~ Rapport de ZHPDiag v2014.7.6.102 - Nicolas Coolman (06/07/2014)
~ Lancé par vitale (06/07/2014 15:44:10)
~ Adresse du Site Web http://nicolascoolman.fr
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v7.0.6001.18000
MFIE: Mozilla Firefox 29.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2021
McAfee Security Scan Plus v3.8.150.1

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader 8.1.2 Security Update 1
Java 7 Update 55

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (20% free)
System Restore: Activé (Enable)
System drive C: has 199 GB (68%) free of 291 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-VITALE
~ User Name: vitale
~ All Users Names: vitale, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\vitale\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\vitale\AppData\Roaming\
~ %Desktop% : C:\Users\vitale\Desktop\
~ %Favorites% : C:\Users\vitale\Favorites\
~ %LocalAppData% : C:\Users\vitale\AppData\Local\
~ %StartMenu% : C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 199 Go of 291 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 7 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 38 Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.29/10/2008 - 07:29:41.) -- C:\Windows\Explorer.exe [2927104]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.DA5A72211661C7F162B332FEA4F09A69] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2011 - 16:00:34.) -- C:\Windows\System32\wininet.dll [833024]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Winlogon.exe [314880]
[MD5.48EB99503533C27AC6135648E5474457] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:16:42.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.19/01/2008 - 08:41:30.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.19/01/2008 - 06:49:51.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.A3E9FA213F443AC77C7746119D13FEEC] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:24:14.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.19/01/2008 - 05:30:49.) -- C:\Windows\system32\Drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 13:49:35.) -- C:\Windows\system32\Drivers\MRxSmb.sys [105984]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.19/01/2008 - 06:55:35.) -- C:\Windows\system32\Drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.19/01/2008 - 08:43:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.19/01/2008 - 06:55:27.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.19/01/2008 - 06:55:58.) -- C:\Windows\system32\Drivers\tdx.sys [71680]
[MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.19/01/2008 - 08:42:48.) -- C:\Windows\system32\Drivers\volsnap.sys [227896]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1841
~ Mes musiques (My Musics) : 1/279
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/44
~ Mes Documents (My Documents) : 2/142
~ Mon Bureau (My Desktop) : 1/1620
~ Menu demarrer (Programs) : 1/80
~ Hidden Files: Scanned in 00mn 06s



---\\ Processus lancés
[MD5.A74558989E0624989C5B21E442788ED3] - (.Activeris - Activeris AntiMalware.) -- C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe [6292472] [PID.1688] =>PUP.Activeris
[MD5.B6624D1D446A9683BAF8E482B1774C05] - (.Glarysoft Ltd - Glary Utilities 3.) -- C:\Program Files\Glary Utilities 3\Integrator.exe [470816] [PID.2836]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.2752]
[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.2980]
[MD5.B1361669BDC6ED612C35B7C67ADA2240] - (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784] [PID.3048]
[MD5.12902A626CAE9F362AAE39EF1FC79E87] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\Systray\SystrayApp.exe [94208] [PID.3808]
[MD5.9BC8AB2A35C8F91A29C1C91DC50C557F] - (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.exe [1848648] [PID.2804]
[MD5.361CD47DC5BD83EE24407903233B0D9A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4874240] [PID.2648]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208] [PID.3092]
[MD5.7C98599DC1B7C7103A52B2C0BF462C56] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [49152] [PID.2476]
[MD5.92DCCD7AD8FB9FB475A4F48086938838] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe [114992] [PID.576] =>PUP.SweetIM
[MD5.9D96E63881A28AA87797A0F04F612A9C] - (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files\OfferBox\OfferBox.exe [3085160] [PID.3752] =>PUP.OfferBox
[MD5.15AB42C809A5CBE11992D5C218ED928E] - (.KalityWeb - WebAdSystem.) -- C:\Program Files\WebAdSystem\WebAdSystem.exe [860016] [PID.3364] =>Adware.WebAdSystem
[MD5.2218928CF528D7BC295B1B4C69E9846C] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastui.exe [3890208] [PID.4060]
[MD5.CD50EA3B3D9845C6D3ACA4D690E05CC4] - (...) -- C:\Program Files\Browsersafeguard\BrowserSafeguard.exe [465408] [PID.3700] =>PUP.BrowserSafeguard
[MD5.AAAC76A931480ADD2C9B251621EB524E] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\Launcher\Launcher.exe [598016] [PID.1184]
[MD5.049327975C9A1C09D5A7B84825939C95] - (.Boxore OU - Boxore Client.) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe [965632] [PID.3896] =>Adware.Boxore
[MD5.009811BD21D0BD7BA5C7765565505764] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088] [PID.3372]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2828]
[MD5.E9257AE2500A3C8272B6C32A1329DAA3] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112] [PID.2924]
[MD5.3D558E2572EDF52FAD098AF2534B4E20] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe [279456] [PID.4128]
[MD5.4BC02235AD1E85455E6AB8C1CC912C64] - (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe [2901032] [PID.4196] =>PUP.MyPCBackup
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.4544]
[MD5.BE9A6C91999C1FB796F980C794E7DB9C] - (.ATI Technologies Inc. - Catalyst Control Centre: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [49152] [PID.4604]
[MD5.11E8D8272FDBE213ADE3DAD91427CE35] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [11322880] [PID.4668]
[MD5.2337EC951C4AF6E1AF65D10BD9615BEB] - (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [11314688] [PID.4840]
[MD5.279EEEBB1221F297886B8560163D3AE8] - (...) -- C:\Program Files\Orange\Deskboard\deskboard.exe [1044480] [PID.5592]
[MD5.54ABBCF1C68FAEFF10BCCD254740AE16] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\connectivity\connectivitymanager.exe [716800] [PID.5604]
[MD5.0DA891CB0703D912CEAFA072F54D002B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.5656]
[MD5.032F85FBFE612ECC455ABA7474E5914F] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\connectivity\CoreCom\CoreCom.exe [360448] [PID.3096]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.1408]
[MD5.987B72E406C172F9F5184F1B4F0CE1BB] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\connectivity\CoreCom\OraConfigRecover.exe [28672] [PID.4464]
[MD5.167A81D7A06119ABF84042F88EE6F6DF] - (.France Telecom SA - Pas de description.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe [65536] [PID.4212]
[MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128] [PID.1816]
[MD5.28B02EA673489A4EFBB20A9B302D523C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [18544] [PID.4880]
[MD5.038053B5DB6B0DCFB32B7682334B7625] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe [1863856] [PID.5616]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53472] [PID.4772]
[MD5.7E0EBC6933621F994BF6C4232548CDA7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8074240] [PID.1448]
[MD5.00B317C5E88AA439C92A91C34F88E8DC] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [606208] [PID.1112]
[MD5.0BA91E1358AD25236863039BB2609A2E] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [2623488] [PID.1352]
[MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1696]
[MD5.E91C669DB45EC0F1D18185A9B7006E44] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginService\PluginService.exe [705136] [PID.1760] =>Trojan.SProtector
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.3152]
[MD5.98D884ADC0B8C0FEBCC9D7BEE6D86F90] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files\Common Files\LightScribe\LSSrvc.exe [79136] [PID.3188]
[MD5.B5D974C1FD078A68C7536C561B031D39] - (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [554352] [PID.3380]
[MD5.BB6F1F29721F8C3839C334F5DFA68387] - (.ClientConnect Ltd. - Toolbar.) -- C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe [350528] [PID.3576] =>Toolbar.Conduit
[MD5.4A84526076717F87F3E1AD24AB28FB5A] - (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe [2673064] [PID.3648]
[MD5.595CC0689C35BF211698ABEB771B75DD] - (...) -- C:\Users\vitale\AppData\Roaming\VOPackage\VOsrv.exe [51712] [PID.3688] =>Adware.Downware
[MD5.949A54971EF61E9D84B7C559B405A585] - (...) -- C:\Program Files\003\vxlsnyaiet32.exe [541696] [PID.3716] =>PUP.AdPeak
[MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe [109064] [PID.3772] =>PUP.Wajam
[MD5.C9BE08664611DDAF98E2331E9288B00B] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [46104] [PID.5852]
[MD5.E48B80F6614D4BEFA7768B960FFEF514] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [61440] [PID.5432]
~ Processes Running: Scanned in 00mn 08s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\vitale\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.qone8.com =>Hijacker.Qone8
G2 - GCE: Preference [User Data\Default] [engaigpbgdjjmanonjcjkcmomgibneba] Smart Display v.1.8, (Activé) =>Spyware.SmartDisplay

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\vitale\AppData\Local\Google\Chrome\User Data\Default\Extensions\engaigpbgdjjmanonjcjkcmomgibneba [Smart Display] =>Spyware.SmartDisplay
~ Google Lines Browser: 5 Scanned in 00mn 36s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\prefs.js
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\user.js
M0 - MFSP: prefs.js [vitale - qnqw38xw.default] http://speedial.com =>Adware.SearchYa
M0 - MFSP: user.js [vitale - qnqw38xw.default] http://speedial.com =>Adware.SearchYa
M2 - MFEP: prefs.js [vitale - qnqw38xw.default\djud9r@fman-ds.com] [] rrealddeal v1.9 (..) =>PUP.RealDeal
M2 - MFEP: prefs.js [vitale - qnqw38xw.default\e46480cf-7cf6-495e-af69-573053f52c72@b33ab36d-5952-49aa-adb2-a41b3dbe51a5.com] [] Plus-HD9.5v4 v1.9 (..) =>Adware.PlusHD
M2 - MFEP: prefs.js [vitale - qnqw38xw.default\firefox@webconnect.co] [] WebConnect v1.0.0 (..) =>PUP.WebConnect
M2 - MFEP: prefs.js [vitale - qnqw38xw.default\jid1-FCM5fDwCW5M3AQ@jetpack] [] Smart Display v1.2 (..) =>Spyware.SmartDisplay
M2 - MFEP: prefs.js [vitale - qnqw38xw.default\quick_start@gmail.com] [] Quick Start v1.2 (..) =>PUP.QuickStart
M2 - MFEP: prefs.js [vitale - qnqw38xw.default\{fa95f577-07cb-4470-ac90-e843f5f83c52}] [] Speedial v1.2 (..) =>Adware.SearchYa
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.8.612.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.55.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.55.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.55.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30214.0.) -- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@oberon-media.com/ONCAdapter] - (.Oberon-Media - npapicomadapter.) -- C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate - globalUpdate Update.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate - globalUpdate Update.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll
P2 - FPN: [HKLM] [@tools.dpliveupdate.com/DealPlyLive Update;version=3] - (.DealPly Technologies Ltd - DealPlyLive Update.) -- C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll =>PUP.DealPly
P2 - FPN: [HKLM] [@tools.dpliveupdate.com/DealPlyLive Update;version=9] - (.DealPly Technologies Ltd - DealPlyLive Update.) -- C:\Program Files\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll =>PUP.DealPly
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.1] - (.VideoLAN - VLC media player Web Plugin 2.0.0.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@www.dlmanager.net/omaha/tools//Software Update;version=8] - (.Boxore OU. - Software Update.) -- C:\Program Files\Software\Update\1.2.201.0\npSoftwareOneClick8.dll =>Adware.Boxore
P2 - FPN: [HKLM] [@zylom.com/ZylomGamesPlayer] - (.Zylom - Zylom Plugin.) -- C:\Users\vitale\AppData\Roaming\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
~ Firefox Browser: 22 Scanned in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.SearchYa
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://speedial.com =>Adware.SearchYa
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com =>Hijacker.Qone8
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.qone8.com =>Hijacker.Qone8
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.qone8.com =>Hijacker.Qone8
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qone8.com =>Hijacker.Qone8
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://speedial.com =>Adware.SearchYa
R3 - URLSearchHook: Radio Bar 1 Toolbar - {0fc85f5d-6207-4515-a490-45a549d285c0} . (.Zylom - Zylom Plugin.) (No version) -- (.not file.)
R3 - URLSearchHook: midicair Toolbar - {77f8c945-4b74-4bd6-a073-e0d1997edce8} . (.Zylom - Zylom Plugin.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} . (.Zylom - Zylom Plugin.) (No version) -- (.not file.)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} . (.Zylom - Zylom Plugin.) (No version) -- (.not file.) =>PUP.SweetIM
~ IE Browser: 16 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49287;https=127.0.0.1:49287; =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} . (.McAfee, Inc. - Quick Browser Identifier for MSS+ Tool.) -- C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Radio Bar 1 - {0fc85f5d-6207-4515-a490-45a549d285c0} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Radio_Bar_1\prxtbRad0.dll =>Toolbar.Conduit
O2 - BHO: CrossriderApp0043960 - {11111111-1111-1111-1111-110411391160} . (.Corporate Inc - Deeal_fr 0.2 BHO.) -- C:\Program Files\Deeal_fr 0.2\Deeal_fr 0.2-bho.dll =>PUP.CrossRider
O2 - BHO: CrossriderApp0048926 - {11111111-1111-1111-1111-110411891126} . (.smart-saverplus - Smarts8 BHO.) -- C:\Program Files\Smarts8\Smarts8-bho.dll =>PUP.CrossRider
O2 - BHO: Barre d'outils ALOT Helper - {14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6} . (.Vertro - alot.dll.) -- C:\Program Files\alot\bin\alot.dll =>Adware.Comet
O2 - BHO: saveorneT - {1C7654F3-98BB-47E0-9404-36CB4B08637A} . (...) -- C:\ProgramData\saveorneT\EzkeIR7.dll =>PUP.SaveOn
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} Clé orpheline =>PUP.Babylon
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\SupTab\SupTab.dll =>PUP.SupTab
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: midicair - {77f8c945-4b74-4bd6-a073-e0d1997edce8} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\midicair\prxtbmidi.dll =>Toolbar.Conduit
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Clé orpheline
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files\Wajam\IE\priam_bho.dll =>PUP.Wajam
O2 - BHO: DealPly Shopping - {ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} . (.DealPly - DealPly Shopping for Internet Explorer.) -- C:\Program Files\DealPly\DealPlyIE.dll =>PUP.DealPly
O2 - BHO: DataMngr - {B939CF93-F2CB-443d-956C-DC523D85C9DB} . (.MusicLab, LLC - Url Helper.) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\BrowserConnection.dll =>PUP.BearShare
O2 - BHO: Wincore Mediabar - {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll =>PUP.iMesh
O2 - BHO: GamesBarBHO Class - {CB0D163C-E9F4-4236-9496-0597E24B23A5} . (.Oberon Media Ltd. - GamesBar.) -- C:\Program Files\GamesBar\oberontb.dll =>Adware.GamesBar
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} . (.Softonic.com - Pas de description.) -- C:\Program Files\Softonic\Softonic\1.6.7.4\bh\Softonic.dll =>Toolbar.Conduit
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
~ BHO: 80 Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Barre d'outils ALOT - [HKLM]{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} . (.Vertro - alot.dll.) -- C:\Program Files\alot\bin\alot.dll =>Adware.Comet
O3 - Toolbar: Radio Bar 1 Toolbar - [HKLM]{0fc85f5d-6207-4515-a490-45a549d285c0} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Radio_Bar_1\prxtbRad0.dll =>Toolbar.Conduit
O3 - Toolbar: GamesBar - [HKLM]{6F282B65-56BF-4BD1-A8B2-A4449A05863D} . (.Oberon Media Ltd. - GamesBar.) -- C:\Program Files\GamesBar\oberontb.dll =>Adware.GamesBar
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O3 - Toolbar: midicair Toolbar - [HKLM]{77f8c945-4b74-4bd6-a073-e0d1997edce8} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\midicair\prxtbmidi.dll =>Toolbar.Conduit
O3 - Toolbar: (no name) - [HKLM]{98889811-442D-49dd-99D7-DC866BE87DBC} Clé orpheline
O3 - Toolbar: Wincore Mediabar - [HKLM]{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files\BearShare Applications\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll =>PUP.iMesh
O3 - Toolbar: Softonic Toolbar - [HKLM]{5018CFD2-804D-4C99-9F81-25EAEA2769DE} . (.Softonic.com - Pas de description.) -- C:\Program Files\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll =>Toolbar.Conduit
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: Radio Bar 1 Toolbar - [HKCU]{0FC85F5D-6207-4515-A490-45A549D285C0} . (.ClientConnect Ltd. - Toolbar.) -- C:\Users\vitale\AppData\LocalLow\Radio_Bar_1\prxtbRad1.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{977AE9CC-AF83-45E8-9E03-E2798216E2D5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: midicair Toolbar - [HKCU]{77F8C945-4B74-4BD6-A073-E0D1997EDCE8} . (.ClientConnect Ltd. - Toolbar.) -- C:\Users\vitale\AppData\LocalLow\midicair\prxtbmid2.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Activeris AntiMalware.lnk . (.Activeris - Activeris AntiMalware.) -- C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris
O4 - GS\Desktop [Public]: BearShare.lnk . (.MusicLab, LLC - BearShare.) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe =>PUP.BearShare
O4 - GS\Desktop [Public]: Boutique Accessoires HP.lnk . (...) -- C:\Program Files\Services en ligne\onlinesvs\WizLink.exe
O4 - GS\Desktop [Public]: Configuration de la Livebox.lnk . (.SAGEM - Pas de description.) -- C:\Program Files\SAGEM\SAGEM F@st 3202\RunHttpCfg.exe C:\Program Files\SAGEM\SAGEM F@st 3202\RunHttpCfg.exe -I -L040C
O4 - GS\Desktop [Public]: eBay.lnk . (...) -- C:\Program Files\Services en ligne\eBay\WizLink.exe =>Toolbar.eBay
O4 - GS\Desktop [Public]: Yahoo! France.lnk . (...) -- C:\Program Files\Services en ligne\yahoo\WizLink.exe
O4 - GS\Program [Public]: eBay.lnk . (...) -- C:\Program Files\Services en ligne\eBay\WizLink.exe =>Toolbar.eBay
O4 - GS\Program [Public]: OfferBox.lnk . (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files\OfferBox\OfferBox.exe =>PUP.OfferBox
O4 - GS\Program [Public]: WebAdSystem.lnk . (.KalityWeb - WebAdSystem.) -- C:\Program Files\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem
O4 - GS\QuickLaunch [vitale]: BearShare.lnk . (.MusicLab, LLC - BearShare.) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe =>PUP.BearShare
O4 - GS\Desktop [vitale]: Continue FLV Player.lnk . (.@ - setup_file.) -- C:\Users\vitale\AppData\Local\Temp\f.exe http://installer.apps-track.com
O4 - GS\Desktop [vitale]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Desktop [vitale]: Optimizer Pro.lnk . (.PC Utilities Software Limited - Optimizer Pro.) -- C:\Program Files\Optimizer Pro\OptimizerPro.exe =>PUP.OptimizerPro
O4 - GS\Desktop [vitale]: Sync Folder.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
~ Global Startup: 16 Scanned in 00mn 06s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [vitale]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] . (...) -- C:\HP\KBD\KbdStub.exe
O4 - HKLM\..\Run: [OsdMaestro] . (.OsdMaestro - OsdMaestro main program.) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
O4 - HKLM\..\Run: [StartCCC] . (...) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SystrayORAHSS] . (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\Systray\SystrayApp.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [CanonMyPrinter] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O4 - HKLM\..\Run: [offerbox] . (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files\OfferBox\OfferBox.exe =>PUP.OfferBox
