cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.31.106 Par Nicolas Coolman (2015/07/31)
~ Démarré par nagesat (Administrator) (2015/08/01 12:26:52)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\nagesat\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\nagesat\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ Démarrage du système: Normal (Normal boot)
~ Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)

---\\ Navigateurs Internet (4) - 1s
GCIE: Google Chrome v44.0.2403.125
MFIE: Mozilla Firefox 39.0 (x86 fr) v39.0
OPIE: Opera 30.0.1835.125 v30.0.1835.125
MSIE: Internet Explorer v11.0.9600.17239

---\\ Informations sur les produits Windows (9) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 4
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Logiciels de protection (2) - 0s
ESET NOD32 Antivirus v8.0.312.3
Malwarebytes Anti-Malware version 2.1.8.1057

---\\ Surveillance de Logiciels (1) - 0s
Adobe Reader XI

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3652.916 MB (52% free)
~ System Restore: Activé (Enable)
~ System drive C: has 40 GB free of 79 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: NAGESAT-PC
~ User Name: nagesat
~ Logged in as Administrator

---\\ Enumération des unités disques (3) - 2s
~ Drive C: has 40 GB free of 79 GB (System)
~ Drive D: has 70 GB free of 72 GB
~ Drive E: has GB free of 0 GB

---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (24) - 1s
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.B945BAA81B4805AD6BDDF4D026DCFB47] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [1792512]
[MD5.998507B046BA314CE8245364C686FA67] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Processus lancés (9) - 4s
[MD5.DC4801AA07678ECAEB0AA2BE3F69CF86] - (.Taiwan Shui Mu Chih Ching Technology Limited. - dsk service.) -- C:\Program Files\WinZipper\winzipersvc.exe [337040] [PID.1432]
[MD5.FB51E8E39E3FDB6757874653B743BE72] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576] [PID.1824]
[MD5.A903E5C565A2677F3960E4AAB7B42280] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056] [PID.304]
[MD5.E40FEB48AB3512A24BF194FBE746E556] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer.exe [17905424] [PID.3220]
[MD5.107AFCBC31E25314E56B69EEC25885BD] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456] [PID.3476]
[MD5.8B3487B1FDB95A444A7B9880012041DA] - (.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\tv_w32.exe [229136] [PID.3692]
[MD5.2D4A06023B1B51E3DFC64B51978C9B5B] - (.TODO: - TODO: .) -- C:\Program Files\SFK\SSFK.exe [463560] [PID.3180] =>PUP.Optional.MyWebSearch
[MD5.3DF1E90F7131BCAE704AFE60B714098C] - (...) -- C:\Program Files\SFK\SFKEX.exe [109568] [PID.2484] =>PUP.Optional.MyWebSearch
[MD5.A5C9A69EEB3E3C93A3F5E96DC76976B3] - (.YTDownloader - YTDownloader.) -- C:\Program Files\YTDownloader\YTDownloader.exe [1988528] [PID.3640] =>PUP.Optional.YTDownloader

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (12) - 3s
M0 - MFSP: prefs.js [nagesat - 1fsiogez.default] https://www.malwarebytes.org/restorebrowser//?pid=23214&r=2015/08/01&hid=17428137101999810906&lg=EN&cc=MA&unqvl=90
P2 - EXT FILE: (...) -- C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\extensions\info@youtube-mp3.org.xpi
P2 - EXT FILE: (...) -- C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\searchplugins\firefox-modules.xml
P2 - EXT FILE: (...) -- C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\searchplugins\google-default.xml
P2 - EXT FILE: (...) -- C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\searchplugins\WebSearch.xml =>PUP.Optional.SimpleSearches
P2 - EXT FILE: (...) -- C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (. - CutThheePrice.) -- C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\extensions\amgyiF@IAzx5.net
P2 - EXT: (. - bestadblocker.) -- C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\extensions\ZAbyBpLMJ@C.edu
P2 - EXT: (. - Settings Manager.) -- C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\extensions\{F23CD3F9-FCEA-F08A-2049-F94CE76C4B5B}
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (...) -- C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
P2 - FPN: [HKLM] [hbgk.net/WebDvrCtrl] - (.TODO: .) -- C:\Program Files\WebControl\npWebCtrl.dll

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (11) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (0)

---\\ Browser Helper Object de navigateur (BHO) (O2) (1) - 1s
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} . (.TechSmith Corporation - Snagit Browser Helper Object for Internet E.) -- C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll

---\\ Internet Explorer Toolbars (O3) (2) - 0s
O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} (Orphean)

---\\ Applications lancées au démarrage du sytème (O4) (12) - 1s
O4 - HKLM\..\Run: [bintin] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
O4 - HKLM\..\Run: [Anti Trojan Elite] . (.ISecSoft - .) -- C:\Program Files\Anti Trojan Elite\TJEnder.exe
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1097851680-2478132808-137768083-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

---\\ Raccourcis Global Startup (O4G) (4) - 5s
O4 - GS\Quicklaunch [Administrateur]: iLivid.lnk . (...) C:\Users\nagesat\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Quicklaunch [Invité]: iLivid.lnk . (...) C:\Users\nagesat\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Quicklaunch [nagesat]: iLivid.lnk . (...) C:\Users\nagesat\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo
O4 - GS\Programs [Public]: iLivid.lnk . (...) C:\Users\nagesat\AppData\Local\iLivid\iLivid.exe =>PUP.Optional.Bandoo

---\\ Modification Domaine/Adresses DNS (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4

---\\ Liste des services NT non Microsoft et non désactivés (O23) (12) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AdobeUpdateService) . (.Adobe Systems Incorporated - Adobe Update Service.) - C:\Program Files\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: (BrsHelper) . (...) - C:\PROGRA~1\YTDOWN~1\BROWSE~2.EXE (.not file.) =>PUP.Optional.YTDownloader
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (...) - C:\Program Files\globalUpdate\Update\globalupdate.exe (.not file.) =>PUP.Optional.GlobalUpdate
O23 - Service: Service Google Update (gupdate) (gupdate) . (...) - C:\Program Files\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SSFK (SSFK) . (.TODO: - TODO: .) - C:\Program Files\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
O23 - Service: Systemk Service (SystemkService) . (...) - C:\Program Files\Settings Manager\systemk\SystemkService.exe (.not file.) =>PUP.Optional.SystemK
O23 - Service: TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 10.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limited. - dsk service.) - C:\Program Files\WinZipper\winzipersvc.exe

