4 - GS\Program [Public]: Conseiller de mise à niveau vers Windows 7.lnk . (.Microsoft Corporation - Windows 7 Upgrade Advisor.) -- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor\WindowsUpgradeAdvisor.exe
O4 - GS\Program [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [HELENE]: Advanced System Optimizer.lnk . (.Systweak Software, (www.systweak.com) - Advanced System Optimizer - UAC Launcher.) -- C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe =>PUP.AdvancedSystemOptimizer
O4 - GS\QuickLaunch [HELENE]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [HELENE]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [HELENE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [HELENE]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [HELENE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [HELENE]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [HELENE]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [HELENE]: Mes images - Raccourci.lnk . (...) -- C:\Users\HELENE\Pictures
O4 - GS\Desktop [HELENE]: Panneau de configuration - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [HELENE]: Search.lnk . (...) -- C:\ProgramData\DSearchLink\DSearchLink.exe =>Toolbar.DeltaSearch
O4 - GS\Desktop [HELENE]: Solitaire - Raccourci.lnk - Clé orpheline
O4 - GS\Desktop [HELENE]: Spider Solitaire - Raccourci.lnk - Clé orpheline
~ Global Startup: 72 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [PLFSetL] . (.sonix - DefaultSettingEXE.) -- C:\Windows\PLFSetL.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - StartupManager.) -- C:\Program Files (x86)\Glary Utilities 4\StartupManager.exe
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\HELENE\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [BrowserSafeguard] . (.BrowserSafeguard - BrowserSafeguard.) -- C:\Users\HELENE\AppData\Local\BrowserSafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard
O4 - HKCU\..\Run: [BrowserSafeguard Update Task] . (...) -- C:\Users\HELENE\AppData\Local\BrowserSafeguard\uninstall.BrowserSafeguard.exe =>PUP.BrowserSafeguard
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager Keyboard Application.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [BrowseForTheCause] . (...) -- C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe =>Adware.BrowseForTheCause
O4 - HKUS\.DEFAULT\..\Run: [systray] . (.Advernet - Savdm.) -- C:\Program Files (x86)\Savdm\DWCSysTray.exe =>Hijacker.Proxy
O4 - HKUS\S-1-5-18\..\Run: [systray] . (.Advernet - Savdm.) -- C:\Program Files (x86)\Savdm\DWCSysTray.exe =>Hijacker.Proxy
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [systray] . (.Advernet - Savdm.) -- C:\Program Files (x86)\Savdm\DWCSysTray.exe =>Hijacker.Proxy
O4 - HKUS\S-1-5-19\..\Run: [Exetender] . (.Exent Technologies Ltd. - EXETender Player.) -- C:\Program Files (x86)\Free Ride Games\GPlayer.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [systray] . (.Advernet - Savdm.) -- C:\Program Files (x86)\Savdm\DWCSysTray.exe =>Hijacker.Proxy
O4 - HKUS\S-1-5-20\..\Run: [Exetender] . (.Exent Technologies Ltd. - EXETender Player.) -- C:\Program Files (x86)\Free Ride Games\GPlayer.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-942609082-2039053602-2653372802-1000\..\Run: [GUDelayStartup] . (.Glarysoft Ltd - StartupManager.) -- C:\Program Files (x86)\Glary Utilities 4\StartupManager.exe
O4 - HKUS\S-1-5-21-942609082-2039053602-2653372802-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\HELENE\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-21-942609082-2039053602-2653372802-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-942609082-2039053602-2653372802-1000\..\Run: [BrowserSafeguard] . (.BrowserSafeguard - BrowserSafeguard.) -- C:\Users\HELENE\AppData\Local\BrowserSafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard
O4 - HKUS\S-1-5-21-942609082-2039053602-2653372802-1000\..\Run: [BrowserSafeguard Update Task] . (...) -- C:\Users\HELENE\AppData\Local\BrowserSafeguard\uninstall.BrowserSafeguard.exe =>PUP.BrowserSafeguard
~ Application: Scanned in 00mn 00s



---\\ Restriction de l'accès aux options IE par l'Administrateur (O6)
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restriction présente
~ IE Restrictions: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5854DF94-B6D4-4CCF-8007-72C05A2B854A}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{6496C5E6-4CEE-4DC6-9FA6-2CA7B81D078C}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{A28D9823-B45B-4A7F-B99E-45A714FB17D7}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{A28D9823-B45B-4A7F-B99E-45A714FB17D7}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{5854DF94-B6D4-4CCF-8007-72C05A2B854A}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{6496C5E6-4CEE-4DC6-9FA6-2CA7B81D078C}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{A28D9823-B45B-4A7F-B99E-45A714FB17D7}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{A28D9823-B45B-4A7F-B99E-45A714FB17D7}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{5854DF94-B6D4-4CCF-8007-72C05A2B854A}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{6496C5E6-4CEE-4DC6-9FA6-2CA7B81D078C}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{A28D9823-B45B-4A7F-B99E-45A714FB17D7}: NameServer = 76.73.6.26,50.7.75.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{A28D9823-B45B-4A7F-B99E-45A714FB17D7}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll =>Toolbar.Conduit
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ASO3DiskOptimizer (ASO3DiskOptimizer) . (.Systweak Software, (www.systweak.com) - Advanced System Optimizer - Defrag Service.) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe =>PUP.AdvancedSystemOptimizer
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: Search Protect by Conduit Service (CltMngSvc) . (.Conduit - Search Protect by Conduit.) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit
O23 - Service: (Savdm) . (.Advernet - Savdm.) - C:\Program Files (x86)\Savdm\Savdm.exe =>Hijacker.Proxy
O23 - Service: SavdmMonitor (SavdmMonitor) . (.Advernet - SavdmMonitor.) - C:\Program Files (x86)\Savdm\SavdmMonitor.exe =>Hijacker.Proxy
O23 - Service: Service Software Update (Software_update) (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe =>Adware.IMBooster
O23 - Service: Browser Protect (srvBrowserProtect) . (.Pas de propriétaire - srvBrowserProtect.) - C:\Program Files (x86)\BrowserProtect\srvBrowserProtect.exe =>Hijacker.Eazel
O23 - Service: Software Updater (SrvUpdater) . (.Pas de propriétaire - Updater.) - C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe =>PUP.Eorezo
O23 - Service: uptt4pcin4 (uptt4pcin4) . (...) - C:\Users\HELENE\AppData\Local\t4pcfr1\supt4pcfr1.exe =>PUP.Eorezo
~ Services: 21 Legitimates Filtered in 00mn 04s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
~ BEX: 1 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job [292]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job [462]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ASO-OneClickCare.job [432]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Digital Sites.job [296]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DigitalSite.job [296] =>Hijacker.DSite
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.7-chromeinstaller.job [1908] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.7-codedownloader.job [1200] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.7-enabler.job [1100] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.7-firefoxinstaller.job [1832] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-1.7-updater.job [1298] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [914]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [918]
~ Scheduled Task: 17 Legitimates Filtered in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (kugoexrt) . (. - .) - C:\Windows\system32\drivers\kugoexrt.sys (.not file.)
