Rapport de ZHPDiag v2013.4.25.153 par Nicolas Coolman, Update du 25/04/2013 Run by Light at 26/04/2013 22:41:56 State : Version à jour. WhiteList : Enable High Elevated Privileges : OK UAC : Activate by user ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows Vista Home Premium Edition, 64-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : WQD8Q Windows License : OK Windows Automatic Updates : OK ---\\ System Protection avast! Free Antivirus v8.0.1483.0 ---\\ System Optimizer CCleaner v3.22 ---\\ Software Update Adobe Flash Player 11 Plugin ---\\ System Information ~ Processor: Intel64 Family 6 Model 26 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 6134 MB (48% free) System Restore: Activé (Enable) System drive C: has 27 GB (4%) free of 683 GB ---\\ Logged in mode ~ Computer Name: PC-NICO ~ User Name: Light ~ All Users Names: Light, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Light\AppData\Roaming\ ~ %Desktop% : C:\Users\Light\Desktop\ ~ %Favorites% : C:\Users\Light\Favorites\ ~ %LocalAppData% : C:\Users\Light\AppData\Local\ ~ %StartMenu% : C:\Users\Light\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 27 Go of 683 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 16 Go) E:\ CD-ROM drive (Not Inserted) F:\ CD-ROM drive (Free 0 Go of 7 Go) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 8:10:17.) -- C:\Windows\Explorer.exe [3079168] [MD5.117EA87DF785CA1B9D821F6F213DCE07] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 3:50:23.) -- C:\Windows\System32\Wininit.exe [123904] [MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 7:20:51.) -- C:\Windows\System32\wininet.dll [1392128] [MD5.6D0773A3A65D28B663F334C90441D01A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 8:11:08.) -- C:\Windows\System32\Winlogon.exe [405504] [MD5.C4F6CE6087760AD70960C9EB130E7943] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.3/01/2012 - 15:25:21.) -- C:\Windows\system32\Drivers\AFD.sys [404992] [MD5.1898FAE8E07D97F2F6C2D5326C633FAC] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 3:46:50.) -- C:\Windows\system32\Drivers\atapi.sys [22584] [MD5.B4D787DB8D30793A4D4DF9FEED18F136] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 3:50:39.) -- C:\Windows\system32\Drivers\Cdfs.sys [90624] [MD5.C025AA69BE3D0D25C7A2E746EF6F94FC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 6:34:39.) -- C:\Windows\system32\Drivers\Cdrom.sys [79872] [MD5.8B722BA35205C71E7951CDC4CDBADE19] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 16:14:19.) -- C:\Windows\system32\Drivers\DfsC.sys [97792] [MD5.F942C5820205F2FB453243EDFEC82A3D] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 6:39:41.) -- C:\Windows\system32\Drivers\HDAudBus.sys [948736] [MD5.CBB597659A2713CE0C9CC20C88C7591F] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 3:46:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [64000] [MD5.B7E6212F581EA5F6AB0C3A6CEEEB89BE] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 3:48:45.) -- C:\Windows\system32\Drivers\IpNat.sys [115712] [MD5.1485811B320FF8C7EDAD1CAEBB1C6C2B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:39:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [135680] [MD5.FC2C792EBDDC8E28DF939D6A92C83D61] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 6:42:33.) -- C:\Windows\system32\Drivers\netBT.sys [248320] [MD5.2ACCAA3C3C55370A32F17B3595E1A217] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.3/03/2013 - 20:13:14.) -- C:\Windows\system32\Drivers\ntfs.sys [1513320] [MD5.AECD57F94C887F58919F307C35498EA0] - (.Microsoft Corporation - Pilote de port parallèle.) (.2/11/2006 - 10:37:57.) -- C:\Windows\system32\Drivers\Parport.sys [96768] [MD5.AC7BC4D42A7E558718DFDEC599BBFC2C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/04/2009 - 6:43:38.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928] [MD5.C045D1FB111C28DF0D1BE8D4BDA22C06] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 3:46:51.) -- C:\Windows\system32\Drivers\rdpdr.sys [314368] [MD5.290B6F6A0EC4FCDFC90F5CB6D7020473] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 6:42:19.) -- C:\Windows\system32\Drivers\smb.sys [88064] [MD5.458919C8C42E398DC4802178D5FFEE27] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 6:43:00.) -- C:\Windows\system32\Drivers\tdx.sys [94720] [MD5.582F710097B46140F5A89A19A6573D4B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:50:57.) -- C:\Windows\system32\Drivers\volsnap.sys [267648] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/107 ~ Mes musiques (My Musics) : 1/2017 ~ Mes Videos (My Videos) : 1/4 ~ Mes Favoris (My Favorites) : 1/214 ~ Mes Documents (My Documents) : 3/5751 ~ Mon Bureau (My Desktop) : 1/725 ~ Menu demarrer (Programs) : 1/53 ~ Hidden Files: Scanned in 00mn 03s ---\\ Processus lancés [MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.3340] [MD5.6FE3C7EF5D91C21D5FC1283064EEAD8E] - (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4288048] [PID.3440] [MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3300] [MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4767304] [PID.3480] [MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3452] [MD5.BF6E16D9CAD4ACCC644302CC3C46EFE4] - (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216] [PID.4392] [MD5.F89D2B0AD1A0ECD767923E7471C05142] - (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe [3944312] [PID.4520] [MD5.01CEB56BA2DFEAEEF9EE5EFC3AC3A93A] - (...) -- C:\Program Files (x86)\Dofus2\app\DofusMod.exe [142336] [PID.4176] [MD5.107EA4E532DD44BBDA04DEC24E0CD103] - (...) -- C:\Program Files (x86)\Dofus2\app\reg\Reg.exe [95232] [PID.4592] [MD5.32732CEDE2A1106B736EF3D84054EE04] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [757376] [PID.1880] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120] [PID.6524] [MD5.F20715AC8D4D08D35E71026D104C739D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7004160] [PID.3108] [MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [45248] [PID.1424] [MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2508] [MD5.DEAB3BF5AEFBDC3F9AC0E020926EC81D] - (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [192512] [PID.2648] [MD5.DFEFF67508D3A9AEB1A85D7B0F513B24] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2812] [MD5.3A2E85F7D90D15460C337CE80C2E3B29] - (...) -- C:\Windows\SysWOW64\PnkBstrA.exe [76888] [PID.2848] [MD5.D41861E56E7552C13674D7F147A02464] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.4856] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\qiayk7qm.default\prefs.js C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\qiayk7qm.default\user.js M3 - MFPP: Plugins - [Light] -- C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\qiayk7qm.default\searchplugins\browsemngr.xml M3 - MFPP: Plugins - [Light] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon M3 - MFPP: Plugins - [Light] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\search.xml M2 - MFEP: prefs.js [Light - qiayk7qm.default\youtube2mp3@mondayx.de] [] YouTube to MP3 v1.2.3 (..) M2 - MFEP: prefs.js [Light - qiayk7qm.default\{872b5b88-9db5-4310-bdd0-ac189557e5f5}] [] DVDVideoSoftTB Community Toolbar v3.18.0.7 (..) M2 - MFEP: prefs.js [Light - qiayk7qm.default\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}] [] BBB002 Community Toolbar v3.18.0.7 (..) M2 - MFEP: prefs.js [Light - qiayk7qm.default\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}] [] Torbutton v1.2.5 (..) P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll ~ Firefox Browser: 36 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.be R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.nixud.com R3 - URLSearchHook: (no name) [64Bits] - {CA3EB689-8F09-4026-AA10-B9534C691CE0} . (.Ubisoft - Uplay PC Plugin.) (No version) -- (.not file.) R3 - URLSearchHook: (no name) [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Ubisoft - Uplay PC Plugin.) (No version) -- (.not file.) R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ~ IE Browser: 17 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Wow6432Node\Run: [avast5] C:\Program Files (x86)\ALWILS~1\Avast5\avastUI.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Wow6432Node\Run: [PlusService] C:\Program Files (x86)\Messenger Plus! Live\PlusService.