O4 - HKLM\..\Run: [WebAdSystem] . (.KalityWeb - WebAdSystem.) -- C:\Program Files\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [BrowserSafeguard] . (...) -- C:\Program Files\Browsersafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard
O4 - HKLM\..\Run: [SunJavaUpdateReg] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Windows\system32\jureg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Boxore Client] . (.Boxore OU - Boxore Client.) -- C:\Program Files\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore
O4 - HKLM\..\RunOnce: [Launcher] . (.soft thinks - Launcher.) -- C:\Windows\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files\Optimizer Pro\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-3222024360-3744684843-4020002206-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3222024360-3744684843-4020002206-1000\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-3222024360-3744684843-4020002206-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-3222024360-3744684843-4020002206-1000\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files\Optimizer Pro\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKUS\S-1-5-21-3222024360-3744684843-4020002206-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline
O9 - Extra button: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} -- Clé orpheline =>Adware.GamesBar
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Winsock: 6 Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ((no name)) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {9DF1C00D-8426-4337-972C-DC042D19A916} ((no name)) - http://webtv.guidetv.orange.fr/resources/OCS_9418.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} ((no name)) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} ((no name)) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C0D3868-86D3-4234-8745-DFDBC54FC1BE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C0D3868-86D3-4234-8745-DFDBC54FC1BE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C0D3868-86D3-4234-8745-DFDBC54FC1BE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{1C0D3868-86D3-4234-8745-DFDBC54FC1BE}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\searchprotect\searchprotect\bin\spvc32loader.dll =>PUP.SearchProtect
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\system32\webcheck.dll
~ SSODL: 1 Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: Optimizer Pro Crash Monitor (ca82e1a5) . (...) - c:\Program Files\Optimizer Pro\OptProCrash.dll =>PUP.OptimizerPro
O23 - Service: Service DealPly Live (dealplylive) (dealplylive) . (.DealPly Technologies Ltd - DealPlyLive Update.) - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe =>PUP.DealPly
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: IePlugin Service (IePluginService) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Planificateur LiveUpdate automatique (Planificateur LiveUpdate automatique) . (.Symantec Corporation - Automatic LiveUpdate Scheduler Service.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Software Update Service (supdate) (supdate) . (.Boxore OU. - Programme d'installation de Software.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: Toolbar Service (TBSrv) . (.ClientConnect Ltd. - Toolbar.) - C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe =>Toolbar.Conduit
O23 - Service: TeamViewer 7 (TeamViewer7) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Service Component of VO (vosr) . (...) - C:\Users\vitale\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
O23 - Service: vxlsnyaiet32 (vxlsnyaiet32) . (...) - C:\Program Files\003\vxlsnyaiet32.exe =>PUP.AdPeak
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files\Wajam\Updater\WajamUpdater.exe =>PUP.Wajam
~ Services: 16 Scanned in 00mn 34s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\img16.jpg
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.A74558989E0624989C5B21E442788ED3] [APT] [Activeris AntiMalware_startup] (.Activeris.) -- C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe [6292472] =>PUP.Activeris
[MD5.09E7C37DF4A911C8A9AA8BF88ACD10AA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [257712]
[MD5.ACCF8BABEBB0EADE39B372D0DA330879] [APT] [AppleSoftwareUpdate] (.Apple Computer, Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [681568]
[MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [808448]
[MD5.DB44ECA9CABC2D434D919AD682464090] [APT] [BrowserSafeguard Update Task] (...) -- C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe [3393536] =>PUP.BrowserSafeguard
[MD5.311BCE25242D9D00CBD7BB9D8B6E1315] [APT] [Dealply] (...) -- C:\Users\vitale\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe [102968] =>PUP.DealPly
[MD5.9FCD1448C709C227BA6A146B681CC869] [APT] [DealPlyLiveUpdateTaskMachineCore] (.DealPly Technologies Ltd.) -- C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000] =>PUP.DealPly
[MD5.9FCD1448C709C227BA6A146B681CC869] [APT] [DealPlyLiveUpdateTaskMachineUA] (.DealPly Technologies Ltd.) -- C:\Program Files\DealPlyLive\Update\DealPlyLive.exe [148000] =>PUP.DealPly
[MD5.9EAAD334532B269862366F20049F3694] [APT] [Deeal_fr 0.2-chromeinstaller] (.Corporate Inc.) -- C:\Program Files\Deeal_fr 0.2\Deeal_fr 0.2-chromeinstaller.exe [484864] =>PUP.DeealFr
[MD5.BB08F23CD23047090B7C52EE82937E33] [APT] [Deeal_fr 0.2-codedownloader] (.Corporate Inc.) -- C:\Program Files\Deeal_fr 0.2\Deeal_fr 0.2-codedownloader.exe [487424] =>PUP.DeealFr
[MD5.5D58D53A1DDF4986A6DF72C61E3ADC6D] [APT] [Deeal_fr 0.2-enabler] (.Corporate Inc.) -- C:\Program Files\Deeal_fr 0.2\Deeal_fr 0.2-enabler.exe [346624] =>PUP.DeealFr
[MD5.858D453032B2D0719B7EBB2D7F2BF73A] [APT] [GlaryInitialize 3] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities 3\Initialize.exe [100640]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608]
[MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608]
[MD5.2D141D455A3F1BDAC97A08006ACD7B4B] [APT] [HP Health Check] (.Hewlett-Packard.) -- c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [71176]
[MD5.00000000000000000000000000000000] [APT] [JavaUpdateAdministrator] (...) -- C:\Windows\system32\jusched.exe (.not file.) [0]
[MD5.AA6DB1D357B0DB08B969D14889D9C9CA] [APT] [Norton Security Scan for vitale] (.Symantec Corporation.) -- C:\Program Files\Norton Security Scan\Norton Security Scan\Engine\2.7.3.34\Nss.exe [624504]
[MD5.00000000000000000000000000000000] [APT] [OfferBoxUpdateTask] (...) -- C:\Program Files\OfferBox\OfferBox.exe' -update (.not file.) [0] =>PUP.OfferBox
[MD5.00000000000000000000000000000000] [APT] [pricemeterdownloader] (...) -- C:\Users\vitale\AppData\Local\PriceMeter\pricemeterd.exe (.not file.) [0] =>PUP.PriceMeter
[MD5.00000000000000000000000000000000] [APT] [pricemetertask] (...) -- C:\Users\vitale\AppData\Local\PriceMeter\pricemeter.exe (.not file.) [0] =>PUP.PriceMeter
[MD5.00000000000000000000000000000000] [APT] [pricemeterwatcher] (...) -- C:\Users\vitale\AppData\Local\PriceMeter\pricemeterw.exe (.not file.) [0] =>PUP.PriceMeter
[MD5.7F96DA57AA3F5BCE706580C859402B6B] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe [28672]
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineCore] (.Boxore OU..) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineUA] (.Boxore OU..) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
[MD5.62DA2C201BC09A55C97C46F0AD73C28A] [APT] [{A14E6FD4-CE70-46CE-B30E-B4335EC2533C}] (...) -- C:\Program Files\orange\jeux\Brunhild and the Dark Crystal\Uninstall.exe [199168]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Dealply - (...) -- C:\Windows\Tasks\Dealply.job [294] =>PUP.DealPly
O39 - APT: Dealply - (...) -- C:\Windows\System32\Tasks\Dealply [294] =>PUP.DealPly
O39 - APT: DealPlyLiveUpdateTaskMachineCore - (.DealPly Technologies Ltd.) -- C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job [890] =>PUP.DealPly
O39 - APT: DealPlyLiveUpdateTaskMachineCore - (.DealPly Technologies Ltd.) -- C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore [890] =>PUP.DealPly
O39 - APT: DealPlyLiveUpdateTaskMachineUA - (.DealPly Technologies Ltd.) -- C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job [894] =>PUP.DealPly
O39 - APT: DealPlyLiveUpdateTaskMachineUA - (.DealPly Technologies Ltd.) -- C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA [894] =>PUP.DealPly
O39 - APT: Deeal_fr 0.2-chromeinstaller - (.Corporate Inc.) -- C:\Windows\Tasks\Deeal_fr 0.2-chromeinstaller.job [1890] =>PUP.CrossRider
O39 - APT: Deeal_fr 0.2-chromeinstaller - (.Corporate Inc.) -- C:\Windows\System32\Tasks\Deeal_fr 0.2-chromeinstaller [1890] =>PUP.CrossRider
O39 - APT: Deeal_fr 0.2-codedownloader - (.Corporate Inc.) -- C:\Windows\Tasks\Deeal_fr 0.2-codedownloader.job [1194] =>PUP.CrossRider
O39 - APT: Deeal_fr 0.2-codedownloader - (.Corporate Inc.) -- C:\Windows\System32\Tasks\Deeal_fr 0.2-codedownloader [1194] =>PUP.CrossRider
O39 - APT: Deeal_fr 0.2-enabler - (.Corporate Inc.) -- C:\Windows\Tasks\Deeal_fr 0.2-enabler.job [1094] =>PUP.CrossRider
O39 - APT: Deeal_fr 0.2-enabler - (.Corporate Inc.) -- C:\Windows\System32\Tasks\Deeal_fr 0.2-enabler [1094] =>PUP.CrossRider
O39 - APT: GlaryInitialize 3 - (.Glarysoft Ltd.) -- C:\Windows\Tasks\GlaryInitialize 3.job [322]
O39 - APT: GlaryInitialize 3 - (.Glarysoft Ltd.) -- C:\Windows\System32\Tasks\GlaryInitialize 3 [322]
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [948]
O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [948]
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [952]
O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [952]
O39 - APT: Norton Security Scan for vitale - (.Symantec Corporation.) -- C:\Windows\Tasks\Norton Security Scan for vitale.job [560]
O39 - APT: Norton Security Scan for vitale - (.Symantec Corporation.) -- C:\Windows\System32\Tasks\Norton Security Scan for vitale [560]
O39 - APT: SoftwareUpdateTaskMachineCore - (.Boxore OU..) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [1070] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineCore - (.Boxore OU..) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [1070] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.Boxore OU..) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [1074] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.Boxore OU..) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [1074] =>Adware.Boxore
~ Scheduled Task: 92 Scanned in 00mn 12s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (...) -- C:\Program Files\Java\jre1.6.0_01\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Adobe Shockwave Director 11.0.3 - {233C1507-6A77-46A4-9443-F871F945D258} . (.Adobe Systems, Inc. - Shockwave ActiveX Control.) -- C:\Windows\system32\Adobe\Director\SwDir.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_13_0_0_214.ocx
~ Active Setup: 14 Scanned in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\Windows\system32\drivers\aswRdr.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Tcpip) . (.Microsoft Corporation - TCP/IP Driver.) - C:\Windows\System32\drivers\tcpip.sys
~ Drivers: 83 Scanned in 00mn 06s



---\\ Logiciels installés (O42)
O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}
O42 - Logiciel: Activeris AntiMalware - (.Activeris.) [HKLM] -- 94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1 =>PUP.Activeris
O42 - Logiciel: Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) - (.Adobe Systems, Inc.) [HKLM] -- {6846389C-BAC0-4374-808E-B120F86AF5D7}
O42 - Logiciel: Adobe Flash Player 13 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 13 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 8.1.2 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}
O42 - Logiciel: Adobe Reader 8.1.2 Security Update 1 (KB403742) - (...) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A81200000003}_Adobe Reader 8.1.2 - Français
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: Apple Software Update - (.Apple Computer, Inc..) [HKLM] -- {A260B422-70E1-41E2-957D-F76FA21266D5} =>.Apple Inc
O42 - Logiciel: BabylonObjectInstaller - (.Babylon Ltd.) [HKLM] -- {83AA2913-C123-4146-85BD-AD8F93971D39} =>PUP.Babylon
O42 - Logiciel: Barre d'outils ALOT - (.ALOT.) [HKLM] -- alotToolbar =>Adware.Comet
O42 - Logiciel: BearShare - (.Musiclab, LLC.) [HKLM] -- BearShare =>PUP.BearShare
O42 - Logiciel: BearShare - (.Musiclab, LLC.) [HKLM] -- {5F624839-947D-46EA-BD63-FD847C1AC6F1} =>PUP.BearShare
O42 - Logiciel: Big Fish Games: Game Manager - (...) [HKLM] -- BFGC
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM] -- {F847B70A-FC29-4B82-872E-58F2CE9DEE09} =>Adware.Boxore
O42 - Logiciel: BrowserSafeguard with RocketTab - (.BrowserSafeguard with RocketTab.) [HKLM] -- BrowserSafeguard =>PUP.BrowserSafeguard
O42 - Logiciel: Brunhild and the Dark Crystal - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119071350}
O42 - Logiciel: Canon MP Navigator EX 2.0 - (...) [HKLM] -- MP Navigator EX 2.0
O42 - Logiciel: Canon MP240 series MP Drivers - (...) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP240_series
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (...) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (...) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities Solution Menu - (...) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Color Cross - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115773753}
O42 - Logiciel: DMUninstaller - (...) [HKLM] -- DMUninstaller
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM] -- DealPly =>PUP.DealPly
O42 - Logiciel: Dealply - (...) [HKCU] -- Dealply =>PUP.DealPly
O42 - Logiciel: Deeal_fr 0.2 - (.Corporate Inc.) [HKLM] -- Deeal_fr 0.2 =>PUP.DeealFr
O42 - Logiciel: Enregistrement utilisateur de Canon MP240 series - (...) [HKLM] -- Enregistrement utilisateur de Canon MP240 series =>.Canon Inc
O42 - Logiciel: FlvPlayer - (...) [HKCU] -- FlvPlayer
O42 - Logiciel: Freeven pro 1.2 - (.Freeven.) [HKLM] -- Freeven pro 1.2 =>PUP.Freeven
O42 - Logiciel: GamesBar 2.0.1.12 - (.Oberon Media, Inc..) [HKLM] -- GamesBar =>Adware.GamesBar
O42 - Logiciel: Glary Utilities 3.9.1 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities 3
O42 - Logiciel: Glary Utilities Packages - (...) [HKCU] -- Glary Utilities Packages
O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}
O42 - Logiciel: HP Active Support Library 32 bit components - (.Hewlett-Packard.) [HKLM] -- {6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}
O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {73A43E42-3658-4DD9-8551-FACDA3632538}
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {AB5E289E-76BF-4251-9F3F-9B763F681AE0}
O42 - Logiciel: HP Customer Feedback - (.Hewlett-Packard.) [HKLM] -- {9DBA770F-BF73-4D39-B1DF-6035D95268FC}
O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {40F7AED3-0C7D-4582-99F6-484A515C73F2}
O42 - Logiciel: HP On-Screen Cap/Num/Scroll Lock Indicator - (.Hewlett-Packard.) [HKLM] -- OsdMaestro
O42 - Logiciel: HP Photosmart Essential 2.01 - (.HP.) [HKLM] -- HP Photosmart Essential =>.Hewlett-Packard Co
O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- {4BD8E034-E0F4-4509-A753-467A8E854CD8} =>Adware.IMBooster
O42 - Logiciel: Inkjet Printer/Scanner Extended Survey Program - (...) [HKLM] -- CANONIJPLM100
O42 - Logiciel: Java 7 Update 55 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217055FF}
O42 - Logiciel: LiveUpdate 3.2 (Symantec Corporation) - (.Symantec Corporation.) [HKLM] -- LiveUpdate
O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: MediaPlayerplus - (.Freeven.) [HKLM] -- MediaPlayerplus =>PUP.CrossRider
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Mozilla Firefox 29.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 29.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: My Tribe - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115725340}
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: Navigateur Orange - (...) [HKLM] -- {ORAHSS}.Browser
O42 - Logiciel: Nokia Connectivity Cable Driver - (...) [HKLM] -- {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}
O42 - Logiciel: Norton Security Scan - (.Symantec Corporation.) [HKLM] -- NSS
O42 - Logiciel: OfferBox - (.Aedge Performance BCN SL.) [HKLM] -- OfferBox =>PUP.OfferBox
O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}
O42 - Logiciel: Optimizer Pro v3.2 - (...) [HKLM] -- Optimizer Pro_is1 =>PUP.OptimizerPro
O42 - Logiciel: Orange - Logiciels Internet - (...) [HKLM] -- {ORAHSS}.UninstallSuite
O42 - Logiciel: Orange Web Player 1.213932 - (.Orange.) [HKLM] -- Orange Web Player_is1
O42 - Logiciel: Orange WebTV Player 1.29418 - (.Orange.) [HKLM] -- Orange WebTV Player_is1
O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: Playviz 1.7.7 - (.Previznet.) [HKCU] -- Playviz 1.7.7
O42 - Logiciel: Plus-HD9.5v4 - (.Plus HDS.) [HKLM] -- Plus-HD9.5v4 =>Adware.PlusHD
O42 - Logiciel: Python 2.5 - (.Martin v. Löwis.) [HKLM] -- {0A2C5854-557E-48C8-835A-3B9F074BDCAA}
O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM] -- {5E863175-E85D-44A6-8968-82507D34AE7F}
O42 - Logiciel: Radio Bar 1 Toolbar - (.Radio Bar 1.) [HKLM] -- Radio_Bar_1 Toolbar
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Rocket Media Player - (.Jenkat Media, Inc.) [HKLM] -- Rocket Media Player
O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM] -- {35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {83FFCFC7-88C6-41c6-8752-958A45325C82}
O42 - Logiciel: Roxio Creator Basic v9 - (.Roxio.) [HKLM] -- {C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {0D397393-9B50-4c52-84D5-77E344289F87}
O42 - Logiciel: Roxio Creator EasyArchive - (.Roxio.) [HKLM] -- {11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {0394CDC8-FABD-4ed8-B104-03393876DFDF}
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Roxio MyDVD Basic v9 - (.Roxio.) [HKLM] -- {938B1CD7-7C60-491E-AA90-1F1888168240}
O42 - Logiciel: Search Protect - (.Conduit.) [HKLM] -- SearchProtect =>PUP.SearchProtect
O42 - Logiciel: Smarts8 - (.smart-saverplus.) [HKLM] -- Smarts8
O42 - Logiciel: Softonic toolbar on IE - (.Softonic.) [HKLM] -- Softonic =>Toolbar.Conduit
O42 - Logiciel: Software Update Helper - (.Boxore OU..) [HKLM] -- {006E6A46-8D55-4F10-BBA8-2C9653B4278B} =>Adware.Boxore
O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD
O42 - Logiciel: Speedial - (.Speedial.) [HKLM] -- Speedial =>Adware.SearchYa
O42 - Logiciel: SweetIM for Messenger 3.6 - (.SweetIM Technologies Ltd..) [HKLM] -- {B85C4CB2-B352-4BD8-818C-BCE353599107} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Toolbar for Internet Explorer 4.4 - (.SweetIM Technologies Ltd..) [HKLM] -- {2F603A45-D956-496B-81B5-50D782424976} =>PUP.SweetIM
O42 - Logiciel: Tales of Lagoona - Orphans of the Ocean - (.Oberon Media.) [HKLM] -- 510007627
O42 - Logiciel: TeamViewer 7 - (.TeamViewer.) [HKLM] -- TeamViewer 7
O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: VO Package - (...) [HKLM] -- VOPackage =>Adware.Downware
O42 - Logiciel: WPM18.8.0.212 - (.Cherished Technololgy LIMITED.) [HKLM] -- WPM =>PUP.WpManager
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- Wajam =>PUP.Wajam
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM] -- {5DCCCB45-8CD0-418E-93AC-AE1DDC32D496} =>Adware.WebAdSystem
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM] -- {621582a3-06da-4753-8287-96d1938f7966} =>Adware.WebAdSystem
O42 - Logiciel: WebConnect 3.0.0 - (.Web Connect.) [HKLM] -- WebConnect =>PUP.WebConnect
O42 - Logiciel: Wincore MediaBar - (.Musiclab, LLC.) [HKLM] -- Wincore MediaBar =>PUP.iMesh
O42 - Logiciel: avast! Free Antivirus v9.0.2021 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: ccc-Branding - (.ATI.) [HKLM] -- {4F027497-15AE-4DE5-B3BC-8E721C6127DE}
O42 - Logiciel: livebox - (.SAGEM.) [HKLM] -- {17342E3B-0818-4A6F-BFF8-99476605ADD6}
O42 - Logiciel: midicair Toolbar - (.midicair.) [HKLM] -- midicair Toolbar
O42 - Logiciel: saveorneT - (.savernetu.) [HKLM] -- {614925F9-841A-53FE-A28F-DC30FA07239B} =>PUP.SaveOn
~ Logic: 60 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\ALWIL Software]
[HKCU\Software\ATI Technologies Inc.]
