Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow
M2 - MFEP: Extension [Utilisateur - 219tnzeo.default] {55dce8ba-9dec-4013-937e-adbf9317d990}
M2 - MFEP: Extension [Utilisateur - 3kddhap9.default-1353620243249] {55dce8ba-9dec-4013-937e-adbf9317d990}
M2 - MFEP: Extension [Utilisateur - ukeh6bm2.default-1358150954076] {55dce8ba-9dec-4013-937e-adbf9317d990}
M2 - MFEP: Extension [Utilisateur - xymef0da.default-1413660484510] {55dce8ba-9dec-4013-937e-adbf9317d990}
M2 - MFEP: Extension [Utilisateur - zwa8oxgq.default-1405790007734] {55dce8ba-9dec-4013-937e-adbf9317d990}
O4 - GS\Desktop [Utilisateur]: MediaGet.lnk . (...) -- C:\Users\Utilisateur\AppData\Local\MediaGet2\mediaget.exe (.not file.) =>PUP.MediaGet
O39 - APT: - (..) -- C:\Windows\Tasks\Coupons-shopping 0.2-firefoxinstaller.job [2366] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Coupons-shopping 0.2-firefoxinstaller [2366] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Gooclic_fr 0.1-chromeinstaller.job [3096] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Gooclic_fr 0.1-chromeinstaller [3096] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Gooclic_fr 0.1-enabler.job [1352] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Gooclic_fr 0.1-enabler [1352] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Gooclic_fr 0.1-firefoxinstaller.job [2272] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Gooclic_fr 0.1-firefoxinstaller [2272] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Gooclic_fr 0.1-updater.job [1518] =>PUP.CrossRider
O41 - Driver: (pcwatch) . (...) - C:\Windows\system32\Drivers\pcwatch.sys =>PUP.WebProtect
O42 - Logiciel: Web Protect for Windows - (.PC Publishing.) [HKLM] -- wp-dcollect-tgu =>PUP.WebProtect
[HKCU\Software\PCTRunner] =>PUP.WebProtect
[HKCU\Software\PluginAddon]
[HKLM\Software\Browsers+_App#s#-nv] =>PUP.CrossRider
[HKLM\Software\Coupons-shopping 0.2] =>PUP.CrossRider
[HKLM\Software\Gooclic_fr 0.1]
[HKLM\Software\PCTRunner] =>PUP.WebProtect
O43 - CFD: 18/10/2014 - 22:23:24 - [] ----D C:\Program Files\Coupons-shopping 0.2 =>PUP.CrossRider
O43 - CFD: 31/07/2014 - 10:40:01 - [] ----D C:\Program Files\Deal Keeper =>PUP.DealKeeper
O43 - CFD: 17/10/2014 - 11:24:18 - [] ----D C:\Program Files\PCTRunner =>PUP.WebProtect
O43 - CFD: 20/10/2014 - 15:22:36 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 20/10/2014 - 15:22:36 - [] ----D C:\Users\Utilisateur\AppData\Roaming\Babylon =>PUP.Babylon
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\pcwatch.sys . (...) -- C:\Windows\System32\Drivers\pcwatch.sys (.not file.) =>PUP.WebProtect
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\pcwatch.sys . (...) -- C:\Windows\System32\Drivers\pcwatch.sys (.not file.) =>PUP.WebProtect
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\pcwatch.sys [20480] =>PUP.WebProtect
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (...) -- Bad: (NOTEPAD.EXE "%1") Good: (regedit.exe "%1") =>Broken.OpenCommand
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- Bad: (NOTEPAD.EXE "%1") Good: ("%1" /S) =>Broken.OpenCommand
[MD5.79E6443F01B4B1C3B957AA38DDD564FF] [WIS][17/07/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\f918617.msi [45056] =>Adware.Boxore
HKLM\SOFTWARE\Microsoft\Tracing\20120702IminentSetup_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\20120702IminentSetup_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\Fortunitas_RASAPI32 =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\Fortunitas_RASMANCS =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\Install_BubbleDock_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\Install_BubbleDock_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\mediaget_RASAPI32 =>PUP.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\mediaget_RASMANCS =>PUP.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\TornTV_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\TornTV_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\updateBuzzSearch_RASAPI32 =>PUP.BuzzSearch
