cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.12.27.179 - Nicolas Coolman (27/12/2014)
~ Lancé par packardbell (07/06/2015 23:45:05)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801
GCIE: Google Chrome v43.0.2357.81 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 ActiveX
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4090 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 86 GB (28%) free of 298 GB

---\\ Mode de connexion au système
~ Computer Name: PACKARDBELL-PC
~ User Name: packardbell
~ All Users Names: packardbell, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\packardbell\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\packardbell\AppData\Roaming\
~ %Desktop% : C:\Users\packardbell\Desktop\
~ %Favorites% : C:\Users\packardbell\Favorites\
~ %LocalAppData% : C:\Users\packardbell\AppData\Local\
~ %StartMenu% : C:\Users\packardbell\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 86 Go of 298 Go)
D: CD-ROM drive (Not Inserted)
E: CD-ROM drive (Free 0 Go of 11 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2015 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 05:27:28.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 01:19:22.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 01:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 02:43:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 01:23:22.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 02:52:36.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 03:06:42.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 05:34:04.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1202
~ Mes Favoris (My Favorites) : 1/25
~ Mes Documents (My Documents) : 2/142
~ Mon Bureau (My Desktop) : 0/6766
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 11s



---\\ Processus lancés
[MD5.A416FBE18A8FF5C942B5E4A65A66EAE0] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704] [PID.1988]
[MD5.432F4E8794A2EA8A64E4C75EA80B790E] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\packardbell\AppData\Roaming\uTorrent\uTorrent.exe [1694560] [PID.1700] =>P2P.BitTorrent
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\packardbell\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.1748]
[MD5.E3573EBDE923BB48AE1C8672988B5772] - (.Disc Soft Ltd - DAEMON Tools Shell Extensions Helper.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe [2630928] [PID.2336]
[MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5020]
[MD5.8DACA62F3E15E45EBAF7AE51A609CBC1] - (.Valve Corporation - Steam Client Bootstrapper.) -- C:\Program Files (x86)\Steam\steam.exe [2892992] [PID.1736]
[MD5.D471F27FE3414238839979D4203143B3] - (.Valve Corporation - Steam Client WebHelper.) -- C:\Program Files (x86)\Steam\bin\steamwebhelper.exe [1853632] [PID.4528]
[MD5.E47AC731D42B2452D4C0BF096DF3DD6E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8145408] [PID.2940]
[MD5.32B37DD6E7D423DF3CF3B196C8005F85] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [409800] [PID.784]
[MD5.E1B44A75947137F4143308D566889837] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848] [PID.1784]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.2532]
[MD5.FECA9F830A5C6BAB9978E6781A26AE2B] - (.Microsoft Corporation - Updates Skype Click to Call.) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816] [PID.2572]
[MD5.5B33709F7FE59BB625F113EED86AFC5C] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672] [PID.2604]
[MD5.FB51E8E39E3FDB6757874653B743BE72] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576] [PID.3052]
[MD5.122D17832AC8DAAC1546BC5277236575] - (.SafeNet Inc. - Sentinel HASP License Manager Service.) -- C:\Windows\system32\hasplms.exe [3750400] [PID.2480]
[MD5.DB7C6892180C79714EF79F69A788E865] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008] [PID.1928]
[MD5.5ACA4C4F2B51FC9840F961452A3D2E4E] - (...) -- C:\Program Files (x86)\tuEagles\EglSrv.exe [336896] [PID.2268]
[MD5.360959BBD4F451E1AB811F4304232766] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2568120] [PID.380]
[MD5.0A3544D7E9AF7D8C991C904339157EDC] - (.Valve Corporation - Steam Client Service.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [837312] [PID.4368]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\packardbell\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\packardbell\AppData\Roaming\Mozilla\Firefox\Profiles\x55ybz79.default\prefs.js
M3 - MFPP: Plugins - [packardbell] -- C:\Users\packardbell\AppData\Roaming\Mozilla\Firefox\Profiles\x55ybz79.default\searchplugins\WebSearch.xml
M0 - MFSP: prefs.js [packardbell - x55ybz79.default] http://websearch.searchtotal.info
~ Firefox Browser: 6 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.searchtotal.info
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.omniboxes.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.omniboxes.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com =>PUP.StartSearch
~ IE Browser: 19 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [packardbell]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\packardbell\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\packardbell\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\packardbell\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [java] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKCU\..\Run: [YtgfPack] :\Users\packardbell\AppData\Local\YhxrPack\rbrzinhj.dll (.not file.)
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [eagleye] . (...) -- C:\Program Files (x86)\tuEagles\EagleSvr.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\.DEFAULT\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe =>PUP.SearchProtect
O4 - HKUS\S-1-5-18\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe =>PUP.SearchProtect
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1332393193-2239827683-3435763543-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\packardbell\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-1332393193-2239827683-3435763543-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-1332393193-2239827683-3435763543-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\packardbell\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKUS\S-1-5-21-1332393193-2239827683-3435763543-1001\..\Run: [java] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKUS\S-1-5-21-1332393193-2239827683-3435763543-1001\..\Run: [YtgfPack] :\Users\packardbell\AppData\Local\YhxrPack\rbrzinhj.dll (.not file.)