[HKCU\Software\ATI]
[HKCU\Software\AVAST Software]
[HKCU\Software\Activeris] =>PUP.Activeris
[HKCU\Software\Adobe]
[HKCU\Software\Alterlab]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Deeal_fr 0.2] =>PUP.DeealFr
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Plus-HD9.5v4] =>Adware.PlusHD
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Radio_Bar_1]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Smarts8]
[HKCU\Software\AppDataLow\Software\Supra Savings] =>PUP.SupraSavings
[HKCU\Software\AppDataLow\Software\alot]
[HKCU\Software\AppDataLow\Software\mediabarbs]
[HKCU\Software\AppDataLow\Software\midicair]
[HKCU\Software\AppDataLow\Software\temp]
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BearShare] =>PUP.BearShare
[HKCU\Software\Big Fish Games]
[HKCU\Software\Boonty]
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard
[HKCU\Software\CDDB]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\DealPlyLive] =>PUP.DealPly
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\Delta]
[HKCU\Software\Detective Stories: Hollywood]
[HKCU\Software\EasyBits]
[HKCU\Software\Fenomen Games]
[HKCU\Software\Gabest]
[HKCU\Software\GamesBar] =>Adware.GamesBar
[HKCU\Software\Glarysoft]
[HKCU\Software\GoBit]
[HKCU\Software\Google]
[HKCU\Software\HP Guide]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HipSoft]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\JollyBear]
[HKCU\Software\KalityWeb] =>Adware.WebAdSystem
[HKCU\Software\Licenses]
[HKCU\Software\Little Worlds Online]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept (Muvee)]
[HKCU\Software\MainConcept (Sonic)]
[HKCU\Software\MainConcept]
[HKCU\Software\Meridian93]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\Nosibay]
[HKCU\Software\OB]
[HKCU\Software\Oberon Media]
[HKCU\Software\Oberon]
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro
[HKCU\Software\Policies]
[HKCU\Software\PowerPack]
[HKCU\Software\PuzzleLab]
[HKCU\Software\Realtek]
[HKCU\Software\Roxio]
[HKCU\Software\Rumbic Studio]
[HKCU\Software\Sandlot Games]
[HKCU\Software\SearchProtectINT2] =>PUP.SearchProtect
[HKCU\Software\SexyAppFramework]
[HKCU\Software\SnowQueen]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Sonic]
[HKCU\Software\Stargaze Interactive]
[HKCU\Software\SulusGames]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Systweak]
[HKCU\Software\Tbccint_HKLM] =>Toolbar.Conduit
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Virtools]
[HKCU\Software\Wajam] =>PUP.Wajam
[HKCU\Software\WebConnect] =>PUP.WebConnect
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\Zylom]
[HKCU\Software\f578c8dbd68ee13] =>PUP.BitGuard
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\globalUpdate]
[HKCU\Software\mozilla]
[HKCU\Software\speedial] =>Adware.SearchYa
[HKCU\Software\weDownload] =>PUP.weDownloadManager
[HKLM\Software\AD106F7F-AF77-4203-BCBE-0BE123ECBE63]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVAST Software]
[HKLM\Software\Activeris] =>PUP.Activeris
[HKLM\Software\Adobe]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Babylon] =>PUP.Babylon
[HKLM\Software\BearShareMediabarTb] =>PUP.BearShare
[HKLM\Software\Big Fish Games]
[HKLM\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Browsersafeguard] =>PUP.BrowserSafeguard
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\DealPlyLive] =>PUP.DealPly
[HKLM\Software\Debug]
[HKLM\Software\Delta]
[HKLM\Software\EasyBits]
[HKLM\Software\FRANCE TELECOM]
[HKLM\Software\FlvPlayer]
[HKLM\Software\GameInstaller]
[HKLM\Software\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\GlarySoft]
[HKLM\Software\GlobalUpdate]
[HKLM\Software\Google]
[HKLM\Software\HP]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\HipSoft]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KalityWeb] =>Adware.WebAdSystem
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\Licenses]
[HKLM\Software\LightScribe]
[HKLM\Software\Little Worlds Online]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\MicroVision]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mindscape]
[HKLM\Software\Mircrosoft]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\MusicNet]
[HKLM\Software\Nokia]
[HKLM\Software\Norton]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Playtonium]
[HKLM\Software\Policies]
[HKLM\Software\PopCap]
[HKLM\Software\PriceMeterLiveUpdate] =>PUP.PriceMeter
[HKLM\Software\Radio_Bar_1]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SECURITOO]
[HKLM\Software\Sagem]
[HKLM\Software\Sandlot Games]
[HKLM\Software\Software]
[HKLM\Software\Sonic]
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Symantec]
[HKLM\Software\Systweak]
[HKLM\Software\Taronja]
[HKLM\Software\TeamViewer]
[HKLM\Software\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WholeSecurity]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Wpm] =>PUP.WpManager
[HKLM\Software\f578c8dbd68ee13] =>PUP.BitGuard
[HKLM\Software\iWin]
[HKLM\Software\illiminable]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\midicair]
[HKLM\Software\mozilla.org]
[HKLM\Software\muvee Technologies]
[HKLM\Software\qone8Software] =>Hijacker.Qone8
[HKLM\Software\supTab] =>PUP.SupTab
[HKLM\Software\supWPM] =>PUP.WpManager
[HKLM\Software\suprasavings] =>PUP.SupraSavings
~ Key Software: 395 Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 01/05/2014 - 17:15:20 - [] ----D C:\Program Files\003 =>PUP.AdPeak
O43 - CFD: 08/05/2014 - 09:57:55 - [] ----D C:\Program Files\Activeris AntiMalware =>PUP.Activeris
O43 - CFD: 24/10/2008 - 20:28:23 - [] ----D C:\Program Files\Adobe
O43 - CFD: 26/09/2010 - 12:30:17 - [] ----D C:\Program Files\alot
O43 - CFD: 01/09/2010 - 15:06:02 - [] ----D C:\Program Files\Alwil Software
O43 - CFD: 08/07/2008 - 18:25:47 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc
O43 - CFD: 13/09/2007 - 18:40:45 - [] ----D C:\Program Files\ATI
O43 - CFD: 13/09/2007 - 18:42:05 - [] ----D C:\Program Files\ATI Technologies
O43 - CFD: 08/07/2012 - 16:43:25 - [] ----D C:\Program Files\BearShare Applications =>PUP.BearShare
O43 - CFD: 20/02/2013 - 14:50:16 - [] ----D C:\Program Files\bfgclient
O43 - CFD: 09/01/2008 - 19:38:09 - [0] ----D C:\Program Files\BoontyGames
O43 - CFD: 23/06/2014 - 08:57:04 - [] ----D C:\Program Files\Boxore =>Adware.Boxore
O43 - CFD: 01/05/2014 - 17:16:16 - [] ----D C:\Program Files\Browsersafeguard =>PUP.BrowserSafeguard
O43 - CFD: 28/12/2008 - 16:10:22 - [] ----D C:\Program Files\Canon
O43 - CFD: 28/12/2008 - 15:51:24 - [] --H-D C:\Program Files\CanonBJ
O43 - CFD: 26/05/2012 - 17:28:41 - [] ----D C:\Program Files\Citrix
O43 - CFD: 14/05/2014 - 15:35:09 - [] ----D C:\Program Files\Common Files
O43 - CFD: 29/09/2010 - 21:05:21 - [] ----D C:\Program Files\Conduit
O43 - CFD: 24/07/2013 - 13:09:49 - [] ----D C:\Program Files\DealPly =>PUP.DealPly
O43 - CFD: 24/07/2013 - 13:10:18 - [] ----D C:\Program Files\DealPlyLive =>PUP.DealPly
O43 - CFD: 22/01/2014 - 17:19:18 - [] ----D C:\Program Files\Deeal_fr 0.2 =>PUP.DeealFr
O43 - CFD: 14/09/2007 - 03:45:50 - [] ----D C:\Program Files\EasyBits
O43 - CFD: 09/12/2008 - 18:30:10 - [] ----D C:\Program Files\EasyBits For Kids
O43 - CFD: 25/12/2007 - 10:43:39 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 14/05/2014 - 16:36:01 - [] ----D C:\Program Files\Freeven pro 1.2 =>PUP.Freeven
O43 - CFD: 14/11/2010 - 16:44:09 - [] ----D C:\Program Files\GamesBar =>Adware.GamesBar
O43 - CFD: 04/07/2014 - 18:49:37 - [] ----D C:\Program Files\Glary Utilities 3
O43 - CFD: 14/05/2014 - 15:31:21 - [] ----D C:\Program Files\globalUpdate
O43 - CFD: 14/05/2014 - 16:33:38 - [] ----D C:\Program Files\Google
O43 - CFD: 26/10/2013 - 18:25:08 - [0] ----D C:\Program Files\GUM4156.tmp
O43 - CFD: 06/10/2013 - 15:27:23 - [0] ----D C:\Program Files\GUM4C70.tmp
O43 - CFD: 24/10/2013 - 17:05:10 - [0] ----D C:\Program Files\GUM8C6D.tmp
O43 - CFD: 02/03/2011 - 13:40:09 - [] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 17/07/2011 - 11:38:47 - [] ----D C:\Program Files\HP
O43 - CFD: 09/05/2014 - 09:27:20 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 17/10/2013 - 20:12:29 - [] ----D C:\Program Files\Internet Explorer
O43 - CFD: 09/05/2014 - 08:54:25 - [] ----D C:\Program Files\Java
O43 - CFD: 21/05/2014 - 10:13:58 - [0] ----D C:\Program Files\LETMIN2
O43 - CFD: 16/06/2014 - 15:19:41 - [] ----D C:\Program Files\McAfee Security Scan
O43 - CFD: 14/05/2014 - 16:36:04 - [] ----D C:\Program Files\MediaPlayerplus =>PUP.CrossRider
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 13/09/2007 - 18:59:00 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 16/03/2014 - 15:55:28 - [] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 17/10/2009 - 14:51:18 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 18/10/2013 - 17:59:57 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 18/02/2012 - 18:14:41 - [] ----D C:\Program Files\midicair
O43 - CFD: 17/10/2013 - 20:12:27 - [] ----D C:\Program Files\Movie Maker
O43 - CFD: 06/07/2014 - 14:43:23 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 15/05/2014 - 17:54:06 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 06/01/2008 - 17:28:14 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 13/09/2007 - 18:55:57 - [] ----D C:\Program Files\muvee Technologies
O43 - CFD: 09/05/2014 - 17:39:05 - [] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 17/10/2010 - 16:54:51 - [] ----D C:\Program Files\Norton Security Scan
O43 - CFD: 17/10/2010 - 16:54:49 - [] ----D C:\Program Files\NortonInstaller
O43 - CFD: 11/02/2012 - 16:43:20 - [] ----D C:\Program Files\Nosibay
O43 - CFD: 11/08/2012 - 12:58:47 - [] ----D C:\Program Files\Oberon Media
O43 - CFD: 06/11/2013 - 10:32:54 - [] ----D C:\Program Files\Oberon Media SIDR
O43 - CFD: 11/02/2012 - 22:22:54 - [] ----D C:\Program Files\OfferBox =>PUP.OfferBox
O43 - CFD: 04/05/2011 - 11:12:29 - [] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 14/05/2014 - 15:31:29 - [] ----D C:\Program Files\Optimizer Pro =>PUP.OptimizerPro
O43 - CFD: 05/01/2013 - 09:58:11 - [] ----D C:\Program Files\Orange
O43 - CFD: 13/09/2007 - 19:20:11 - [] ----D C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 16/05/2014 - 20:13:19 - [] ----D C:\Program Files\Plus-HD9.5v4 =>Adware.PlusHD
O43 - CFD: 10/05/2014 - 09:23:45 - [0] ----D C:\Program Files\predm
O43 - CFD: 27/02/2010 - 19:05:26 - [] ----D C:\Program Files\QuickTime
O43 - CFD: 21/08/2011 - 22:26:05 - [] ----D C:\Program Files\Radio_Bar_1
O43 - CFD: 08/11/2011 - 18:58:47 - [] ----D C:\Program Files\RealArcade
O43 - CFD: 02/03/2011 - 13:44:14 - [] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 10/05/2014 - 09:24:43 - [] ----D C:\Program Files\Rocket Media Player
O43 - CFD: 13/09/2007 - 18:54:28 - [] ----D C:\Program Files\Roxio
O43 - CFD: 05/01/2008 - 19:53:39 - [] ----D C:\Program Files\SAGEM
O43 - CFD: 09/05/2014 - 17:37:38 - [] ----D C:\Program Files\SearchProtect =>PUP.SearchProtect
O43 - CFD: 13/09/2007 - 19:05:50 - [] ----D C:\Program Files\Services en ligne
O43 - CFD: 29/05/2014 - 17:23:41 - [] ----D C:\Program Files\Smarts8
O43 - CFD: 28/11/2012 - 17:39:39 - [] ----D C:\Program Files\Softonic =>Toolbar.Conduit
O43 - CFD: 02/10/2012 - 20:44:22 - [] ----D C:\Program Files\Software
O43 - CFD: 21/05/2014 - 08:06:03 - [] ----D C:\Program Files\Speedial =>Adware.SearchYa
O43 - CFD: 01/05/2014 - 17:14:15 - [] ----D C:\Program Files\SupTab =>PUP.SupTab
O43 - CFD: 10/02/2012 - 21:48:04 - [] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 29/10/2008 - 11:10:22 - [] ----D C:\Program Files\Symantec
O43 - CFD: 14/05/2014 - 13:53:19 - [] ----D C:\Program Files\Tbccint =>Toolbar.Conduit
O43 - CFD: 08/07/2012 - 18:35:27 - [] ----D C:\Program Files\TeamViewer
O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 21/05/2014 - 10:10:16 - [] ----D C:\Program Files\Uninstaller
O43 - CFD: 08/07/2012 - 16:32:34 - [] ----D C:\Program Files\v-Grabber =>PUP.vGrabber
O43 - CFD: 02/10/2012 - 20:45:40 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 22/02/2014 - 19:17:31 - [] ----D C:\Program Files\Wajam =>PUP.Wajam
O43 - CFD: 24/06/2014 - 07:56:05 - [] ----D C:\Program Files\WebAdSystem =>Adware.WebAdSystem
O43 - CFD: 13/01/2014 - 18:45:32 - [] ----D C:\Program Files\WebConnect =>PUP.WebConnect
O43 - CFD: 16/10/2013 - 11:01:42 - [] ----D C:\Program Files\Windows Calendar
O43 - CFD: 16/10/2013 - 11:01:41 - [] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 16/10/2013 - 11:01:40 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 16/10/2013 - 11:01:40 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 17/10/2013 - 20:12:29 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 17/10/2013 - 20:12:30 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 25/12/2007 - 10:43:39 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 16/10/2013 - 11:01:40 - [] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 16/10/2013 - 11:01:41 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 06/07/2014 - 15:35:07 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 01/11/2012 - 19:12:49 - [] ----D C:\Program Files\~BabylonToolbar =>PUP.Babylon
O43 - CFD: 14/02/2008 - 18:16:56 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 28/12/2008 - 15:58:28 - [] ----D C:\Program Files\Common Files\CANON
O43 - CFD: 11/10/2008 - 15:46:09 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 05/01/2008 - 20:07:19 - [] ----D C:\Program Files\Common Files\France Telecom
O43 - CFD: 13/09/2007 - 18:47:08 - [] ----D C:\Program Files\Common Files\HP
O43 - CFD: 13/09/2007 - 18:48:53 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 14/05/2014 - 11:18:25 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 13/09/2007 - 18:55:29 - [] ---AD C:\Program Files\Common Files\LightScribe
O43 - CFD: 13/09/2007 - 18:55:11 - [] ---AD C:\Program Files\Common Files\LS Getting Started
O43 - CFD: 13/09/2007 - 18:59:01 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 09/05/2014 - 09:27:20 - [] ----D C:\Program Files\Common Files\muvee Technologies
O43 - CFD: 09/04/2011 - 12:20:01 - [] ----D C:\Program Files\Common Files\Oberon Media
O43 - CFD: 13/09/2007 - 18:54:29 - [] ----D C:\Program Files\Common Files\PX Storage Engine
O43 - CFD: 13/09/2007 - 18:54:03 - [] ----D C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 13/09/2007 - 18:54:03 - [] ----D C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 13/09/2007 - 18:48:30 - [] ----D C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 21/01/2012 - 18:28:24 - [] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 16/10/2013 - 11:01:40 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 04/06/2014 - 08:47:14 - [0] ----D C:\ProgramData\2308189059
O43 - CFD: 11/06/2014 - 08:10:56 - [] ----D C:\ProgramData\9cd3a3813940636a
O43 - CFD: 08/05/2014 - 09:57:53 - [] ----D C:\ProgramData\Activeris =>PUP.Activeris
O43 - CFD: 14/02/2008 - 18:16:48 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 09/01/2009 - 19:50:39 - [] ----D C:\ProgramData\Alawar Stargaze
O43 - CFD: 23/05/2011 - 18:44:31 - [] ----D C:\ProgramData\aliasworlds
O43 - CFD: 01/09/2010 - 15:04:48 - [] ----D C:\ProgramData\Alwil Software
O43 - CFD: 08/07/2008 - 18:25:43 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 22/11/2008 - 16:04:23 - [] ----D C:\ProgramData\Arcade Lab
O43 - CFD: 13/09/2007 - 18:46:20 - [] ----D C:\ProgramData\ATI
O43 - CFD: 06/11/2013 - 15:48:11 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 08/07/2012 - 16:31:33 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 08/07/2012 - 16:42:19 - [] ----D C:\ProgramData\BearShare =>PUP.BearShare
O43 - CFD: 20/02/2013 - 14:50:14 - [] ----D C:\ProgramData\Big Fish Games
O43 - CFD: 09/07/2012 - 19:14:12 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 12/03/2014 - 15:10:12 - [] ----D C:\ProgramData\BoxUpdChk =>Adware.Boxore
O43 - CFD: 25/12/2007 - 10:43:39 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 28/12/2008 - 15:54:42 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 05/11/2012 - 08:47:59 - [] ----D C:\ProgramData\CanonIJ
O43 - CFD: 29/03/2012 - 20:28:56 - [] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 28/12/2008 - 16:24:38 - [] --H-D C:\ProgramData\CanonIJEPPEX
O43 - CFD: 28/12/2008 - 16:10:31 - [] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 08/12/2012 - 12:47:09 - [] ----D C:\ProgramData\CanonIJPLM
O43 - CFD: 28/12/2008 - 16:13:25 - [] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 28/12/2008 - 16:39:32 - [] --H-D C:\ProgramData\CanonIJSolutionMenu
O43 - CFD: 18/01/2009 - 10:21:26 - [] ----D C:\ProgramData\cerasus.media
O43 - CFD: 24/07/2013 - 13:10:17 - [] ----D C:\ProgramData\DealPlyLive =>PUP.DealPly
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 17/06/2014 - 17:38:15 - [] ----D C:\ProgramData\E3B9
O43 - CFD: 02/12/2013 - 09:32:37 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 14/11/2010 - 17:14:17 - [] ----D C:\ProgramData\Farm Fishes
O43 - CFD: 31/10/2010 - 10:50:22 - [] ----D C:\ProgramData\FarmFrenzy-PizzaParty
O43 - CFD: 04/09/2008 - 18:53:33 - [] ----D C:\ProgramData\FarmFrenzy2
O43 - CFD: 02/10/2009 - 19:20:25 - [] ----D C:\ProgramData\FarmFrenzy3
O43 - CFD: 11/03/2011 - 18:41:48 - [] ----D C:\ProgramData\Fashion Solitaire 1.2
O43 - CFD: 25/12/2007 - 10:43:39 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 23/11/2008 - 10:51:08 - [] ----D C:\ProgramData\Fenomen Games
O43 - CFD: 13/07/2010 - 14:07:07 - [] ----D C:\ProgramData\Flood Light Games
O43 - CFD: 20/04/2013 - 17:57:02 - [] ----D C:\ProgramData\FloodLightGames
O43 - CFD: 02/01/2009 - 12:38:07 - [] ----D C:\ProgramData\FlyWheelGames