HKLM\SOFTWARE\Microsoft\Tracing\updateBuzzSearch_RASMANCS =>PUP.BuzzSearch
HKLM\SOFTWARE\Microsoft\Tracing\updateFortunitas_RASAPI32 =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\updateFortunitas_RASMANCS =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\utilBuzzSearch_RASAPI32 =>PUP.BuzzSearch
HKLM\SOFTWARE\Microsoft\Tracing\utilBuzzSearch_RASMANCS =>PUP.BuzzSearch
HKLM\SOFTWARE\Microsoft\Tracing\utilFortunitas_RASAPI32 =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\utilFortunitas_RASMANCS =>PUP.Fortunitas
SS - | Disabled 10/07/1658 0 | (MyOSProtect) . (...) - C:\Program Files\PCTRunner\MyOSProtect.exe =>PUP.WebProtect
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\wp-dcollect-tgu] =>PUP.WebProtect^
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =>Adware.Boxore
[HKLM\Software\Google\Chrome\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb] =>Adware.InstallBrain
C:\Program Files\Coupons-shopping 0.2 =>PUP.CrossRider^
C:\Program Files\Deal Keeper =>PUP.DealKeeper^
C:\Program Files\PCTRunner =>PUP.WebProtect^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\Users\Utilisateur\AppData\Roaming\Babylon =>PUP.Babylon^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow^
C:\Windows\Tasks\Coupons-shopping 0.2-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Coupons-shopping 0.2-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\Gooclic_fr 0.1-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Gooclic_fr 0.1-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\Gooclic_fr 0.1-enabler.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Gooclic_fr 0.1-enabler =>PUP.CrossRider^
C:\Windows\Tasks\Gooclic_fr 0.1-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Gooclic_fr 0.1-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\Gooclic_fr 0.1-updater.job =>PUP.CrossRider^
[HKCU\Software\PCTRunner] =>PUP.WebProtect^
[HKLM\Software\Browsers+_App#s#-nv] =>PUP.CrossRider^
[HKLM\Software\Coupons-shopping 0.2] =>PUP.CrossRider^
[HKLM\Software\PCTRunner] =>PUP.WebProtect^
Bad: (NOTEPAD.EXE "%1") Good: (regedit.exe "%1") =>Broken.OpenCommand^
Bad: (NOTEPAD.EXE "%1") Good: ("%1" /S) =>Broken.OpenCommand^
C:\Windows\Installer\f918617.msi =>Adware.Boxore^
M3 - MFPP: Plugins - [Utilisateur] -- C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\219tnzeo.default\searchplugins\lookineo.xml
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "HideSCAHealth"=1
C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\ukeh6bm2.default-1358150954076\prefs.js (.not file.)
C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\zwa8oxgq.default-1405790007734\prefs.js (.not file.)
O44 - LFC:[MD5.56EB41F35EA2D3D52A824ABF2A7474E7] - 10/10/2014 - 13:59:43 ---A- . (...) -- C:\Windows\DPINST.LOG [70374]
O51 - MPSK:{71be995b-8823-11e3-83fc-a0ff16a122ae}\AutoRun\command. (...) -- E:\AutoLaunch.exe (.not file.)
O51 - MPSK:{cab3e28d-409e-11e2-bcc7-b89a02b7bb41}\AutoRun\command. (...) -- F:\LGAutoRun.exe (.not file.)
M2 - MFEP: Extension [Utilisateur - 219tnzeo.default] {b8a90375-3b37-4954-86de-f96c458c4ce2}
M2 - MFEP: Extension [Utilisateur - 3kddhap9.default-1353620243249] {b8a90375-3b37-4954-86de-f96c458c4ce2}
M2 - MFEP: Extension [Utilisateur - ukeh6bm2.default-1358150954076] {b8a90375-3b37-4954-86de-f96c458c4ce2}
M2 - MFEP: Extension [Utilisateur - xymef0da.default-1413660484510] {b8a90375-3b37-4954-86de-f96c458c4ce2}
M2 - MFEP: Extension [Utilisateur - zwa8oxgq.default-1405790007734] {b8a90375-3b37-4954-86de-f96c458c4ce2}
O23 - Service: Tool Manager service (ToolManagerService) . (.Pas de propri�taire - ToolManager.) - C:\Program Files\ToolManager\ToolManager.exe
O39 - APT: - (..) -- C:\Windows\Tasks\1146eb7e-f196-496b-b47d-8f0bfe6d30ec-11.job [3796]
O42 - Logiciel: Songpress 1.5 - (.Luca Allulli - Skeed.) [HKLM] -- Songpress
O42 - Logiciel: VideoMate DVB-T / DAB / ISDBT USB Driver - (...) [HKLM] -- {9B56D73E-CBC7-4499-ACED-9ECCA72AE52C}
O42 - Logiciel: VideoMate U600F & J500U Series - (.Compro.) [HKLM] -- {24A43F96-E8A7-4B31-AF65-4F6A6EB221FE}
[HKLM\Software\Compro Technology, Inc.]