---\\ Tâches planifiées en automatique (O39) (22) - 12s
[MD5.E3FB05F33E1404AD606B1E1FE7C323C3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998104]
[MD5.00000000000000000000000000000000] [APT] [BookBuzz] (...) -- c:\programdata\{b6cd825d-7aec-1b73-b6cd-d825d7ae0975}\loaristrojanremover1.3.7.3_patch(x64x32bit.)mrszzs2...rar.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.Optional.MyPCBackup
[MD5.EF1E82732B47957D33EEB74844F213AD] [APT] [Opera scheduled Autoupdate 1435070354] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [908408]
[MD5.0BE17AA900E538ED2942DE0E29C0398E] [APT] [Trojan Remover] (.Loaris Inc..) -- C:\Program Files\Loaris\Trojan Remover\ltr.exe [8777216]
[MD5.A5C9A69EEB3E3C93A3F5E96DC76976B3] [APT] [YTDownloader] (.YTDownloader.) -- C:\Program Files\YTDownloader\YTDownloader.exe [1988528] =>PUP.Optional.YTDownloader
[MD5.00000000000000000000000000000000] [APT] [YTDownloaderUpd] (...) -- C:\Program Files\YTDownloader\updater.exe (.not file.) [0] =>PUP.Optional.YTDownloader
[MD5.00000000000000000000000000000000] [APT] [{B50AE07B-3190-4134-B958-CEE0FD0E943E}] (...) -- C:\Users\nagesat\Downloads\install_mega_facturation_windows.exe (.not file.) [0]
O39 - APT: BookBuzz - (...) -- C:\Windows\Tasks\BookBuzz.job [468]
O39 - APT: Adobe Acrobat Update Task - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3874]
O39 - APT: BookBuzz - (...) -- C:\Windows\System32\Tasks\BookBuzz [3384]
O39 - APT: LaunchSignup - (...) -- C:\Windows\System32\Tasks\LaunchSignup [4010]
O39 - APT: Opera scheduled Autoupdate 1435070354 - (...) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1435070354 [3848]
O39 - APT: Trojan Remover - (...) -- C:\Windows\System32\Tasks\Trojan Remover [3138]
O39 - APT: YTDownloader - (...) -- C:\Windows\System32\Tasks\YTDownloader [3578] =>PUP.Optional.YTDownloader
O39 - APT: YTDownloaderUpd - (...) -- C:\Windows\System32\Tasks\YTDownloaderUpd [3900] =>PUP.Optional.YTDownloader
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{46BA5236-77AD-4E0F-966C-6A2E3F9E7F79} [3134]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{7DC8ACF6-8727-4A28-AA52-382990DC026D} [3134]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{9C3D2457-081D-4379-85BC-0EC05A4D5D34} [3200]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{AFF27A2B-D413-4477-8E36-4EAA217666EE} [3180]
O39 - APT: {B50AE07B-3190-4134-B958-CEE0FD0E943E} - (...) -- C:\Windows\System32\Tasks\{B50AE07B-3190-4134-B958-CEE0FD0E943E} [3000]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{C4DD09FA-5EAA-4DB1-BBEF-F19D2D548CB7} [3158]

---\\ Logiciels installés (O42) (32) - 20s
O42 - Logiciel: Adobe Photoshop 5.5 - (...) [HKLM] -- Adobe Photoshop 5.5
O42 - Logiciel: Anti Trojan Elite 5.6.2 - (.ISecSoft, Inc..) [HKLM] -- Anti Trojan Elite_is1
O42 - Logiciel: dreamboxEDIT -- The one and only settings editor for your Dreambox - (...) [HKLM] -- dreamboxEDIT
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 39.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 39.0 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] -- Notepad++
O42 - Logiciel: Opera Stable 30.0.1835.125 - (.Opera Software.) [HKLM] -- Opera 30.0.1835.125
O42 - Logiciel: PowerLed 2.62 - (.TF-TOP.) [HKLM] -- PowerLed_is1
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] -- TeamViewer
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 5.00 beta 6 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: WinZipper - (.Taiwan Shui Mu Chih Ching Technology Limited..) [HKLM] -- WinZipper
O42 - Logiciel: Zzoooomit - (.ZoomWebLists.) [HKLM] -- ZoomWebLists
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Loaris Trojan Remover 1.3.8.0 - (.Loaris, Inc..) [HKLM] -- {29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1
O42 - Logiciel: bestadblocker - (...) [HKLM] -- {4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.Optional.BestADBlocker
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: ESET NOD32 Antivirus - (.ESET, spol s r. o..) [HKLM] -- {7541E48F-6726-4031-8DF7-666293F44B54}
O42 - Logiciel: DogSettings version 1.6.0.0 - (.DogStrike.) [HKLM] -- {7A03618C-AD50-4BDC-BA2E-A172A4410C73}_is1
O42 - Logiciel: CutThePrice - (...) [HKLM] -- {A2C98B47-B5F4-94AA-281D-4135416774CF}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824147215}
O42 - Logiciel: Adobe Reader XI (11.0.12) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Analytics Debugger - (...) [HKLM] -- {AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
O42 - Logiciel: Snagit 9.1.2 - (.TechSmith Corporation.) [HKLM] -- {B440D659-FECA-4BDD-A12B-5C9F05790FF3}
O42 - Logiciel: Anti Trojan Elite 5.6.2 Packages - (...) [HKCU] -- Anti Trojan Elite 5.6.2 Packages
O42 - Logiciel: FileZilla Client 3.12.0.2 - (.Tim Kosse.) [HKCU] -- FileZilla Client
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU] -- OneDriveSetup.exe

---\\ HKCU & HKLM Software Keys (135) - 20s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Adobe Systems
HKLM\SOFTWARE\AntiTrojanElite
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\Avg Secure Update
HKLM\SOFTWARE\AVS4YOU
HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\EASEUS
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\FileZilla 3
HKLM\SOFTWARE\FreeDownloadManager.ORG
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Ghisler
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\hdcode
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\HumaxSmartSuite
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\Innovative Solutions
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\JUANCMS
HKLM\SOFTWARE\L&H
HKLM\SOFTWARE\Lavasoft
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\LINK
HKLM\SOFTWARE\Loaris
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\mcafeeupdater
HKLM\SOFTWARE\Metrologic Instruments
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Netgate
HKLM\SOFTWARE\Notepad++
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\OLEForRetail
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\PegasusImaging
HKLM\SOFTWARE\Pinnacle Systems
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\Stellar information Systems ltd.
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\TeamViewer3
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\Torch =>PUP.Optional.Torch
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\V9 =>PUP.Optional.V9Software
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Voice
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\winzipersvc
HKLM\SOFTWARE\Wondershare
HKLM\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Adobe Lightroom
HKCU\SOFTWARE\AntiTrojanElite
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Avg Secure Update
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\CardRecoveryPro
HKCU\SOFTWARE\CardRecoveryPro_Init
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\dreamboxEDIT
HKCU\SOFTWARE\DreamMultimedia
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FileZilla Client
HKCU\SOFTWARE\FreeDownloadManager.ORG
HKCU\SOFTWARE\Ghisler
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\iLivid =>PUP.Optional.Bandoo
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\LlamaWare
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\LongGreat
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\McRip
HKCU\SOFTWARE\Megasoft
HKCU\SOFTWARE\Metrologic Instruments
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netgate
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Pinnacle Systems
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Sunplus
HKCU\SOFTWARE\TAdvCheckList
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\Tenda
HKCU\SOFTWARE\Torch =>PUP.Optional.Torch
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\undefined
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Vittalia =>PUP.Optional.Vittalia
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\_scc_TemporaryData_
HKCU\SOFTWARE\???????????????
HKCU\SOFTWARE\MB_temp
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\SmartBar =>PUP.Optional.SmartBar
HKCU\SOFTWARE\AppDataLow\Software\Unity