O43 - CFD: 03/12/2008 - 11:53:51 - [] ----D C:\ProgramData\FreshGames
O43 - CFD: 22/11/2008 - 12:05:32 - [] ----D C:\ProgramData\Friends Games
O43 - CFD: 02/02/2013 - 15:49:56 - [] ----D C:\ProgramData\Fugazo
O43 - CFD: 23/11/2011 - 14:46:07 - [] ----D C:\ProgramData\GamesBar =>Adware.GamesBar
O43 - CFD: 21/09/2013 - 17:24:02 - [] ----D C:\ProgramData\GlarySoft
O43 - CFD: 18/09/2009 - 20:55:35 - [] ----D C:\ProgramData\GoBit Games
O43 - CFD: 14/05/2014 - 15:39:10 - [] ----D C:\ProgramData\Google
O43 - CFD: 25/12/2007 - 10:56:53 - [] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 03/01/2009 - 14:12:43 - [] ----D C:\ProgramData\HipSoft
O43 - CFD: 13/09/2007 - 18:47:08 - [] ----D C:\ProgramData\HP
O43 - CFD: 14/01/2009 - 19:34:14 - [0] ----D C:\ProgramData\iDeal Designer Hygena
O43 - CFD: 01/05/2014 - 17:14:02 - [] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 05/07/2011 - 11:58:43 - [] ----D C:\ProgramData\JollyBear
O43 - CFD: 11/02/2012 - 15:46:25 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 16/06/2014 - 15:19:42 - [] ----D C:\ProgramData\McAfee Security Scan
O43 - CFD: 07/02/2009 - 11:34:25 - [] ----D C:\ProgramData\Media Art
O43 - CFD: 25/12/2007 - 10:43:39 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 11/02/2010 - 19:15:29 - [] ----D C:\ProgramData\Meridian93
O43 - CFD: 14/05/2014 - 13:29:12 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 25/12/2007 - 10:43:39 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 05/12/2013 - 14:13:26 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 30/09/2009 - 11:23:48 - [] ----D C:\ProgramData\MumboJumbo
O43 - CFD: 13/09/2007 - 18:55:56 - [] ----D C:\ProgramData\muvee Technologies
O43 - CFD: 05/03/2008 - 19:43:51 - [] ----D C:\ProgramData\NannyMania
O43 - CFD: 17/10/2010 - 16:54:51 - [] ----D C:\ProgramData\Norton
O43 - CFD: 26/08/2009 - 18:03:23 - [] ----D C:\ProgramData\NortonInstaller
O43 - CFD: 13/01/2010 - 19:00:34 - [] ----D C:\ProgramData\Oberon Games
O43 - CFD: 27/10/2012 - 16:30:19 - [] ----D C:\ProgramData\Oberon Media
O43 - CFD: 14/05/2014 - 11:19:01 - [0] ----D C:\ProgramData\Oracle
O43 - CFD: 21/10/2013 - 09:54:19 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 13/09/2007 - 19:02:09 - [] ----D C:\ProgramData\PC-Doctor
O43 - CFD: 24/10/2008 - 21:29:10 - [0] ----D C:\ProgramData\Planit Fusion Live But
O43 - CFD: 11/05/2011 - 17:42:43 - [] ----D C:\ProgramData\PlayFirst
O43 - CFD: 14/04/2010 - 14:10:42 - [] ----D C:\ProgramData\Playrix Entertainment
O43 - CFD: 12/12/2008 - 19:59:42 - [] ----D C:\ProgramData\Playtonium Games
O43 - CFD: 14/04/2010 - 12:15:00 - [] ----D C:\ProgramData\PopCap Games
O43 - CFD: 28/04/2013 - 18:06:06 - [] ----D C:\ProgramData\Roxio
O43 - CFD: 10/04/2008 - 19:06:31 - [] ----D C:\ProgramData\Rumbic Studio
O43 - CFD: 06/12/2008 - 17:38:57 - [] ----D C:\ProgramData\Sandlot Games
O43 - CFD: 11/06/2014 - 08:10:15 - [] ----D C:\ProgramData\saveorneT =>PUP.SaveOn
O43 - CFD: 13/09/2007 - 18:48:04 - [] ----D C:\ProgramData\Sonic
O43 - CFD: 03/02/2008 - 18:08:35 - [] ----D C:\ProgramData\Sony Online Entertainment
O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 04/07/2010 - 12:00:12 - [] ----D C:\ProgramData\Sun
O43 - CFD: 30/08/2009 - 11:58:23 - [] ----D C:\ProgramData\SuperRanch
O43 - CFD: 10/02/2012 - 21:47:49 - [] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 26/08/2009 - 18:03:25 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 14/05/2014 - 15:32:57 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 15:02:04 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 10/01/2008 - 18:16:53 - [] ----D C:\ProgramData\The Game Equation
O43 - CFD: 11/01/2009 - 13:20:33 - [] ----D C:\ProgramData\VirtualFarm
O43 - CFD: 18/10/2013 - 18:11:32 - [] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 08/06/2014 - 08:19:04 - [] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 13/04/2010 - 20:50:22 - [] ----D C:\ProgramData\Zylom
O43 - CFD: 08/07/2012 - 16:43:46 - [] --H-D C:\ProgramData\{F543B393-0FAA-4BBC-A50C-813F8FAC14C5}
O43 - CFD: 05/12/2013 - 19:59:01 - [0] ----D C:\ProgramData\䒰Ã䅠ÃÄÃ㪠Ã
O43 - CFD: 11/12/2013 - 08:16:53 - [0] ----D C:\ProgramData\䓰2䊰2浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰㠲尵瑦潣普杩椮楮
O43 - CFD: 13/12/2013 - 19:06:32 - [0] ----D C:\ProgramData\䓰s䊰s浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰㠲尵瑦潣普杩椮楮
O43 - CFD: 07/12/2013 - 11:58:44 - [0] ----D C:\ProgramData\䓰䊰浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰㠲尵瑦潣普杩椮楮
O43 - CFD: 07/12/2013 - 12:45:24 - [0] ----D C:\ProgramData\䓰œ䊰œ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰㠲尵瑦潣普杩椮楮
O43 - CFD: 09/12/2013 - 13:42:04 - [0] ----D C:\ProgramData\䓰Ǐ䊰Ǐ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰㠲尵瑦潣普杩椮楮
O43 - CFD: 10/12/2013 - 21:00:17 - [0] ----D C:\ProgramData\䓰ǒ䊰ǒ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰㠲尵瑦潣普杩椮楮
O43 - CFD: 09/12/2013 - 13:23:12 - [0] ----D C:\ProgramData\䓰Ǩ䊰Ǩ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰㠲尵瑦潣普杩椮楮
O43 - CFD: 08/12/2013 - 11:38:34 - [0] ----D C:\ProgramData\䓰ƞ䊰ƞ浡䘠汩獥䵜䅣敦⁥敓畣楲祴匠慣屮⸳⸰㠲尵瑦潣普杩椮楮
O43 - CFD: 19/01/2009 - 19:56:23 - [0] -SH-D C:\Users\vitale\AppData\Roaming\.#
O43 - CFD: 14/01/2009 - 19:34:14 - [] ----D C:\Users\vitale\AppData\Roaming\2020 Fusion
O43 - CFD: 21/09/2013 - 16:52:16 - [] ----D C:\Users\vitale\AppData\Roaming\2V2Z1C1P1H1P1Q1F2W1G1I1F1T1QtAtB
O43 - CFD: 08/05/2014 - 09:58:11 - [] ----D C:\Users\vitale\AppData\Roaming\Activeris =>PUP.Activeris
O43 - CFD: 13/12/2008 - 17:52:00 - [] ----D C:\Users\vitale\AppData\Roaming\Adobe
O43 - CFD: 29/11/2009 - 13:17:01 - [] ----D C:\Users\vitale\AppData\Roaming\Alawar
O43 - CFD: 23/05/2011 - 18:44:31 - [] ----D C:\Users\vitale\AppData\Roaming\aliasworlds
O43 - CFD: 01/05/2008 - 11:15:46 - [] ----D C:\Users\vitale\AppData\Roaming\Alterlab
O43 - CFD: 12/10/2009 - 19:33:06 - [] ----D C:\Users\vitale\AppData\Roaming\Apple Computer
O43 - CFD: 25/12/2007 - 10:56:23 - [] ----D C:\Users\vitale\AppData\Roaming\ATI
O43 - CFD: 06/11/2013 - 20:38:19 - [] ----D C:\Users\vitale\AppData\Roaming\AVAST Software
O43 - CFD: 12/03/2011 - 12:00:00 - [] ----D C:\Users\vitale\AppData\Roaming\Awem
O43 - CFD: 08/07/2012 - 16:31:33 - [] ----D C:\Users\vitale\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 08/07/2012 - 16:32:16 - [] ----D C:\Users\vitale\AppData\Roaming\BabylonToolbar =>PUP.Babylon
O43 - CFD: 30/01/2009 - 18:25:09 - [] ----D C:\Users\vitale\AppData\Roaming\BeachPartyCraze
O43 - CFD: 04/02/2009 - 18:53:09 - [] ----D C:\Users\vitale\AppData\Roaming\Big Fish Games
O43 - CFD: 19/10/2010 - 20:21:51 - [] ----D C:\Users\vitale\AppData\Roaming\BigFish Janes Realty2
O43 - CFD: 07/01/2013 - 18:25:00 - [] ----D C:\Users\vitale\AppData\Roaming\Blue Tea Games
O43 - CFD: 08/12/2010 - 10:20:16 - [] ----D C:\Users\vitale\AppData\Roaming\Boomzap
O43 - CFD: 06/02/2010 - 19:55:52 - [] ----D C:\Users\vitale\AppData\Roaming\BrandX Games
O43 - CFD: 08/12/2010 - 11:53:22 - [] ----D C:\Users\vitale\AppData\Roaming\Brunhilda_oberon
O43 - CFD: 28/01/2009 - 18:27:36 - [] ----D C:\Users\vitale\AppData\Roaming\Burdaloo
O43 - CFD: 15/09/2013 - 20:17:57 - [] ----D C:\Users\vitale\AppData\Roaming\Canon
O43 - CFD: 27/12/2009 - 21:48:17 - [] ----D C:\Users\vitale\AppData\Roaming\casanova
O43 - CFD: 18/01/2009 - 10:21:23 - [] ----D C:\Users\vitale\AppData\Roaming\cerasus.media
O43 - CFD: 24/07/2013 - 13:10:12 - [] ----D C:\Users\vitale\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 23/03/2014 - 10:52:52 - [] ----D C:\Users\vitale\AppData\Roaming\dvdcss
O43 - CFD: 21/04/2010 - 13:19:04 - [] ----D C:\Users\vitale\AppData\Roaming\EleFun Games
O43 - CFD: 11/05/2008 - 18:23:02 - [] ----D C:\Users\vitale\AppData\Roaming\eMule
O43 - CFD: 13/07/2010 - 14:07:07 - [] ----D C:\Users\vitale\AppData\Roaming\Flood Light Games
O43 - CFD: 20/04/2013 - 17:57:02 - [] ----D C:\Users\vitale\AppData\Roaming\FloodLightGames
O43 - CFD: 21/05/2014 - 08:04:55 - [] ----D C:\Users\vitale\AppData\Roaming\FlvPlayer
O43 - CFD: 07/04/2012 - 09:23:33 - [] ----D C:\Users\vitale\AppData\Roaming\Friday's games
O43 - CFD: 28/10/2011 - 10:04:11 - [] ----D C:\Users\vitale\AppData\Roaming\Fuzzy Bug Interactive
O43 - CFD: 04/01/2009 - 19:27:22 - [] ----D C:\Users\vitale\AppData\Roaming\Gaijin Ent
O43 - CFD: 21/09/2013 - 16:54:33 - [] ----D C:\Users\vitale\AppData\Roaming\GlarySoft
O43 - CFD: 18/03/2009 - 15:26:28 - [] ----D C:\Users\vitale\AppData\Roaming\Google
O43 - CFD: 05/02/2012 - 17:07:23 - [] ----D C:\Users\vitale\AppData\Roaming\Gourmania2
O43 - CFD: 25/12/2007 - 10:56:44 - [] ----D C:\Users\vitale\AppData\Roaming\Hewlett-Packard
O43 - CFD: 11/12/2012 - 18:10:49 - [] ----D C:\Users\vitale\AppData\Roaming\Hidden Objects Adventure
O43 - CFD: 24/12/2012 - 15:23:50 - [] ----D C:\Users\vitale\AppData\Roaming\Hidden Objects Expert
O43 - CFD: 17/07/2011 - 11:39:22 - [] ----D C:\Users\vitale\AppData\Roaming\HpUpdate
O43 - CFD: 06/01/2008 - 17:58:19 - [] ----D C:\Users\vitale\AppData\Roaming\Hulabee
O43 - CFD: 15/08/2010 - 08:35:28 - [] ----D C:\Users\vitale\AppData\Roaming\Icones
O43 - CFD: 27/12/2010 - 15:44:45 - [] ----D C:\Users\vitale\AppData\Roaming\Identities
O43 - CFD: 05/01/2008 - 19:53:22 - [] ----D C:\Users\vitale\AppData\Roaming\InstallShield
O43 - CFD: 31/10/2010 - 11:53:34 - [] ----D C:\Users\vitale\AppData\Roaming\iWin
O43 - CFD: 18/02/2012 - 13:32:14 - [] ----D C:\Users\vitale\AppData\Roaming\Janes Hotel Family Hero
O43 - CFD: 25/11/2009 - 11:13:53 - [] ----D C:\Users\vitale\AppData\Roaming\JewelMatch2
O43 - CFD: 16/12/2012 - 13:47:58 - [] ----D C:\Users\vitale\AppData\Roaming\Jumb-O-Fun Games
O43 - CFD: 14/01/2009 - 11:14:16 - [] ----D C:\Users\vitale\AppData\Roaming\Little Worlds Online
O43 - CFD: 25/12/2007 - 10:52:55 - [] ----D C:\Users\vitale\AppData\Roaming\Macromedia
O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\vitale\AppData\Roaming\Media Center Programs
O43 - CFD: 11/02/2010 - 19:14:48 - [] ----D C:\Users\vitale\AppData\Roaming\Meridian93
O43 - CFD: 05/12/2013 - 20:00:43 - [] -S--D C:\Users\vitale\AppData\Roaming\Microsoft
O43 - CFD: 05/12/2013 - 14:14:23 - [] ----D C:\Users\vitale\AppData\Roaming\Mozilla
O43 - CFD: 08/07/2012 - 16:43:21 - [] ----D C:\Users\vitale\AppData\Roaming\MusicNet
O43 - CFD: 27/12/2010 - 15:44:49 - [] ----D C:\Users\vitale\AppData\Roaming\NevoSoft Games
O43 - CFD: 01/12/2013 - 11:17:33 - [0] ----D C:\Users\vitale\AppData\Roaming\Nosibay =>PUP.BubbleDock
O43 - CFD: 14/02/2009 - 15:43:59 - [] ----D C:\Users\vitale\AppData\Roaming\Oberon Games
O43 - CFD: 28/10/2012 - 14:56:37 - [] ----D C:\Users\vitale\AppData\Roaming\Oberon Media
O43 - CFD: 16/02/2010 - 19:48:33 - [] ----D C:\Users\vitale\AppData\Roaming\Oberonv1002fr
O43 - CFD: 06/07/2014 - 14:01:11 - [] ----D C:\Users\vitale\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 04/05/2011 - 11:29:47 - [] ----D C:\Users\vitale\AppData\Roaming\OpenOffice.org
O43 - CFD: 08/05/2014 - 10:23:04 - [] ----D C:\Users\vitale\AppData\Roaming\Optimizer Elite Max =>PUP.OptimizerEliteMax
O43 - CFD: 14/05/2014 - 15:32:24 - [] ----D C:\Users\vitale\AppData\Roaming\Optimizer Pro =>PUP.OptimizerPro
O43 - CFD: 02/08/2009 - 13:02:34 - [] ----D C:\Users\vitale\AppData\Roaming\Peace Craft
O43 - CFD: 12/12/2008 - 20:52:16 - [] ----D C:\Users\vitale\AppData\Roaming\PetShowCraze
O43 - CFD: 24/10/2008 - 21:29:10 - [] ----D C:\Users\vitale\AppData\Roaming\Planit International
O43 - CFD: 11/05/2011 - 17:42:43 - [] ----D C:\Users\vitale\AppData\Roaming\PlayFirst
O43 - CFD: 11/10/2008 - 11:31:14 - [] ----D C:\Users\vitale\AppData\Roaming\Playrix Entertainment
O43 - CFD: 09/05/2014 - 10:02:51 - [] ----D C:\Users\vitale\AppData\Roaming\qone8 =>Hijacker.Qone8
O43 - CFD: 28/04/2013 - 17:53:09 - [] ----D C:\Users\vitale\AppData\Roaming\Roxio
O43 - CFD: 06/09/2008 - 15:52:29 - [] ----D C:\Users\vitale\AppData\Roaming\Sandlot Games
O43 - CFD: 10/11/2010 - 16:29:38 - [] ----D C:\Users\vitale\AppData\Roaming\Skunk Studios
O43 - CFD: 21/05/2014 - 08:06:55 - [] ----D C:\Users\vitale\AppData\Roaming\Speedial =>Adware.SearchYa
O43 - CFD: 16/09/2011 - 21:12:52 - [] ----D C:\Users\vitale\AppData\Roaming\SpinTop Games
O43 - CFD: 19/02/2010 - 20:59:58 - [] ----D C:\Users\vitale\AppData\Roaming\SprillBermudeFr
O43 - CFD: 02/11/2010 - 14:17:47 - [] ----D C:\Users\vitale\AppData\Roaming\SulusGames
O43 - CFD: 01/05/2014 - 17:13:50 - [] ----D C:\Users\vitale\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 28/05/2014 - 10:15:10 - [] ----D C:\Users\vitale\AppData\Roaming\Systweak
O43 - CFD: 18/07/2009 - 17:27:43 - [0] ----D C:\Users\vitale\AppData\Roaming\Template
O43 - CFD: 23/03/2014 - 10:52:57 - [] ----D C:\Users\vitale\AppData\Roaming\vlc
O43 - CFD: 10/05/2014 - 10:11:49 - [] ----D C:\Users\vitale\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 08/04/2008 - 18:01:33 - [] ----D C:\Users\vitale\AppData\Roaming\WinBatch
O43 - CFD: 08/11/2011 - 18:58:58 - [0] ----D C:\Users\vitale\AppData\Roaming\WinRAR
O43 - CFD: 06/07/2014 - 15:46:35 - [] ----D C:\Users\vitale\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 27/12/2010 - 15:44:45 - [] ----D C:\Users\vitale\AppData\Roaming\Zylom
O43 - CFD: 14/01/2009 - 19:34:14 - [] ----D C:\Users\vitale\AppData\Local\2020 Fusion
O43 - CFD: 05/12/2013 - 19:59:19 - [] ----D C:\Users\vitale\AppData\Local\Adobe
O43 - CFD: 25/12/2007 - 10:47:35 - [] -SH-D C:\Users\vitale\AppData\Local\Application Data
O43 - CFD: 26/05/2012 - 17:28:08 - [] ----D C:\Users\vitale\AppData\Local\Apps
O43 - CFD: 25/12/2007 - 10:56:23 - [] ----D C:\Users\vitale\AppData\Local\ATI
O43 - CFD: 21/09/2013 - 17:03:50 - [] ----D C:\Users\vitale\AppData\Local\avgchrome
O43 - CFD: 17/06/2014 - 17:43:16 - [] ----D C:\Users\vitale\AppData\Local\BearShare =>PUP.BearShare
O43 - CFD: 15/09/2013 - 20:29:00 - [] ----D C:\Users\vitale\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 30/05/2011 - 19:02:29 - [] ----D C:\Users\vitale\AppData\Local\Chronicles of Albian
O43 - CFD: 26/05/2012 - 17:28:24 - [] ----D C:\Users\vitale\AppData\Local\Citrix
O43 - CFD: 09/05/2014 - 17:07:10 - [] ----D C:\Users\vitale\AppData\Local\com
O43 - CFD: 14/05/2014 - 13:53:19 - [] ----D C:\Users\vitale\AppData\Local\Conduit
O43 - CFD: 23/12/2012 - 15:39:22 - [] ----D C:\Users\vitale\AppData\Local\CRE
O43 - CFD: 24/07/2013 - 13:10:17 - [] ----D C:\Users\vitale\AppData\Local\DealPlyLive =>PUP.DealPly
O43 - CFD: 26/05/2012 - 17:28:22 - [0] ----D C:\Users\vitale\AppData\Local\Deployment
O43 - CFD: 03/02/2008 - 18:01:22 - [] ----D C:\Users\vitale\AppData\Local\FamilyRestaurant
O43 - CFD: 14/05/2014 - 15:31:20 - [] ----D C:\Users\vitale\AppData\Local\globalUpdate
O43 - CFD: 14/05/2014 - 15:39:10 - [] ----D C:\Users\vitale\AppData\Local\Google
O43 - CFD: 02/01/2009 - 19:16:25 - [] ----D C:\Users\vitale\AppData\Local\Grubby Games
O43 - CFD: 25/12/2007 - 10:56:38 - [] ----D C:\Users\vitale\AppData\Local\Hewlett-Packard
O43 - CFD: 25/12/2007 - 10:47:35 - [] -SH-D C:\Users\vitale\AppData\Local\Historique
O43 - CFD: 13/01/2008 - 19:33:22 - [] ----D C:\Users\vitale\AppData\Local\HP Guide
O43 - CFD: 05/07/2011 - 11:58:43 - [] ----D C:\Users\vitale\AppData\Local\JollyBear
O43 - CFD: 21/10/2013 - 09:54:09 - [] ----D C:\Users\vitale\AppData\Local\KalityWeb =>Adware.WebAdSystem
O43 - CFD: 05/12/2013 - 20:00:43 - [] ----D C:\Users\vitale\AppData\Local\Macromedia
O43 - CFD: 14/05/2014 - 13:29:12 - [] ----D C:\Users\vitale\AppData\Local\Microsoft
O43 - CFD: 18/01/2011 - 20:06:56 - [] ----D C:\Users\vitale\AppData\Local\Microsoft Games
O43 - CFD: 05/12/2013 - 14:13:37 - [] ----D C:\Users\vitale\AppData\Local\Mozilla
O43 - CFD: 09/12/2012 - 19:08:42 - [] ----D C:\Users\vitale\AppData\Local\Oberon Games
O43 - CFD: 08/07/2012 - 16:39:43 - [0] ----D C:\Users\vitale\AppData\Local\PackageAware
O43 - CFD: 24/10/2008 - 21:29:10 - [] ----D C:\Users\vitale\AppData\Local\Planit International
O43 - CFD: 03/12/2008 - 17:20:06 - [] ----D C:\Users\vitale\AppData\Local\Powerhouse Games
O43 - CFD: 08/05/2014 - 18:56:27 - [0] ----D C:\Users\vitale\AppData\Local\PriceMeter =>PUP.PriceMeter
O43 - CFD: 10/05/2014 - 09:24:03 - [0] ----D C:\Users\vitale\AppData\Local\RocketMediaPlayer =>PUP.RockTurner
O43 - CFD: 09/05/2014 - 17:37:51 - [] ----D C:\Users\vitale\AppData\Local\SearchProtect =>PUP.SearchProtect
O43 - CFD: 16/02/2010 - 20:51:28 - [] ----D C:\Users\vitale\AppData\Local\sowhat
O43 - CFD: 06/01/2013 - 15:22:50 - [] ----D C:\Users\vitale\AppData\Local\Tales of Lagoona
O43 - CFD: 06/07/2014 - 15:35:35 - [] ----D C:\Users\vitale\AppData\Local\Temp
O43 - CFD: 25/12/2007 - 10:47:35 - [] -SH-D C:\Users\vitale\AppData\Local\Temporary Internet Files
O43 - CFD: 13/01/2008 - 19:23:08 - [] ----D C:\Users\vitale\AppData\Local\VirtualStore
O43 - CFD: 02/10/2012 - 20:44:24 - [] ----D C:\Users\vitale\AppData\Local\Wajam =>PUP.Wajam
O43 - CFD: 24/08/2013 - 14:42:21 - [] ----D C:\Users\vitale\AppData\Local\YappyzUninstall =>PUP.Yappyz
O43 - CFD: 10/02/2012 - 22:50:04 - [] ----D C:\Users\vitale\AppData\Local\Zylom Games
O43 - CFD: 02/11/2006 - 14:54:36 - [] R---D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 25/12/2007 - 10:56:02 - [] R---D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 09/05/2014 - 10:20:34 - [0] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard
O43 - CFD: 24/07/2013 - 13:09:50 - [] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
O43 - CFD: 26/12/2012 - 12:38:57 - [] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jeux sur Orange.fr
O43 - CFD: 02/11/2006 - 14:50:41 - [] R---D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 10/07/2013 - 11:36:59 - [] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 06/11/2013 - 10:32:48 - [] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orange