~ Drivers: 75 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Advanced Driver Updater - (.Systweak Inc.) [HKLM][64Bits] -- Advanced Driver Updater_is1 =>PUP.AdvancedDriverUpdater
O42 - Logiciel: Arthur et la vengeance de Maltazard (désinstallation uniquement) - (...) [HKLM][64Bits] -- {6F8D433C-FAC0-456C-8E18-C43BE685A3C0}
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {CA2B24FD-EE10-42B9-B049-AA80268E7E21} =>Adware.Boxore
O42 - Logiciel: Browse for the Cause - (...) [HKLM][64Bits] -- BrowseForTheCause =>Adware.BrowseForTheCause
O42 - Logiciel: BrowserProtect - (...) [HKLM][64Bits] -- BrowserProtect =>Hijacker.Eazel
O42 - Logiciel: BrowserSafeguard with RocketTab - (.Browsersafeguard.) [HKCU][64Bits] -- Browsersafeguard =>PUP.BrowserSafeguard
O42 - Logiciel: Codec Pack Packages - (...) [HKCU][64Bits] -- Codec Pack Packages
O42 - Logiciel: DProtect - (.DProtect Lab.) [HKLM][64Bits] -- DProtect =>Trojan.Trojan.Staser
O42 - Logiciel: DomaIQ - (.Tuguu SLU.) [HKLM][64Bits] -- DomaIQ Uninstaller =>PUP.VAFPlayer
O42 - Logiciel: FoxTab PDF Converter - (.FoxTab.) [HKLM][64Bits] -- FoxTab PDF Converter
O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- IMBoosterARP =>Adware.IMBooster
O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {89B5DFCA-81E0-4EA4-8A0A-4F4087A1DD00} =>Adware.IMBooster
O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {FE11B41E-3C97-4338-A7BC-E30423F7058B} =>Adware.IMBooster
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU][64Bits] -- lolipop =>Adware.Lollipop
O42 - Logiciel: MyPC Backup - (.MyPC Backup.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: Mystery Age: Les Mages Noirs - (...) [HKLM][64Bits] -- BFG-Mystery Age - Les Mages Noirs
O42 - Logiciel: PDF Speed Converter - (...) [HKLM][64Bits] -- {EC38DB84-B902-4F2D-92D7-297E4E3A0A2A}_is1
O42 - Logiciel: Plus-HD-1.7 - (.Plus HD.) [HKLM][64Bits] -- Plus-HD-1.7 =>Adware.PlusHD
O42 - Logiciel: Savdm - (.Advernet.) [HKLM][64Bits] -- {29633E53-BF13-41B5-9E10-19D7843BD9C3} =>Hijacker.Proxy
O42 - Logiciel: Search Protect - (.Conduit.) [HKLM][64Bits] -- SearchProtect =>Toolbar.Conduit
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks bundle uninstaller - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {0C43FE6B-E881-4AFC-B384-4AEBC90047E8} =>PUP.SweetIM
O42 - Logiciel: Vittalia Installer - (.TELECHARGERS.net.) [HKLM][64Bits] -- Vittalia =>Adware.Vittalia
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
O42 - Logiciel: eDownloader - (.eDownloader.) [HKLM][64Bits] -- {8848B3CD-4464-414F-953C-966678634540} =>PUP.SoftwareEngine
~ Logic: 42 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Blabbers] =>PUP.Blabbers
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\BrowseForTheCause] =>Adware.BrowseForTheCause
[HKCU\Software\Casino.com]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\IM]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\MagicTime]
[HKCU\Software\Minibar] =>PUP.Minibar
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKCU\Software\delta LTD]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKCU\Software\tuto4pc] =>PUP.AgenceExclusive
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Minibar] =>PUP.Minibar
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Umbrella]
[HKLM\Software\Wow6432Node\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\deskSvc]
[HKLM\Software\Wow6432Node\eDownloader] =>PUP.SoftwareEngine
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
~ Key Software: 551 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/02/2013 - 20:03:52 - [16,170] ----D C:\Program Files (x86)\Advanced Driver Updater =>PUP.AdvancedDriverUpdater
O43 - CFD: 31/01/2013 - 20:23:18 - [0] ----D C:\Program Files (x86)\Advanced File Optimizer =>PUP.AdvancedFileOptimizer
O43 - CFD: 18/09/2013 - 18:10:23 - [1,791] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 29/01/2014 - 11:42:32 - [3,571] ----D C:\Program Files (x86)\BrowseForTheCause =>Adware.BrowseForTheCause
O43 - CFD: 22/10/2013 - 19:58:15 - [1,077] ----D C:\Program Files (x86)\BrowserProtect =>Hijacker.Eazel
O43 - CFD: 15/08/2011 - 18:49:09 - [3,649] ----D C:\Program Files (x86)\Consumer Input
O43 - CFD: 21/05/2013 - 14:08:32 - [0,991] ----D C:\Program Files (x86)\Desk 365 =>Hijacker.22Find
O43 - CFD: 24/05/2013 - 09:06:22 - [0] ----D C:\Program Files (x86)\FindLyrics =>Adware.AddLyrics
O43 - CFD: 12/07/2011 - 16:40:28 - [0,138] ----D C:\Program Files (x86)\GoldBarre
O43 - CFD: 31/01/2012 - 15:50:33 - [1,473] ----D C:\Program Files (x86)\GoldRock
O43 - CFD: 06/09/2012 - 12:49:41 - [0] ----D C:\Program Files (x86)\GUM60C2.tmp
O43 - CFD: 18/07/2012 - 10:44:02 - [0,002] ----D C:\Program Files (x86)\GUM8A7.tmp
O43 - CFD: 20/02/2014 - 17:36:30 - [17,687] ----D C:\Program Files (x86)\Iminent =>Adware.IMBooster
O43 - CFD: 02/11/2012 - 20:50:22 - [0] ----D C:\Program Files (x86)\LayoutsExpress
O43 - CFD: 02/11/2012 - 20:50:22 - [0,035] ----D C:\Program Files (x86)\Minibar =>PUP.Minibar
O43 - CFD: 22/10/2013 - 20:00:30 - [28,347] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 24/12/2012 - 19:36:26 - [232,441] ----D C:\Program Files (x86)\Mystery Age - Les Mages Noirs
O43 - CFD: 22/10/2013 - 19:59:21 - [8,462] ----D C:\Program Files (x86)\Plus-HD-1.7 =>Adware.PlusHD
O43 - CFD: 01/01/2014 - 14:58:05 - [2,917] ----D C:\Program Files (x86)\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 23/12/2012 - 22:01:08 - [1,618] ----D C:\Program Files (x86)\Savdm =>Hijacker.Proxy
O43 - CFD: 10/05/2013 - 11:11:19 - [4,408] ----D C:\Program Files (x86)\Supreme Savings =>PUP.RewardsArcade
O43 - CFD: 24/02/2013 - 20:25:50 - [0,179] ----D C:\Program Files (x86)\Vittalia =>Adware.Vittalia
O43 - CFD: 14/11/2013 - 21:40:39 - [0,127] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 21/05/2013 - 10:42:57 - [33,331] ----D C:\Program Files (x86)\Common Files\337
O43 - CFD: 20/02/2014 - 20:33:28 - [2,786] ----D C:\Program Files (x86)\Common Files\Umbrella