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) (210) - 12s
O43 - CFD: 2015/08/01 12:04:15 - [] D -- C:\Program Files\ Analytics Debugger
O43 - CFD: 2015/07/23 19:22:10 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2015/07/30 18:32:20 - [] D -- C:\Program Files\Anti Trojan Elite
O43 - CFD: 2015/06/18 15:59:02 - [0] D -- C:\Program Files\AVS4YOU
O43 - CFD: 2015/08/01 12:12:25 - [] D -- C:\Program Files\bestadblocker =>PUP.Optional.Adblocker
O43 - CFD: 2015/06/17 10:40:26 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/08/01 12:02:36 - [] D -- C:\Program Files\CutThheePrice
O43 - CFD: 2015/02/05 15:17:41 - [] D -- C:\Program Files\DogSettings
O43 - CFD: 2015/07/29 14:24:10 - [] D -- C:\Program Files\dreamboxEDIT
O43 - CFD: 2014/03/07 04:21:37 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2014/10/21 16:18:05 - [] D -- C:\Program Files\EASEUS
O43 - CFD: 2015/05/08 13:57:20 - [] D -- C:\Program Files\ESET
O43 - CFD: 2014/03/04 09:24:05 - [0] SHD -- C:\Program Files\Fichiers communs
O43 - CFD: 2015/07/15 17:08:47 - [] D -- C:\Program Files\FileZilla FTP Client
O43 - CFD: 2015/06/18 16:11:36 - [] D -- C:\Program Files\Free Download Manager
O43 - CFD: 2014/09/12 10:10:52 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/04/14 11:22:16 - [0] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2014/03/13 13:13:47 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/06/17 10:41:01 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2015/03/11 18:44:11 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2014/09/11 10:35:11 - [] D -- C:\Program Files\Internet Mobile
O43 - CFD: 2015/08/01 11:16:45 - [] D -- C:\Program Files\Loaris
O43 - CFD: 2015/08/01 11:18:15 - [] D -- C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 2009/07/14 08:50:24 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2014/03/22 15:42:08 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2015/06/05 16:10:00 - [] D -- C:\Program Files\Microsoft OneDrive
O43 - CFD: 2014/03/22 15:41:55 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 2014/03/22 15:39:08 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 2014/09/05 10:46:57 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 2015/06/17 10:57:28 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/08/01 11:33:35 - [] D -- C:\Program Files\MiuiTab =>PUP.Optional.MiuiTab
O43 - CFD: 2015/08/01 12:12:31 - [0] D -- C:\Program Files\Movies App =>PUP.Optional.CrossRider
O43 - CFD: 2015/07/04 12:00:08 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/07/06 12:47:55 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2014/03/22 15:42:12 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2014/09/03 18:11:05 - [] D -- C:\Program Files\MyAshampoo
O43 - CFD: 2014/03/10 16:56:22 - [] D -- C:\Program Files\Notepad++
O43 - CFD: 2015/07/14 12:24:14 - [] D -- C:\Program Files\Opera
O43 - CFD: 2015/03/24 12:08:36 - [0] D -- C:\Program Files\Pinnacle
O43 - CFD: 2015/02/25 17:42:26 - [] D -- C:\Program Files\PowerLed
O43 - CFD: 2015/05/13 11:50:55 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 2015/07/28 12:43:21 - [] D -- C:\Program Files\Recuva
O43 - CFD: 2009/07/14 05:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/08/01 12:12:50 - [0] D -- C:\Program Files\ReviverSoft
O43 - CFD: 2015/03/20 18:06:15 - [] D -- C:\Program Files\Safire Control Center Station
O43 - CFD: 2015/08/01 11:18:17 - [] D -- C:\Program Files\SFK =>PUP.Optional.MyWebSearch
O43 - CFD: 2015/08/01 11:45:15 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2015/05/13 11:51:08 - [] D -- C:\Program Files\Stellar Phoenix Windows Data Recovery
O43 - CFD: 2015/07/31 19:07:57 - [] D -- C:\Program Files\TeamViewer
O43 - CFD: 2014/05/28 13:28:18 - [] D -- C:\Program Files\TechSmith
O43 - CFD: 2014/05/24 15:06:45 - [] D -- C:\Program Files\temp
O43 - CFD: 2009/07/14 05:53:23 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2015/04/02 12:49:54 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2015/01/20 12:36:36 - [] D -- C:\Program Files\WebClient
O43 - CFD: 2015/01/02 14:59:34 - [] D -- C:\Program Files\WebControl
O43 - CFD: 2014/03/08 11:16:50 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2014/09/05 21:05:03 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2015/06/17 12:16:49 - [] D -- C:\Program Files\Windows Live
O43 - CFD: 2014/03/07 04:21:38 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2014/03/08 11:17:12 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2014/03/04 09:24:05 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2014/03/07 04:21:37 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2014/03/07 04:21:37 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2014/03/07 04:21:38 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2014/05/18 14:31:35 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/07/29 14:13:52 - [] D -- C:\Program Files\WinZipper
O43 - CFD: 2015/05/04 20:40:59 - [] D -- C:\Program Files\Wondershare
O43 - CFD: 2015/08/01 11:38:51 - [] D -- C:\Program Files\YTDownloader =>PUP.Optional.YTDownloader
O43 - CFD: 2014/03/04 09:20:15 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/03/04 09:20:25 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/30 18:28:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti Trojan Elite
O43 - CFD: 2015/02/05 15:17:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DogSettings
O43 - CFD: 2015/05/08 13:57:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 2014/03/04 09:20:16 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2014/03/11 20:30:54 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/08/01 11:17:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover
O43 - CFD: 2009/07/14 05:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/01 11:18:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2014/03/22 15:44:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2014/03/10 16:56:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/06/05 20:48:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/02/25 10:40:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerLed
O43 - CFD: 2015/07/28 10:54:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
O43 - CFD: 2014/09/26 19:54:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/05/28 13:28:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 9
O43 - CFD: 2015/05/13 14:44:55 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2009/07/14 08:48:45 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/04/02 12:50:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2014/05/17 11:12:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/29 10:45:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
O43 - CFD: 2015/01/21 12:57:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
O43 - CFD: 2014/12/24 14:50:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ãÇÓ ááÈÑãÌíÇÊ
O43 - CFD: 2015/08/01 12:04:15 - [] D -- C:\ProgramData\1922057389885831144
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/03/04 09:24:05 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/05/08 13:57:20 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2014/03/04 09:24:05 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/08/01 12:00:52 - [] D -- C:\ProgramData\hglgjakgapeolfefilgoniniphamhghm
O43 - CFD: 2015/08/01 11:49:27 - [] D -- C:\ProgramData\Loaris
O43 - CFD: 2014/12/08 19:33:24 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/03/04 09:24:05 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2015/08/01 12:04:21 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/03/04 09:24:05 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2009/07/14 05:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/08/01 12:00:04 - [] D -- C:\ProgramData\{b6cd825d-7aec-1b73-b6cd-d825d7ae0975}
O43 - CFD: 2015/04/11 10:57:59 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2015/07/23 19:21:11 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2014/03/24 17:46:09 - [] D -- C:\Program Files\Common Files\Adobe Systems Shared
O43 - CFD: 2015/03/26 14:12:01 - [0] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2015/04/14 10:56:27 - [] D -- C:\Program Files\Common Files\AVSMedia