O43 - CFD: 14/05/2014 - 11:32:53 - [] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rocket Media Player
O43 - CFD: 21/05/2014 - 07:45:28 - [] R---D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 08/07/2012 - 16:32:34 - [] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vGrabber =>PUP.vGrabber
O43 - CFD: 14/05/2014 - 11:32:53 - [0] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware
O43 - CFD: 02/10/2012 - 20:44:32 - [] ----D C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam =>PUP.Wajam
~ Program Folder: 373 Scanned in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.9F4B73819EDDC324E7F40136231A5B9C] - 06/07/2014 - 12:59:53 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.9633D82429527B54083BEBBA500D51FA] - 06/07/2014 - 13:20:41 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1576344]
O44 - LFC:[MD5.357CEBBCD99C8928A2D1A61A6CACC168] - 06/07/2014 - 14:12:51 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43152]
O44 - LFC:[MD5.588C2C48CB267E1C4B5A9EB5ACFF0116] - 06/07/2014 - 14:12:51 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [276432]
O44 - LFC:[MD5.3BFBB5DAE801CB893B8B46345FED6437] - 06/07/2014 - 14:12:52 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184]
O44 - LFC:[MD5.B7750AF7EDFD95674EB7CA92BCDD3358] - 06/07/2014 - 14:12:52 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O44 - LFC:[MD5.C3014C735F450FE822C97FFBB0627113] - 06/07/2014 - 14:12:52 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [67824]
O44 - LFC:[MD5.D6C9024F5D14843D33ADA8A6A10A1BE1] - 06/07/2014 - 14:12:52 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\Windows\System32\Drivers\aswrdr.sys [55112]
O44 - LFC:[MD5.90BEE0170D70D6744CEF2355EEAF8086] - 06/07/2014 - 14:12:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [192352]
O44 - LFC:[MD5.26C51C289E39E8EE0F12B8B06B71E436] - 06/07/2014 - 14:12:53 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [57800]
O44 - LFC:[MD5.51FDE588D860857A97E4C4B560E40C9B] - 06/07/2014 - 14:12:53 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [779536]
O44 - LFC:[MD5.E8D396EBB6EB971C604D53569D8F0F4A] - 06/07/2014 - 14:12:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1404652397628 [414392]
O44 - LFC:[MD5.1AEB8CDB797666AF709A291B47AE81E0] - 06/07/2014 - 14:13:17 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [414520]
~ Files: 13 Scanned in 00mn 38s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.64F0939ABD26D2EE3C4C0D4035EC0987] - 06/07/2014 - 14:15:00 ---A- - C:\Windows\Prefetch\DEALPLYLIVE.EXE-BF809A22.pf =>PUP.DealPly
O45 - LFCP:[MD5.3AC420DA8A47EB82D439020F1C41E883] - 05/07/2014 - 15:18:02 ---A- - C:\Windows\Prefetch\DEEAL_FR 0.2-CHROMEINSTALLER.-6043C1D2.pf =>PUP.DeealFr
O45 - LFCP:[MD5.3E0253E439D7B4C901815AB494463940] - 05/07/2014 - 15:18:00 ---A- - C:\Windows\Prefetch\DEEAL_FR 0.2-CODEDOWNLOADER.E-EE5FB1A0.pf =>PUP.DeealFr
O45 - LFCP:[MD5.8CFD7CBF7199A851F893B7D2ED2F3F07] - 05/07/2014 - 15:19:00 ---A- - C:\Windows\Prefetch\DEEAL_FR 0.2-ENABLER.EXE-6A07A413.pf =>PUP.DeealFr
O45 - LFCP:[MD5.882F386C44ECCC4324AB957905B23D8C] - 05/07/2014 - 16:16:22 ---A- - C:\Windows\Prefetch\UNINSTALL.BROWSERSAFEGUARD.EX-2714A695.pf =>PUP.BrowserSafeguard
O45 - LFCP:[MD5.E7095B7E84FE4A732C88B3F293953F57] - 05/07/2014 - 18:07:48 ---A- - C:\Windows\Prefetch\WEBADSYSTEM.EXE-9EA6EE61.pf =>Adware.WebAdSystem
~ Prefetcher: 6 Scanned in 00mn 01s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA.) -- C:\Program Files\Orange\Connectivity\ConnectivityManager.exe
~ Keys Export: 1 Scanned in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ LSA: 7 Scanned in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - DatamngrCoordinator.exe - tasklist.exe =>PUP.Datamngr
~ IFEO: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{c63efd09-65b3-11dc-8823-806e6f6e6963}\AutoRun\command. (...) -- E:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ TDSD: 3 Scanned in 00mn 00s



---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297576]
O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys [98408]
O58 - SDL:02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [147048]
O58 - SDL:02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14952]
O58 - SDL:02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [67688]
O58 - SDL:02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [67688]
O58 - SDL:31/10/2013 - 07:46:14 ---A- . (.AVAST Software - avast! Filtering TDI driver.) -- C:\Windows\System32\Drivers\aswFW.sys [104752]
O58 - SDL:06/07/2014 - 14:12:52 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184] =>.ALWIL Software
O58 - SDL:06/07/2014 - 14:12:52 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [67824]
O58 - SDL:06/07/2014 - 14:12:52 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\Windows\System32\Drivers\aswrdr.sys [55112]
O58 - SDL:10/05/2014 - 09:44:59 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\Windows\System32\Drivers\aswrdr.sys.1400169402243 [54832]
O58 - SDL:06/07/2014 - 14:12:52 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software
O58 - SDL:06/07/2014 - 14:12:53 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [779536]
O58 - SDL:10/05/2014 - 09:44:59 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400169402243 [776976]
O58 - SDL:06/07/2014 - 14:13:17 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [414520]
O58 - SDL:06/07/2014 - 14:12:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1404652397628 [414392]
O58 - SDL:06/07/2014 - 14:12:53 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [57800]
O58 - SDL:06/07/2014 - 14:12:53 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [192352] =>.ALWIL Software
O58 - SDL:10/07/2007 - 01:35:38 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [2769408]
O58 - SDL:02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [71808]
O58 - SDL:02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:18/10/2006 - 02:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdr4_xp.sys [2432]
O58 - SDL:18/10/2006 - 02:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdralw2k.sys [2560]
O58 - SDL:02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [16488]
O58 - SDL:02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [71272]
O58 - SDL:02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\System32\Drivers\E1G60I32.sys [117760]
O58 - SDL:02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [316520]
O58 - SDL:02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys [37480]
O58 - SDL:02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys [232040]
O58 - SDL:02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41576]
O58 - SDL:02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [65640]
O58 - SDL:02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [65640]
O58 - SDL:02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [65640]
O58 - SDL:02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys [28776]
O58 - SDL:02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys [33384]
O58 - SDL:02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [45160]
O58 - SDL:28/06/2007 - 10:44:58 ---A- . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\Drivers\nmwcd.sys [137216]
O58 - SDL:28/06/2007 - 10:44:16 ---A- . (.Nokia - Nokia USB Phone Generic Client.) -- C:\Windows\System32\Drivers\nmwcdc.sys [8320]
O58 - SDL:28/06/2007 - 10:44:18 ---A- . (.Nokia - Nokia USB Phone Modem Client.) -- C:\Windows\System32\Drivers\nmwcdcj.sys [12288]
O58 - SDL:28/06/2007 - 10:44:18 ---A- . (.Nokia - Nokia USB Phone Modem Client.) -- C:\Windows\System32\Drivers\nmwcdcm.sys [12288]
O58 - SDL:02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\System32\Drivers\ntrigdigi.sys [20608]
O58 - SDL:02/11/2006 - 10:50:24 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [88680]
O58 - SDL:02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [40040]
O58 - SDL:28/11/2006 - 21:46:22 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\System32\Drivers\PCAMp50.sys [28224]
O58 - SDL:28/11/2006 - 21:46:20 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\System32\Drivers\PCASp50.sys [27072]
O58 - SDL:12/12/2005 - 18:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\Windows\System32\Drivers\PS2.sys [19072]
O58 - SDL:20/06/2007 - 02:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\System32\Drivers\pxhelp20.sys [43872]
O58 - SDL:02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [900712]
O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106088]
O58 - SDL:15/01/2008 - 19:19:04 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [2047576]
O58 - SDL:05/03/2007 - 22:28:00 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\Drivers\Rtlh86.sys [76288]
O58 - SDL:02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:02/11/2006 - 10:50:10 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [38504]
O58 - SDL:02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [71784]
O58 - SDL:02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys [35944]
O58 - SDL:02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys [31848]
O58 - SDL:02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys [34920]
O58 - SDL:02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [235112]
O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17512]
O58 - SDL:02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\Drivers\vsmraid.sys [112232]
O58 - SDL:02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 84 Scanned in 00mn 12s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 01/07/2014 - 15:48:32 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite20033.dll [1053184]
O61 - LFC: 01/07/2014 - 15:48:33 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite58181.dll [1053184]
O61 - LFC: 02/07/2014 - 15:48:32 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite12869.dll [1053184]
O61 - LFC: 02/07/2014 - 15:48:34 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite79148.dll [1053184]
O61 - LFC: 03/07/2014 - 15:48:32 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite25216.dll [1053184]
O61 - LFC: 04/07/2014 - 15:48:34 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite85256.dll [1053184]
O61 - LFC: 05/07/2014 - 15:48:33 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite48728.dll [1053184]
O61 - LFC: 05/07/2014 - 15:48:33 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite49739.dll [1053184]
O61 - LFC: 05/07/2014 - 15:48:33 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite50368.dll [1053184]
O61 - LFC: 06/07/2014 - 15:48:34 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite77485.dll [1053184]
O61 - LFC: 06/07/2014 - 15:50:06 ---A- . (.Emsisoft GmbH.) -- C:\Users\vitale\Downloads\EmsisoftAntiMalwareSetup_10634539.exe [227782848]
O61 - LFC: 06/07/2014 - 15:50:07 ---A- . (.Nicolas Coolman.) -- C:\Users\vitale\Downloads\ZHP 2014.exe [16774977] =>.Nicolas Coolman
O61 - LFC: 06/07/2014 - 15:50:07 ---A- . (.Nicolas Coolman.) -- C:\Users\vitale\Downloads\ZHPDiag2.exe [6857466] =>.Nicolas Coolman
O61 - LFC: 29/06/2014 - 15:48:33 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite33711.dll [1053184]
O61 - LFC: 29/06/2014 - 15:48:33 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite50928.dll [1053184]
O61 - LFC: 30/06/2014 - 15:48:34 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite75595.dll [1053184]
O61 - LFC: 30/06/2014 - 15:48:34 ---A- . (.Robert Simpson, et al..) -- C:\Users\vitale\AppData\Local\Temp\System.Data.SQLite78962.dll [1053184]
~ 3640 Fichiers temporaires (Temporary files)
~ 6818 Fichiers cookies (Cookies files)
~ Files: 17 Scanned in 02mn 27s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 06/07/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 06/07/2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 06/07/2014 - C:\Windows\system32\drivers\aswRdr.sys (aswRdr) .(.AVAST Software - avast! TDI Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 06/07/2014 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 06/07/2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 06/07/2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 06/07/2014 - C:\Windows\system32\drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 06/07/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 28/11/2006 - C:\Windows\System32\Drivers\PCASp50.sys (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50
O64 - Services: CurCS - 02/09/2013 - C:\Program Files\Glary Utilities 3\ProcObsrv.sys (ProcObsrv) .(.Glarysoft Ltd - ProcObsrv Driver.) - LEGACY_PROCOBSRV
O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 73 Scanned in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\Launcher\Launcher.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com =>Hijacker.Qone8
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.France Telecom SA - Pas de description.) -- C:\Program Files\Orange\Launcher\Launcher.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\vitale\AppData\Local\Yappyz\Application\yappyz.exe (.not file.) =>PUP.Yappyz
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [vitale - qnqw38xw.default] user_pref("extensions.crossrider.bic", "145dada19e929264805332afc196428d"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web) - http://www.golsearch.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {31090377-0740-419E-BEFC-A56E50500D5B} [DefaultScope] - (Speedial) - http://speedial.com =>Adware.SearchYa
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (qone8) - http://www.qone8.com =>Hijacker.Qone8
O69 - SBI: SearchScopes [HKCU] {57F1FB00-EDDE-4226-A899-CA2646B2F05D} - (Kelkoo) - http://fr.kelkoopartners.net
O69 - SBI: SearchScopes [HKCU] {5AA2BA46-9913-4DC7-9620-69AB0FA17AE7} - (ALOT Recherche) - http://search.alot.com
O69 - SBI: SearchScopes [HKCU] {601EF89D-401F-4F1A-9E52-9EE39F032F49} - (Yahoo! France) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {99088cc3-8be2-40fc-832f-cde3783069a1} - (Searcheo) - http://www.searcheo.fr =>Hijacker.Searcheo
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Bubble Dock Toolbar Customized Web Search) - http://search.conduit.com =>PUP.BubbleDock
O69 - SBI: SearchScopes [HKCU] {DCDBBF03-BC10-457D-911F-EFB0321D22BE} - (Search The Web (Softonic)) - ${SRCH_SCP_URL} =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com =>PUP.SweetIM
~ Keys: Scanned in 00mn 00s



---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [574464]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [438272]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [314368]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [260608]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [448512]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1929952]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758272]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [190464]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153600]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [161792]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [603648]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096]
~ Services: 31 Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][18/07/2009] (...) -- C:\Users\vitale\AppData\Roaming\wklnhst.dat [0]
[MD5.804750E01BE174B07A3E11409C3783AE] [SPRF][10/02/2012] (.SweetIM Technologies Ltd. - SweetIM Setup.) -- C:\Users\vitale\Desktop\BundleSweetIMSetup.exe [4719408] =>PUP.SweetIM
[MD5.36B6FAA2D8E00AE98F510046D3213426] [SPRF][18/02/2012] (.Conduit - Pas de description.) -- C:\Users\vitale\Desktop\conduitinstaller.exe [67976] =>Adware.Bloson
[MD5.389E087766E6663E92332CFE18EAB529] [SPRF][24/04/2012] (.Systweak Inc - RegClean Pro.) -- C:\Users\vitale\Desktop\rcpsetup_softonic_sd.exe [3470152] =>Toolbar.Conduit
[MD5.266404D2B89BDA7F1D528032C713C082] [SPRF][10/02/2012] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\vitale\Desktop\Silverlight_x64.exe [13072536]
[MD5.266404D2B89BDA7F1D528032C713C082] [SPRF][28/11/2012] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\vitale\Desktop\Silverlight_x64[1].exe [13072536]
[MD5.266404D2B89BDA7F1D528032C713C082] [SPRF][18/02/2012] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\vitale\Desktop\Silverlight_x64[3].exe [13072536]
[MD5.266404D2B89BDA7F1D528032C713C082] [SPRF][24/04/2012] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\vitale\Desktop\Silverlight_x64[4].exe [13072536]
[MD5.4CB1ED3ED4A0652D660A3A6786AA2F37] [SPRF][22/04/2011] (.Boonty - Tiny Download Manager.) -- C:\Users\vitale\Desktop\Snow_Globe_Telecharger{1244199}.exe [684032]
[MD5.4305F843E38ABB2186D0CD07982EBECD] [SPRF][15/06/2007] (.Oberon Media, Inc. - Oberon Game Host ActiveX Control.) -- C:\Windows\Downloaded Program Files\OberonGameHost.dll [632392]
[MD5.7FAF5222EEB546E1DC0F348DCB314B0B] [SPRF][29/08/2006] (.Zylom Games - Zylom Games Player.) -- C:\Windows\Downloaded Program Files\zylomgamesplayer.dll [161976]
~ Files: 11 Scanned in 00mn 01s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{2D0BC2A4-BEE0-402A-8CC3-7295B3AC834A}" | In - Domain - P6 - TRUE | .(.MusicLab, LLC - BearShare.) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe =>PUP.BearShare
O87 - FAEL: "{AB6C9834-F969-4314-91D6-65B29F3F377A}" | In - Domain - P17 - TRUE | .(.MusicLab, LLC - BearShare.) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe =>PUP.BearShare
O87 - FAEL: "{F771EE08-1378-4F89-B81A-3D0B27063998}" | In - Private - P6 - TRUE | .(.MusicLab, LLC - BearShare.) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe =>PUP.BearShare