O43 - CFD: 19/08/2013 - 18:39:07 - [0] ----D C:\ProgramData\APN
O43 - CFD: 05/03/2013 - 19:44:32 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 24/02/2013 - 20:26:17 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 11/05/2013 - 13:42:39 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 23/10/2013 - 18:10:01 - [0,169] ----D C:\ProgramData\BoxUpdChk =>Adware.Boxore
O43 - CFD: 18/09/2013 - 18:23:50 - [0,147] ----D C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch
O43 - CFD: 29/10/2013 - 20:38:01 - [1,517] ----D C:\ProgramData\eSafe =>PUP.eSafeSecurity
O43 - CFD: 05/04/2013 - 08:01:46 - [0,030] ----D C:\ProgramData\Iminent =>Adware.IMBooster
O43 - CFD: 29/12/2012 - 20:36:49 - [0] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 30/01/2013 - 16:26:00 - [0] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 31/10/2012 - 20:13:03 - [1,662] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 25/12/2012 - 14:54:21 - [0] --H-D C:\ProgramData\{94D867E5-DFF5-4374-ADEE-C3F5BE97F03A}
O43 - CFD: 25/12/2012 - 14:54:21 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 21/05/2013 - 10:07:07 - [1,063] ----D C:\Users\HELENE\AppData\Roaming\0A1Q1B1P1T1C1R1M1P1B
O43 - CFD: 18/09/2013 - 18:25:16 - [1,063] ----D C:\Users\HELENE\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
O43 - CFD: 21/05/2013 - 10:06:49 - [1,249] ----D C:\Users\HELENE\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 24/02/2013 - 20:26:17 - [0,094] ----D C:\Users\HELENE\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 05/12/2012 - 11:08:13 - [0,009] ----D C:\Users\HELENE\AppData\Roaming\Brabl
O43 - CFD: 14/03/2013 - 11:29:03 - [0,090] ----D C:\Users\HELENE\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 21/05/2013 - 10:43:12 - [14,423] ----D C:\Users\HELENE\AppData\Roaming\Desk 365 =>Hijacker.22Find
O43 - CFD: 29/05/2013 - 12:50:37 - [4,988] ----D C:\Users\HELENE\AppData\Roaming\eIntaller
O43 - CFD: 12/09/2012 - 12:47:02 - [0,287] ----D C:\Users\HELENE\AppData\Roaming\eType
O43 - CFD: 14/03/2013 - 07:31:43 - [0,308] ----D C:\Users\HELENE\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 05/04/2013 - 08:02:10 - [0,016] ----D C:\Users\HELENE\AppData\Roaming\Iminent =>Adware.IMBooster
O43 - CFD: 10/05/2013 - 11:09:54 - [0,061] ----D C:\Users\HELENE\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 07/03/2014 - 20:41:57 - [1,228] ----D C:\Users\HELENE\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 28/04/2013 - 11:01:52 - [0,533] ----D C:\Users\HELENE\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 24/10/2013 - 09:08:27 - [0] ----D C:\Users\HELENE\AppData\Roaming\okitSpace =>PUP.Onekit
O43 - CFD: 24/07/2012 - 16:15:58 - [0,105] ----D C:\Users\HELENE\AppData\Roaming\ParetoLogic =>PUP.Paretologic
O43 - CFD: 14/03/2013 - 07:33:34 - [0,076] ----D C:\Users\HELENE\AppData\Roaming\SpeedanAlysis =>PUP.SpeedAnalysis
O43 - CFD: 10/05/2013 - 16:49:37 - [0,079] ----D C:\Users\HELENE\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 30/01/2013 - 16:20:58 - [0] ----D C:\Users\HELENE\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 01/01/2014 - 19:31:52 - [1,150] ----D C:\Users\HELENE\AppData\Roaming\speedtest4354
O43 - CFD: 09/10/2012 - 13:26:08 - [0] ----D C:\Users\HELENE\AppData\Local\Animal Links
O43 - CFD: 29/01/2014 - 11:39:46 - [4,817] ----D C:\Users\HELENE\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard
O43 - CFD: 08/11/2013 - 17:57:03 - [1,537] ----D C:\Users\HELENE\AppData\Local\DProtect =>Trojan.Trojan.Staser
O43 - CFD: 21/05/2013 - 10:06:20 - [0] ----D C:\Users\HELENE\AppData\Local\eorezo =>PUP.Eorezo
O43 - CFD: 01/01/2014 - 14:40:45 - [1,224] ----D C:\Users\HELENE\AppData\Local\genienext
O43 - CFD: 09/04/2013 - 10:23:26 - [0,455] ----D C:\Users\HELENE\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 10/09/2012 - 15:53:37 - [0,851] ----D C:\Users\HELENE\AppData\Local\Minibar =>PUP.Minibar
O43 - CFD: 23/12/2012 - 22:00:05 - [0,001] ----D C:\Users\HELENE\AppData\Local\savdm =>Hijacker.Proxy
O43 - CFD: 11/05/2013 - 11:24:10 - [18,746] ----D C:\Users\HELENE\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 10/05/2013 - 11:09:13 - [0,175] ----D C:\Users\HELENE\AppData\Local\Supreme Savings =>PUP.RewardsArcade
O43 - CFD: 30/11/2012 - 08:23:13 - [2,915] ----D C:\Users\HELENE\AppData\Local\t4pcfr1
O43 - CFD: 21/05/2013 - 10:09:27 - [3,824] ----D C:\Users\HELENE\AppData\Local\tuto4pc_fr_7 =>PUP.AgenceExclusive
O43 - CFD: 10/05/2013 - 11:11:12 - [0,201] ----D C:\Users\HELENE\AppData\Local\Updater19962 =>PUP.CrossRider
O43 - CFD: 30/11/2012 - 08:23:13 - [0] ----D C:\Users\HELENE\AppData\Local\uptt4pcin4
~ 689 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1158 Legitimates Filtered in 02mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.054B51634DEEB92C512E7E44E510F0EF] - 07/03/2014 - 20:49:50 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [17600]
O44 - LFC:[MD5.054B51634DEEB92C512E7E44E510F0EF] - 07/03/2014 - 20:49:50 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [17600]
O44 - LFC:[MD5.B6E6765F1F7FE19927ABB33DE2822C93] - 08/03/2014 - 08:48:51 ---A- . (...) -- C:\Windows\ntbtlog.txt [62098]
~ Files: 12 Legitimates Filtered in 00mn 06s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Boxore Client [Key] . (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore
O53 - SMSR:HKLM\...\startupreg\IminentMessenger [Key] . (.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
O53 - SMSR:HKLM\...\startupreg\sfagent [Key] . (...) -- C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe (.not file.)
~ SMSR Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "NoDispCPL"=0
~ MWPS: 20 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 9 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.1CDADE078F46F10919F21E08E22D227D] - 29/12/2008 - 17:14:28 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [35456]