[HKLM\Software\Compro]
[HKLM\Software\ba27c46b-5758-41da-8824-93138f4a0d7f]
O43 - CFD: 24/11/2012 - 19:12:55 - [] ----D C:\Program Files\Compro
O43 - CFD: 12/07/2014 - 10:26:06 - [] ----D C:\Program Files\DM73
O43 - CFD: 02/08/2013 - 13:40:07 - [] ----D C:\Program Files\Songpress
O43 - CFD: 27/09/2014 - 08:10:44 - [] ----D C:\Users\Utilisateur\AppData\Roaming\Advanced Cleaner Pro
O58 - SDL:04/07/2014 - 17:41:48 ---A- . (...) -- C:\Windows\System32\Drivers\voxaldriverx86.sys [45264]
[MD5.ADD164A61F1EB130F7A5C409BB49BA3A] [SPRF][12/07/2014] (.AnalogX, LLC - AnalogX AutoTune Installer.) -- C:\Users\Utilisateur\Desktop\autoi.exe [389912]
[MD5.4A3DA7688D7963C8920C7E724160D270] [SPRF][22/09/2012] (...) -- C:\Users\Utilisateur\Desktop\mp3DC213.exe [247053]
SS - | Auto 03/12/2013 43024 | (ToolManagerService) . (...) - C:\Program Files\ToolManager\ToolManager.exe
O42 - Logiciel: Aff Packages - (...) [HKCU] -- Aff Packages
[HKCU\Software\ELIGCHK]
EmptyPrefetch
FirewallRaz
PROXYFix
EmptyTemp
EmptyFlash
EmptyClsid
SysRestore
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow
M2 - MFEP: Extension [Utilisateur - 219tnzeo.default] {55dce8ba-9dec-4013-937e-adbf9317d990}
M2 - MFEP: Extension [Utilisateur - 3kddhap9.default-1353620243249] {55dce8ba-9dec-4013-937e-adbf9317d990}
M2 - MFEP: Extension [Utilisateur - ukeh6bm2.default-1358150954076] {55dce8ba-9dec-4013-937e-adbf9317d990}
M2 - MFEP: Extension [Utilisateur - xymef0da.default-1413660484510] {55dce8ba-9dec-4013-937e-adbf9317d990}
M2 - MFEP: Extension [Utilisateur - zwa8oxgq.default-1405790007734] {55dce8ba-9dec-4013-937e-adbf9317d990}
O4 - GS\Desktop [Utilisateur]: MediaGet.lnk . (...) -- C:\Users\Utilisateur\AppData\Local\MediaGet2\mediaget.exe (.not file.) =>PUP.MediaGet
O39 - APT: - (..) -- C:\Windows\Tasks\Coupons-shopping 0.2-firefoxinstaller.job [2366] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Coupons-shopping 0.2-firefoxinstaller [2366] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Gooclic_fr 0.1-chromeinstaller.job [3096] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Gooclic_fr 0.1-chromeinstaller [3096] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Gooclic_fr 0.1-enabler.job [1352] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Gooclic_fr 0.1-enabler [1352] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Gooclic_fr 0.1-firefoxinstaller.job [2272] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Gooclic_fr 0.1-firefoxinstaller [2272] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Gooclic_fr 0.1-updater.job [1518] =>PUP.CrossRider
O41 - Driver: (pcwatch) . (...) - C:\Windows\system32\Drivers\pcwatch.sys =>PUP.WebProtect
O42 - Logiciel: Web Protect for Windows - (.PC Publishing.) [HKLM] -- wp-dcollect-tgu =>PUP.WebProtect
[HKCU\Software\PCTRunner] =>PUP.WebProtect
[HKCU\Software\PluginAddon]
[HKLM\Software\Browsers+_App#s#-nv] =>PUP.CrossRider
[HKLM\Software\Coupons-shopping 0.2] =>PUP.CrossRider
[HKLM\Software\Gooclic_fr 0.1]
[HKLM\Software\PCTRunner] =>PUP.WebProtect
O43 - CFD: 18/10/2014 - 22:23:24 - [] ----D C:\Program Files\Coupons-shopping 0.2 =>PUP.CrossRider
O43 - CFD: 31/07/2014 - 10:40:01 - [] ----D C:\Program Files\Deal Keeper =>PUP.DealKeeper
O43 - CFD: 17/10/2014 - 11:24:18 - [] ----D C:\Program Files\PCTRunner =>PUP.WebProtect
O43 - CFD: 20/10/2014 - 15:22:36 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 20/10/2014 - 15:22:36 - [] ----D C:\Users\Utilisateur\AppData\Roaming\Babylon =>PUP.Babylon
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\pcwatch.sys . (...) -- C:\Windows\System32\Drivers\pcwatch.sys (.not file.) =>PUP.WebProtect
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\pcwatch.sys . (...) -- C:\Windows\System32\Drivers\pcwatch.sys (.not file.) =>PUP.WebProtect