O87 - FAEL: "{F80DA481-259E-465A-B5E7-3044B18BB115}" | In - Private - P17 - TRUE | .(.MusicLab, LLC - BearShare.) -- C:\Program Files\BearShare Applications\BearShare\BearShare.exe =>PUP.BearShare
O87 - FAEL: "TCP Query User{C25C730B-8168-48DE-AD33-1F2647372E6A}C:\program files\bearshare applications\bearshare\bearshare.exe" | In - Public - P6 - TRUE | .(.MusicLab, LLC - BearShare.) -- C:\program files\bearshare applications\bearshare\bearshare.exe =>PUP.BearShare
O87 - FAEL: "UDP Query User{8A1B5481-59DB-4081-89D3-4377B3AB01CC}C:\program files\bearshare applications\bearshare\bearshare.exe" | In - Public - P17 - TRUE | .(.MusicLab, LLC - BearShare.) -- C:\program files\bearshare applications\bearshare\bearshare.exe =>PUP.BearShare
~ Firewall: 6 Scanned in 00mn 03s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "2BC4C58B253B8DB418C8CB3E35951970" . (.SweetIM for Messenger 3.6.) -- C:\Windows\Installer\{B85C4CB2-B352-4BD8-818C-BCE353599107}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "430E8DB44F0E90547A3564A7E858C48D" . (.Iminent.) -- C:\Windows\Installer\{4BD8E034-E0F4-4509-A753-467A8E854CD8}\imbooster.ico =>Adware.IMBooster
O90 - PUC: "54A306F2659DB694185B057D28249467" . (.SweetPacks Toolbar for Internet Explorer 4.4.) -- C:\Windows\Installer\{2F603A45-D956-496B-81B5-50D782424976}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "A07B748F92CF28B478E2852FECD9EE90" . (.Boxore Client.) -- C:\Windows\Installer\{F847B70A-FC29-4B82-872E-58F2CE9DEE09}\boxore.ico =>Adware.Boxore
~ Update Products: 4 Scanned in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\f578c8dbd68ee13\2.6.1694.246\upd]:="upd=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\2.7.1769.27\upd]:="upd=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\2.7.1832.68\upd]:="upd=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:guid="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:version="2.6.1673.238" =>Hijacker.Eazel
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:guid="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:version="2.6.1694.246" =>Hijacker.Eazel
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:guid="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:version="2.7.1769.27" =>Hijacker.Eazel
[HKCU\Software\f578c8dbd68ee13]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:usrcheckbox="1" =>PUP.BitGuard
[HKCU\Software\f578c8dbd68ee13]:version="2.7.1832.68" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:usrcheckbox="1" =>PUP.BitGuard
[HKLM\Software\f578c8dbd68ee13]:version="2.7.1832.68" =>PUP.BitGuard
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A32A114BEBBB3ABFC79C9F03FECDB118] [WIS][11/02/2012] (.Iminent - Iminent.) -- C:\Windows\Installer\1a25b17.msi [1476608] =>Adware.IMBooster
[MD5.D316F77062613C0F805DD4682C222F3E] [WIS][02/10/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\1ae56f.msi [24576] =>Adware.Boxore
[MD5.C2B7490DC3C73358706E3EA45425E6BF] [WIS][08/07/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\1c52e5.msi [29696] =>PUP.Babylon
[MD5.F4FBEB767D16153ED476F9740A753EC5] [WIS][08/07/2012] (.Musiclab, LLC - BearShare.) -- C:\Windows\Installer\1c52eb.msi [313344] =>PUP.BearShare
[MD5.8F2C5A998B81DDA01F26DED1E2C6B837] [WIS][10/02/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.6.) -- C:\Windows\Installer\2a5269.msi [1947136] =>PUP.SweetIM
[MD5.5EAB49620C1EC85204DC52797A399B52] [WIS][10/02/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\2a526f.msi [1839104] =>PUP.SweetIM
[MD5.F0CC66941DA1993308DFFCA1160B9B00] [WIS][23/06/2014] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\2c65f.msi [512512] =>Adware.Boxore
[MD5.4BC4BBEB832BFD214888FA431EDD8403] [WIS][21/10/2013] (.KalityWeb - WebAdSystem.) -- C:\Windows\Installer\92d6b.msi [260608] =>Adware.WebAdSystem
~ WIS: 8 Scanned in 00mn 02s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}] (Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand) =>Adware.IMBooster
[HKCR\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}] (Iminent.Mediator.Communication.MediatorServiceProxy) =>Adware.IMBooster
[HKCR\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}] (Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand) =>Adware.IMBooster
[HKCR\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}] (Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand) =>Adware.IMBooster
[HKCR\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}] (Iminent.Mediator.Communication.DataContracts.GetCreditCommand) =>Adware.IMBooster
[HKCR\CLSID\{11111111-1111-1111-1111-110411391160}] (Deeal_fr 0.2) =>PUP.DeealFr
[HKCR\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}] (Iminent.Mediator.Communication.ServerResult) =>Adware.IMBooster
[HKCR\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}] (Barre d'outils ALOT Helper) =>Adware.Comet
[HKCR\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}] (Iminent.Mediator.LightContent) =>Adware.IMBooster
[HKCR\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}] (Iminent.Mediator.Communication.DataContracts.GetVariableCommand) =>Adware.IMBooster
[HKCR\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}] (DealPly Live Legacy On Demand) =>PUP.DealPly
[HKCR\CLSID\{22222222-2222-2222-2222-220422392260}] (CrossriderApp0043960.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220422892226}] (CrossriderApp0048926.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}] (Iminent.Mediator.Communication.DataContracts.SetVariableCommand) =>Adware.IMBooster
[HKCR\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}] (Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand) =>Adware.IMBooster
[HKCR\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}] (Iminent.Mediator.Communication.DataContracts.PlayContentCommand) =>Adware.IMBooster
[HKCR\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}] (Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult) =>Adware.IMBooster
[HKCR\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}] (Iminent.Mediator.Communication.ContractBase) =>Adware.IMBooster
[HKCR\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}] (Iminent.Mediator.Communication.DataContracts.LoadContentCommand) =>Adware.IMBooster
[HKCR\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}] (Iminent.Business.Tinyfying.ViralLinkArgs) =>Adware.IMBooster
[HKCR\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}] (Iminent.Mediator.Communication.DataContracts.PostContentCallback) =>Adware.IMBooster
[HKCR\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}] (Iminent.Business.Tinyfying.TinyUrlArgs) =>Adware.IMBooster
[HKCR\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] (Softonic Toolbar) =>Toolbar.Conduit
[HKCR\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}] (DealPly Live Core Class) =>PUP.DealPly
[HKCR\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}] (Barre d'outils ALOT) =>Adware.Comet
[HKCR\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}] (WajamDownloader Class) =>PUP.Wajam
[HKCR\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}] (Iminent.Mediator.Communication.DataContracts.WarmUpCommand) =>Adware.IMBooster
[HKCR\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}] (Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand) =>Adware.IMBooster
[HKCR\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}] (GamesBar) =>Adware.GamesBar
[HKCR\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}] (DealPly Live Process Launcher Class) =>PUP.DealPly
[HKCR\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}] (Iminent.Mediator.Communication.ServerCommand) =>Adware.IMBooster
[HKCR\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}] (Iminent.Business.Tinyfying.LinkToPromoteArgs) =>Adware.IMBooster
[HKCR\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}] (Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand) =>Adware.IMBooster
[HKCR\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}] (DealPlyLive Update Plugin) =>PUP.DealPly
[HKCR\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}] (DealPly Live Legacy On Demand) =>PUP.DealPly
[HKCR\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}] (Iminent.Mediator.Communication.DataContracts.LogoutCommand) =>Adware.IMBooster
[HKCR\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}] (DealPly Live Broker Class Factory) =>PUP.DealPly
[HKCR\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}] (Iminent.Mediator.Communication.DataContracts.LoginCommand) =>Adware.IMBooster
[HKCR\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}] (Iminent.Mediator.Communication.ClientCallback) =>Adware.IMBooster
[HKCR\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}] (Iminent.Mediator.Communication.DataContracts.WelcomeCommand) =>Adware.IMBooster
[HKCR\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}] (DealPlyLive Update Plugin) =>PUP.DealPly
[HKCR\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}] (Iminent.Mediator.Communication.DataContracts.MyAccountCommand) =>Adware.IMBooster
[HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] (Wajam) =>PUP.Wajam
[HKCR\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}] (DealPly Shopping) =>PUP.DealPly
[HKCR\CLSID\{AE5C74BF-0680-87BD-7F63-F35CA6E38E4D}] (Iminent.Mediator.Communication.MediatorServiceProxy) =>Adware.IMBooster
[HKCR\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}] (Iminent.Mediator.Communication.DataContracts.InstallationContextResult) =>Adware.IMBooster
[HKCR\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}] (Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand) =>Adware.IMBooster
[HKCR\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}] (Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback) =>Adware.IMBooster
[HKCR\CLSID\{B939CF93-F2CB-443d-956C-DC523D85C9DB}] (DataMngr) =>PUP.Datamngr
[HKCR\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}] (Iminent.Mediator.Communication.DataContracts.GetVariableResult) =>Adware.IMBooster
[HKCR\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}] (Wincore Mediabar) =>PUP.iMesh
[HKCR\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}] (Iminent.Mediator.Communication.DataContracts.GameOverCallback) =>Adware.IMBooster
[HKCR\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}] (Iminent.Mediator.Communication.DataContracts.VariableChangedCallback) =>Adware.IMBooster
[HKCR\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}] (Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback) =>Adware.IMBooster
[HKCR\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}] (DealPlyLive.OneClickProcessLauncher) =>PUP.DealPly
[HKCR\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}] (Iminent.Business.Tinyfying.RawDataArgs) =>Adware.IMBooster
[HKCR\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}] (DealPly Live Core Class) =>PUP.DealPly
[HKCR\CLSID\{CB0D163C-E9F4-4236-9496-0597E24B23A5}] (GamesBarBHO Class) =>Adware.GamesBar
[HKCR\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}] (Iminent.Mediator.Communication.DataContracts.CleanCacheCommand) =>Adware.IMBooster
[HKCR\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}] (Iminent.Business.Tinyfying.DownloadArgs) =>Adware.IMBooster
[HKCR\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}] (Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand) =>Adware.IMBooster
[HKCR\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}] (Softonic Helper Object) =>Toolbar.Conduit
[HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}] (SweetPacks Toolbar for Internet Explorer) =>PUP.SweetIM
[HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}] (SweetPacks Browser Helper) =>PUP.SweetIM
[HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}] (SweetIM ToolbarURLSearchHook Class) =>PUP.SweetIM
[HKCR\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}] (Iminent.Mediator.LightUri) =>Adware.IMBooster
[HKCR\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C63}] (iMesh6Discovery Class) =>PUP.iMesh
[HKCR\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}] (Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand) =>Adware.IMBooster
[HKCR\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}] (Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult) =>Adware.IMBooster
[HKCR\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}] (DealPly Live Broker Class Factory) =>PUP.DealPly
~ BCK: 6156 Scanned in 00mn 17s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 14/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 14/03/2014 36392 | (BackupStack) . (.Just Develop It.) - C:\Program Files\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SS - | Auto 24/07/2013 148000 | (dealplylive) . (.DealPly Technologies Ltd.) - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe =>PUP.DealPly
SS - | Demand 24/07/2013 148000 | (dealplylivem) . (.DealPly Technologies Ltd.) - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe =>PUP.DealPly
SS - | Auto 14/05/2014 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
SS - | Demand 14/05/2014 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe
SS - | Demand 22/10/2004 73728 | (IDriverT) . (.Macrovision Corporation.) - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
SS - | Demand 22/01/2008 103808 | (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe
SS - | Demand 26/09/2007 2999664 | C:\Program Files\Symantec\LIVEUP~1\LUCOMS~1.exe (LiveUpdate) . (.Symantec Corporation.) - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.exe
SS - | Demand 09/04/2014 235696 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SS - | Demand 14/05/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 11/05/2007 887544 | (RoxMediaDB9) . (.Sonic Solutions.) - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
SS - | Demand 03/05/2007 74656 | (stllssvr) . (.MicroVision Development, Inc..) - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SS - | Auto 02/10/2012 139576 | (supdate) . (.Boxore OU..) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SR - | Auto 10/07/2007 606208 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 10/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 14/05/2014 2900424 | (ca82e1a5) . (...) - c:\Program Files\Optimizer Pro\OptProCrash.dll =>PUP.OptimizerPro
SR - | Auto 24/05/2007 61440 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 11/04/2014 705136 | (IePluginService) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
SR - | Auto 28/06/2007 79136 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 26/09/2007 554352 | (Planificateur LiveUpdate automatique) . (.Symantec Corporation.) - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
SR - | Auto 10/04/2014 350528 | (TBSrv) . (.ClientConnect Ltd..) - C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe =>Toolbar.Conduit
SR - | Auto 02/07/2012 2673064 | (TeamViewer7) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
SR - | Auto 09/05/2014 51712 | (vosr) . (...) - C:\Users\vitale\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Auto 01/05/2014 541696 | (vxlsnyaiet32) . (...) - C:\Program Files\003\vxlsnyaiet32.exe =>PUP.AdPeak
SR - | Auto 14/06/2012 109064 | (WajamUpdater) . (.Wajam.) - C:\Program Files\Wajam\Updater\WajamUpdater.exe =>PUP.Wajam
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 19s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by vitale at 06/07/2014 15:52:22
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[0x826D1FEF] >> \Device\Harddisk0\DR0[0x85BC0AC8]
3 CLASSPNP[0x8879F745] >> ntkrnlpa!IofCallDriver[0x826D1FEF] >> [0x85203858]
5 acpi[0x806996A0] >> ntkrnlpa!IofCallDriver[0x826D1FEF] >> \Device\Ide\IdeDeviceP2T0L0-2[0x851EB5E8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Scanned in 00mn 02s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by vitale at 06/07/2014 15:52:24
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (06/07/2014)
Clés trouvées (Keys found) : 702
Valeurs trouvées (Values found) : 5
Dossiers trouvés (Folders found) : 90
Fichiers trouvés (Files found) : 189

[HKLM\Software\Google\Chrome\Extensions\engaigpbgdjjmanonjcjkcmomgibneba] =>Spyware.SmartDisplay^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FC85F5D-6207-4515-A490-45A549D285C0}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411391160}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411891126}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}] =>Adware.Comet^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C7654F3-98BB-47E0-9404-36CB4B08637A}] =>PUP.SaveOn^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] =>PUP.SupTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77F8C945-4B74-4BD6-A073-E0D1997EDCE8}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}] =>PUP.DealPly^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443D-956C-DC523D85C9DB}] =>PUP.BearShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}] =>PUP.iMesh^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB0D163C-E9F4-4236-9496-0597E24B23A5}] =>Adware.GamesBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\ca82e1a5] =>PUP.OptimizerPro^
[HKLM\SYSTEM\CurrentControlSet\Services\dealplylive) (dealplylive] =>PUP.DealPly^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginService] =>Trojan.SProtector^
[HKLM\SYSTEM\CurrentControlSet\Services\supdate) (supdate] =>Adware.Boxore^
[HKLM\SYSTEM\CurrentControlSet\Services\TBSrv] =>Toolbar.Conduit^
[HKLM\SYSTEM\CurrentControlSet\Services\vosr] =>Adware.Downware^
[HKLM\SYSTEM\CurrentControlSet\Services\vxlsnyaiet32] =>PUP.AdPeak^