O43 - CFD: 2014/03/20 11:12:58 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 2015/04/11 10:51:17 - [] D -- C:\Program Files\Common Files\Innovative Solutions
O43 - CFD: 2014/07/11 11:56:15 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2015/04/02 14:42:06 - [] D -- C:\Program Files\Common Files\Metrologic
O43 - CFD: 2015/06/17 12:16:42 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2009/07/14 03:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2014/09/26 19:54:54 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2009/07/14 03:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2014/07/11 11:56:18 - [0] D -- C:\Program Files\Common Files\SWF Studio
O43 - CFD: 2015/06/17 20:35:02 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2014/09/03 19:32:42 - [] D -- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2014/05/28 13:26:53 - [] D -- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 2014/08/29 14:33:07 - [] D -- C:\Program Files\Common Files\Wondershare
O43 - CFD: 2015/06/05 22:28:48 - [] D -- C:\Users\nagesat\AppData\Roaming\Adobe
O43 - CFD: 2015/03/26 14:08:42 - [] D -- C:\Users\nagesat\AppData\Roaming\Apple Computer
O43 - CFD: 2015/01/17 15:38:55 - [] D -- C:\Users\nagesat\AppData\Roaming\AVS4YOU
O43 - CFD: 2014/03/22 11:19:25 - [] D -- C:\Users\nagesat\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
O43 - CFD: 2014/04/06 20:52:22 - [0] D -- C:\Users\nagesat\AppData\Roaming\DMCache
O43 - CFD: 2015/06/20 14:07:30 - [] D -- C:\Users\nagesat\AppData\Roaming\DRPSu
O43 - CFD: 2015/07/29 12:55:17 - [0] D -- C:\Users\nagesat\AppData\Roaming\eCyber =>PUP.Optional.Elex
O43 - CFD: 2015/07/31 10:16:17 - [] D -- C:\Users\nagesat\AppData\Roaming\FileZilla
O43 - CFD: 2014/09/23 16:30:58 - [] D -- C:\Users\nagesat\AppData\Roaming\FirefoxToolbar
O43 - CFD: 2015/06/17 10:33:53 - [] D -- C:\Users\nagesat\AppData\Roaming\FreeDownloadManager.ORG
O43 - CFD: 2015/05/13 15:00:13 - [0] D -- C:\Users\nagesat\AppData\Roaming\GHISLER
O43 - CFD: 2014/08/07 14:12:20 - [] D -- C:\Users\nagesat\AppData\Roaming\Google
O43 - CFD: 2015/04/29 11:18:50 - [] D -- C:\Users\nagesat\AppData\Roaming\HD2014
O43 - CFD: 2015/06/05 20:48:52 - [] D -- C:\Users\nagesat\AppData\Roaming\Identities
O43 - CFD: 2014/05/13 18:02:50 - [] D -- C:\Users\nagesat\AppData\Roaming\IDM
O43 - CFD: 2014/03/05 18:52:21 - [] D -- C:\Users\nagesat\AppData\Roaming\Macromedia
O43 - CFD: 2009/07/14 08:48:45 - [0] D -- C:\Users\nagesat\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/04/20 20:24:31 - [] SD -- C:\Users\nagesat\AppData\Roaming\Microsoft
O43 - CFD: 2014/03/04 10:51:54 - [] D -- C:\Users\nagesat\AppData\Roaming\Mozilla
O43 - CFD: 2014/03/10 17:34:05 - [] D -- C:\Users\nagesat\AppData\Roaming\Notepad++
O43 - CFD: 2014/06/11 11:56:43 - [] D -- C:\Users\nagesat\AppData\Roaming\Opera Software
O43 - CFD: 2015/04/11 10:51:13 - [] D -- C:\Users\nagesat\AppData\Roaming\RHEng =>PUP.Optional.Conduit
O43 - CFD: 2014/05/13 13:19:43 - [] D -- C:\Users\nagesat\AppData\Roaming\rmi
O43 - CFD: 2015/08/01 12:26:23 - [] D -- C:\Users\nagesat\AppData\Roaming\Skype
O43 - CFD: 2015/02/01 04:41:30 - [] D -- C:\Users\nagesat\AppData\Roaming\TeamViewer
O43 - CFD: 2014/12/13 15:32:31 - [] D -- C:\Users\nagesat\AppData\Roaming\TuneUp Software
O43 - CFD: 2015/07/20 13:08:03 - [] D -- C:\Users\nagesat\AppData\Roaming\Unity
O43 - CFD: 2014/09/23 17:18:28 - [0] D -- C:\Users\nagesat\AppData\Roaming\uTorrent
O43 - CFD: 2015/05/19 13:30:39 - [] D -- C:\Users\nagesat\AppData\Roaming\vlc
O43 - CFD: 2014/10/02 10:36:24 - [0] D -- C:\Users\nagesat\AppData\Roaming\Windows Live Writer
O43 - CFD: 2014/06/17 12:52:37 - [] D -- C:\Users\nagesat\AppData\Roaming\WinRAR
O43 - CFD: 2015/07/29 12:55:14 - [] D -- C:\Users\nagesat\AppData\Roaming\WinZipper
O43 - CFD: 2014/03/13 18:44:21 - [] D -- C:\Users\nagesat\AppData\Roaming\XBMC
O43 - CFD: 2014/09/06 18:17:46 - [] D -- C:\Users\nagesat\AppData\Roaming\Youtube Downloader HD
O43 - CFD: 2015/08/01 12:26:52 - [] D -- C:\Users\nagesat\AppData\Roaming\ZHP
O43 - CFD: 2014/04/23 10:12:03 - [] D -- C:\Users\nagesat\AppData\Local\41
O43 - CFD: 2015/07/23 11:30:36 - [] D -- C:\Users\nagesat\AppData\Local\Adobe
O43 - CFD: 2015/03/11 15:55:54 - [] D -- C:\Users\nagesat\AppData\Local\Apple
O43 - CFD: 2015/03/11 15:57:59 - [] D -- C:\Users\nagesat\AppData\Local\Apple Computer
O43 - CFD: 2014/03/04 09:24:44 - [0] SHD -- C:\Users\nagesat\AppData\Local\Application Data
O43 - CFD: 2014/03/10 11:37:00 - [] D -- C:\Users\nagesat\AppData\Local\Apps
O43 - CFD: 2015/05/13 13:02:30 - [] D -- C:\Users\nagesat\AppData\Local\Avg
O43 - CFD: 2015/06/17 20:32:43 - [] D -- C:\Users\nagesat\AppData\Local\CrashRpt =>.Legitimate.CrashReports
O43 - CFD: 2014/03/10 11:37:28 - [0] D -- C:\Users\nagesat\AppData\Local\Deployment
O43 - CFD: 2014/05/15 12:51:05 - [0] D -- C:\Users\nagesat\AppData\Local\Diagnostics
O43 - CFD: 2014/09/03 16:49:54 - [] D -- C:\Users\nagesat\AppData\Local\Downloaded Installations
O43 - CFD: 2015/06/27 16:33:03 - [0] D -- C:\Users\nagesat\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/04/10 19:26:28 - [] SHD -- C:\Users\nagesat\AppData\Local\EmieSiteList
O43 - CFD: 2014/04/10 19:26:28 - [] SHD -- C:\Users\nagesat\AppData\Local\EmieUserList
O43 - CFD: 2014/03/11 16:02:04 - [] D -- C:\Users\nagesat\AppData\Local\ESET
O43 - CFD: 2015/06/17 20:32:11 - [] D -- C:\Users\nagesat\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2014/09/11 14:13:14 - [] D -- C:\Users\nagesat\AppData\Local\Google
O43 - CFD: 2014/03/04 09:24:44 - [0] SHD -- C:\Users\nagesat\AppData\Local\Historique
O43 - CFD: 2015/03/18 18:24:04 - [] D -- C:\Users\nagesat\AppData\Local\iLivid =>PUP.Optional.Bandoo
O43 - CFD: 2015/04/11 10:51:26 - [] D -- C:\Users\nagesat\AppData\Local\Innovative Solutions
O43 - CFD: 2014/03/05 18:52:21 - [] D -- C:\Users\nagesat\AppData\Local\Macromedia
O43 - CFD: 2014/12/13 15:21:11 - [] D -- C:\Users\nagesat\AppData\Local\MFAData
O43 - CFD: 2015/06/08 19:16:12 - [] D -- C:\Users\nagesat\AppData\Local\Microsoft
O43 - CFD: 2015/02/20 21:40:32 - [] D -- C:\Users\nagesat\AppData\Local\Microsoft Games
O43 - CFD: 2014/03/22 15:38:27 - [0] D -- C:\Users\nagesat\AppData\Local\Microsoft Help
O43 - CFD: 2014/03/04 10:51:54 - [] D -- C:\Users\nagesat\AppData\Local\Mozilla
O43 - CFD: 2014/06/11 11:56:43 - [] D -- C:\Users\nagesat\AppData\Local\Opera Software
O43 - CFD: 2014/12/08 19:33:00 - [] D -- C:\Users\nagesat\AppData\Local\Programs
O43 - CFD: 2014/03/04 10:31:42 - [] D -- C:\Users\nagesat\AppData\Local\Skype
O43 - CFD: 2014/05/28 13:28:18 - [] D -- C:\Users\nagesat\AppData\Local\TechSmith
O43 - CFD: 2015/08/01 12:24:35 - [] D -- C:\Users\nagesat\AppData\Local\Temp
O43 - CFD: 2014/03/04 09:24:44 - [0] SHD -- C:\Users\nagesat\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/04/14 11:10:33 - [] D -- C:\Users\nagesat\AppData\Local\Torch =>PUP.Optional.Torch
O43 - CFD: 2014/05/13 13:26:01 - [] D -- C:\Users\nagesat\AppData\Local\TuneUp Software
O43 - CFD: 2015/07/23 19:15:08 - [0] D -- C:\Users\nagesat\AppData\Local\Unity
O43 - CFD: 2014/03/25 18:27:34 - [] D -- C:\Users\nagesat\AppData\Local\VirtualStore
O43 - CFD: 2015/06/17 12:38:52 - [] D -- C:\Users\nagesat\AppData\Local\Windows Live
O43 - CFD: 2015/06/05 16:31:54 - [] D -- C:\Users\nagesat\AppData\Local\Windows Live Writer
O43 - CFD: 2014/08/29 14:33:08 - [] D -- C:\Users\nagesat\AppData\Local\Wondershare
O43 - CFD: 2009/07/14 05:42:04 - [] RD -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/09/06 10:13:48 - [] RD -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/03/08 17:37:30 - [] D -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dreamboxEDIT
O43 - CFD: 2015/07/15 17:08:43 - [] D -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 2009/07/14 05:37:42 - [] RD -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/03/10 16:56:19 - [0] D -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2015/06/18 16:11:10 - [] RD -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2014/05/17 11:12:27 - [] D -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2014/12/24 14:50:33 - [0] D -- C:\Users\nagesat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ãÇÓ ááÈÑãÌíÇÊ