O58 - SDL:[MD5.368118278EB705D5FCC99016FB3E565E] - 06/05/2009 - 18:16:04 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1799552]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 20 Legitimates Filtered in 00mn 22s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [HELENE - 3mru65kf.default] user_pref("extensions.crossrider.bic", "142a55cf7d24d965db4305bc174ad9ac"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snap.do =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web) - http://www.golsearch.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (qvo6) - http://search.qvo6.com =>Hijacker.Qvo6
O69 - SBI: SearchScopes [HKCU] {52A34765-7A6A-4D1D-FEE8-00F9458C3A3D} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {ACAE16D0-80F7-4A70-A9A8-EFF3067027A1} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} - (StartWeb) - http://start.iminent.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {EBD839AE-B08C-4fb7-859B-F54AF16C159F} - (qvo6) - http://search.qvo6.com =>Hijacker.Qvo6
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (qvo6) - http://search.qvo6.com =>Hijacker.Qvo6
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {80c554b9-c7f8-4a21-9471-06d606da78a2} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (qvo6) - http://search.qvo6.com =>Hijacker.Qvo6
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {80c554b9-c7f8-4a21-9471-06d606da78a2} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.6ACBD475647D7A160657CB3E460F0F35] [SPRF][27/01/2010] (...) -- C:\ProgramData\FullRemove.exe [131472]
[MD5.0C4C8D0000B5734516995FE90BFC8F48] [SPRF][22/10/2013] (...) -- C:\Users\HELENE\AppData\Roaming\wklnhst.dat [4602]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{EFBB5D6F-E271-44E1-B39A-F78A1DC33563}" | In - None - P6 - TRUE | .(.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.exe =>Adware.IMBooster
O87 - FAEL: "{67968D29-A804-48F2-8ECB-DF1A000B0BFC}" | In - None - P6 - TRUE | .(.Iminent - Iminent.) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe =>Adware.IMBooster
~ Firewall: 187 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "7E685771E24E83F4381D1DB5A45F7B41" . (.Delta Chrome Toolbar.) -- C:\Windows\Installer\{177586E7-E42E-4F38-83D1-D15B4AF5B714}\Delta.ico =>Toolbar.DeltaSearch
O90 - PUC: "ACFD5B980E184AE4A8A0F404781ADD00" . (.Iminent.) -- C:\Windows\Installer\{89B5DFCA-81E0-4EA4-8A0A-4F4087A1DD00}\imbooster.ico =>Adware.IMBooster
O90 - PUC: "DF42B2AC01EE9B240B94AA0862E8E712" . (.Boxore Client.) -- C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico =>Adware.Boxore
~ Update Products: 166 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\f53dfdae168ec17\2.6.1339.144\upd]:="upd=" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\2.6.1519.190\upd]:="upd=1" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:version="2.5.911.18" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:version="2.6.1249.132" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:exeName="BrowserDefender.exe" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:folderName="BrowserDefender" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:serviceName="BrowserDefendert" =>PUA.BrowserDefendert
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version="2.6.1339.144" =>Hijacker.Hijacker.Eazel
[HKCU\Software\f53dfdae168ec17]:version="2.6.1519.190" =>Hijacker.Hijacker.Eazel
[HKLM\Software\Wow6432Node\f53dfdae168ec17]:version="2.6.1519.190" =>Hijacker.Hijacker.Eazel
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][06/12/2011] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\11ad8e1.msi [1019392] =>Adware.IMBooster
[MD5.35C918348CBB0877BCD5A3CF24C13761] [WIS][25/11/2012] (.DeltaInstaller - Delta Chrome Toolbar.) -- C:\Windows\Installer\1dcb920.msi [573440] =>Toolbar.DeltaSearch
[MD5.E32A1A1B9CC600CF062E0E429925841A] [WIS][16/08/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\352b5e.msi [1974272] =>Adware.Boxore
[MD5.8DD3503A28BD7EB7BEC3FDF67844CD63] [WIS][05/04/2013] (.Iminent - Iminent.) -- C:\Windows\Installer\44f46d.msi [10190848] =>Adware.IMBooster
[MD5.BD52263EBA35809BDF12004034DA7F3F] [WIS][08/06/2011] (.Aedge Performance BCN SL - PlayerSide.) -- C:\Windows\Installer\5d823e.msi [3440640] =>Adware.SPointer
[MD5.BBF4134424D0556F36DC086028750937] [WIS][31/10/2012] (.SweetIM Technologies Ltd. - SweetPacks bundle uninstaller.) -- C:\Windows\Installer\9ae67.msi [2579456] =>PUP.SweetIM
[MD5.7C0A5C2C273F7266369C6CB5AD305314] [WIS][11/05/2013] (.ReSoft Ltd. - Snap.Do.) -- C:\Windows\Installer\f7e67.msi [8540160] =>Hijacker.SmartBar
~ WIS: 175 Legitimates Filtered in 00mn 21s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 22/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 03/12/2009 28672 | (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe
SS - | Auto 22/01/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SS - | Auto 31/10/2012 264048 | (ASO3DiskOptimizer) . (.Systweak Software, (www.systweak.com).) - C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe =>PUP.AdvancedSystemOptimizer
SS - | Auto 19/09/2013 38440 | (BackupStack) . (.Just Develop It.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SS - | Auto 03/03/2014 2454816 | (CltMngSvc) . (.Conduit.) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe =>Toolbar.Conduit
SS - | Auto 30/09/2009 844320 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
SS - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
SS - | Auto 12/04/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 12/04/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 05/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SS - | Demand 15/02/2014 118896 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 09/03/2010 250368 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
SS - | Demand 06/11/2009 50432 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
SS - | Auto 06/11/2009 144640 | (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