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater] =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1] =>PUP.Activeris^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}] =>PUP.Babylon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\alotToolbar] =>Adware.Comet^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BearShare] =>PUP.BearShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F624839-947D-46EA-BD63-FD847C1AC6F1}] =>PUP.BearShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F847B70A-FC29-4B82-872E-58F2CE9DEE09}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BrowserSafeguard] =>PUP.BrowserSafeguard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dealply] =>PUP.DealPly^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Deeal_fr 0.2] =>PUP.DeealFr^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Freeven pro 1.2] =>PUP.Freeven^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GamesBar] =>Adware.GamesBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerplus] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox] =>PUP.OfferBox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1] =>PUP.OptimizerPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD9.5v4] =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.SearchProtect^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{006E6A46-8D55-4F10-BBA8-2C9653B4278B}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Speedial] =>Adware.SearchYa^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam] =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5DCCCB45-8CD0-418E-93AC-AE1DDC32D496}] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{621582a3-06da-4753-8287-96d1938f7966}] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WebConnect] =>PUP.WebConnect^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar] =>PUP.iMesh^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{614925F9-841A-53FE-A28F-DC30FA07239B}] =>PUP.SaveOn^
[HKLM\Software\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{092A2C6B-43EE-4F9F-8F8E-14ED5E11C14B}] =>Adware.Agent
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}] =>Adware.GamesBar
[HKLM\Software\Microsoft\Internet Explorer\extensions\{1a93c934-025b-4c3a-b38e-9654a7003239}] =>Adware.GamesBar
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{1fc41815-fa4c-4f8b-b143-2c045c8ea2fc}] =>PUP.Kiwee
[HKLM\Software\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{252c2315-cce0-4446-8da7-c00292a690ba}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{257A6158-1416-4B31-9BF8-29FF49F3814F}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2F603A45-D956-496B-81B5-50D782424976}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{31F8B21E-8674-4589-A37F-31A4D4B55CC5}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{32451DFC-C23B-4E12-866C-FC7982238504}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}] =>PUP.iMesh
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}] =>PUP.BearShare
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}] =>Adware.Comet
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}] =>Adware.Comet
[HKLM\Software\Classes\CLSID\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}] =>Adware.Comet
[HKLM\Software\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}] =>Adware.IMBooster
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}] =>PUP.BearShare
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}] =>Adware.BHO
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{756C097C-6BDB-45de-A8F1-83E01AB86BA4}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}] =>Adware.IMBooster
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}] =>PUP.BearShare
[HKLM\Software\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467}] =>Adware.GamesBar
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}] =>Adware.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{B85C4CB2-B352-4BD8-818C-BCE353599107}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D745B017-4336-4718-83A6-3AE1A9DE88C3}] =>Adware.Boxore
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}] =>PUP.BearShare
[HKLM\Software\Classes\Interface\{ec1a2105-5621-440f-987d-27ef428131d9}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Adware.PricePeep
[HKLM\Software\Classes\AppID\BearShare.exe] =>PUP.BearShare
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\DiscoveryHelper.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\GIFAnimator.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\IMTrProgress.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\IMWeb.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\alotToolbar] =>Adware.Comet
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wincore MediaBar] =>PUP.iMesh
[HKLM\Software\Classes\b] =>PUP.Babylon
[HKLM\Software\Classes\Babylon.dskBnd] =>PUP.Babylon
[HKLM\Software\Classes\Babylon.dskBnd.1] =>PUP.Babylon
[HKLM\Software\Classes\bbylnApp.appCore] =>PUP.Babylon
[HKLM\Software\Classes\bbylnApp.appCore.1] =>PUP.Babylon
[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
[HKLM\Software\Classes\BrowserConnection.Loader.1] =>Adware.Bandoo
[HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery] =>PUP.iMesh
[HKLM\Software\Classes\DiscoveryHelper.iMesh6Discovery.1] =>PUP.iMesh
[HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO.1] =>Adware.Bandoo
[HKLM\Software\Classes\escort.escrtBtn.1] =>PUP.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc] =>PUP.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc.1] =>PUP.Babylon
[HKLM\Software\Classes\I] =>Adware.IncrediBar
[HKLM\Software\Classes\imweb.imwebcontrol] =>PUP.iMesh
[HKLM\Software\Classes\oberontb.band] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.band.1] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.GamesBarBHO] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.GamesBarBHO.1] =>Adware.GamesBar
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Classes\Software.OneClickCtrl.8] =>Adware.Agent
[HKLM\Software\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] =>PUP.Babylon
[HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp] =>Toolbar.Wajam
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Classes\Installer\Features\430E8DB44F0E90547A3564A7E858C48D] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Products\430E8DB44F0E90547A3564A7E858C48D] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\430E8DB44F0E90547A3564A7E858C48D] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>Toolbar.Wajam
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\BearShareMediabarTb] =>Toolbar.Agent
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Boxore] =>Adware.Boxore
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\gamesbar] =>Adware.GamesBar
[HKLM\Software\gamesbar] =>Adware.GamesBar
[HKLM\Software\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\iwin] =>Adware.iWinArcade
[HKCU\Software\KalityWeb] =>Toolbar.Agent
[HKLM\Software\KalityWeb] =>Toolbar.Agent
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Radio_Bar_1] =>Toolbar.Conduit
[HKLM\Software\Radio_Bar_1] =>Toolbar.Conduit
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}] =>Toolbar.Conduit
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =>Adware.Boxore
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Classes\AppID\priam_bho.DLL] =>Toolbar.Wajam
[HKLM\Software\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\SYSTEM\CurrentControlSet\Services\supdate] =>Adware.Boxore
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DCDBBF03-BC10-457D-911F-EFB0321D22BE}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77F8C945-4B74-4BD6-A073-E0D1997EDCE8}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{77F8C945-4B74-4BD6-A073-E0D1997EDCE8}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{23F123D2-6519-4D70-A124-1836D45CD3B8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB0C157-F9B1-4B0B-AE43-8217B2B2AA44}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{9CB0C157-F9B1-4B0B-AE43-8217B2B2AA44}] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9CB0C157-F9B1-4B0B-AE43-8217B2B2AA44}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\2BC4C58B253B8DB418C8CB3E35951970] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\2BC4C58B253B8DB418C8CB3E35951970] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2BC4C58B253B8DB418C8CB3E35951970] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\54A306F2659DB694185B057D28249467] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\54A306F2659DB694185B057D28249467] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\54A306F2659DB694185B057D28249467] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}] =>PUP.BearShare
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}] =>PUP.BearShare
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow]:*.crossrider.com =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}] =>Adware.Comet
[HKLM\Software\Classes\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}] =>Adware.Comet
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Google\Chrome\Extensions\ieakfmpjhljbpbfpldjkddkjmmgjmgon] =>PUP.WebConnect
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2316C625-B487-4410-A1A5-FF040B65245F}] =>PUP.WebConnect
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKLM\Software\Classes\CrossriderApp0043960.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043960.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043960.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043960.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\esrv.iminentESrvc] =>Adware.IMBooster
[HKLM\Software\Classes\esrv.iminentESrvc.1] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.DownloadArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.RawDataArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.TinyUrlArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.ViralLinkArgs] =>Adware.IMBooster
[HKLM\Software\Classes\iminent.iminentappCore] =>Adware.IMBooster
[HKLM\Software\Classes\iminent.iminentappCore.1] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ClientCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ContractBase] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ServerCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ServerResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.LightContent] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.LightUri] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.MediatorServiceProxy] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ActiveContentHandle.1] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ActiveContentHandler] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.TinyUrlHandler] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.TinyUrlHandler.1] =>Adware.IMBooster
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar.CT2405725] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2795622] =>Toolbar.Conduit
[HKLM\Software\Classes\wajam.WajamBHO] =>PUP.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1] =>PUP.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader] =>PUP.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1] =>PUP.Wajam
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110411391160}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110411891126}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422392260}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422892226}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\iminent] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Wajam] =>PUP.Wajam
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}] =>Adware.Bandoo^
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{EEE6C35D-6118-11DC-9C72-001320C79847} =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} =>Adware.Comet^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SweetIM =>PUP.SweetIM^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Optimizer Pro =>PUP.OptimizerPro^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{84FF7BD6-B47F-46F8-9130-01B2696B36CB} =>Adware.IMBooster
C:\Users\vitale\AppData\Local\Google\Chrome\User Data\Default\Extensions\engaigpbgdjjmanonjcjkcmomgibneba =>Spyware.SmartDisplay^
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\extensions\djud9r@fman-ds.com =>PUP.RealDeal^
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\extensions\e46480cf-7cf6-495e-af69-573053f52c72@b33ab36d-5952-49aa-adb2-a41b3dbe51a5.com =>Adware.PlusHD^
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\extensions\firefox@webconnect.co =>PUP.WebConnect^
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\extensions\jid1-FCM5fDwCW5M3AQ@jetpack =>Spyware.SmartDisplay^
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\extensions\quick_start@gmail.com =>PUP.QuickStart^
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52} =>Adware.SearchYa^
C:\Program Files\003 =>PUP.AdPeak^
C:\Program Files\Activeris AntiMalware =>PUP.Activeris^
C:\Program Files\BearShare Applications =>PUP.BearShare^
C:\Program Files\Boxore =>Adware.Boxore^
C:\Program Files\Browsersafeguard =>PUP.BrowserSafeguard^
C:\Program Files\DealPly =>PUP.DealPly^
C:\Program Files\DealPlyLive =>PUP.DealPly^
C:\Program Files\Deeal_fr 0.2 =>PUP.DeealFr^
C:\Program Files\Freeven pro 1.2 =>PUP.Freeven^
C:\Program Files\GamesBar =>Adware.GamesBar^
C:\Program Files\MediaPlayerplus =>PUP.CrossRider^
C:\Program Files\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files\OfferBox =>PUP.OfferBox^
C:\Program Files\Optimizer Pro =>PUP.OptimizerPro^
C:\Program Files\Plus-HD9.5v4 =>Adware.PlusHD^
C:\Program Files\SearchProtect =>PUP.SearchProtect^
C:\Program Files\Softonic =>Toolbar.Conduit^
C:\Program Files\Speedial =>Adware.SearchYa^
C:\Program Files\SupTab =>PUP.SupTab^
C:\Program Files\SweetIM =>PUP.SweetIM^
C:\Program Files\Tbccint =>Toolbar.Conduit^
C:\Program Files\v-Grabber =>PUP.vGrabber^
C:\Program Files\Wajam =>PUP.Wajam^
C:\Program Files\WebAdSystem =>Adware.WebAdSystem^
C:\Program Files\WebConnect =>PUP.WebConnect^
C:\Program Files\~BabylonToolbar =>PUP.Babylon^
C:\ProgramData\Activeris =>PUP.Activeris^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\BearShare =>PUP.BearShare^
C:\ProgramData\BoxUpdChk =>Adware.Boxore^
C:\ProgramData\DealPlyLive =>PUP.DealPly^
C:\ProgramData\GamesBar =>Adware.GamesBar^
C:\ProgramData\IePluginService =>Trojan.SProtector^
C:\ProgramData\saveorneT =>PUP.SaveOn^
C:\ProgramData\SweetIM =>PUP.SweetIM^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\vitale\AppData\Roaming\Activeris =>PUP.Activeris^
C:\Users\vitale\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\vitale\AppData\Roaming\BabylonToolbar =>PUP.Babylon^
C:\Users\vitale\AppData\Roaming\Dealply =>PUP.DealPly^
C:\Users\vitale\AppData\Roaming\Nosibay =>PUP.BubbleDock^
C:\Users\vitale\AppData\Roaming\OfferBox =>PUP.OfferBox^
C:\Users\vitale\AppData\Roaming\Optimizer Elite Max =>PUP.OptimizerEliteMax^
C:\Users\vitale\AppData\Roaming\Optimizer Pro =>PUP.OptimizerPro^
C:\Users\vitale\AppData\Roaming\qone8 =>Hijacker.Qone8^
C:\Users\vitale\AppData\Roaming\Speedial =>Adware.SearchYa^
C:\Users\vitale\AppData\Roaming\SupTab =>PUP.SupTab^
C:\Users\vitale\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\vitale\AppData\Local\BearShare =>PUP.BearShare^
C:\Users\vitale\AppData\Local\DealPlyLive =>PUP.DealPly^
C:\Users\vitale\AppData\Local\KalityWeb =>Adware.WebAdSystem^
C:\Users\vitale\AppData\Local\PriceMeter =>PUP.PriceMeter^
C:\Users\vitale\AppData\Local\RocketMediaPlayer =>PUP.RockTurner^
C:\Users\vitale\AppData\Local\SearchProtect =>PUP.SearchProtect^
C:\Users\vitale\AppData\Local\Wajam =>PUP.Wajam^
C:\Users\vitale\AppData\Local\YappyzUninstall =>PUP.Yappyz^
C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard^
C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly^
C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^
C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vGrabber =>PUP.vGrabber^
C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^
C:\Users\vitale\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam =>PUP.Wajam^
C:\Program Files\alot =>Adware.Comet
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\Radio_Bar_1 =>Toolbar.Conduit
C:\Program Files\Software =>Adware.Boxore
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar =>Adware.GamesBar
C:\Users\vitale\AppData\Roaming\iWin =>Adware.iWinArcade
C:\Users\vitale\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\vitale\AppData\LocalLow\alot =>Adware.Comet
C:\Users\vitale\AppData\LocalLow\BabylonToolbar =>PUP.Babylon
C:\Users\vitale\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\vitale\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit
C:\Users\vitale\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\vitale\AppData\LocalLow\Radio_Bar_1 =>Toolbar.Conduit
C:\Users\vitale\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\vitale\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit
C:\Users\vitale\AppData\LocalLow\wincorebsband =>PUP.iMesh
C:\Users\vitale\AppData\LocalLow\mediabarbs =>PUP.BearShare
C:\Users\vitale\AppData\Local\Temp\Iminent =>Adware.IMBooster
C:\Users\vitale\AppData\Local\Temp\Radio_Bar_1 =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch
C:\Users\vitale\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp =>Toolbar.Wajam
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\vitale\AppData\Roaming\Mozilla\Firefox\Profiles\qnqw38xw.default\bprotector_prefs.js =>PUP.BProtector
C:\Program Files\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris^
C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM^