O4 - HKUS\S-1-5-21-1332393193-2239827683-3435763543-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A02D664A-1498-4E42-AC13-D60E918F32FF}: NameServer = 10.6.3.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{5A5864F1-7484-461F-8035-197B0DCF0EBA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A02D664A-1498-4E42-AC13-D60E918F32FF}: NameServer = 10.6.3.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{5A5864F1-7484-461F-8035-197B0DCF0EBA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A02D664A-1498-4E42-AC13-D60E918F32FF}: NameServer = 10.6.3.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: IndepthMonitor (344c1489) . (...) - c:\Program Files (x86)\IndepthMonitor\IndepthMonitor.dll (.not file.)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (...) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (.not file.)
O23 - Service: Avira Real-Time Protection (AntiVirService) . (...) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (.not file.)
O23 - Service: Avira Web Protection (AntiVirWebService) . (...) - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe (.not file.)
O23 - Service: SeekerFunc (eb94cead) . (...) - c:\Program Files (x86)\SeekerFunc\SeekerFunc.dll (.not file.)
O23 - Service: TrimGeneration (fb0849cd) . (...) - c:\Program Files (x86)\TrimGeneration\TrimGeneration.dll (.not file.)
O23 - Service: coolsoft (ff39eb65) . (...) - c:\Program Files (x86)\coolsoft\coolsoft.dll (.not file.)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) . (...) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (.not file.) =>Rogue.ReimageRepair
O23 - Service: Software Update Service (supdate) (supdate) . (.Boxore OU. - Programme d'installation de Software.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: tuEagles Service (tuEaglesService) . (...) - C:\Program Files (x86)\tuEagles\EglSrv.exe
~ Services: 14 Legitimates Filtered in 00mn 07s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Bidaily Synchronize Task[pr]] (...) -- c:\programdata\{d47121f7-913c-6989-d471-121f791387de}\setup installer.exe (.not file.) [0]
[MD5.C34968C46A99BBD6248D30F9F1B778C2] [APT] [BoxSoftwareUpdate] (...) -- C:\ProgramData\BoxUpdChk\updchk.exe [177152] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\packardbell\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [GoforFilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] =>P2P.GoforFiles
[MD5.00000000000000000000000000000000] [APT] [LuckyTab] (...) -- C:\Program Files (x86)\LuckyTab\LuckyTab.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [ReimageUpdater] (...) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (.not file.) [0] =>Rogue.ReimageRepair
[MD5.00000000000000000000000000000000] [APT] [ShopperProJSUpd] (...) -- C:\Program Files (x86)\ShopperPro\updater.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineCore] (.Boxore OU..) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
[MD5.251A1AED2D4A26A47C0A4A3058AAE4A8] [APT] [SoftwareUpdateTaskMachineUA] (.Boxore OU..) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [139576] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [SPBIW_UpdateTask_Time_313635313239323535352d3437415a556c2a3223346c41] (...) -- C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [SPDriver] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.38.1.10465\jsdrv.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [UNELEVATE_14824] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.38.1.10465\jsdrv.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.00000000000000000000000000000000] [APT] [{05B17B79-3FF8-4C09-BBD2-B2128B216DAC}] (...) -- C:\Program Files (x86)\bestadblocker\BSttdWJCmLWvsh.exe (.not file.) [0] =>PUP.Adblocker