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-2786918647-4023264233-3798515458-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-2786918647-4023264233-3798515458-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-2786918647-4023264233-3798515458-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-21-2786918647-4023264233-3798515458-1000\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKUS\S-1-5-21-2786918647-4023264233-3798515458-1000\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Programs: CyberLink DVD Suite Deluxe.lnk . (.CyberLink - PowerStarter.) -- C:\Program Files (x86)\Cyberlink\CyberLink DVD Suite Deluxe\PowerStarter.exe O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O4 - GS\QuickLaunch: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SendTo: IsoBuster.lnk . (.Smart Projects - The Ultimate CD/DVD/BD Recovery tool.) -- C:\Program Files (x86)\Smart Projects\IsoBuster\IsoBuster.exe O4 - GS\SendTo: MediaInfo.lnk . (...) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\mediainfo.exe O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - GS\Desktop: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe O4 - GS\Desktop: Guild Wars 2.lnk . (.ArenaNet - Guild Wars 2 Game Client.) -- C:\Program Files (x86)\Guild Wars 2\Gw2.exe O4 - GS\Desktop: Play HP Games.lnk . (.WildTangent, Inc. - GameConsole.) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe O4 - GS\Desktop: RaiderZ.lnk . (.MAIET Entertainment - MAIET Game Launcher 2.2.) -- C:\Games\RaiderZ\Raiderz Launcher.exe O4 - GS\Desktop: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) -- C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe O4 - GS\Desktop: TERA.lnk . (.Solid State Networks - TERA.) -- C:\Program Files (x86)\TERA\TERA-Launcher.exe O4 - Global Startup: C:\Users\Light\Desktop\Total War SHOGUN 2.url . (...) -- C:\Users\Light\Desktop\Total War SHOGUN 2.url O4 - GS\Desktop: Uplay.lnk . (...) -- C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe O4 - GS\Desktop: Windows Live Messenger .lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - GS\Desktop: X'nStop.lnk . (.Graphys © http://graphys.free.fr - Extinction de l'ordinateur.) -- C:\Program Files (x86)\X'nStop 2.5\Extinction.exe ~ Global Startup: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{076F69BC-96C0-42A3-9552-9BAB25E8962E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{4F9ED355-C9D0-42BB-86AC-B7863AB8DF9E}: DhcpNameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CCS\Services\Tcpip\..\{AFDFE3AC-8F57-4227-BE37-4E274EDBDEC4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{076F69BC-96C0-42A3-9552-9BAB25E8962E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{4F9ED355-C9D0-42BB-86AC-B7863AB8DF9E}: DhcpNameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS1\Services\Tcpip\..\{AFDFE3AC-8F57-4227-BE37-4E274EDBDEC4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{076F69BC-96C0-42A3-9552-9BAB25E8962E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{4F9ED355-C9D0-42BB-86AC-B7863AB8DF9E}: DhcpNameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS2\Services\Tcpip\..\{AFDFE3AC-8F57-4227-BE37-4E274EDBDEC4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{076F69BC-96C0-42A3-9552-9BAB25E8962E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{4F9ED355-C9D0-42BB-86AC-B7863AB8DF9E}: DhcpNameServer = 195.238.2.21 195.238.2.22 O17 - HKLM\System\CS3\Services\Tcpip\..\{AFDFE3AC-8F57-4227-BE37-4E274EDBDEC4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: HP Easy Backup Button Service (HPBtnSrv) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ~ Services: 12 Legitimates Filtered in 00mn 03s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [4685] (...) -- C:\Users\Light\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0] ~ Scheduled Task: 16 Legitimates Filtered in 00mn 01s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (SRTSP) . (. - .) - C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.sys (.not file.) O41 - Driver: (SRTSPX) . (. - .) - C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.sys (.not file.) ~ Drivers: 88 Legitimates Filtered in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Altitude - (.Nimbly Games.) [HKLM][64Bits] -- Steam App 41300 O42 - Logiciel: CrazyLoader - (...) [HKLM][64Bits] -- CrazyLoader O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E} O42 - Logiciel: SweetIM for Messenger 3.1 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {DA95E878-B181-4366-A433-6145592707A8} =>PUP.SweetIM O42 - Logiciel: X'nStop 2.5 - (.Graphys © 2001-2006.) [HKLM][64Bits] -- X'nStop_is1 O42 - Logiciel: searchweb - (.searchweb.) [HKLM][64Bits] -- searchweb O42 - Logiciel: uTorrentBar_FR Toolbar - (.uTorrentBar_FR.) [HKLM][64Bits] -- uTorrentBar_FR Toolbar O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent ~ Logic: 187 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\AppDataLow\Software\ConduitSearchScopes] [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar [HKCU\Software\AppDataLow\Software\blekkotb] [HKCU\Software\AppDataLow\Software\blekkotb_031] [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] [HKCU\Software\AppDataLow\Toolbar] [HKCU\Software\BitTorrent] [HKCU\Software\DataMngr] =>PUP.Datamngr [HKCU\Software\InstallCore] =>PUP.InstallCore [HKCU\Software\Moovida] =>Adware.SPointer [HKCU\Software\Simutronics] [HKCU\Software\Softonic] [HKCU\Software\SweetIM] =>PUP.SweetIM [HKCU\Software\URTI] [HKCU\Software\WezzaR] [HKCU\Software\d55d6d8b338b913] [HKLM\Software\Tarma Installer] =>Toolbar.Tarma [HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\Dtday] [HKLM\Software\Wow6432Node\Graphys] [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\WezzaR] [HKLM\Software\Wow6432Node\uTorrentBar_FR] ~ Key Software: 341 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 12/10/2012 - 3:45:27 - [0,000] ----D C:\Program Files (x86)\Alerte Dolphin O43 - CFD: 28/11/2012 - 16:29:33 - [0,325] ----D C:\Program Files (x86)\Babylon =>Toolbar.Babylon O43 - CFD: 23/07/2010 - 4:41:38 - [30,536] ----D C:\Program Files (x86)\CrazyLoader O43 - CFD: 28/09/2011 - 7:40:24 - [0] ----D C:\Program Files (x86)\Fluendo O43 - CFD: 28/01/2012 - 22:55:12 - [232,437] ----D C:\Program Files (x86)\Infinites-Paradize O43 - CFD: 16/01/2012 - 6:57:32 - [3,651] ----D C:\Program Files (x86)\searchweb O43 - CFD: 21/07/2010 - 3:14:43 - [3,866] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM O43 - CFD: 4/02/2013 - 0:59:30 - [4,896] ----D C:\Program Files (x86)\uTorrentBar_FR O43 - CFD: 14/08/2011 - 6:17:57 - [1,443] ----D C:\Program Files (x86)\X'nStop 2.5 O43 - CFD: 12/10/2012 - 3:50:31 - [0] ----D C:\ProgramData\blekko toolbars O43 - CFD: 5/02/2013 - 3:39:16 - [1,221] ----D C:\ProgramData\InstallMate O43 - CFD: 21/07/2010 - 3:14:43 - [1,423] ----D C:\ProgramData\SweetIM =>PUP.SweetIM O43 - CFD: 29/11/2012 - 0:12:26 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma O43 - CFD: 23/07/2010 - 4:39:05 - [0,005] ----D C:\Users\Light\AppData\Roaming\CrazyLoader O43 - CFD: 11/08/2011 - 17:56:26 - [0,693] ----D C:\Users\Light\AppData\Roaming\moovida-1 =>Adware.SPointer O43 - CFD: 30/06/2012 - 20:40:26 - [0,000] ----D C:\Users\Light\AppData\Roaming\SimpleShutdownScheduler O43 - CFD: 25/04/2013 - 6:51:47 - [5,220] ----D C:\Users\Light\AppData\Roaming\uTorrent O43 - CFD: 15/06/2012 - 0:52:12 - [76,030] ----D C:\Users\Light\AppData\Local\blekkotb_031 O43 - CFD: 30/08/2012 - 8:38:54 - [0,016] ----D C:\Users\Light\AppData\Local\crazyloader Air O43 - CFD: 22/01/2010 - 15:36:24 - [39,503] ----D C:\Users\Light\AppData\Local\dotnetfx3530729.01 O43 - CFD: 15/01/2010 - 20:18:20 - [0,017] ----D C:\Users\Light\AppData\Local\Lphant O43 - CFD: 22/01/2010 - 15:37:08 - [0,002] ----D C:\Users\Light\AppData\Local\Matt_Chambers O43 - CFD: 13/09/2011 - 1:41:43 - [0,016] ----D C:\Users\Light\AppData\Local\moovida Air =>Adware.SPointer O43 - CFD: 30/06/2012 - 20:40:30 - [0,001] ----D C:\Users\Light\AppData\Local\SimpleShutdownScheduler O43 - CFD: 23/07/2010 - 4:34:49 - [0,003] ----D C:\Users\Light\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CrazyLoader ~ 454 Dossiers CLSID vides (CLSID Empty Folders) ~ Program Folder: 853 Legitimates Filtered in 00mn 05s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.8C2410EA7BDCCD6C5105C79D8EFA0A92] - 24/04/2013 - 4:56:54 ---A- - C:\Windows\Prefetch\UTTA724.TMP.EXE-E3D149E6.pf O45 - LFCP:[MD5.16A0DF99335978A137B82D13E17F452F] - 25/04/2013 - 17:00:59 ---A- - C:\Windows\Prefetch\BEID35GUI.EXE-DFC63B9E.pf O45 - LFCP:[MD5.A1842EDA1FB1A1002ADC70F65770444F] - 25/04/2013 - 3:08:44 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-9C6C384E.pf O45 - LFCP:[MD5.4B4EB0EC7721ADA3627CB8A23E2419C7] - 26/04/2013 - 10:20:41 ---A- - C:\Windows\Prefetch\M5BXNKW286ZLDR8YYVFDJI.EXE-9A745185.pf O45 - LFCP:[MD5.BF86BAAF9E8B2CD437030D291B7D6246] - 26/04/2013 - 16:42:58 ---A- - C:\Windows\Prefetch\RELPOST.EXE-E4D0A138.pf O45 - LFCP:[MD5.9E6A7E18247157080BAD6C279C189AFF] - 26/04/2013 - 17:09:20 ---A- - C:\Windows\Prefetch\HPBTNSRV.EXE-996983D3.pf ~ Prefetcher: 137 Legitimates Filtered in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{c48d5785-6e12-11e2-816c-0026183d85a7}\AutoRun\command. (.Valve - Portal 2 Setup.) -- F:\setup.exe ~ Keys: Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.F14215E37CF124104575073F782111D2] - 21/01/2008 - 3:46:53 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [486456] O58 - SDL:[MD5.E2F1DCF4A68CC6CF694FBFBA1842F4CD] - 9/03/2005 - 19:50:16 ---A- . (...) -- C:\Windows\SysWOW64\drivers\libusb0.sys [33792] ~ Drivers: Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 23/04/2013 - 0:33:30 ---A- C:\Users\Light\AppData\Local\PMB Files\5F\C5\5FC5FBDBF725767AC87D34FEA17CEC53553C26F0.ct1 [213] O61 - LFC: 23/04/2013 - 0:33:30 ---A- C:\Users\Light\AppData\Local\PMB Files\5F\C5\5FC5FBDBF725767AC87D34FEA17CEC53553C26F0.ct2 [213] O61 - LFC: 23/04/2013 - 0:34:25 ---A- C:\Users\Light\AppData\Local\PMB Files\5F\C5\5FC5FBDBF725767AC87D34FEA17CEC53553C26F0.dat [315] O61 - LFC: 24/04/2013 - 4:56:37 ----- C:\Users\Light\AppData\Roaming\uTorrent\Transsexual Babysitters 21.wmv.torrent [15829] O61 - LFC: 24/04/2013 - 4:56:47 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\233C7608BA1220B4CF4A8303C4497EE6688AC331 [21396] O61 - LFC: 24/04/2013 - 4:56:47 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\7C8945DA1B01DEA87CEA3DEAE371D7FEEFE460C0 [3211] O61 - LFC: 24/04/2013 - 4:56:47 ---A- C:\Users\Light\AppData\Roaming\uTorrent\uTorrent.exe [802136] O61 - LFC: 24/04/2013 - 4:57:09 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\48343B282A21E47987673F3F1CBB6C654891F348 [4504] O61 - LFC: 24/04/2013 - 4:57:09 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\AE4B4BE47B5AFFB903B66C263041FC8B770CB965 [14513] O61 - LFC: 24/04/2013 - 5:00:10 ----- C:\Users\Light\AppData\Roaming\uTorrent\Nody Nadia - Transsexual Cheerleaders 12, Scene 1 (Devil's Film].torrent [86654] O61 - LFC: 24/04/2013 - 5:00:31 ----- C:\Users\Light\AppData\Roaming\uTorrent\Carmen.Moore.Transsexual.Cheerleaders.12.Scene.2.DevilsFilm.2013.HD_iyutero.com.mp4.torrent [6232] O61 - LFC: 24/04/2013 - 5:01:24 ----- C:\Users\Light\AppData\Roaming\uTorrent\Transsexual.Cheerleaders.10.DevilsFilm.DvDRip.2012_iyutero.com.wmv.torrent [16426] O61 - LFC: 24/04/2013 - 5:03:56 ----- C:\Users\Light\AppData\Roaming\uTorrent\Transsexual.Babysitters.19.XXX.720p.Webrip.MP4-JustDifferent[rbg].torrent [388191] O61 - LFC: 24/04/2013 - 5:05:12 ---A- C:\Users\Light\Downloads\Torrents\Transsexual.Babysitters.19.XXX.720p.Webrip.MP4-JustDifferent[rbg]\RARBG.com.txt [34] O61 - LFC: 24/04/2013 - 5:14:12 ---A- C:\Users\Light\Downloads\Torrents\Transsexual Babysitters 21.wmv [1570901425] O61 - LFC: 24/04/2013 - 5:27:53 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\B8FECAB627EF559817752FD9647DC889DF881817 [23917] O61 - LFC: 24/04/2013 - 5:27:53 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\D06A1E9F029743354B2A19C10804DE634AB9FB00 [17910] O61 - LFC: 24/04/2013 - 5:31:48 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dht.dat.old [2324] O61 - LFC: 24/04/2013 - 5:31:48 ---A- C:\Users\Light\AppData\Roaming\uTorrent\rss.dat.old [99] O61 - LFC: 25/04/2013 - 17:03:28 ---A- C:\Users\Light\Documents\92070740310.xml [15735] O61 - LFC: 25/04/2013 - 20:54:55 ---A- C:\Users\Light\AppData\Roaming\AnkamaCertificates\v2-RELEASE\b4cf31fb6a5ae2b95af8209aa61e7532 [1005] O61 - LFC: 25/04/2013 - 3:08:42 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\32F529521A3DEC709F97F761F192AABF29BDC408 [1342] O61 - LFC: 25/04/2013 - 3:08:52 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\5001BA4455AEAF2A438BEF2EFCE04F6C1E060A35 [26026] O61 - LFC: 25/04/2013 - 3:08:53 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\7B09490678D766AA249D1C412170456D02A301A5 [71392] O61 - LFC: 25/04/2013 - 3:59:22 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\22D569481717AB9D99185EA203860D2EFA04E29F [16980] O61 - LFC: 25/04/2013 - 5:03:50 R--A- C:\Users\Light\Downloads\Torrents\Transsexual.Cheerleaders.10.DevilsFilm.DvDRip.2012_iyutero.com.wmv [1641406227] O61 - LFC: 25/04/2013 - 5:04:24 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\9F14BA73AF7E781A0D6B91F469F3AA5E2287BE9A [15984] O61 - LFC: 25/04/2013 - 5:07:00 R--A- C:\Users\Light\Downloads\Torrents\Carmen.Moore.Transsexual.Cheerleaders.12.Scene.2.DevilsFilm.2013.HD_iyutero.com.mp4 [1139422454] O61 - LFC: 25/04/2013 - 5:16:25 ---A- C:\Users\Light\Downloads\Torrents\Transsexual.Babysitters.19.XXX.720p.Webrip.MP4-JustDifferent[rbg]\jd-trabab19.nfo [1847] O61 - LFC: 25/04/2013 - 5:38:42 ---A- C:\Users\Light\AppData\Roaming\uTorrent\settings.dat.old [23355] O61 - LFC: 25/04/2013 - 5:48:14 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dlimagecache\52E50955CCE6F0880BB3F74A3FA110E20963B382 [40346] O61 - LFC: 25/04/2013 - 5:49:03 ---A- C:\Users\Light\AppData\Roaming\uTorrent\resume.dat.old [54665] O61 - LFC: 25/04/2013 - 5:51:04 ---A- C:\Users\Light\AppData\Roaming\uTorrent\resume.dat [55187] O61 - LFC: 25/04/2013 - 5:51:28 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dht_feed.dat.old [2] O61 - LFC: 25/04/2013 - 5:51:46 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dht.dat [4222] O61 - LFC: 25/04/2013 - 5:51:46 ---A- C:\Users\Light\AppData\Roaming\uTorrent\dht_feed.dat [2] O61 - LFC: 25/04/2013 - 5:51:46 ---A- C:\Users\Light\AppData\Roaming\uTorrent\rss.dat [99] O61 - LFC: 25/04/2013 - 5:51:46 ---A- C:\Users\Light\AppData\Roaming\uTorrent\settings.dat [24418] O61 - LFC: 25/04/2013 - 5:51:51 ---A- C:\Users\Light\Downloads\Torrents\Transsexual.Babysitters.19.XXX.720p.Webrip.MP4-JustDifferent[rbg]\Transsexual_Babysitters_19_720p.mp4 [5080212504] O61 - LFC: 26/04/2013 - 17:08:21 ---A- C:\Users\Light\AppData\Local\d3d9caps.dat [680] O61 - LFC: 26/04/2013 - 21:12:38 ---A- C:\Users\Light\AppData\Local\PMB Files\cert\secmod.db [16384] O61 - LFC: 26/04/2013 - 21:12:41 ---A- C:\Users\Light\AppData\Local\PMB Files\cert\cert8.db [65536] O61 - LFC: 26/04/2013 - 21:12:41 ---A- C:\Users\Light\AppData\Local\PMB Files\cert\key3.db [16384] O61 - LFC: 26/04/2013 - 21:13:45 ---A- C:\Users\Light\AppData\Roaming\D2Info0 [125] O61 - LFC: 26/04/2013 - 21:13:49 ---A- C:\Users\Light\AppData\Roaming\app\Jerakine_lang.dat [5003] O61 - LFC: 26/04/2013 - 21:42:11 ---A- C:\Users\Light\AppData\Local\PMB Files\pando.save [10431] O61 - LFC: 26/04/2013 - 4:31:56 ---A- C:\Users\Light\Documents\Heu Lol ou quoi.txt [976] O61 - LFC: 27/04/2013 - 2:06:36 --HA- C:\Users\Light\ntuser.dat.LOG [159744] ~ 70 Fichiers temporaires (Temporary files) ~ Files: 544 Legitimates Filtered in 02mn 40s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (SRTSP) .(...) - LEGACY_SRTSP O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (SRTSPX) .(...) - LEGACY_SRTSPX ~ Legacy: 75 Legitimates Filtered in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988..clientLogIsEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.BrowserCompStateIsOpen_130040854674636737", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1667811.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1667811.alertChannelId", "24183"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1668860.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1668860.alertChannelId", "24247"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1668889.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1668889.alertChannelId", "24250"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1669100.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1669100.alertChannelId", "24264"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1669115.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1669115.alertChannelId", "24266"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1670222.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1670222.alertChannelId", "24349"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1670245.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1670245.alertChannelId", "24350"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1729581.