SS - | Auto 18/12/2012 155264 | (Savdm) . (.Advernet.) - C:\Program Files (x86)\Savdm\Savdm.exe =>Hijacker.Proxy
SS - | Auto 18/12/2012 33920 | (SavdmMonitor) . (.Advernet.) - C:\Program Files (x86)\Savdm\SavdmMonitor.exe =>Hijacker.Proxy
SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 18/09/2013 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 18/09/2013 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Auto 20/02/2014 2921280 | (SProtection) . (.Iminent.) - C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe =>Adware.IMBooster
SS - | Auto 13/06/2013 59392 | (srvBrowserProtect) . (...) - C:\Program Files (x86)\BrowserProtect\srvBrowserProtect.exe =>Hijacker.Eazel
SS - | Auto 05/11/2013 29696 | (SrvUpdater) . (...) - C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe =>PUP.Eorezo
SS - | Auto 29/01/2010 243232 | (Updater Service) . (.Acer Group.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SS - | Auto 09/11/2012 3056488 | (uptt4pcin4) . (...) - C:\Users\HELENE\AppData\Local\t4pcfr1\supt4pcfr1.exe =>PUP.Eorezo
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 23/10/2013 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe

~ Services: Scanned in 00mn 24s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (03/03/2014)
Clés trouvées (Keys found) : 530
Valeurs trouvées (Values found) : 5
Dossiers trouvés (Folders found) : 81
Fichiers trouvés (Files found) : 30

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311211154}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}] =>PUP.AppGraffiti^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>PUP.Minibar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}] =>PUP.Minibar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ED656B4A-95CA-4F2C-B95A-1ECDCB49CD9E}] =>Adware.SPointer^
[HKLM\SYSTEM\CurrentControlSet\Services\ASO3DiskOptimizer] =>PUP.AdvancedSystemOptimizer^
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc] =>Toolbar.Conduit^
[HKLM\SYSTEM\CurrentControlSet\Services\Savdm] =>Hijacker.Proxy^
[HKLM\SYSTEM\CurrentControlSet\Services\SavdmMonitor] =>Hijacker.Proxy^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update) (Software_update] =>Adware.Boxore^
[HKLM\SYSTEM\CurrentControlSet\Services\SProtection] =>Adware.IMBooster^
[HKLM\SYSTEM\CurrentControlSet\Services\srvBrowserProtect] =>Hijacker.Eazel^
[HKLM\SYSTEM\CurrentControlSet\Services\SrvUpdater] =>PUP.Eorezo^
[HKLM\SYSTEM\CurrentControlSet\Services\uptt4pcin4] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Advanced Driver Updater_is1] =>PUP.AdvancedDriverUpdater^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowseForTheCause] =>Adware.BrowseForTheCause^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserProtect] =>Hijacker.Eazel^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard] =>PUP.BrowserSafeguard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DProtect] =>Trojan.Trojan.Staser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller] =>PUP.VAFPlayer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89B5DFCA-81E0-4EA4-8A0A-4F4087A1DD00}] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FE11B41E-3C97-4338-A7BC-E30423F7058B}] =>Adware.IMBooster^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lolipop] =>Adware.Lollipop^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.7] =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}] =>Hijacker.Proxy^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vittalia] =>Adware.Vittalia^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8848B3CD-4464-414F-953C-966678634540}] =>PUP.SoftwareEngine^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Boxore Client] =>Adware.Boxore^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger] =>Adware.IMBooster^
[HKLM\Software\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}] =>PUP.Blabbers
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}] =>Toolbar.Crawler
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{0F6ECBD3-98B1-4044-8520-69407A70C83C}] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Classes\Interface\{0F6ECBD3-98B1-4044-8520-69407A70C83C}] =>PUP.Minibar
[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}] =>PUP.Minibar
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}] =>Toolbar.Crawler
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{4F9AD2F2-3A64-470E-93F7-A03423E52ACA}] =>PUP.Minibar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}] =>Toolbar.Crawler
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Adware.Facemoods
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{8216BD4A-4DC2-4DCE-9AFF-C86C5ACC6757}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{856E12B5-22D7-4E22-9ACA-EA9A008DD65B}] =>PUP.Minibar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}] =>Toolbar.Crawler
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8A41F062-A222-4322-A8C4-26218BE869B9}] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Classes\Interface\{8A41F062-A222-4322-A8C4-26218BE869B9}] =>PUP.Minibar
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}] =>PUP.Blabbers
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{A7C2FCDD-0359-49DD-8339-BE2A5BD60918}] =>PUP.Minibar
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}] =>PUP.Minibar
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}] =>Toolbar.Crawler
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C0207057-3461-4F7F-B689-D016B7A03964}] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Classes\Interface\{C0207057-3461-4F7F-B689-D016B7A03964}] =>PUP.Minibar
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C6A61AAE-D30B-4E7A-A3D8-8A34E5BA3414}] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Classes\Interface\{C6A61AAE-D30B-4E7A-A3D8-8A34E5BA3414}] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D4D390BE-98E6-4633-AD1B-B18B54BE5E76}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{E1194D86-860F-45D1-A42D-6D4BB607C4DD}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}] =>Toolbar.Crawler