[MD5.00000000000000000000000000000000] [APT] [{07E0D94F-C097-45F5-B4D2-3CD7CE241B71}] (...) -- C:\logecole\clicmenu\logiciels\jpj\desinst_jepuisje.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0C25ADDC-388A-4F74-BA95-EF0A46F85D6F}] (...) -- D:\START.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{12200464-5951-4CAE-9319-5A55236842AC}] (...) -- C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{21F9C35C-163B-4C5D-A41D-FDB8105254A9}] (...) -- C:\Users\packardbell\Desktop\matlab7\matlab7\MATHWORKS_R2007B\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{254BD7EC-324D-4E1B-B288-D59FD5088FDE}] (...) -- C:\Users\packardbell\Desktop\Zeddak master\E H cd1\START.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3271A7BC-37B4-4902-96A6-0D44C39DD8C4}] (...) -- C:\Users\packardbell\Desktop\3AP\AutoPlay\Docs\flashplayer10_install_plugin_070208.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3865CC6E-4964-4065-A7DA-913B482EBFE3}] (...) -- C:\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{43E3DD95-9F60-423B-A4AB-C6CA1BDBE099}] (...) -- C:\Users\packardbell\AppData\Roaming\omniboxes\UninstallManager.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{463D949D-1648-41CE-B70F-AA0A44556BF9}] (...) -- C:\Users\packardbell\Desktop\3AP\AutoPlay\Docs\Pdf_ar.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{520B27A4-CD45-41F6-B6D2-E98A72E2736A}] (...) -- F:\OriginInstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{597CF8EC-1209-454F-B761-077D3E49005E}] (...) -- C:\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5E85F13F-F821-4743-AB33-DF31DFEFFA59}] (...) -- C:\Program Files (x86)\YourFileDownloader\Uninstall.exe (.not file.) [0] =>PUP.YourFileDownloader
[MD5.00000000000000000000000000000000] [APT] [{81E8E78D-BBD1-403E-8CA0-0CD190C51AC0}] (...) -- C:\Program Files\DomaIQ Uninstaller\DomaIQUninstall.exe (.not file.) [0] =>Adware.DomaIQ
[MD5.00000000000000000000000000000000] [APT] [{95A638A4-D504-4860-9CD9-01739F5E957E}] (...) -- C:\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9E4762AD-E696-4A54-90CB-8F500BBDCFCE}] (...) -- C:\Program Files (x86)\Far Cry 3 MTG FR\bin\GDFInstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A646E9A0-BA48-43B1-BC30-C0A61D8C2822}] (...) -- C:\Users\packardbell\Downloads\Programs\adventuregame_setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B5C93AEC-2CBF-458C-BD20-821B287FF58A}] (...) -- E:\matlab7\matlab7\MATHWORKS_R2007B\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D24AFF15-6CAB-4E8A-9CC4-07F91FCF6CC2}] (...) -- C:\Cadence\LicenseManager\LicenseServerConfiguration.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D68BA900-B48D-4F79-ABEB-0985A27BCD2D}] (...) -- C:\Users\packardbell\Downloads\Wolfenstein The Old Blood\Wolfenstein The Old Blood.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6F194F4-AD38-4219-9EE0-BF63EFF85FA6}] (...) -- D:\Support\vcredist\vcredist_x86.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DC5814EB-8FFC-4AD0-96D7-978413827945}] (...) -- C:\Program Files (x86)\Eidos\Hitman Contracts\BACKUP\dxsetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EA497095-F979-4873-8E49-F4AA43EF1777}] (...) -- C:\GAME\instmsiw.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F0B08A3D-0AA1-4B6A-8F6D-750A739084D8}] (...) -- C:\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F5C35533-76F2-4108-9BBC-59868636F54A}] (...) -- F:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F685C967-25EE-4E67-A785-935AB56F2455}] (...) -- C:\Users\packardbell\Downloads\Programs\ghostprison_setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FAFA16D0-442F-4156-A8EB-510BABC19B20}] (...) -- C:\Program Files (x86)\MATLAB\R2010a\bin\win32\activate_matlab.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FF64F85A-4661-44F7-9396-8AE68ED9884D}] (...) -- C:\Users\packardbell\Downloads\Setup_CPC.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Bidaily Synchronize Task[pr] - (...) -- C:\Windows\Tasks\Bidaily Synchronize Task[pr].job [356]
O39 - APT: Bidaily Synchronize Task[pr] - (...) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[pr] [356]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1074]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1078]
O39 - APT: SoftwareUpdateTaskMachineCore - (.Boxore OU..) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [1092] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineCore - (.Boxore OU..) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [1092] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.Boxore OU..) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [1096] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.Boxore OU..) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [1096] =>Adware.Boxore
~ Scheduled Task: 58 Legitimates Filtered in 00mn 12s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (lwnfd_1_10_0_14) . (. - .) - C:\Windows\System32\drivers\lwnfd_1_10_0_14.sys (.not file.)