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\pcwatch.sys [20480] =>PUP.WebProtect
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
[MD5.79E6443F01B4B1C3B957AA38DDD564FF] [WIS][17/07/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\f918617.msi [45056] =>Adware.Boxore
HKLM\SOFTWARE\Microsoft\Tracing\20120702IminentSetup_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\20120702IminentSetup_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Microsoft\Tracing\Fortunitas_RASAPI32 =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\Fortunitas_RASMANCS =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\Install_BubbleDock_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\Install_BubbleDock_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\mediaget_RASAPI32 =>PUP.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\mediaget_RASMANCS =>PUP.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\TornTV_RASAPI32 =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\TornTV_RASMANCS =>Hijacker.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\updateBuzzSearch_RASAPI32 =>PUP.BuzzSearch
HKLM\SOFTWARE\Microsoft\Tracing\updateBuzzSearch_RASMANCS =>PUP.BuzzSearch
HKLM\SOFTWARE\Microsoft\Tracing\updateFortunitas_RASAPI32 =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\updateFortunitas_RASMANCS =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\utilBuzzSearch_RASAPI32 =>PUP.BuzzSearch
HKLM\SOFTWARE\Microsoft\Tracing\utilBuzzSearch_RASMANCS =>PUP.BuzzSearch
HKLM\SOFTWARE\Microsoft\Tracing\utilFortunitas_RASAPI32 =>PUP.Fortunitas
HKLM\SOFTWARE\Microsoft\Tracing\utilFortunitas_RASMANCS =>PUP.Fortunitas
SS - | Disabled 10/07/1658 0 | (MyOSProtect) . (...) - C:\Program Files\PCTRunner\MyOSProtect.exe =>PUP.WebProtect
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\wp-dcollect-tgu] =>PUP.WebProtect^
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =>Adware.Boxore
[HKLM\Software\Google\Chrome\Extensions\kckgnnipheglejoddfhekdjpbdbinhmb] =>Adware.InstallBrain
C:\Program Files\Coupons-shopping 0.2 =>PUP.CrossRider^
C:\Program Files\Deal Keeper =>PUP.DealKeeper^
C:\Program Files\PCTRunner =>PUP.WebProtect^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\Users\Utilisateur\AppData\Roaming\Babylon =>PUP.Babylon^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: Modified =>PUA.StartShow^
C:\Windows\Tasks\Coupons-shopping 0.2-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Coupons-shopping 0.2-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\Gooclic_fr 0.1-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Gooclic_fr 0.1-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\Gooclic_fr 0.1-enabler.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Gooclic_fr 0.1-enabler =>PUP.CrossRider^
C:\Windows\Tasks\Gooclic_fr 0.1-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\Gooclic_fr 0.1-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\Gooclic_fr 0.1-updater.job =>PUP.CrossRider^
[HKCU\Software\PCTRunner] =>PUP.WebProtect^
[HKLM\Software\Browsers+_App#s#-nv] =>PUP.CrossRider^
[HKLM\Software\Coupons-shopping 0.2] =>PUP.CrossRider^
[HKLM\Software\PCTRunner] =>PUP.WebProtect^
Bad: (NOTEPAD.EXE "%1") Good: (regedit.exe "%1") =>Broken.OpenCommand^
Bad: (NOTEPAD.EXE "%1") Good: ("%1" /S) =>Broken.OpenCommand^
C:\Windows\Installer\f918617.msi =>Adware.Boxore^
M3 - MFPP: Plugins - [Utilisateur] -- C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\219tnzeo.default\searchplugins\lookineo.xml
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "HideSCAHealth"=1
C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\ukeh6bm2.default-1358150954076\prefs.js (.not file.)