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}] =>Adware.IncrediBar
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKCU\Software\Classes\AppGraffiti.AppGraffitiJS] =>PUP.AppGraffiti
[HKLM\Software\Classes\AppGraffiti.AppGraffitiJS] =>PUP.AppGraffiti
[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo
[HKLM\Software\Classes\ilivid] =>
[HKLM\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E0C8759C69912A4485AD49572CE7CA3] =>Adware.Bandoo
[HKCU\Software\AppGraffiti] =>PUP.AppGraffiti
[HKLM\Software\Wow6432Node\AppGraffiti] =>PUP.AppGraffiti
[HKCU\Software\Blabbers] =>PUP.Blabbers
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\Minibar] =>PUP.Minibar
[HKLM\Software\Wow6432Node\Minibar] =>PUP.Minibar
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKCU\Software\BrowseForTheCause] =>Adware.BrowseForTheCause
[HKLM\Software\Wow6432Node\BrowseForTheCause] =>Adware.BrowseForTheCause
[HKCU\Software\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Web Assistant] =>Adware.IncrediBar
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASAPI32] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASMANCS] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASAPI32] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\IncredibarToolbar_RASMANCS] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8848B3CD-4464-414F-953C-966678634540}] =>PUP.SoftwareEngine
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}] =>Hijacker.Proxy
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf] =>PUP.Blabbers
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}] =>Toolbar.RebateInformer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}] =>PUP.AppGraffiti
[HKLM\Software\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}] =>Toolbar.InBox
[HKLM\Software\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}] =>Toolbar.InBox
[HKLM\Software\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}] =>PUP.AppGraffiti
[HKLM\Software\Wow6432Node\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}] =>PUP.AppGraffiti
[HKLM\Software\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}] =>PUP.AppGraffiti
[HKLM\Software\Wow6432Node\Microsoft\Tracing\I Want This_RASAPI32] =>Adware.GamePlayLabs
[HKLM\Software\Wow6432Node\Microsoft\Tracing\I Want This_RASMANCS] =>Adware.GamePlayLabs
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF96568971BEAC14B8815883832BD484] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\qvo6Software] =>Hijacker.Qvo6
[HKLM\Software\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\AutoLyrics] =>Adware.AddLyrics
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\SoftwareUpdater] =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater] =>Hijacker.Eazel
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Wow6432Node\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo] =>PUP.Elex
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1] =>PUP.AppGraffiti
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}] =>PUP.AppGraffiti
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}] =>PUP.AppGraffiti
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}] =>PUP.AppGraffiti
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}] =>PUP.AppGraffiti
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}] =>PUP.AppGraffiti
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\eSafeSvc] =>PUP.eSafeSecurity
[HKCU\Software\AppDataLow\Software\LyricsFan] =>Adware.AddLyrics
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\nfeonecgpoepapkmdgdmjolonaakdknd] =>Adware.AddLyrics
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog] =>Adware.SmileyBar
[HKCU\Software\BI] =>Adware.MegaSearch
[HKCU\Software\AppDataLow\Software\XingHaoLyrics] =>Adware.ShopperReports
[HKLM\Software\Wow6432Node\delta-homesSoftware] =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Classes\CrossriderApp0019962.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0019962.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0019962.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0019962.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0032154.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0032154.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0032154.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0032154.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\iminent] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.DownloadArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.RawDataArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.TinyUrlArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.ViralLinkArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ClientCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ContractBase] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ServerCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ServerResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.LightContent] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.LightUri] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.MediatorServiceProxy] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
[HKLM\Software\Classes\Playerside.Spointer] =>Adware.SPointer
[HKLM\Software\Classes\Playerside.Spointer.4] =>Adware.SPointer
[HKLM\Software\Classes\Playerside.SpointerAdProvider] =>Adware.SPointer
[HKLM\Software\Classes\Playerside.SpointerAdProvider.4] =>Adware.SPointer
[HKLM\Software\Classes\Playerside.SpointerBanner] =>Adware.SPointer
[HKLM\Software\Classes\Playerside.SpointerBanner.4] =>Adware.SPointer
[HKLM\Software\Classes\Playerside.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Classes\Playerside.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311211154}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322212254}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\AppGraffiti.AppGraffitiJS] =>PUP.AppGraffiti