~ Drivers: 81 Legitimates Filtered in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {D8D8A342-0E9F-47EA-A35E-CF431B50B286} =>Adware.Boxore
O42 - Logiciel: Life Is Strange - (...) [HKLM][64Bits] -- Life Is Strange_is1
O42 - Logiciel: SteamVR - (...) [HKLM][64Bits] -- Steam App 250820
O42 - Logiciel: WebCake 3.00 - (.WebCake LLC.) [HKLM][64Bits] -- {C4ED781C-7394-4906-AAFF-D6AB64FF7C38} =>Adware.WebCake
~ Logic: 12 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Br0wsrApVs2.8-nv-ie]
[HKCU\Software\Br0wsrApVs2.8-nv]
[HKCU\Software\CinemaP-1.9cV16.03-nv-ie]
[HKCU\Software\Clubic]
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\DownloadAstro]
[HKCU\Software\Ge-Force-nv-ie] =>PUP.CrossRider
[HKCU\Software\Ge-Force-nv] =>PUP.CrossRider
[HKCU\Software\Ge-Force] =>PUP.CrossRider
[HKCU\Software\Hoolapp]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\MiniGet]
[HKCU\Software\OB]
[HKCU\Software\Ocean Range 3]
[HKCU\Software\PC-Cleaner]
[HKCU\Software\PZOHSQ]
[HKCU\Software\ProductSetup]
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\Sense-nv-ie] =>PUP.CrossRider
[HKCU\Software\Sense-nv] =>PUP.CrossRider
[HKCU\Software\ShopperPro] =>PUP.ShopperPro
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\ULAUDQWZ]
[HKCU\Software\UpdateFiles] =>Adware.Boxore
[HKCU\Software\cadence]
[HKCU\Software\dedfd0b76abe17] =>Hijacker.Eazel
[HKCU\Software\inXile]
[HKCU\Software\oTweak]
[HKCU\Software\reimagerepair] =>Rogue.ReimageRepair
[HKLM\Software\Br0wsrApVs2.8-nv]
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\Ge-Force-nv] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Sense-nv] =>PUP.CrossRider
[HKLM\Software\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\584544f5-6c05-4537-b179-cc9f4e60720e] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\67f5b778-213c-4264-b4fb-2dc3688b8329] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Br0wsrApVs2.8-nv-ie]
[HKLM\Software\Wow6432Node\Br0wsrApVs2.8-nv]
[HKLM\Software\Wow6432Node\Br0wsrApVs2.8]
[HKLM\Software\Wow6432Node\Clara]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Email Notifier]
[HKLM\Software\Wow6432Node\Ge-Force-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Ge-Force-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Ge-Force] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\LinkWiz_1.10.0.14]
[HKLM\Software\Wow6432Node\LuckyTab]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\SafePCRepair_89] =>PUP.SafePCRepair
[HKLM\Software\Wow6432Node\Sense-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Sense-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Sense]
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\Wow6432Node\YourFileDownloader] =>PUP.YourFileDownloader
[HKLM\Software\Wow6432Node\a06376d1-dc48-4464-9cf7-9898edcb938b] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\bc6cead4-682f-4ca0-a7ab-b5e71a7bdf9c] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\c416f85c-7533-485d-9834-2c0ec4a5ae00] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\d97fd03c-07c9-4660-94db-5878412cedd2] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\dlsecuretb]
[HKLM\Software\YTDownloader] =>PUP.YTDownloader
~ Key Software: 343 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 11/07/2014 - 14:31:07 - [] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 22/04/2013 - 11:50:31 - [] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 01/06/2015 - 06:39:49 - [] ----D C:\Program Files (x86)\Ge-Force =>PUP.CrossRider
O43 - CFD: 23/05/2015 - 07:57:55 - [] ----D C:\Program Files (x86)\Life Is Strange
O43 - CFD: 26/04/2015 - 21:16:59 - [] ----D C:\Program Files (x86)\MiniGet
O43 - CFD: 15/04/2015 - 20:39:23 - [0] ----D C:\Program Files (x86)\SystemAssister
O43 - CFD: 25/04/2015 - 07:45:31 - [0] ----D C:\ProgramData\10e6bdd900002347
O43 - CFD: 25/05/2015 - 15:21:10 - [] ----D C:\ProgramData\14610960497758770762
O43 - CFD: 25/05/2015 - 15:29:14 - [] ----D C:\ProgramData\8634996000002661
O43 - CFD: 15/04/2015 - 20:48:12 - [] ----D C:\ProgramData\biljojikcigghjonidhoafkiemmoldgk
O43 - CFD: 01/06/2015 - 22:13:15 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 08/10/2013 - 12:32:01 - [] ----D C:\ProgramData\BoxUpdChk =>Adware.Boxore
O43 - CFD: 15/04/2015 - 19:41:07 - [] ----D C:\ProgramData\cfohleohgocbpaomgpfcjpbacmcmfkdk
O43 - CFD: 26/04/2015 - 18:02:06 - [] ----D C:\ProgramData\cldjhccngphccfpcihielonifhncofhd
O43 - CFD: 16/04/2015 - 23:47:53 - [] ----D C:\ProgramData\DriverSleuth