---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (4) - 10s
O45 - LFCP:[MD5.B51BAA7E54B21CDD652E7BE247DD05FC] 2015/08/01 10:49:30 A -- C:\Windows\Prefetch\GLOBALUPDATE.EXE-B66D5BF9.pf =>PUP.Optional.GlobalUpdate
O45 - LFCP:[MD5.9A6E7507F17408376DEB1E0B75D9FC8A] 2015/07/30 18:26:34 A -- C:\Windows\Prefetch\JUNE15_3936_CORNL_SWEET-PAGE.-EABCD384.pf =>PUP.Optional.SweetPage
O45 - LFCP:[MD5.7AF01D5294724DE4274C3E06852977EB] 2015/07/30 18:27:47 A -- C:\Windows\Prefetch\WPM_V20.0.0.2292.EXE-70D29D7D.pf =>PUP.Optional.WpManager
O45 - LFCP:[MD5.A2B12B613A6995A2A06136E285AADC2A] 2015/08/01 11:38:42 A -- C:\Windows\Prefetch\YTDOWNLOADER.EXE-93AFC94E.pf =>PUP.Optional.YTDownloader

---\\ Enumération des clés de registre StartupReg (SMSR) (O53) (11) - 1s
O53 - SMSR:HKLM\...\startupreg\Adobe Creative Cloud [Key] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O53 - SMSR:HKLM\...\startupreg\AVG_UI [Key] . (...) -- C:\Program Files\AVG\AVG2015\avgui.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\FortKnoxPersonalFirewall [Key] . (...) -- C:\Program Files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O53 - SMSR:HKLM\...\startupreg\JAMonitorClient [Key] . (...) -- C:\Program Files\Monitor Client\DvrClient.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (...) -- C:\Program Files\QuickTime\QTTask.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O53 - SMSR:HKLM\...\startupreg\UIExec [Key] . (...) -- C:\Program Files\Internet Mobile+\UIExec.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Web Companion [Key] . (...) -- C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O53 - SMSR:HKLM\...\startupreg\YTDownloader [Key] . (.YTDownloader - YTDownloader.) -- C:\Program Files\YTDownloader\YTDownloader.exe =>PUP.Optional.YTDownloader

---\\ Liste des pilotes du système (SDL) (O58) (72) - 7s
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976]
O58 - SDL:2009/07/14 02:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512]
O58 - SDL:2009/07/14 02:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400]
O58 - SDL:2011/03/11 06:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256]
O58 - SDL:2009/07/14 02:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312]
O58 - SDL:2011/03/11 06:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608]
O58 - SDL:2009/07/13 23:02:49 A . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gi.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888]
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568]
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248]
O58 - SDL:2009/07/14 01:57:25 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128]
O58 - SDL:2009/07/13 23:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336]
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904]
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080]
O58 - SDL:2009/07/14 02:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952]
O58 - SDL:2009/07/14 02:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720]
O58 - SDL:2009/07/13 23:02:50 A . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel.) -- C:\Windows\System32\drivers\e1e6032.sys [211456]
O58 - SDL:2015/03/10 17:24:42 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [193464]
O58 - SDL:2015/03/10 17:24:42 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [135808]
O58 - SDL:2009/07/14 02:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712]
O58 - SDL:2015/03/10 17:24:42 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfpr.sys [123424]
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160]
O58 - SDL:2009/07/13 23:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624]
O58 - SDL:2009/07/14 02:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152]
O58 - SDL:2011/03/11 06:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160]
O58 - SDL:2009/06/10 22:19:30 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [4756480]
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824]
O58 - SDL:2009/07/14 02:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848]
O58 - SDL:2015/06/18 08:41:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256]
O58 - SDL:2015/06/18 08:41:42 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936]
O58 - SDL:2015/08/01 11:27:47 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [98520]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800]
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584]
O58 - SDL:2015/06/18 08:41:54 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928]
O58 - SDL:2009/07/14 02:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624]
O58 - SDL:2011/03/11 06:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120]
O58 - SDL:2011/03/11 06:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744]
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488]
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064]
O58 - SDL:2014/05/12 16:29:30 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\drivers\sadp_npf.sys [35088]
O58 - SDL:2014/05/12 16:29:30 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\sadp_npf64.sys [35344]
O58 - SDL:2009/07/13 21:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480]
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016]
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888]
O58 - SDL:2011/05/13 03:21:06 A . (.MCCI Corporation - SAMSUNG Android USB Composite Device Driver.) -- C:\Windows\System32\drivers\ssadbus.sys [121064]
O58 - SDL:2011/05/13 03:21:08 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadwh.sys [10344]
O58 - SDL:2011/05/13 03:21:08 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssadwhnt.sys [10344]
O58 - SDL:2009/07/14 02:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072]
O58 - SDL:2014/08/15 23:35:00 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056]
O58 - SDL:2009/07/14 02:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976]
O58 - SDL:2009/07/14 02:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904]
O58 - SDL:2009/07/13 22:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/13 22:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2009/07/13 22:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 22:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 22:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 22:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 22:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 22:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 22:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 22:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 22:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 22:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 22:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (5) - 20s
O61 - LFC: 2015/07/30 18:26:17 A . (.ISecSoft, Inc..) -- C:\Users\nagesat\Downloads\35363-665830-anti-trojan-elite.exe [6372483]
O61 - LFC: 2015/08/01 12:07:46 A . (.ESET.) -- C:\Users\nagesat\Downloads\ess_nt32_ENU.exe [90692808]
O61 - LFC: 2015/08/01 11:15:50 A . (.Loaris, Inc..) -- C:\Users\nagesat\Downloads\setup-ltr-1.3.8.0.exe [74345650]
O61 - LFC: 2015/07/27 18:23:59 A . (.BernyR.) -- C:\Users\nagesat\Downloads\dcc\DCC.exe [6640128]
O61 - LFC: 2015/07/28 20:03:06 A . (..) -- C:\Users\nagesat\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]