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0019962.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0019962.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0019962.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0019962.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0032154.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0032154.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0032154.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0032154.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.DownloadArgs] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.RawDataArgs] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.TinyUrlArgs] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Business.Tinyfying.ViralLinkArgs] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.ClientCallback] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.ContractBase] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.ServerCommand] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.Communication.ServerResult] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.LightContent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.LightUri] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Iminent.Mediator.MediatorServiceProxy] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Playerside.Spointer] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Playerside.Spointer.4] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Playerside.SpointerAdProvider] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Playerside.SpointerAdProvider.4] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Playerside.SpointerBanner] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Playerside.SpointerBanner.4] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Playerside.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Playerside.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111491187}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311211154}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311211154}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220122992262}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322212254}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111491187}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111491187}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311211154}] =>PUP.CrossRider
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NextLive =>PUP.NextLive^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BrowseForTheCause =>Adware.BrowseForTheCause^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Users\HELENE\AppData\Roaming\Mozilla\Firefox\Profiles\3mru65kf.default\extensions\dcf3d940-5475-4c1f-9347-73a47512ee99@8520e31e-fc61-48c8-ae31-09d4d65bc369.com =>Adware.PlusHD^
C:\Program Files (x86)\Advanced Driver Updater =>PUP.AdvancedDriverUpdater^
C:\Program Files (x86)\Advanced File Optimizer =>PUP.AdvancedFileOptimizer^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\BrowseForTheCause =>Adware.BrowseForTheCause^
C:\Program Files (x86)\BrowserProtect =>Hijacker.Eazel^
C:\Program Files (x86)\Desk 365 =>Hijacker.22Find^
C:\Program Files (x86)\FindLyrics =>Adware.AddLyrics^
C:\Program Files (x86)\Iminent =>Adware.IMBooster^
C:\Program Files (x86)\Minibar =>PUP.Minibar^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\Plus-HD-1.7 =>Adware.PlusHD^
C:\Program Files (x86)\RegClean Pro =>Rogue.RegistryPowerCleaner^
C:\Program Files (x86)\Savdm =>Hijacker.Proxy^
C:\Program Files (x86)\Supreme Savings =>PUP.RewardsArcade^
C:\Program Files (x86)\Vittalia =>Adware.Vittalia^
C:\Program Files (x86)\Yontoo =>Adware.Yontoo^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\BoxUpdChk =>Adware.Boxore^
C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch^
C:\ProgramData\eSafe =>PUP.eSafeSecurity^
C:\ProgramData\Iminent =>Adware.IMBooster^
C:\ProgramData\ParetoLogic =>PUP.Paretologic^
C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\HELENE\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\HELENE\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\HELENE\AppData\Roaming\DealPly =>PUP.DealPly^
C:\Users\HELENE\AppData\Roaming\Desk 365 =>Hijacker.22Find^
C:\Users\HELENE\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Users\HELENE\AppData\Roaming\Iminent =>Adware.IMBooster^
C:\Users\HELENE\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\HELENE\AppData\Roaming\newnext.me =>PUP.NextLive^
C:\Users\HELENE\AppData\Roaming\OfferBox =>PUP.OfferBox^
C:\Users\HELENE\AppData\Roaming\okitSpace =>PUP.Onekit^
C:\Users\HELENE\AppData\Roaming\ParetoLogic =>PUP.Paretologic^
C:\Users\HELENE\AppData\Roaming\SpeedanAlysis =>PUP.SpeedAnalysis^
C:\Users\HELENE\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis^
C:\Users\HELENE\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc^
C:\Users\HELENE\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard^
C:\Users\HELENE\AppData\Local\DProtect =>Trojan.Trojan.Staser^
C:\Users\HELENE\AppData\Local\eorezo =>PUP.Eorezo^
C:\Users\HELENE\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Users\HELENE\AppData\Local\Minibar =>PUP.Minibar^
C:\Users\HELENE\AppData\Local\savdm =>Hijacker.Proxy^
C:\Users\HELENE\AppData\Local\Smartbar =>Hijacker.SmartBar^
C:\Users\HELENE\AppData\Local\Supreme Savings =>PUP.RewardsArcade^
C:\Users\HELENE\AppData\Local\tuto4pc_fr_7 =>PUP.AgenceExclusive^
C:\Users\HELENE\AppData\Local\Updater19962 =>PUP.CrossRider^
C:\Program Files (x86)\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files (x86)\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\LayoutsExpress =>Toolbar.LayoutExpress
C:\Program Files (x86)\Optimizer Pro =>PUP.OptimizerPro
C:\Program Files (x86)\VideoPerformer =>PUP.VideoPerformer
C:\Program Files (x86)\Common Files\Umbrella =>Adware.IMBooster
C:\Program Files (x86)\Common Files\337 =>Hijacker.22find