O43 - CFD: 09/04/2015 - 23:45:21 - [] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 19/03/2015 - 18:13:20 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 25/05/2015 - 15:18:39 - [] ----D C:\ProgramData\jkpihfamoflhmopngipfpiaepmhabofa
O43 - CFD: 27/05/2015 - 22:16:33 - [] ----D C:\ProgramData\leomfeljfledboicbhiacpbninfcacmd
O43 - CFD: 15/04/2015 - 19:14:19 - [] ----D C:\ProgramData\lmhananpnnjblaimojhhenilmbelnlcl
O43 - CFD: 15/04/2015 - 19:50:58 - [] ----D C:\ProgramData\lmpnpmpjghoglokeoijpepoigedlpfbm
O43 - CFD: 01/06/2015 - 06:00:39 - [0] ----D C:\ProgramData\LolliScan
O43 - CFD: 15/04/2015 - 20:38:16 - [] ----D C:\ProgramData\oemmpnopgfekjiefocmbegmaikadnpfo
O43 - CFD: 24/05/2015 - 21:54:02 - [] ----D C:\ProgramData\RegClean
O43 - CFD: 09/04/2015 - 22:55:41 - [] ----D C:\ProgramData\ShopperPro =>PUP.ShopperPro
O43 - CFD: 15/07/2013 - 18:23:11 - [] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 09/04/2015 - 22:35:20 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 25/05/2015 - 17:19:27 - [] ----D C:\ProgramData\{d47121f7-913c-6989-d471-121f791387de}
O43 - CFD: 03/05/2015 - 13:27:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Porn
O43 - CFD: 15/05/2015 - 07:53:19 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cadence
O43 - CFD: 23/05/2015 - 07:56:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Life Is Strange
O43 - CFD: 14/07/2009 - 16:35:02 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/02/2013 - 20:18:20 - [] ----D C:\Users\packardbell\AppData\Roaming\0A1Q1B1P1T1C1R1M1P1B
O43 - CFD: 28/08/2013 - 14:36:33 - [] ----D C:\Users\packardbell\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 14/02/2013 - 20:11:13 - [] ----D C:\Users\packardbell\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 19/02/2015 - 22:11:14 - [] ----D C:\Users\packardbell\AppData\Roaming\com.geetagames.LillyLookingThrough
O43 - CFD: 14/11/2014 - 19:21:48 - [] ----D C:\Users\packardbell\AppData\Roaming\Config
O43 - CFD: 14/02/2013 - 20:11:44 - [] ----D C:\Users\packardbell\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 06/11/2014 - 15:01:53 - [] ----D C:\Users\packardbell\AppData\Roaming\driver
O43 - CFD: 15/04/2015 - 22:11:50 - [] ----D C:\Users\packardbell\AppData\Roaming\MiniGet
O43 - CFD: 09/05/2015 - 08:40:04 - [] ----D C:\Users\packardbell\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 22/04/2013 - 10:06:09 - [] ----D C:\Users\packardbell\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 07/08/2013 - 17:16:11 - [] ----D C:\Users\packardbell\AppData\Roaming\WebCake =>Adware.WebCake
O43 - CFD: 20/05/2013 - 12:57:44 - [] ----D C:\Users\packardbell\AppData\Local\Babylon =>PUP.Babylon
O43 - CFD: 04/04/2015 - 23:00:01 - [] ----D C:\Users\packardbell\AppData\Local\BrowserHelper
O43 - CFD: 15/06/2013 - 23:08:30 - [0] ----D C:\Users\packardbell\AppData\Local\Conduit
O43 - CFD: 20/11/2014 - 14:40:48 - [] -SH-D C:\Users\packardbell\AppData\Local\EmieBrowserModeList
O43 - CFD: 01/06/2015 - 21:41:58 - [] ----D C:\Users\packardbell\AppData\Local\GWX
O43 - CFD: 07/06/2015 - 16:24:20 - [] ----D C:\Users\packardbell\AppData\Local\openvr
O43 - CFD: 04/06/2015 - 00:43:25 - [] ----D C:\Users\packardbell\AppData\Local\YhxrPack
O43 - CFD: 14/05/2015 - 06:59:19 - [] ----D C:\Users\packardbell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cadence
~ Program Folder: 300 Legitimates Filtered in 00mn 03s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2E8EB749C262F2AA467B53F701DEE92F] - 01/06/2015 - 16:23:17 ---A- . (...) -- C:\Windows\capture.INI [146]
O44 - LFC:[MD5.941D51EED6B90FDB1A3228DCA77A1F67] - 06/06/2015 - 05:54:28 ---A- . (...) -- C:\Windows\DirectX.log [106849]
O44 - LFC:[MD5.CB423BB9E0EECC4BD1D8A821A28E0D68] - 24/05/2015 - 19:30:13 ---A- . (...) -- C:\Windows\setup.iss [308]
O44 - LFC:[MD5.406E76BE63C65E0BF4B263156320254E] - 29/05/2015 - 22:59:01 ---A- . (...) -- C:\Windows\System32\ScannerSettings [464]
O44 - LFC:[MD5.F903CC3F2ACA1AD7DFA45AAEFDDDF6DE] - 29/05/2015 - 23:12:16 ---A- . (...) -- C:\Windows\System32\ScanResults.xml [20087]
O44 - LFC:[MD5.4BFBFEDFC7DC3156994A5FD361BAB44E] - 30/05/2015 - 23:59:22 ---A- . (...) -- C:\Windows\Reimage.ini [165] =>Rogue.ReimageRepair
~ Files: 18 Legitimates Filtered in 00mn 12s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{67306c4f-edba-11e4-a270-00262d641b87}\AutoRun\command. (...) -- G:\setup.exe (.not file.)
O51 - MPSK:{70561258-82d4-11e4-92cc-0026c627bfc0}\AutoRun\command. (...) -- G:\Startme.exe (.not file.)