C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\zwa8oxgq.default-1405790007734\prefs.js (.not file.)
O44 - LFC:[MD5.56EB41F35EA2D3D52A824ABF2A7474E7] - 10/10/2014 - 13:59:43 ---A- . (...) -- C:\Windows\DPINST.LOG [70374]
O51 - MPSK:{71be995b-8823-11e3-83fc-a0ff16a122ae}\AutoRun\command. (...) -- E:\AutoLaunch.exe (.not file.)
O51 - MPSK:{cab3e28d-409e-11e2-bcc7-b89a02b7bb41}\AutoRun\command. (...) -- F:\LGAutoRun.exe (.not file.)
M2 - MFEP: Extension [Utilisateur - 219tnzeo.default] {b8a90375-3b37-4954-86de-f96c458c4ce2}
M2 - MFEP: Extension [Utilisateur - 3kddhap9.default-1353620243249] {b8a90375-3b37-4954-86de-f96c458c4ce2}
M2 - MFEP: Extension [Utilisateur - ukeh6bm2.default-1358150954076] {b8a90375-3b37-4954-86de-f96c458c4ce2}
M2 - MFEP: Extension [Utilisateur - xymef0da.default-1413660484510] {b8a90375-3b37-4954-86de-f96c458c4ce2}
M2 - MFEP: Extension [Utilisateur - zwa8oxgq.default-1405790007734] {b8a90375-3b37-4954-86de-f96c458c4ce2}
O23 - Service: Tool Manager service (ToolManagerService) . (.Pas de propri�taire - ToolManager.) - C:\Program Files\ToolManager\ToolManager.exe
O39 - APT: - (..) -- C:\Windows\Tasks\1146eb7e-f196-496b-b47d-8f0bfe6d30ec-11.job [3796]
O42 - Logiciel: Songpress 1.5 - (.Luca Allulli - Skeed.) [HKLM] -- Songpress
O42 - Logiciel: VideoMate DVB-T / DAB / ISDBT USB Driver - (...) [HKLM] -- {9B56D73E-CBC7-4499-ACED-9ECCA72AE52C}
O42 - Logiciel: VideoMate U600F & J500U Series - (.Compro.) [HKLM] -- {24A43F96-E8A7-4B31-AF65-4F6A6EB221FE}
[HKLM\Software\Compro Technology, Inc.]
[HKLM\Software\Compro]
[HKLM\Software\ba27c46b-5758-41da-8824-93138f4a0d7f]
O43 - CFD: 24/11/2012 - 19:12:55 - [] ----D C:\Program Files\Compro
O43 - CFD: 12/07/2014 - 10:26:06 - [] ----D C:\Program Files\DM73
O43 - CFD: 02/08/2013 - 13:40:07 - [] ----D C:\Program Files\Songpress
O43 - CFD: 27/09/2014 - 08:10:44 - [] ----D C:\Users\Utilisateur\AppData\Roaming\Advanced Cleaner Pro
O58 - SDL:04/07/2014 - 17:41:48 ---A- . (...) -- C:\Windows\System32\Drivers\voxaldriverx86.sys [45264]
[MD5.ADD164A61F1EB130F7A5C409BB49BA3A] [SPRF][12/07/2014] (.AnalogX, LLC - AnalogX AutoTune Installer.) -- C:\Users\Utilisateur\Desktop\autoi.exe [389912]
[MD5.4A3DA7688D7963C8920C7E724160D270] [SPRF][22/09/2012] (...) -- C:\Users\Utilisateur\Desktop\mp3DC213.exe [247053]
SS - | Auto 03/12/2013 43024 | (ToolManagerService) . (...) - C:\Program Files\ToolManager\ToolManager.exe
O42 - Logiciel: Aff Packages - (...) [HKCU] -- Aff Packages
[HKCU\Software\ELIGCHK]