C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com =>PUP.Babylon
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\Software =>Adware.Boxore
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent =>Adware.IMBooster
C:\Users\HELENE\AppData\Roaming\eType =>Adware.Zugo
C:\Users\HELENE\AppData\Roaming\SearchProtect =>Toolbar.Conduit
C:\Users\HELENE\AppData\Roaming\eIntaller =>PUP.eSafeSecurity
C:\Users\HELENE\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\HELENE\AppData\Local\SearchProtect =>Toolbar.Conduit
C:\Users\HELENE\AppData\Local\Software =>Adware.Boxore
C:\Users\HELENE\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\HELENE\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\HELENE\AppData\LocalLow\Claro LTD =>PUP.ClaroSearch
C:\Users\HELENE\AppData\LocalLow\Incredibar.com =>Adware.IncrediBar
C:\Users\HELENE\AppData\LocalLow\Minibar =>PUP.Minibar
C:\Users\HELENE\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
C:\Users\HELENE\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\HELENE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch
C:\Users\HELENE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =>Spyware.SmartDisplay
C:\Users\HELENE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog =>Adware.SmileyBar
C:\Users\HELENE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf =>PUP.SpeedAnalysis
C:\Users\HELENE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon =>PUP.SpeedAnalysis
C:\Users\HELENE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff =>Adware.MyWebSearch
C:\Users\HELENE\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl =>PUP.QuickShare
C:\Windows\Tasks\DigitalSite.job =>Hijacker.DSite^
C:\Windows\Tasks\Plus-HD-1.7-chromeinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-1.7-codedownloader.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-1.7-enabler.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-1.7-firefoxinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-1.7-updater.job =>Adware.PlusHD^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive^
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch^
[HKCU\Software\tuto4pc] =>PUP.AgenceExclusive^
[HKLM\Software\DomaIQ] =>Adware.DomaIQ^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\eDownloader] =>PUP.SoftwareEngine^
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel^
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel^
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel^
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Hijacker.Eazel^
[HKCU\Software\f53dfdae168ec17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll" =>Hijacker.Hijacker.Eazel^
C:\Windows\Installer\11ad8e1.msi =>Adware.IMBooster^
C:\Windows\Installer\1dcb920.msi =>Toolbar.DeltaSearch^
C:\Windows\Installer\352b5e.msi =>Adware.Boxore^
C:\Windows\Installer\44f46d.msi =>Adware.IMBooster^
C:\Windows\Installer\5d823e.msi =>Adware.SPointer^
C:\Windows\Installer\9ae67.msi =>PUP.SweetIM^
C:\Windows\Installer\f7e67.msi =>Hijacker.SmartBar^
C:\Users\HELENE\AppData\Local\Temp\SPSetup.exe =>Toolbar.Conduit
~ Additionnel Scan: 365873 Items scanned in 00mn 26s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6 =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26611535-pup-appgraffiti =>PUP.AppGraffiti
~ http://nicolascoolman.webs.com/apps/blog/show/34407192-pup-minibar =>PUP.Minibar
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/29357530-pup-advancedsystemoptimizer =>PUP.AdvancedSystemOptimizer
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/40528410-pup-nextlive =>PUP.NextLive
~ http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
~ http://nicolascoolman.webs.com/apps/blog/show/26627928-adware-browseforthecause =>Adware.BrowseForTheCause
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/35170315-hijacker-dsite =>Hijacker.DSite
~ http://nicolascoolman.webs.com/apps/blog/show/32771797-trojan-staser =>Trojan.Staser
~ http://nicolascoolman.webs.com/apps/blog/show/30392620-pup-vafplayer =>PUP.VAFPlayer
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/29758660-pup-softwareengine =>PUP.SoftwareEngine
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/27280149-pup-blabbers =>PUP.Blabbers
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/30068076-pup-paretologic =>PUP.Paretologic
~ http://nicolascoolman.webs.com/apps/blog/show/28947219-pup-speedmaxpc =>PUP.SpeedMaxPc
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/30393137-adware-domaiq =>Adware.DomaIQ
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/29295819-rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
~ http://nicolascoolman.webs.com/apps/blog/show/28000037-pup-rewardsarcade =>PUP.RewardsArcade
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/33456961-pup-onekit =>PUP.OneKit
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/35127313-pua-browserdefendert =>PUA.BrowserDefendert
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
~ http://nicolascoolman.webs.com/apps/blog/show/26764465-adware-facemoods =>Adware.Facemoods
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/26820943-adware-gameplaylabs =>Adware.GamePlayLabs
~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
~ http://nicolascoolman.webs.com/apps/blog/show/33479906-pup-elex =>PUP.Elex
~ http://nicolascoolman.webs.com/apps/blog/show/27530912-adware-smileybar =>Adware.SmileyBar
~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro
~ http://nicolascoolman.webs.com/apps/blog/show/29895028-pup-videoperformer =>PUP.VideoPerformer
~ http://nicolascoolman.webs.com/apps/blog/show/26828293-adware-zugo =>Adware.Zugo
~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay
~ http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare
~ MSI: 71 link(s) detected in 00mn 27s



~ 2368 Legitimates filtered by white list
End of the scan (1419 lines in 03mn 50s)(0)

Publicité


Signaler le contenu de ce document

Publicité