C:\Program Files\OfferBox\OfferBox.exe =>PUP.OfferBox^
C:\Program Files\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem^
C:\Program Files\Browsersafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard^
C:\Program Files\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore^
C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup^
C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector^
C:\Program Files\Tbccint\ToolbarService\ToolbarService.exe =>Toolbar.Conduit^
C:\Users\vitale\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware^
C:\Program Files\003\vxlsnyaiet32.exe =>PUP.AdPeak^
C:\Program Files\Wajam\Updater\WajamUpdater.exe =>PUP.Wajam^
C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe =>PUP.BrowserSafeguard^
C:\Users\vitale\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe =>PUP.DealPly^
C:\Program Files\DealPlyLive\Update\DealPlyLive.exe =>PUP.DealPly^
C:\Program Files\Deeal_fr 0.2\Deeal_fr 0.2-chromeinstaller.exe =>PUP.DeealFr^
C:\Program Files\Deeal_fr 0.2\Deeal_fr 0.2-codedownloader.exe =>PUP.DeealFr^
C:\Program Files\Deeal_fr 0.2\Deeal_fr 0.2-enabler.exe =>PUP.DeealFr^
C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
C:\Windows\Tasks\Dealply.job =>PUP.DealPly^
C:\Windows\System32\Tasks\Dealply =>PUP.DealPly^
C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job =>PUP.DealPly^
C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore =>PUP.DealPly^
C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job =>PUP.DealPly^
C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA =>PUP.DealPly^
C:\Windows\Tasks\Deeal_fr 0.2-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Deeal_fr 0.2-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\Deeal_fr 0.2-codedownloader.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Deeal_fr 0.2-codedownloader =>PUP.CrossRider^
C:\Windows\Tasks\Deeal_fr 0.2-enabler.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Deeal_fr 0.2-enabler =>PUP.CrossRider^
C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^
[HKCU\Software\Activeris] =>PUP.Activeris^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\Deeal_fr 0.2] =>PUP.DeealFr^
[HKCU\Software\AppDataLow\Software\Plus-HD9.5v4] =>Adware.PlusHD^
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\AppDataLow\Software\Supra Savings] =>PUP.SupraSavings^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\BearShare] =>PUP.BearShare^
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\DealPlyLive] =>PUP.DealPly^
[HKCU\Software\GamesBar] =>Adware.GamesBar^
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax^
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^
[HKCU\Software\SearchProtectINT2] =>PUP.SearchProtect^
[HKCU\Software\Tbccint_HKLM] =>Toolbar.Conduit^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\Wajam] =>PUP.Wajam^
[HKCU\Software\WebConnect] =>PUP.WebConnect^
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^
[HKCU\Software\speedial] =>Adware.SearchYa^
[HKCU\Software\weDownload] =>PUP.weDownloadManager^
[HKLM\Software\Activeris] =>PUP.Activeris^
[HKLM\Software\Babylon] =>PUP.Babylon^
[HKLM\Software\Browsersafeguard] =>PUP.BrowserSafeguard^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\DealPlyLive] =>PUP.DealPly^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\PriceMeterLiveUpdate] =>PUP.PriceMeter^
[HKLM\Software\Wpm] =>PUP.WpManager^
[HKLM\Software\qone8Software] =>Hijacker.Qone8^
[HKLM\Software\supTab] =>PUP.SupTab^
[HKLM\Software\supWPM] =>PUP.WpManager^
[HKLM\Software\suprasavings] =>PUP.SupraSavings^
C:\Users\vitale\Desktop\BundleSweetIMSetup.exe =>PUP.SweetIM^
C:\Users\vitale\Desktop\conduitinstaller.exe =>Adware.Bloson^
C:\Users\vitale\Desktop\rcpsetup_softonic_sd.exe =>Toolbar.Conduit^
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard^
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.6.1694.246]:dllName="BitGuard.dll" =>PUP.BitGuard^
[HKCU\Software\f578c8dbd68ee13\history\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}2.7.1769.27]:SERVICE_NAME="BitGuard" =>PUP.BitGuard^
[HKCU\Software\f578c8dbd68ee13]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKLM\Software\f578c8dbd68ee13]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
C:\Windows\Installer\1a25b17.msi =>Adware.IMBooster^
C:\Windows\Installer\1ae56f.msi =>Adware.Boxore^
C:\Windows\Installer\1c52e5.msi =>PUP.Babylon^
C:\Windows\Installer\1c52eb.msi =>PUP.BearShare^
C:\Windows\Installer\2a5269.msi =>PUP.SweetIM^
C:\Windows\Installer\2a526f.msi =>PUP.SweetIM^
C:\Windows\Installer\2c65f.msi =>Adware.Boxore^
C:\Windows\Installer\92d6b.msi =>Adware.WebAdSystem^
[HKCR\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}] (Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand) =>Adware.IMBooster^
[HKCR\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}] (Iminent.Mediator.Communication.MediatorServiceProxy) =>Adware.IMBooster^
[HKCR\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}] (Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand) =>Adware.IMBooster^
[HKCR\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}] (Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand) =>Adware.IMBooster^
[HKCR\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}] (Iminent.Mediator.Communication.DataContracts.GetCreditCommand) =>Adware.IMBooster^
[HKCR\CLSID\{11111111-1111-1111-1111-110411391160}] (Deeal_fr 0.2) =>PUP.DeealFr^
[HKCR\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}] (Iminent.Mediator.Communication.ServerResult) =>Adware.IMBooster^
[HKCR\CLSID\{14CEEAFF-96DD-4101-AE37-D5ECDC23C3F6}] (Barre d'outils ALOT Helper) =>Adware.Comet^
[HKCR\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}] (Iminent.Mediator.LightContent) =>Adware.IMBooster^
[HKCR\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}] (Iminent.Mediator.Communication.DataContracts.GetVariableCommand) =>Adware.IMBooster^
[HKCR\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}] (DealPly Live Legacy On Demand) =>PUP.DealPly^
[HKCR\CLSID\{22222222-2222-2222-2222-220422392260}] (CrossriderApp0043960.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220422892226}] (CrossriderApp0048926.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}] (Iminent.Mediator.Communication.DataContracts.SetVariableCommand) =>Adware.IMBooster^
[HKCR\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}] (Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand) =>Adware.IMBooster^
[HKCR\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}] (Iminent.Mediator.Communication.DataContracts.PlayContentCommand) =>Adware.IMBooster^
[HKCR\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}] (Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult) =>Adware.IMBooster^
[HKCR\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}] (Iminent.Mediator.Communication.ContractBase) =>Adware.IMBooster^
[HKCR\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}] (Iminent.Mediator.Communication.DataContracts.LoadContentCommand) =>Adware.IMBooster^
[HKCR\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}] (Iminent.Business.Tinyfying.ViralLinkArgs) =>Adware.IMBooster^
[HKCR\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}] (Iminent.Mediator.Communication.DataContracts.PostContentCallback) =>Adware.IMBooster^
[HKCR\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}] (Iminent.Business.Tinyfying.TinyUrlArgs) =>Adware.IMBooster^
[HKCR\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] (Softonic Toolbar) =>Toolbar.Conduit^
[HKCR\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}] (DealPly Live Core Class) =>PUP.DealPly^
[HKCR\CLSID\{5AA2BA46-9913-4dc7-9620-69AB0FA17AE7}] (Barre d'outils ALOT) =>Adware.Comet^
[HKCR\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}] (WajamDownloader Class) =>PUP.Wajam^
[HKCR\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}] (Iminent.Mediator.Communication.DataContracts.WarmUpCommand) =>Adware.IMBooster^
[HKCR\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}] (Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand) =>Adware.IMBooster^
[HKCR\CLSID\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}] (GamesBar) =>Adware.GamesBar^
[HKCR\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}] (DealPly Live Process Launcher Class) =>PUP.DealPly^
[HKCR\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}] (Iminent.Mediator.Communication.ServerCommand) =>Adware.IMBooster^
[HKCR\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}] (Iminent.Business.Tinyfying.LinkToPromoteArgs) =>Adware.IMBooster^
[HKCR\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}] (Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand) =>Adware.IMBooster^
[HKCR\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}] (DealPlyLive Update Plugin) =>PUP.DealPly^
[HKCR\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}] (DealPly Live Legacy On Demand) =>PUP.DealPly^
[HKCR\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}] (Iminent.Mediator.Communication.DataContracts.LogoutCommand) =>Adware.IMBooster^
[HKCR\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}] (DealPly Live Broker Class Factory) =>PUP.DealPly^
[HKCR\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}] (Iminent.Mediator.Communication.DataContracts.LoginCommand) =>Adware.IMBooster^
[HKCR\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}] (Iminent.Mediator.Communication.ClientCallback) =>Adware.IMBooster^
[HKCR\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}] (Iminent.Mediator.Communication.DataContracts.WelcomeCommand) =>Adware.IMBooster^
[HKCR\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}] (DealPlyLive Update Plugin) =>PUP.DealPly^
[HKCR\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}] (Iminent.Mediator.Communication.DataContracts.MyAccountCommand) =>Adware.IMBooster^
[HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] (Wajam) =>PUP.Wajam^
[HKCR\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}] (DealPly Shopping) =>PUP.DealPly^
[HKCR\CLSID\{AE5C74BF-0680-87BD-7F63-F35CA6E38E4D}] (Iminent.Mediator.Communication.MediatorServiceProxy) =>Adware.IMBooster^
[HKCR\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}] (Iminent.Mediator.Communication.DataContracts.InstallationContextResult) =>Adware.IMBooster^
[HKCR\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}] (Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand) =>Adware.IMBooster^
[HKCR\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}] (Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback) =>Adware.IMBooster^
[HKCR\CLSID\{B939CF93-F2CB-443d-956C-DC523D85C9DB}] (DataMngr) =>PUP.Datamngr^
[HKCR\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}] (Iminent.Mediator.Communication.DataContracts.GetVariableResult) =>Adware.IMBooster^
[HKCR\CLSID\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}] (Wincore Mediabar) =>PUP.iMesh^
[HKCR\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}] (Iminent.Mediator.Communication.DataContracts.GameOverCallback) =>Adware.IMBooster^
[HKCR\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}] (Iminent.Mediator.Communication.DataContracts.VariableChangedCallback) =>Adware.IMBooster^
[HKCR\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}] (Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback) =>Adware.IMBooster^
[HKCR\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}] (DealPlyLive.OneClickProcessLauncher) =>PUP.DealPly^
[HKCR\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}] (Iminent.Business.Tinyfying.RawDataArgs) =>Adware.IMBooster^
[HKCR\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}] (DealPly Live Core Class) =>PUP.DealPly^
[HKCR\CLSID\{CB0D163C-E9F4-4236-9496-0597E24B23A5}] (GamesBarBHO Class) =>Adware.GamesBar^
[HKCR\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}] (Iminent.Mediator.Communication.DataContracts.CleanCacheCommand) =>Adware.IMBooster^
[HKCR\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}] (Iminent.Business.Tinyfying.DownloadArgs) =>Adware.IMBooster^
[HKCR\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}] (Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand) =>Adware.IMBooster^
[HKCR\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}] (Softonic Helper Object) =>Toolbar.Conduit^
[HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}] (SweetPacks Toolbar for Internet Explorer) =>PUP.SweetIM^
[HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}] (SweetPacks Browser Helper) =>PUP.SweetIM^
[HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}] (SweetIM ToolbarURLSearchHook Class) =>PUP.SweetIM^
[HKCR\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}] (Iminent.Mediator.LightUri) =>Adware.IMBooster^
[HKCR\CLSID\{F8AB43ED-EC88-4de7-B213-F89157D29C63}] (iMesh6Discovery Class) =>PUP.iMesh^
[HKCR\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}] (Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand) =>Adware.IMBooster^
[HKCR\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}] (Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult) =>Adware.IMBooster^
[HKCR\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}] (DealPly Live Broker Class Factory) =>PUP.DealPly^
C:\Users\vitale\AppData\Local\Temp\OB.exe =>PUP.OfferBox
C:\Users\vitale\AppData\Local\Temp\uninst1.exe =>PUP.Babylon
C:\Users\vitale\AppData\Local\Temp\wajam_install.exe =>Toolbar.Wajam
C:\Users\vitale\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon
C:\Users\vitale\AppData\Local\Temp\GLFB4E2.tmp.tbOryt.dll =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\GLFBF0F.tmp.tbOryt.dll =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\nsb140A.exe =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\nsl8160.exe =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\nsq6B0.exe =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\nsw756E.exe =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\SearchProtectINT.exe =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\spidentifierimpl.exe =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\SQLite.dll =>PUP.SweetIM
C:\Users\vitale\AppData\Local\Temp\tbBub2.dll =>Toolbar.Conduit
C:\Users\vitale\AppData\Local\Temp\WebAdSystem_setup.exe =>Adware.WebAdSystem
~ Additionnel Scan: 348549 Items scanned in 01mn 22s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPKS) (O51)
~ AMI: 7 Scanned in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-activeris =>PUP.Activeris
http://nicolascoolman.fr/pup-sweetim =>PUP.SweetIM
http://nicolascoolman.fr/pup-offerbox =>PUP.OfferBox
http://nicolascoolman.fr/adware-webadsystem =>Adware.WebAdSystem
http://nicolascoolman.fr/pup-browsersafeguard =>PUP.BrowserSafeguard
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.fr/trojan-sprotector =>Trojan.SProtector
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://nicolascoolman.fr/pup-adpeak =>PUP.AdPeak
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://nicolascoolman.fr/hijacker-qone8 =>Hijacker.Qone8
http://nicolascoolman.fr/spyware-smartdisplay =>Spyware.SmartDisplay
http://nicolascoolman.fr/adware-searchya =>Adware.SearchYa
http://nicolascoolman.fr/adware-plushd =>Adware.PlusHD
http://nicolascoolman.fr/pup-webconnect =>PUP.WebConnect
http://nicolascoolman.fr/pup-quickstart =>PUP.QuickStart
http://nicolascoolman.fr/pup-dealply =>PUP.DealPly
http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/adware-comet =>Adware.Comet
http://nicolascoolman.fr/pup-saveon =>PUP.SaveOn
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://nicolascoolman.fr/pup-bearshare =>PUP.BearShare
http://nicolascoolman.fr/pup-imesh =>PUP.iMesh
http://nicolascoolman.fr/adware-gamesbar =>Adware.GamesBar
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/pup-pricemeter =>PUP.PriceMeter
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/pup-suprasavings =>PUP.SupraSavings
http://nicolascoolman.fr/hijacker-babsolution =>Hijacker.BabSolution
http://nicolascoolman.fr/pup-datamngr =>PUP.Datamngr
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/adware-vidsaver =>Adware.VidSaver
http://nicolascoolman.fr/pup-optimizerelitemax =>PUP.OptimizerEliteMax
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-bitguard =>PUP.BitGuard
http://nicolascoolman.fr/adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.fr/pup-wedownloadmanager =>PUP.weDownloadManager
http://nicolascoolman.fr/pup-vgrabber =>PUP.vGrabber
http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock
http://nicolascoolman.fr/pup-rockturner =>PUP.RockTurner
http://nicolascoolman.fr/33423242-pup-yappyz =>PUP.Yappyz
http://nicolascoolman.fr/30956590-hijacker-searcheo =>Hijacker.Searcheo
http://nicolascoolman.fr/pup-searchresults =>PUP.SearchResults
http://nicolascoolman.fr/adware-bloson =>Adware.Bloson
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://nicolascoolman.fr/pup-rewardsarcade =>PUP.RewardsArcade
http://nicolascoolman.fr/adware-spointer =>Adware.SPointer
http://nicolascoolman.fr/pup-kiwee =>PUP.Kiwee
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/adware-iwinarcade =>Adware.iWinArcade
http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.fr/adware-incredibar =>Adware.IncrediBar
http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd
http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods
http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
http://nicolascoolman.fr/pup-tarma =>PUP.Tarma
http://nicolascoolman.fr/adware-browsefox =>Adware.BrowseFox
~ MSI: 68 link(s) detected in 00mn 01s



End of the scan (3368 lines in 10mn 10s)(0)