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1729581.alertChannelId", "28311"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1729585.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1729585.alertChannelId", "28312"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1729587.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1729587.alertChannelId", "28313"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1729593.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT1729593.alertChannelId", "28315"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT2164362.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT2164362.alertChannelId", "563458"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT2651538.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CT2651538.alertChannelId", "1044202"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CTID", "ct1460988"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CommunitiesChangesLastCheckTime", "Tue Apr 23 2013 16:27:28 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CommunitiesChangesLastUrl", "http://grouping.services.conduit.com/GroupingRequest.ctp?type=ToolbarsInfo&ctids[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CommunityChanged", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.CurrentServerDate", "24-4-2013"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.DialogsAlignMode", "LTR"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.DialogsGetterLastCheckTime", "Sat Apr 20 2013 05:02:16 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.DownloadReferralCookieData", ""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.EMailNotifierPollDate", "Sat Dec 15 2012 17:05:02 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.EnableSearchHistory", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.EnableSearchSuggest", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ExternalComponentPollDate129239308604258837", "Fri Aug 27 2010 02:15:35 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ExternalComponentPollDate129270392180007164", "Sat Sep 01 2012 16:35:40 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedLastCount128460900971181341", 6); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedPollDate128460898315556274", "Sat Dec 15 2012 16:35:02 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedPollDate128460899415556929", "Sat Dec 15 2012 16:35:02 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedPollDate128460899564463182", "Sat Dec 15 2012 16:35:02 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedPollDate128460899661963361", "Sat Dec 15 2012 16:35:03 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedPollDate128460899768994715", "Sat Dec 15 2012 16:35:03 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedPollDate128479826070094154", "Sat Dec 15 2012 16:35:03 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedTTL128460898315556274", 10); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedTTL128460899415556929", 5); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedTTL128460899564463182", 15); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FeedTTL128460899661963361", 15); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FirstServerDate", "27-7-2010"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FirstTime", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FirstTimeFF3", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.FixPageNotFoundErrors", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.GroupingLastCheckTime", "Tue Apr 23 2013 16:27:28 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.GroupingLastErrorCode", ""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.GroupingLastResponse", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.GroupingLastServerUpdateTime", "130111853709630000"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.GroupingServerCheckInterval", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.GroupingServiceUrl", "http://grouping.services.conduit.com/"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.HasUserGlobalKeys", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.Initialize", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.InitializeCommonPrefs", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.InstallationAndCookieDataSentCount", 3); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.InstallationType", "Unknown"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.InstalledDate", "Tue Jul 27 2010 00:28:17 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.InvalidateCache", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.IsAlertDBUpdated", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.IsGrouping", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.IsMulticommunity", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.IsOpenThankYouPage", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.IsOpenUninstallPage", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LanguagePackLastCheckTime", "Tue Jul 27 2010 00:28:19 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LanguagePackReloadIntervalMM", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LastLogin_2.5.6.0", "Tue Jul 27 2010 17:48:27 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LastLogin_2.7.0.14", "Tue Aug 31 2010 01:29:04 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LastLogin_3.15.1.0", "Sun Dec 09 2012 04:16:26 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LastLogin_3.16.0.3", "Sun Mar 10 2013 02:24:20 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LastLogin_3.18.0.7", "Wed Apr 24 2013 00:27:27 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LatestVersion", "3.18.0.7"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.Locale", "en-us"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.LoginCache", 4); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.MCDetectTooltipHeight", "83"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.MCDetectTooltipShow", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.MCDetectTooltipWidth", "295"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.MyStuffEnabledAtInstallation", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioIsPodcast", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioLastCheckTime", "Tue Jul 27 2010 00:28:17 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioLastUpdateIPServer", "0"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioMediaID", "6820481"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioMediaType", "Media Player"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioMenuSelectedID", "EBRadioMenu_CT14609886820481"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioShrinked", "shrinked"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioShrinkedFromSetup", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioStationName", "100.7%20FM%20ICRT"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.RadioStationURL", "http://live.giga.net.tw/icrt16.asx"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SHRINK_TOOLBAR", 0); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchBoxWidth", 100); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=ct1460988&octid=EB_ORIG[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchFromAddressBarIsInit", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1460988&q="); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchInNewTabEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchInNewTabIntervalMM", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchInNewTabLastCheckTime", "Tue Jul 27 2010 00:28:17 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_T[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ServiceMapLastCheckTime", "Tue Apr 23 2013 16:27:28 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SettingsCheckIntervalMin", 120); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SettingsLastCheckTime", "Tue Jul 27 2010 00:28:16 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.SettingsLastUpdate", "1280156923"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ThirdPartyComponentsInterval", 504); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ThirdPartyComponentsLastCheck", "Tue Jul 27 2010 00:28:16 