---\\ Associations Shell Spawning (O67) (2) - 1s
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe

---\\ Menu de démarrage Internet (SMI) (O68) (16) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- Chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe http://www.delta-homes.com/ =>PUP.Optional.DeltaHomes
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (285) - 26s
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000082.isPlayDisplay", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000082.state", "{\"state\":\"stopped\",\"text\":\"Mellesleg...\",\"description\":\"Mellesleg - Rapp\",\"url\[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000234.TWC_TMP_city", "TANGIER"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000234.TWC_TMP_country", "MA"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000234.TWC_country", "MOROCCO"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000234.TWC_locId", "MOXX0008"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000234.TWC_location", "Tangier, 01, Morocco"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000234.TWC_region", "OT"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000234.TWC_temp_dis", "c"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.1000234.TWC_wind_dis", "kmh"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.FirstTime", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.FirstTimeFF3", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.RestartDialogFirstTime", "false"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.RestartDialogShouldDisplay", "false"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.SearchAppState.enc", "Mg=="); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.SearchAppTracking.enc", "MQ=="); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.SearchFromAddressBarUrl", "http://trovi.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=2&CUI=UN3905495561525[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.UserID", "UN39054955615254463"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.addressBarTakeOverEnabledInHidden", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.appOptions", "{\"1000034\":{\"render\":true},\"1000234\":{\"render\":true},\"1000515\":{\"render\":true}}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.browser.search.defaultthis.engineName", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.countryCode", "MA"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.dum", "2"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.embeddedsData", "[{\"appId\":\"129053524177525597\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.firstTimeDialogOpened", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.fixPageNotFoundErrorByUser", "TRUE"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.fixPageNotFoundErrorInHidden", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.fullUserID", "UN39054955615254463.XP.2164"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.homepageuserchanged", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.https___facebook_tbccint_com.APP_WIN_FEATURES.enc", "cmVzaXphYmxlPTAsaHNjcm9sbD0wLHZzY3JvbGw9MCx0aXRsZWJhcj0x[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.installType", "DirectDownload"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.isCheckedStartAsHidden", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.isFirstTimeToolbarLoading", "false"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.keyword", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://www.trovi.com/?gd=&ctid=CT2475029&octid=CT24[...] =>PUP.Optional.Trovigo
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.lastVersion", "10.37.0.508"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.mam_gk_currentVersion.enc", "MS4xMy4wLjE3"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.mam_gk_installer_preapproved.enc", "VFJVRQ=="); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.mam_gk_userBornDate.enc", "Ti9B"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"\",\"E[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.originalHomepage", "https://mysearch.avg.com?cid={0C8DB6AF-6503-4047-88B5-83B7DF4B17AC}&mid=bb86b5fdcca847d2a[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.originalSearchAddressUrl", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.originalSearchEngine", "Google"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.originalSearchEngineName", "Google"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.performedDomainChangesMigration", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"EMAIL_NOTIFIER\\\",\\\"WEATHER\\\",\\\"BROWSER_COMPO[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.revertSettingsEnabled", "false"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.search.searchAppId", "129053524177525597"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.search.searchCount", "0"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.searchFromAddressBarEnabledByUser", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.searchInNewTabEnabledByUser", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.searchInNewTabEnabledInHidden", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.searchSuggestEnabledByUser", "True"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.searchUninstallUserMode", "4"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.searchUserMode", "4"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2475029\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://MyAshamp[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MyAshampoo \"}"[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_Configuration_lastUpdate", "1433586310844"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1433607887574"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_appsMetadata_lastUpdate", "1433607887383"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1433607887900"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_login_10.35.0.503_lastUpdate", "1422353763290"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_login_10.37.0.508_lastUpdate", "1433594919923"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1433607888089"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_searchAPI_lastUpdate", "1433586290117"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_serviceMap_lastUpdate", "1433586289646"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_setupAPI_lastUpdate", "1418823879072"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_toolbarContextMenu_lastUpdate", "1433607887682"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_toolbarSettings_lastUpdate", "1433607894100"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.serviceLayer_services_translation_lastUpdate", "1433586290004"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.settingsINI", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.showToolbarPermission", "false"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.smartbar.CTID", "CT2475029"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.smartbar.Uninstall", "0"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.smartbar.homepage", true); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.smartbar.toolbarName", "MyAshampoo "); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.toolbarBornServerTime", "17-12-2014"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.toolbarCurrentServerTime", "6-6-2015"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.toolbarInstallDate", "17-12-2014 14:45:51"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.toolbarLoginClientTime", "Wed Dec 17 2014 16:11:23 GMT+0000 (Maroc)"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029.userIdGenerationCounter", "1"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("CT2475029_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1433607883800,\"isWithState\"[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("Smartbar.TBHomepagesList", ""); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("Smartbar.TBSearchEngineList", ""); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("Smartbar.TBSearchUrlList", ""); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("Smartbar.keywordURLSelectedCTID", "CT2475029"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("browser.search.searchengine.alias", "sweet-page"); =>PUP.Optional.SweetPage
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("browser.search.searchengine.iconURL", "http://www.sweet-page.com/favicon.ico"); =>PUP.Optional.SweetPage
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("browser.search.searchengine.name", "sweet-page"); =>PUP.Optional.SweetPage
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("browser.search.searchengine.ptid", "cornl"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("browser.search.searchengine.uid", "ExcelStorXTechnologyXJ8160S_PVG904Q4B97DVBB97DVBX"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("browser.search.searchengine.url", "http://www.sweet-page.com/web/?type=ds&ts=1438277223&z=6c6c909b8016fbb9a79c7f3g2zcc2[...] =>PUP.Optional.SweetPage
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("browser.search.selectedEngine", "sweet-page"); =>PUP.Optional.SweetPage
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.Surftastic.is", "amp17lmma"); =>PUP.Optional.Surftastic
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.Surftastic.ug", "9411F091-D2B5-49BE-9E81-AAD32211575B"); =>PUP.Optional.Surftastic
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin__disable_bi_pixel_.expir[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin__disable_bi_pixel_.value[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledUrls.expiration",[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledUrls.value", "%7B[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledWithHash.expirati[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledWithHash.value", [...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_notBundledArr_.expiratio[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_notBundledArr_.value", "[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_regBundledWithSoftware.e[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_regBundledWithSoftware.v[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.name", "SavePass v2.2"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.quick_start.enable_search1", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.webget.asul", "1407424909350"); =>PUP.Optional.WebGet
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.webget.aul", "1407424875841"); =>PUP.Optional.WebGet
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.webget.irl", true); =>PUP.Optional.WebGet
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.webget.is", "isgiwhMA"); =>PUP.Optional.WebGet
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("extensions.webget.ug", "47DF1CC7-0A01-4911-86AC-C22F9BB4827C"); =>PUP.Optional.WebGet
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("smartbar.addressBarOwnerCTID", "CT2475029"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("smartbar.conduitHomepageList", "http://trovi.com/?UM=4&ctid=CT2475029&SearchSource=13&CUI=UN39054955615254463"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://trovi.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=2&CUI=UN3905495561[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("smartbar.defaultSearchOwnerCTID", "CT2475029"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("smartbar.homePageOwnerCTID", "CT2475029"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("smartbar.homepageList", "http://trovi.com/?UM=4&ctid=CT2475029&SearchSource=13&CUI=UN39054955615254463"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("smartbar.machineId", "DPF7YOSJVCN0PTUOC/8ECMOQ0+ENP+OT8XZAWTRCQ7Q5ISAKMD071PAPPMVFERCO7NCCSLFJWXYJKEOO2TMI6Q"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("smartbar.searchAddressUrlList", "http://trovi.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=2&CUI=UN39054955615254463[...] =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E+x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E+x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E,x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E,x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E-x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E-x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E.:2z527", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E.:2z527.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E.x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E.x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E/x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E/x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E06CG5EL8:", "6E6C706A6B726E717077"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E06CG5EL8:.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E06CG5EL;8I:K", "247E2D2F226A7472767071787477767D242F4B49474F42357D5D5C3D"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E06CG5EL;8I:K.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E0x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E0x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E1x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E1x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E2x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E2x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E3x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E3x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E4x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E4x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E5x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E5x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E6x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E6x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E7x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E7x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E8x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E8x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E9x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E9x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E:x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E:x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E;x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E;x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EPUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EPUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E=x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E=x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E>x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E>x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E?x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E?x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E@x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7E@x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EAx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EAx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EBE3G=;D9N9=D.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EBx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EBx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7ECx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7ECx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EDx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7EDx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7Etx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B+7Etx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B-0?3G>D", "663B6D6F4242756F7A7879447A20774B7D4E257C7A53242A20525328292B262D2E2A5E5E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B-0?3G>D.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B-0?3G@6:5;", ""); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B-0?3G@6:5;.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B-0?3GFA7EF", "2B2E2C3D"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B-0?3GFA7EF.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A2329282A31323334353A45[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B-3=3ECCJA=F>.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B/>01=9A6K6PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B/>01=9A6K6PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B3=>@44I48?", "372C2D32697576334236334148474C213F3E484F4E4D4648502B564B4E2E5959595F4C564F37645357[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B3=>@44I48?.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B5BA==9CJAG", "39676A3D737141447A4578494575764A797D4F7A4E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B5BA==9CJAG.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B6B11G4C56B>F;P;ANR@P", "6E6C706A6A7275707677737273"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B9643G3/9E", "6A"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B9643G3/9E.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B;45>:BI9I7IE", "2B2E2C3D"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B;45>:BI9I7IE.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B<:222H64<", "393F352F3E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B<:222H64<.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B<:222H64PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B<:222H64PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B=+03EH8H8J?:", "4443"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B=+03EH8H8J?:.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B?+E2A52D8.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B?B0D:8AJ62PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9B?B0D:8AJ62PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9BA@0<0BI6A7GN:6@L?", "6C"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029./9BA@0<0BI6A7GN:6@L?.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.PG_ENABLE", "74727565"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.PG_ENABLE.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appStateReportTime", "31343138393139323635393733"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appStateReportTime.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appState_CouponBuddy", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appState_CouponBuddy.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appState_Easytobook", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appState_Easytobook.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appState_Easytobook_targeted", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appState_Easytobook_targeted.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appState_PriceGong", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appState_PriceGong.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appsConfig.storedInFile", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appsDefaultEnabled", "6E756C6C"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_appsDefaultEnabled.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_calledSetupService", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_calledSetupService.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_currentVersion", "312E31332E302E3137"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_currentVersion.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_existingUsersRecoveryDone", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_existingUsersRecoveryDone.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_first_time", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_first_time.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_lastLoginTime", "31343138393139323636343933"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_lastLoginTime.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_localization.storedInFile", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_mamEnabled", "74727565"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_mamEnabled.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_migrated_from_ls", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_migrated_from_ls.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_new_welcome_experience", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_new_welcome_experience.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_settings1.13.0.17.storedInFile", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_showWelcomeGadget", "66616C7365"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_showWelcomeGadget.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_stamp", "35345F30"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_stamp.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_userBornDate", "4E2F41"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_userBornDate.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_userId", "66323033343364332D323735652D343133652D393563642D353066363363663562613935"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_userId.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_user_approval_interacted", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_user_approval_interacted.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_welcomeDialogMode", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("valueApps.CT2475029.mam_gk_welcomeDialogMode.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("webprotector57@webprotector.com.daysPassed", "{\"t2d\":true,\"t7d\":true,\"t10d\":true}"); =>PUP.Optional.BProtector
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("webprotector57@webprotector.com.installtime", "1434468447"); =>PUP.Optional.BProtector
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("webprotector57@webprotector.com.isFirstRun", "false"); =>PUP.Optional.BProtector
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("webprotector57@webprotector.com.isFirstRunWpp", "false"); =>PUP.Optional.BProtector
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("webprotector57@webprotector.com.lastC", "{\"sm\":399500}"); =>PUP.Optional.BProtector
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("webprotector57@webprotector.com.server", "https://s9804.webovernet.com"); =>PUP.Optional.BProtector
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("webprotector57@webprotector.com.src", "9804"); =>PUP.Optional.BProtector
O69 - SBI: prefs.js [nagesat - 1fsiogez.default] user_pref("webprotector57@webprotector.com.user_id", "79724969-D3A6-4F9C-A48D-0C805F9A71FA"); =>PUP.Optional.BProtector
O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} [DefaultScope] - (WebSearch) - http://websearch.hotsearches.info/