O51 - MPSK:{83399fb9-8848-11e4-9caf-0026c627bfc0}\AutoRun\command. (.Pas de propriétaire - BioShock 2.) -- E:\setup.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\SuperCopier2.exe [Key] . (...) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\WebCake Desktop [Key] . (...) -- C:\Users\packardbell\AppData\Roaming\WebCake\WebCakeDesktop.exe (.not file.) =>Adware.WebCake
O53 - SMSR:HKLM\...\startupreg\Windows Update [Key] . (...) -- C:\Users\packardbell\AppData\Local\Temp\svhost.exe (.not file.)
~ SMSR Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:14/06/2013 - 23:41:12 RSH-- . (...) -- C:\Windows\SysWOW64\D3337BDED2.sys [8]
O58 - SDL:14/06/2013 - 23:41:13 -SHA- . (...) -- C:\Windows\SysWOW64\KGyGaAvL.sys [1890]
~ Drivers: 67 Legitimates Filtered in 00mn 05s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- Notepad.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 79F29829289143EB87CD846405DE487E - (My Online Search) - http://www.my-online-search.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Yahoo!) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (Search The Web) - http://www.mystart.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {3F4BDD74-762B-444C-AB84-67C1D6F4079C} - (HotMP3 Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {93BA495F-ECA5-430B-8770-E84F69AD6B64} - (Avira SafeSearch) - http://safesearch.avira.com
O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - (MyPlayCity) - http://start.myplaycity.com
O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.searchtotal.info
O69 - SBI: SearchScopes [HKCU] {C0C3A6C6-03BC-4195-8FCB-AEA091301353} - (Search Provided by Yahoo) - http://us.yhs4.search.yahoo.comyB0C0ByBtAtCtByByCzz2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyByDyC%26cr%3D601659053%26a%3Dwncy_clu_15_20%26os%3DWindows 7 Ultimate&p={searchTerms}
O69 - SBI: SearchScopes [HKCU] {CF8008EE-6538-457F-B9F8-CFB9879F8564} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.6EBA0518C95F217EFB54ED911DEAA2F3] [SPRF][19/01/2014] (...) -- C:\ProgramData\ntuser.dat [262144]
~ Files: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{0E3F64A5-FA2B-4C7E-A9DE-F5901EA38937}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\packardbell\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{CC41EE61-9675-4279-836D-53271BA2C0BE}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\packardbell\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "243A8D8DF9E0AE743AE5FC34B1052B68" . (.Boxore Client.) -- C:\Windows\Installer\{D8D8A342-0E9F-47EA-A35E-CF431B50B286}\boxore.ico =>Adware.Boxore
~ Update Products: 1 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\dedfd0b76abe17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\dedfd0b76abe17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" =>Hijacker.Eazel
[HKCU\Software\dedfd0b76abe17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\dedfd0b76abe17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" =>Hijacker.Eazel
[HKCU\Software\dedfd0b76abe17] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:060df2cd="c/Au/XV/H/Ap/X2/GP/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:1c311243="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:51d2f2ea="QPAj/XF/alAf/XV/GPAf/DD/HPAt/XJ////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:65114b36="Vl/l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:c24899a6="VP/g/CV/Vl/2/Cx////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:d94388d2="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\15596293732054875\eae10f9d]:fe94ce1e="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:060df2cd="c/Ay/XZ/b/Ak/YV/HPAh/Xt/cxAu/B2/HPAj/XF/al////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:1c311243="HPAj/XF/HPAj/Xt/c/A3/Y//alAg/Xt/c/Ap/YF/GP/j/Yx/dPA4////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:51d2f2ea="HPAs/XD/axAg/Xx/alAl////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:65114b36="VP/l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:c24899a6="Vl/3/CJ/MP/g/CZ////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:d94388d2="HPAj/XF/HPAj/Xt/c/A3/Y//alAg/Xt/c/Ap/YF/GP/j/Yx/dPA4////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\17431880357665620\eae10f9d]:fe94ce1e="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:060df2cd="c/Au/XV/H/Ap/X2/GP/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:1c311243="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:51d2f2ea="JlAu/Xb/aPAu/X2/c/AW/X2/GxAk/YZ/FlAu/YZ////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:65114b36="Vl/l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:c24899a6="VP/g/CV/Vl/2/Cx////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:d94388d2="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\70256067977563335\eae10f9d]:fe94ce1e="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:060df2cd="c/Au/XV/H/Ap/X2/GP/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:1c311243="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:51d2f2ea="JlA+/XZ/b/Af/X6/GlAP/Xl/FPAh/XF/alAf/Xh////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:65114b36="Vl/l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:c24899a6="VP/g/CV/Vl/2/Cx////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:d94388d2="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\74863961108215335\eae10f9d]:fe94ce1e="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:060df2cd="c/Au/XV/H/Ap/X2/GP/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:1c311243="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:51d2f2ea="IlA0/XJ/bxAh/DV/alAf/X2/GPAf////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:65114b36="Vl/l////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:c24899a6="VP/g/CV/Vl/2/Cx////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:d94388d2="GlAk/X6/G/Ap/YV/UxAk/YZ/Gl////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b\76114675750245615\eae10f9d]:fe94ce1e="V/////%%"