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ThirdPartyComponentsLastUpdate", "1246790578"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ToolbarShrinkedFromSetup", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.TrusteLinkUrl", "http://trust.conduit.com/CT1460988"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.UserID", "UN41870639031284061"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ValidationData_Toolbar", 2); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.WeatherNetwork", ""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.WeatherPollDate", "Sat Dec 15 2012 17:05:03 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.WeatherUnit", "C"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.alertChannelId", "10896"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.approveUntrustedApps", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api16_thetrafficstat_net.pid2", "66343038333564646338366563636661"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api18_thetrafficstat_net.pid2", "66343038333564646338366563636661"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api20_thetrafficstat_net.pid2", "64343561656231613036343165386435"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api21_thetrafficstat_net.pid2", "66343038333564646338366563636661"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api22_thetrafficstat_net.pid2", "66343038333564646338366563636661"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api26_thetrafficstat_net.pid2", "64343561656231613036343165386435"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api28_thetrafficstat_net.pid2", "64343561656231613036343165386435"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api29_thetrafficstat_net.pid2", "66343038333564646338366563636661"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.http://api6_thetrafficstat_net.pid2", "64343561656231613036343165386435"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.searchappstate", "33"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.backendstorage.searchapptracking", "73656E74"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.clientLogIsEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.components.1000034", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.components.1000082", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.components.1000234", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.DialogsAlignMode", "LTR"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.FeedLastCount128460900971181341", 300); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.FirstTimeSettingsDone", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.GroupingInvalidateCache", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.GroupingLastCheckTime", "Tue Apr 23 2013 16:27:28 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.GroupingLastErrorCode", ""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.GroupingLastResponse", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.GroupingLastServerUpdateTime", "130111853709630000"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.InvalidateCache", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.LanguagePackLastCheckTime", "Tue Apr 23 2013 16:27:29 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.Locale", "en-us"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.RadioLastCheckTime", "Sat Dec 15 2012 16:35:02 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.RadioLastUpdateIPServer", "3"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.RadioLastUpdateServer", "128929877726170000"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=ct1460988&oct[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.SearchInNewTabLastCheckTime", "Tue Apr 23 2013 16:27:29 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.SettingsCheckIntervalMin", 120); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.SettingsLastCheckTime", "Tue Apr 23 2013 16:27:28 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.SettingsLastUpdate", "1366700970"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.ThirdPartyComponentsLastCheck", "Sat Apr 20 2013 05:02:14 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.ThirdPartyComponentsLastUpdate", "1331805997"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.ToggleComponentState129160818675915142", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.components.1002", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.components.128460900971181341", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.components.128471966754825544", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.components.128696720804975604", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.components.128787319950112544", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.components.129160818675915142", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.components.129246285419730227", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.globalFirstTimeInfoLastCheckTime", "Sat Apr 20 2013 05:02:17 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.ct1460988.toolbarAppMetaDataLastCheckTime", "Tue Apr 23 2013 16:27:29 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.homepageProtectorEnableByLogin", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.initDone", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.isAppTrackingManagerOn", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.isFirstRadioInstallation", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.myStuffEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.myStuffPublihserMinWidth", 400); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.myStuffServiceIntervalMM", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.oldAppsList", "200,128460836995869597,128460837015400818,111,128479744034950538,129246285419730227,1294638967[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.revertSettingsEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.searchProtectorDialogDelayInSec", 10); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.searchProtectorEnableByLogin", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.testingCtid", ""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT1460988.usagesFlag", 2); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050..clientLogIsEnabled", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.BrowserCompStateIsOpen_129977890572899945", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.BrowserCompStateIsOpen_130100683276316706", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.BrowserCompStateIsOpen_1359634297000", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.CTID", "CT2269050"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.CurrentServerDate", "24-4-2013"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.DialogsAlignMode", "LTR"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.DialogsGetterLastCheckTime", "Sat Apr 20 2013 05:02:16 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.DownloadReferralCookieData", ""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.EMailNotifierPollDate", "Tue Aug 31 2010 01:54:04 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.FirstServerDate", "27-8-2010"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.FirstTime", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.FirstTimeFF3", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.FirstTimeSettingsDone", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.FixPageNotFoundErrors", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.GroupingServerCheckInterval", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.GroupingServiceUrl", "http://grouping.services.conduit.com/"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.HasUserGlobalKeys", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.Initialize", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.InitializeCommonPrefs", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.InstallationAndCookieDataSentCount", 3); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.InstallationType", "UnknownIntegration"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.InstalledDate", "Fri Aug 27 2010 02:15:38 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.InvalidateCache", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.IsGrouping", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.IsMulticommunity", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.IsOpenThankYouPage", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.IsOpenUninstallPage", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LanguagePackLastCheckTime", "Tue