---\\ Enumère les services démarrés par Svchost (SSS) (O83) (33) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [473600]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [521216]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [1973728]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504]

---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (27) - 2s
O87 - FAEL: "{E13AC4BA-2D3F-47F0-92D5-866EE3F0F524}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ma-config.com\MaConfigAgent.exe (.not file.)
O87 - FAEL: "{CC3BED12-360C-404A-809C-8779493DE63C}" [In-None-P17-TRUE] .(...) -- C:\Program Files\ma-config.com\MaConfigAgent.exe (.not file.)
O87 - FAEL: "{AA218A3A-B814-4348-86C3-9E0017F13249}" [In-None-P6-TRUE] .(...) -- C:\Users\nagesat\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.)
O87 - FAEL: "{92F71AF2-BF28-466C-81F3-0AC6610636B8}" [In-None-P17-TRUE] .(...) -- C:\Users\nagesat\AppData\Roaming\Dropbox\bin\Dropbox.exe (.not file.)
O87 - FAEL: "{A2047DE0-8B5F-40AC-B4FC-4056A76784FF}" [In-None-P6-TRUE] .(...) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe (.not file.)
O87 - FAEL: "{F45B3A91-E4E0-4852-8EC9-BE4EF46E57C6}" [In-None-P17-TRUE] .(...) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe (.not file.)
O87 - FAEL: "{52C67A49-C5F7-4DAC-BF43-FE269EFB33FE}" [In-None-P6-TRUE] .(...) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (.not file.)
O87 - FAEL: "{481AA44C-69FD-4189-B6C7-F7013822D797}" [In-None-P17-TRUE] .(...) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (.not file.)
O87 - FAEL: "{A75F9F34-B3A1-4C2C-9D68-2F7A1739B25A}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe (.not file.)
O87 - FAEL: "{566281A9-4705-4AC3-99A9-EFEBE8D32F9B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe (.not file.)
O87 - FAEL: "{44A6B15C-8695-4C3D-9287-B1DC74A476B5}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe (.not file.)
O87 - FAEL: "{8E1C3BDA-B09F-4AE6-84EC-FA7C8068A66E}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe (.not file.)
O87 - FAEL: "{D7351E22-177D-4CDB-86E5-756F294917A1}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe (.not file.)
O87 - FAEL: "{B1BA5137-7342-4513-9E1B-25CA56E27D1C}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe (.not file.)
O87 - FAEL: "{523A5B3E-8ED0-49E4-A0C7-2D69EBB05B99}" [In-None-P6-TRUE] .(...) -- C:\Users\nagesat\AppData\Local\iLivid\iLivid.exe (.not file.) =>PUP.Optional.Bandoo
O87 - FAEL: "{0BC5B5B0-F051-46FD-A0AD-39D0FB14BC2D}" [In-None-P17-TRUE] .(...) -- C:\Users\nagesat\AppData\Local\iLivid\iLivid.exe (.not file.) =>PUP.Optional.Bandoo
O87 - FAEL: "{ED98ECD5-6D9E-473D-B2D6-ADF285C5FDD3}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer.exe
O87 - FAEL: "{112C1EF3-10A7-48D8-BF0E-65DDEA9E9D5B}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer.exe
O87 - FAEL: "{60C28318-A3B3-4D49-9A8E-60F2DD110128}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{8084D407-1F4B-438D-8DF4-48AF74927186}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{39715AA5-0997-4943-94FD-AD4D953528B7}" [In-None-P6-TRUE] .(...) -- C:\Program Files\AVG\AVG2015\avgmfapx.exe (.not file.)
O87 - FAEL: "{6DBBAE7E-9776-4C7D-8829-6471382875C6}" [In-None-P17-TRUE] .(...) -- C:\Program Files\AVG\AVG2015\avgmfapx.exe (.not file.)
O87 - FAEL: "{F255BE8B-267C-48D8-9770-A28E24534CEC}" [In-None-P17-TRUE] .(...) -- C:\Users\nagesat\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (.not file.)
O87 - FAEL: "{1F695347-F9F4-408D-8217-2DB11FDADC75}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer.exe
O87 - FAEL: "{BAA04699-F2BA-45C3-98B1-1777AACDD5F0}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer.exe
O87 - FAEL: "{CE4B3C72-C5D5-4FF5-8989-85E936060F2D}" [In-None-P6-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
O87 - FAEL: "{ED4F7DB5-AD25-457A-A0D4-EB3905BBEFDA}" [In-None-P17-TRUE] .(.TeamViewer GmbH - TeamViewer 10.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe