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][14/02/2013] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\98259a.msi [45056] =>Adware.Boxore
~ WIS: 1 Legitimates Filtered in 00mn 03s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASAPI32 =>Adware.DomaIQ
HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASMANCS =>Adware.DomaIQ
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32 =>Adware.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS =>Adware.Boxore
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Babylon
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 =>PUP.PerformanceOptimizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS =>PUP.PerformanceOptimizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASAPI32 =>Adware.WebCake
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASMANCS =>Adware.WebCake
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASAPI32 =>Adware.Yontoo
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\YontooDesktop_RASMANCS =>Adware.Yontoo
~ BTK: 132 Legitimates Filtered in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{5228AD1A-965B-4D35-B519-96375152AF3F}] (bestadblocker) =>PUP.Adblocker
~ BCK: 4434 Legitimates Filtered in 00mn 10s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 10/07/1658 0 | (344c1489) . (...) - c:\Program Files (x86)\IndepthMonitor\IndepthMonitor.dll
SS - | Demand 14/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 10/07/1658 0 | (AntiVirSchedulerService) . (...) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SS - | Auto 10/07/1658 0 | (AntiVirService) . (...) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SS - | Auto 10/07/1658 0 | (AntiVirWebService) . (...) - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Auto 10/07/1658 0 | (eb94cead) . (...) - c:\Program Files (x86)\SeekerFunc\SeekerFunc.dll
SS - | Auto 10/07/1658 0 | (fb0849cd) . (...) - c:\Program Files (x86)\TrimGeneration\TrimGeneration.dll
SS - | Auto 10/07/1658 0 | (ff39eb65) . (...) - c:\Program Files (x86)\coolsoft\coolsoft.dll
SS - | Auto 28/05/2015 107848 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 28/05/2015 107848 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Auto 02/05/2003 609280 | (lmgrd) . (.Macrovision Corporation.) - C:\OrCAD\OrCAD_10.5\IntelliCAD 4\LicenseManager\lmgrd.exe
SS - | Auto 10/07/1658 0 | (ReimageRealTimeProtector) . (...) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
SS - | Auto 18/02/2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 14/02/2013 139576 | (supdate) . (.Boxore OU..) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SR - | Auto 01/05/2015 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 19/07/2012 2568120 | (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
SR - | Auto 28/01/2015 1349576 | (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
SR - | Auto 23/05/2015 1152656 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SR - | Auto 16/12/2009 3750400 | (hasplms) . (.SafeNet Inc..) - C:\Windows\system32\hasplms.exe
SR - | Auto 23/05/2015 1893008 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 23/05/2015 23006864 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 04/02/2015 932040 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Demand 04/06/2015 837312 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 04/02/2015 409800 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 03/05/2015 336896 | (tuEaglesService) . (...) - C:\Program Files (x86)\tuEagles\EglSrv.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 13s



---\\ Scan Additionnel (O88)
Database Version : 13026 - (27/12/2014)
Clés trouvées (Keys found) : 237
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 25
Fichiers trouvés (Files found) : 47

[HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector] =>Rogue.ReimageRepair^
[HKLM\SYSTEM\CurrentControlSet\Services\supdate) (supdate] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D8D8A342-0E9F-47EA-A35E-CF431B50B286}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}] =>Adware.WebCake^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop] =>Adware.WebCake^
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{006E6A46-8D55-4F10-BBA8-2C9653B4278B}] =>Adware.Boxore
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>PUP.ToolbarCleaner
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}] =>Adware.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Wow6432Node\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Wow6432Node\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}] =>Adware.Agent
[HKLM\Software\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}] =>PUP.GetNow
[HKLM\Software\Wow6432Node\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}] =>Adware.Agent
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKLM\Software\Classes\Software.OneClickCtrl.8] =>Adware.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje] =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\SYSTEM\CurrentControlSet\Services\supdate] =>Adware.Boxore
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog] =>Adware.SmileyBar
[HKCU\Software\BI] =>Adware.MegaSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake
[HKLM\Software\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASAPI32] =>Adware.WebCake
[HKLM\Software\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASMANCS] =>Adware.WebCake