Apr 23 2013 16:27:29 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LastLogin_2.7.0.14", "Tue Aug 31 2010 01:29:05 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LastLogin_3.15.1.0", "Sun Dec 09 2012 04:16:24 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LastLogin_3.16.0.100", "Sun Mar 10 2013 02:24:19 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LastLogin_3.16.0.3", "Thu Jan 03 2013 04:48:40 GMT+0100"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LastLogin_3.18.0.7", "Wed Apr 24 2013 00:27:26 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LatestVersion", "3.18.0.7"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.Locale", "en"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.LoginCache", 4); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.MCDetectTooltipHeight", "83"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.MCDetectTooltipWidth", "295"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.MyStuffEnabledAtInstallation", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioIsPodcast", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioLastCheckTime", "Tue Aug 31 2010 01:29:05 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioLastUpdateIPServer", "3"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioMediaID", "12473383"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioMediaType", "Media Player"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioStationName", "Hotmix%20108"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.RadioStationURL", "http://67.202.67.18:8082"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2269050&octid=EB_ORIG[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SearchFromAddressBarIsInit", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q="); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SearchInNewTabEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SearchInNewTabIntervalMM", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SearchInNewTabLastCheckTime", "Tue Apr 23 2013 16:27:28 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_T[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.ServiceMapLastCheckTime", "Tue Apr 23 2013 16:27:28 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SettingsCheckIntervalMin", 120); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SettingsLastCheckTime", "Tue Apr 23 2013 16:27:27 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.SettingsLastUpdate", "1366711513"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.ThirdPartyComponentsInterval", 504); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Aug 27 2010 02:15:35 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.ToolbarShrinkedFromSetup", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.TrusteLinkUrl", "http://trust.conduit.com/CT2269050"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.UserID", "UN18552448350796735"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.WeatherNetwork", ""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.WeatherPollDate", "Tue Aug 31 2010 01:29:05 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.WeatherUnit", "C"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.alertChannelId", "666138"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.clientLogIsEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.homepageProtectorEnableByLogin", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.initDone", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.myStuffEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.myStuffPublihserMinWidth", 400); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.myStuffServiceIntervalMM", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.revertSettingsEnabled", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.searchProtectorDialogDelayInSec", 10); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.searchProtectorEnableByLogin", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.testingCtid", ""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Tue Apr 23 2013 16:27:29 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CT2269050.usagesFlag", 2); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050", "\"70fc3dd5ca2fc474b195903a[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/ct1460988/CT1460988", "\"e00077451ceb5b0f9fd2b12e[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", "\"1365594729\""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=ct1460988", "\"1359611868\""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"0ea11bd291bce1:0\""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"")[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.100", "\"0343677cfb1cd1:0\"[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"")[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"0343677cfb1cd1:0\"")[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT1460988", "\"22fbb080012e14eb6885b7d6bb[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050", "\"2cf4f33c40cf096b2e9e977826[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/bankimages/RadioSkins/Tapuz/idel.gif", "\"802b1fef4e19c81:0\""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/bankimages/RadioSkins/Tapuz/minimize.gif", "\"802b1fef4e19c81:0\""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/bankimages/RadioSkins/Tapuz/play.gif", "\"802b1fef4e19c81:0\""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/bankimages/RadioSkins/Tapuz/stop.gif", "\"802b1fef4e19c81:0\""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/bankimages/RadioSkins/Tapuz/vol.gif", "\"802b1fef4e19c81:0\""); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"59d20793a87e04a390b52ace8b82d43d\[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"4dbd95fb74f4d5c9e926dbed955e83[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Light\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\qiayk7qm.def[...] O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ToolbarsList", "CT1460988,CT2269050"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.ToolbarsList2", "CT1460988,CT2269050"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.alertInfoInterval", 720); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Tue Aug 31 2010 02:29:03 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.locale", "en"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.loginLastCheckTime", "Tue Aug 31 2010 01:29:03 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1282029937"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.showTrayIcon", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.alert.userId", "{7c5c0855-3b9d-45bf-995d-66c5576464b8}"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Tue Aug 31 2010 01:29:05 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.globalUserId", "742ba651-1dec-48c4-8054-f286225a3793"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Apr 20 2013 05:02:16 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.locale", "en"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Apr 23 2013 16:27:29 GMT+0200"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("CommunityToolbar.notifications.userId", "e0f954ac-f238-41aa-980c-0d6249270840"); O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("browser.search.defaulturl", "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&ai=13054"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("browser.search.selectedEngine", "Search the web (Babylon)"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.admin", false); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.id", "fc8174eb0000000000000026183d85a7"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.instlDay", "15630"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=fc8174eb0000000000000026183d85[...] =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar_i.babExt", ""); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111020&tt=4212_4"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar_i.newTab", false); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); =>Toolbar.Babylon O69 - SBI: prefs.js [Light - qiayk7qm.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.812:20:32"); =>Toolbar.Babylon O69 - SBI: SearchScopes [HKCU] {00C7F115-B9CE-42DC-8BDE-BB7330C243CA} - (AOL Recherche) - http://slirsredirect.search.aol.