---\\ Recherche de clés de registre Tracing (O100) (10) - 3s
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\Surftastic_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\Surftastic_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateSurftastic_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateSurftastic_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS =>PUP.Optional.Sambreel

---\\ Scan Additionnel (O88) (52) - 0s
C:\Program Files\SFK\SSFK.exe =>PUP.Optional.MyWebSearch
C:\Program Files\SFK\SFKEX.exe =>PUP.Optional.MyWebSearch
C:\Program Files\YTDownloader\YTDownloader.exe =>PUP.Optional.YTDownloader
C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\searchplugins\WebSearch.xml =>PUP.Optional.SimpleSearches
C:\Users\nagesat\AppData\Roaming\Mozilla\Firefox\Profiles\1fsiogez.default\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
HKLM\SYSTEM\CurrentControlSet\Services\BrsHelper =>PUP.Optional.YTDownloader
HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SYSTEM\CurrentControlSet\Services\SSFK =>PUP.Optional.MyWebSearch
HKLM\SYSTEM\CurrentControlSet\Services\SystemkService =>PUP.Optional.SystemK
C:\Windows\System32\Tasks\YTDownloader =>PUP.Optional.YTDownloader
C:\Windows\System32\Tasks\YTDownloaderUpd =>PUP.Optional.YTDownloader
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} =>PUP.Optional.BestADBlocker
HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Torch =>PUP.Optional.Torch
HKLM\SOFTWARE\V9 =>PUP.Optional.V9Software
HKLM\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\iLivid =>PUP.Optional.Bandoo
HKCU\SOFTWARE\Linkey =>PUP.Optional.LinkeySearch
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\Torch =>PUP.Optional.Torch
HKCU\SOFTWARE\Vittalia =>PUP.Optional.Vittalia
HKCU\SOFTWARE\YTDownloader =>PUP.Optional.YTDownloader
HKCU\SOFTWARE\AppDataLow\Software\SmartBar =>PUP.Optional.SmartBar =>PUP.Optional.SmartBar
C:\Program Files\bestadblocker =>PUP.Optional.Adblocker
C:\Program Files\MiuiTab =>PUP.Optional.MiuiTab
C:\Program Files\Movies App =>PUP.Optional.CrossRider
C:\Program Files\SFK =>PUP.Optional.MyWebSearch
C:\Program Files\YTDownloader =>PUP.Optional.YTDownloader
C:\Users\nagesat\AppData\Roaming\eCyber =>PUP.Optional.Elex
C:\Users\nagesat\AppData\Roaming\RHEng =>PUP.Optional.Conduit
C:\Users\nagesat\AppData\Local\CrashRpt =>.Legitimate.CrashReports
C:\Users\nagesat\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\nagesat\AppData\Local\iLivid =>PUP.Optional.Bandoo
C:\Users\nagesat\AppData\Local\Torch =>PUP.Optional.Torch
C:\Windows\Prefetch\GLOBALUPDATE.EXE-B66D5BF9.pf =>PUP.Optional.GlobalUpdate
C:\Windows\Prefetch\JUNE15_3936_CORNL_SWEET-PAGE.-EABCD384.pf =>PUP.Optional.SweetPage
C:\Windows\Prefetch\WPM_V20.0.0.2292.EXE-70D29D7D.pf =>PUP.Optional.WpManager
C:\Windows\Prefetch\YTDOWNLOADER.EXE-93AFC94E.pf =>PUP.Optional.YTDownloader
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\Surftastic_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\Surftastic_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateSurftastic_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateSurftastic_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updatewebget_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\webget_RASMANCS =>PUP.Optional.Sambreel

---\\ Récapitulatif des éléments trouvées sur votre station (32) - 0s
http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
http://www.nicolascoolman.fr/pup-ytdownloader/ =>PUP.Optional.YTDownloader
http://www.nicolascoolman.fr/blog =>PUP.Optional.SimpleSearches
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/pup-systemk/ =>PUP.Optional.SystemK
http://www.nicolascoolman.fr/pup-mypcbackup/ =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/blog =>PUP.Optional.BestADBlocker
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/rogue-reimagerepair/ =>PUP.Optional.ReImageRepair
http://www.nicolascoolman.fr/blog =>PUP.Optional.Torch
http://www.nicolascoolman.fr/pup-v9software/ =>PUP.Optional.V9Software
http://www.nicolascoolman.fr/pup-linkeysearch/ =>PUP.Optional.LinkeySearch
http://www.nicolascoolman.fr/pup-vittalia/ =>PUP.Optional.Vittalia
http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/blog =>PUP.Optional.Adblocker
http://www.nicolascoolman.fr/blog =>PUP.Optional.MiuiTab
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/pup-elex/ =>PUP.Optional.Elex
http://www.nicolascoolman.fr/blog =>.Legitimate.CrashReports
http://www.nicolascoolman.fr/pup-sweetpage/ =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/blog =>PUP.Optional.DeltaHomes
http://www.nicolascoolman.fr/hijacker-trovigo/ =>PUP.Optional.Trovigo
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/pup-surftastic/ =>PUP.Optional.Surftastic
http://www.nicolascoolman.fr/blog =>PUP.Optional.Monetization
http://www.nicolascoolman.fr/pup-quickstart/ =>PUP.Optional.QuickStart
http://www.nicolascoolman.fr/pup-webget/ =>PUP.Optional.WebGet
http://www.nicolascoolman.fr/pup-bprotector/ =>PUP.Optional.BProtector
http://www.nicolascoolman.fr/blog =>PUP.Optional.Sambreel

~ End of the scan, 15399 items in 176 seconds (1121)(0)()

Publicité


Signaler le contenu de ce document

Publicité