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\WebCakeIEClient.DLL] =>
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD] =>Adware.Boxore^
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\Ge-Force =>PUP.CrossRider^
C:\ProgramData\BoxUpdChk =>Adware.Boxore^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\ProgramData\ShopperPro =>PUP.ShopperPro^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\Users\packardbell\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\packardbell\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\packardbell\AppData\Roaming\DealPly =>PUP.DealPly^
C:\Users\packardbell\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\packardbell\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis^
C:\Users\packardbell\AppData\Roaming\WebCake =>Adware.WebCake^
C:\Users\packardbell\AppData\Local\Babylon =>PUP.Babylon^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Security Toolbar =>Toolbar.AVGSearch
C:\ProgramData\RegClean =>Rogue.RegistryPowerCleaner
C:\Users\packardbell\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\packardbell\AppData\Local\Software =>Adware.Boxore
C:\Users\packardbell\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\packardbell\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\packardbell\AppData\LocalLow\PriceGong =>Adware.PriceGong
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Users\packardbell\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
O4 - HKUS\.DEFAULT\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe =>PUP.SearchProtect^
O4 - HKUS\S-1-5-18\..\Run: [SearchProtect] \SearchProtect\bin\cltmng.exe =>PUP.SearchProtect^
C:\ProgramData\BoxUpdChk\updchk.exe =>Adware.Boxore^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Ge-Force-nv-ie] =>PUP.CrossRider^
[HKCU\Software\Ge-Force-nv] =>PUP.CrossRider^
[HKCU\Software\Ge-Force] =>PUP.CrossRider^
[HKCU\Software\Sense-nv-ie] =>PUP.CrossRider^
[HKCU\Software\Sense-nv] =>PUP.CrossRider^
[HKCU\Software\ShopperPro] =>PUP.ShopperPro^
[HKCU\Software\UpdateFiles] =>Adware.Boxore^
[HKCU\Software\reimagerepair] =>Rogue.ReimageRepair^
[HKLM\Software\DomaIQ] =>Adware.DomaIQ^
[HKLM\Software\Ge-Force-nv] =>PUP.CrossRider^
[HKLM\Software\Sense-nv] =>PUP.CrossRider^
[HKLM\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\584544f5-6c05-4537-b179-cc9f4e60720e] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\67f5b778-213c-4264-b4fb-2dc3688b8329] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Ge-Force-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Ge-Force-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Ge-Force] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\SafePCRepair_89] =>PUP.SafePCRepair^
[HKLM\Software\Wow6432Node\Sense-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Sense-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\YourFileDownloader] =>PUP.YourFileDownloader^
[HKLM\Software\Wow6432Node\a06376d1-dc48-4464-9cf7-9898edcb938b] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\ab33455f-1cfa-3db9-5dbc-9ba8ab130a5b] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\bc6cead4-682f-4ca0-a7ab-b5e71a7bdf9c] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\c416f85c-7533-485d-9834-2c0ec4a5ae00] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\d97fd03c-07c9-4660-94db-5878412cedd2] =>PUP.CrossRider^
[HKLM\Software\YTDownloader] =>PUP.YTDownloader^
[HKCU\Software\dedfd0b76abe17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\dedfd0b76abe17\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\dedfd0b76abe17] =>PUP.Babylon^^
C:\Windows\Installer\98259a.msi =>Adware.Boxore^
[HKCR\CLSID\{5228AD1A-965B-4D35-B519-96375152AF3F}] (bestadblocker) =>PUP.Adblocker^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 237586 Items scanned in 00mn 46s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 4 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>Hijacker.Application
http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/pup-dealply =>PUP.DealPly
http://nicolascoolman.fr/pup-shopperpro =>PUP.ShopperPro
http://www.nicolascoolman.fr/blog/ =>PUP.Adblocker
http://nicolascoolman.fr/pup-yourfiledownloader =>PUP.YourFileDownloader
http://nicolascoolman.fr/adware-domaiq =>Adware.DomaIQ
http://nicolascoolman.fr/adware-webcake =>Adware.WebCake
http://nicolascoolman.fr/hijacker-babsolution =>Hijacker.BabSolution
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/adware-vidsaver =>Adware.VidSaver
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://nicolascoolman.fr/pup-tarma =>PUP.Tarma
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/38085718-pup-safepcrepair =>PUP.SafePCRepair
http://nicolascoolman.fr/pup-ytdownloader =>PUP.YTDownloader
http://nicolascoolman.fr/adware-installbrain =>Adware.InstallBrain
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.fr/pup-speedanalysis =>PUP.SpeedAnalysis
http://www.nicolascoolman.fr/blog/ =>PUP.PerformanceOptimizer
http://nicolascoolman.fr/adware-yontoo =>Adware.Yontoo
http://nicolascoolman.fr/pup-toolbarcleaner =>PUP.ToolbarCleaner
http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://www.nicolascoolman.fr/blog/ =>Adware.CDNHelper
http://nicolascoolman.fr/pup-getnow =>PUP.GetNow
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong
http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.fr/adware-smileybar =>Adware.SmileyBar
http://nicolascoolman.fr/adware-megasearch =>Adware.MegaSearch
http://nicolascoolman.fr/rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
~ MSI: 43 link(s) detected in 00mn 00s



~ 1055 Legitimates filtered by white list
End of the scan (1236 lines in 02mn 41s)(0)

Publicité


Signaler le contenu de ce document

Publicité