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web (Babylon)) - http://search.babylon.com =>Toolbar.Babylon O69 - SBI: SearchScopes [HKCU] {1DE115F2-9343-4E5C-A769-FD07FF92077C} - (uTorrentBar_FR Customized Web Search) - http://search.conduit.com O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (Blekko) - http://blekko.com O69 - SBI: SearchScopes [HKCU] {4344D9FA-3F0E-4E83-ADC1-65DFB92B213F} - (Yahoo!) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKCU] {A8EC52C1-DC30-4F84-897A-F0A777DF4F3B} - (Kelkoo) - http://be.kelkoopartners.net O69 - SBI: SearchScopes [HKCU] {E72FBB80-D22D-4C6A-8C91-F21D78B18959} - (JeuxVideo.com) - http://www.jeuxvideo.com ~ Keys: Scanned in 00mn 00s ---\\ Crack & Keygen Files (O82) C:\Users\Light\Desktop\crack sims 3\KeyGen.exe C:\Users\Light\Desktop\Crack.&.KeyGen.Les.Sims.3.UpByDarken.rar C:\Users\Light\Downloads\Cities.XL.2012.Only.Keygen -Razor.rar C:\Users\Light\Desktop\crack sims 3\KeyGen.exe C:\Users\Light\Desktop\Crack.&.KeyGen.Les.Sims.3.UpByDarken.rar C:\Users\Light\Downloads\Cities.XL.2012.Only.Keygen -Razor.rar ~ Files: Scanned in 01mn 41s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.01AE6B610A0B42074391F6F320AB795A] [SPRF][11/05/2011] (...) -- C:\ProgramData\hash.dat [32] [MD5.19BB9282C1DA11F9F99C663D69792433] [SPRF][26/04/2013] (...) -- C:\Users\Light\AppData\Local\d3d9caps.dat [680] [MD5.929A0C48D27ACDAB3397340C37AEA80D] [SPRF][19/07/2011] (...) -- C:\Users\Light\AppData\Local\d3d9caps64.dat [732] [MD5.11D751D299B9ABDC77BFF4156C75C4CF] [SPRF][4/02/2013] (...) -- C:\Users\Light\AppData\Local\Temp\bitool.dll [38480] [MD5.B9270BA1B0D210F786D2E001A7BB902B] [SPRF][22/04/2013] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\Light\AppData\Local\Temp\swt-win32-3740.dll [430080] [MD5.62BED326B60B83CAA7CDEEA3153E6240] [SPRF][20/02/2013] (.Yuna Software - Setup of Messenger Plus! 4.9.) -- C:\Users\Light\AppData\Local\Temp\Update_7314.exe [944016] [MD5.FD99D0E8880C413B83A93B4D6273EDC9] [SPRF][24/04/2013] (...) -- C:\Users\Light\AppData\Local\Temp\uttC008.tmp.bat [95] [MD5.0D1B53CEC430DA64D4D3AFD40969AA9A] [SPRF][18/11/2011] (...) -- C:\Users\Light\AppData\Roaming\skype.dat [90112] [MD5.3BCA7ED6CF706566C8A17E85FE504775] [SPRF][24/01/2010] (...) -- C:\Users\Light\AppData\Roaming\TheHunterSettings.bin [9719] [MD5.91971E38AA91062332C356F0AA718D0A] [SPRF][28/07/2012] (...) -- C:\Users\Light\AppData\Roaming\wklnhst.dat [402] [MD5.8825F1E753E77162BA9DF13BF62BB5BB] [SPRF][11/03/2013] (.Apple Inc. - iTunes Installer.) -- C:\Users\Light\Desktop\iTunes64Setup.exe [90130256] [MD5.06167AD6D6CDD8C5FBAF62F3EA7EA220] [SPRF][26/04/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Light\Desktop\ZHPDiag2.exe [5603992] [MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960] [MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544] ~ Files: Scanned in 00mn 01s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{244B7D87-E418-41BB-BBB6-E201EA2C1AA6}" | In - Public - P6 - TRUE | .(.Vity - File Downloader.) -- C:\Program Files (x86)\CrazyLoader\crazyloader.exe O87 - FAEL: "{3E16351C-68D8-4422-A344-EA984C6931D1}" | In - Public - P17 - TRUE | .(.Vity - File Downloader.) -- C:\Program Files (x86)\CrazyLoader\crazyloader.exe O87 - FAEL: "TCP Query User{D4ED35D3-6832-4B9B-8387-9A02B5F2E3E8}C:\program files (x86)\guild wars 2\gw2.tmp" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\guild wars 2\gw2.tmp O87 - FAEL: "UDP Query User{DB2786AC-C1E1-4E17-9E03-BEC99BD43877}C:\program files (x86)\guild wars 2\gw2.tmp" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\guild wars 2\gw2.tmp O87 - FAEL: "{F4DBB168-99E4-4CB2-8BD9-A99DA72E884E}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Light\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{439EB0D1-B9AC-4940-92D1-AF2E88CE7A09}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Light\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{5DD491BA-0376-43DA-9ED7-6F5F90FB6CD9}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{9966F180-1B98-4599-A8EC-D58983CED2D8}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{2930832B-E97B-458A-AAB5-E50041F1DEAD}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{381949D8-39A3-4CC5-A0A7-8499407CC38B}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{2939CD93-D520-4034-AB88-237B9F5E6F33}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O87 - FAEL: "{25B33D12-7102-4BB3-9550-079A806AD1C9}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ~ Firewall: 288 Legitimates Filtered in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : v2.11716 - (25/04/2013) Clés trouvées (Keys found) : 241 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 20 Fichiers trouvés (Files found) : 4 [HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon [HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}] =>Adware.SocialSkinz [HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent [HKLM\Software\Wow6432Node\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent [HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz [HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz [HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz [HKLM\Software\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Classes\Interface\{471E3998-588E-41D5-A874-FA11C44B70DE}] =>PUP.OfferBox [HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz [HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz [HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM [HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6084C211-01A1-464E-97A0-09772E122B50}] =>Adware.SPointer [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6084C211-01A1-464E-97A0-09772E122B50}] =>Adware.SPointer [HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz [HKLM\Software\Classes\TypeLib\{63AF3145-D2DC-4F1D-BB3A-3AAD9FEC3430}] =>PUP.OfferBox [HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6DF77AA3-27AF-46f2-A1DA-B569AC6BEEFF}] =>PUP.OfferBox [HKLM\Software\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Classes\Interface\{6F6C45E4-E231-4F0F-8CD8-AA5770303EAA}] =>PUP.OfferBox [HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{86460CE5-46A0-4543-B8FE-2D2AE182A2FE}] =>PUP.OfferBox [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz [HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon [HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz [HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch [HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz [HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper [HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper [HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon [HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C0924543-15FD-4F3D-889C-0B4562A9CB45}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C0924543-15FD-4F3D-889C-0B4562A9CB45}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C0924543-15FD-4F3D-889C-0B4562A9CB45}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}] =>Adware.SocialSkinz [HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C5F65718-341D-4e7d-9842-FCB9CC89527E}] =>Adware.SPointer [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C5F65718-341D-4e7d-9842-FCB9CC89527E}] =>Adware.SPointer [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C5F65718-341D-4e7d-9842-FCB9CC89527E}] =>Adware.SPointer [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{CDB982ED-F9D6-4E3B-B94B-96F705D35AD1}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo [HKLM\Software\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Classes\Interface\{D4E856E7-C034-49BA-BFEF-B785F3CBD7BA}] =>PUP.OfferBox [HKLM\Software\Classes\TypeLib\{D530F69A-EB2D-4EC6-BD37-E123AEFCA011}] =>PUP.OfferBox [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}] =>Adware.SocialSkinz [HKLM\Software\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Classes\Interface\{DB7A9C36-6C85-48BE-BA8D-151B6B144BE0}] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DBA4B812-2415-4000-AFCB-56F53E668DC5}] =>PUP.OfferBox [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo [HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware. BullseyeToolbar [HKLM\Software\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware. BullseyeToolbar [HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E] =>PUP.SweetIM [HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon [HKLM\Software\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Classes\Interface\{F77F3DFC-F5DC-4316-AB50-B50B16F2BEF4}] =>PUP.OfferBox [HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz [HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent [HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar_FR Toolbar] =>Toolbar.Conduit [HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent [HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent [HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent [HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent [HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent [HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook] =>Adware.Agent [HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph] =>PUP.SpecialSavings [HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader [HKCU\Software\AppDataLow\Software\blekkotb] =>Toolbar.Blekko [HKCU\Software\AppDataLow\Software\blekkotb_031] =>Toolbar.Blekko [HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit [HKLM\Software\CrazyLoader] =>Adware.SPointer [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\Spointer] =>Adware.SPointer [HKCU\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Tarma Installer] =>Toolbar.Agent [HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DA95E878-B181-4366-A433-6145592707A8}] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CrazyLoader] =>Adware.SPointer [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\searchweb] =>Adware.SocialSkinz [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar] =>Toolbar.Conduit [HKCU\Software\JavaSoft\Prefs\crazyloader] =>Adware.SPointer [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector [HKLM\Software\Classes\Installer\Features\112C48061A10E464790A9077E221B205] =>Adware.SPointer [HKLM\Software\Classes\Installer\Products\112C48061A10E464790A9077E221B205] =>Adware.SPointer [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\112C48061A10E464790A9077E221B205] =>Adware.SPointer [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>Toolbar.Babylon [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM [HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8] =>PUP.SweetIM [HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM [HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM [HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM [HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM [HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>Toolbar.Babylon [HKLM\Software\Classes\Crazyloader.Spointer] =>Adware.SPointer [HKLM\Software\Classes\Crazyloader.Spointer.1] =>Adware.SPointer [HKLM\Software\Classes\Crazyloader.SpointerCtrl] =>Adware.SPointer [HKLM\Software\Classes\Crazyloader.SpointerCtrl.1] =>Adware.SPointer [HKLM\Software\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.TbRequest] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.TbTask] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.TbTask.1] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent [HKLM\Software\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent [HKLM\Software\Classes\TBSB02609.IEToolbar] =>Toolbar.Agent [HKLM\Software\Classes\TBSB02609.IEToolbar.1] =>Toolbar.Agent [HKLM\Software\Classes\TBSB02609.TBSB02609] =>Toolbar.Agent [HKLM\Software\Classes\TBSB02609.TBSB02609.3] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.TBSB02609] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.TBSB02609.1] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Crazyloader.Spointer] =>Adware.SPointer [HKLM\Software\Wow6432Node\Classes\Crazyloader.Spointer.1] =>Adware.SPointer [HKLM\Software\Wow6432Node\Classes\Crazyloader.SpointerCtrl] =>Adware.SPointer [HKLM\Software\Wow6432Node\Classes\Crazyloader.SpointerCtrl.1] =>Adware.SPointer [HKLM\Software\Wow6432Node\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.TbRequest] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.TbTask] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.TbTask.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TBSB02609.IEToolbar] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TBSB02609.IEToolbar.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TBSB02609.TBSB02609] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\TBSB02609.TBSB02609.3] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar3.TBSB02609] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar3.TBSB02609.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^ [HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{CA3EB689-8F09-4026-AA10-B9534C691CE0} =>Adware.SocialSkinz C:\Program Files (x86)\Babylon =>Toolbar.Babylon C:\Program Files (x86)\Conduit =>Toolbar.Conduit C:\Program Files (x86)\Crazyloader =>Adware.SPointer C:\Program Files (x86)\searchweb =>Toolbar.Babylon C:\Program Files (x86)\SweetIM =>PUP.SweetIM C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit C:\ProgramData\InstallMate =>Toolbar.Agent C:\ProgramData\SweetIM =>PUP.SweetIM C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moovida =>Adware.SPointer C:\Users\Light\AppData\Roaming\Crazyloader =>Adware.SPointer C:\Users\Light\AppData\Local\blekkotb_031 =>Toolbar.Blekko C:\Users\Light\AppData\Local\Conduit =>Toolbar.Conduit C:\Users\Light\AppData\Local\Crazyloader Air =>Adware.SPointer C:\Users\Light\AppData\Local\moovida air =>Adware.SPointer C:\Users\Light\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon C:\Users\Light\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\Light\AppData\LocalLow\PriceGong =>Adware.PriceGong C:\Users\Light\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit C:\Users\Light\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\qiayk7qm.default\Conduit =>Toolbar.Conduit C:\Users\Light\AppData\Local\Temp\nse2B32.tmp =>Adware.MegaSearch C:\Users\Light\AppData\Local\Temp\nsy54A.tmp =>Adware.MegaSearch ~ Additionnel Scan: 477059 Items scanned in 00mn 39s ---\\ Product Upgrade Codes (O90) O90 - PUC: "112C48061A10E464790A9077E221B205" . (.Moovida.) -- C:\Windows\Installer\{6084C211-01A1-464E-97A0-09772E122B50}\ARPPRODUCTICON.exe =>Adware.SPointer O90 - PUC: "3E5761AA30D48084DB5F99629145D421" . (..) -- C:\Windows\Installer\{AA1675E3-4D03-4808-BDF5-992619544D12}\ARPPRODUCTICON.exe ~ Update Products: 151 Legitimates Filtered in 00mn 00s ---\\ Random Export Key (O91) [HKCU\Software\d55d6d8b338b913\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" [HKCU\Software\d55d6d8b338b913\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:version="2.3.796.11" [HKCU\Software\d55d6d8b338b913] =>Toolbar.Babylon^ ~ Export Key Software: Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 26/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 28/09/2012 239616 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 6/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 21/01/2008 27648 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe SS - | Demand 1/03/2011 130976 | (Futuremark SystemInfo Service) . (.Futuremark Corporation.) - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe SS - | Demand 9/12/2008 242424 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe SR - | Auto 4/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe SR - | Auto 192512 | (HPBtnSrv) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe SR - | Auto 20/05/2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 23/05/2011 171688 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe SR - | Demand 20/02/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Auto ??\??\???? 0 | C:\Windows\System32\libusbd-nt.exe (libusbd) . (.http://libusb-win32.sourceforge.net.) - c:\system32\libusbd-nt.exe SR - | Auto 17/03/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SS - | Demand 23/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Demand 2/02/2009 23536 | (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) . (.PC-Doctor, Inc..) - c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms SR - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Demand 26/03/2013 543656 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SR - | Auto 21/01/2008 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SS - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 21/01/2008 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 01s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net ~ MBR: 1 Legitimates Filtered in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Light at 26/04/2013 22:47:42 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ~ 2701 Legitimates filtered by white list End of the scan (1249 lines in 05mn 45s)(6)