~ Rapport de ZHPDiag v2014.8.13.118 - Nicolas Coolman (13/08/2014) ~ Lancé par Rémy (13/08/2014 12:02:10) ~ Adresse du Site Web http://nicolascoolman.fr ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 31.0 GCIE: Google Chrome v36.0.1985.125 (Defaut) OBIE: Safari v5.34.57.2 ---\\ Informations sur les produits Windows ~ Langage: Français Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Windows Operating System - Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 2V7GR Windows License : OK Windows Automatic Updates : OK ---\\ Logiciels de protection du système avast! Pro Antivirus v9.0.2021 Panda ActiveScan 2.0 v01.02.03.0000 Panda ActiveScan 2.0 v01.02.03.0000 Spybot - Search & Destroy v2.2.25 ---\\ Logiciels d'optimisation du système CCleaner ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 14 Plugin Adobe Reader 9.5.5 - Français Java 7 Update 60 ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3326 MB (59% free) System Restore: Activé (Enable) System drive C: has 55 GB (36%) free of 154 GB ---\\ Mode de connexion au système ~ Computer Name: PC-DE-RÉMY ~ User Name: Rémy ~ All Users Names: Rémy, Françoise, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Rémy\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Rémy\AppData\Roaming\ ~ %Desktop% : D:\Rémy\Desktop\ ~ %Favorites% : D:\Rémy\Favorites\ ~ %LocalAppData% : C:\Users\Rémy\AppData\Local\ ~ %StartMenu% : C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 55 Go of 154 Go) D: Hard drive, Flash drive, Thumb drive (Free 72 Go of 303 Go) E: CD-ROM drive (Not Inserted) G: Floppy drive, Flash card reader, USB Key (Not Inserted) H: Floppy drive, Flash card reader, USB Key (Not Inserted) I: Floppy drive, Flash card reader, USB Key (Not Inserted) J: Floppy drive, Flash card reader, USB Key (Not Inserted) K: Floppy drive, Flash card reader, USB Key (Not Inserted) N: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowHelp: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyDocs: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyMusic: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyPics: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSetProgramAccessAndDefaults: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowControlPanel: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowNetConn: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 50 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.61D9AD9E55D7A1E10C0EF701ADE1C486] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/06/2014 - 00:02:16.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856] [MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232] [MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192] [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 0/31457 ~ Mes musiques (My Musics) : 1/1622 ~ Mes Videos (My Videos) : 1/9009 ~ Mes Favoris (My Favorites) : 1/576 ~ Mes Documents (My Documents) : 1/19378 ~ Mon Bureau (My Desktop) : 2/6615 ~ Menu demarrer (Programs) : 1/80 ~ Hidden Files: Scanned in 01mn 01s ---\\ Processus lancés [MD5.7CDAA62E96552B995E5DDD06443B07B9] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe [1952568] [PID.3812] [MD5.00585EA05A184C6276C5F0052939314D] - (...) -- C:\Users\Rémy\AppData\Local\fst_fr_290\upfst_fr_290.exe [3355104] [PID.1808] =>Adware.FreeSoftToday [MD5.84B0BE89BF1155CD2498780C9D55BEB5] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6144000] [PID.3648] [MD5.968B7A2E6BE07CF337A34E07D0BE3ECC] - (.Microsoft Corporation - XBoxStat.exe.) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [734264] [PID.3764] [MD5.F8CBC49CE231F5E5FF1F2194D890F820] - (.Futuredial Inc. - ASUS Sync.) -- C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe [638976] [PID.3876] [MD5.26B558B2D31C7425B455B00E562EAD93] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896] [PID.3872] [MD5.AF49D1C79EA49A7833017F290EE63B82] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784] [PID.3972] [MD5.82447BEC15A44E3A8FA436457C7FA8A7] - (.CANON INC. - Canon IJ Network Scan Utility.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [128352] [PID.2928] [MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.3004] [MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.1088] [MD5.7239F88B47DBCD7A3D7AEEB9791DF950] - (...) -- C:\Program Files\fst_fr_290\fst_fr_290.exe [3975136] [PID.1808] =>Adware.FreeSoftToday [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2056] [MD5.D5543E09953C8A8B12801A3A7AFEE155] - (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720] [PID.3612] [MD5.099E24D4FE2ADA03F648B470830BD382] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Rémy\AppData\Roaming\Dropbox\bin\Dropbox.exe [35464216] [PID.1484] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2860] [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.4288] [MD5.A3BFB517D5D9DD7FE3B7BE88339E01CF] - (.TuneUp Software - TuneUp Automatic Program Reactivator.) -- C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe [137016] [PID.5216] [MD5.64A5D30EF57D4214DC9B27798DE2B19E] - (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe [13018808] [PID.4696] [MD5.61E4289E91E88C90478D7F4BEB10DCF7] - (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720] [PID.4752] [MD5.DC2E338E63159454B71659D82515A04E] - (.Nicolas Coolman - ZHPDiag.) -- D:\Rémy\Desktop\ZHPDiag\ZHPDiag.exe [8091648] [PID.1700] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4056] [MD5.B44B59C85DC2C2D39542F97BF545A308] - (.Microsoft Corporation - Microsoft (R) Console Based Script Host.) -- C:\Windows\system32\cscript.exe [135168] [PID.4968] [MD5.A8F308D79950DE33B478A3E5E026ADD9] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [667648] [PID.1312] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1608] [MD5.73F5C13B431915BAE35254B4E95DFB71] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1988] [MD5.E4A8257B84403ACA7367976DD317E9C1] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginServices\PluginService.exe [757872] [PID.2036] =>PUP.IePluginService [MD5.BA4DA4299310F4A54CBBA25221072D70] - (.Fuyu LIMITED - WindowsProtectManger Service.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [535936] [PID.192] =>PUP.Fuyu [MD5.85180CF88C5EBAD73B452A43A004CA51] - (.AOL LLC - AOL Connectivity Service.) -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640] [PID.2136] [MD5.91D1015685F88C5CB8938F6D1F7A8A11] - (.SIEN S.A. - IMGUpdater.) -- C:\Program Files\Common Files\IMGUpdater\IMGUpdater.exe [378152] [PID.2164] [MD5.96EFEC24346A8EB1157E80523079ADDC] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2236] [MD5.98EF79CC2B07398AC525F9EA1AE0366F] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880] [PID.2292] [MD5.0CADE4EF6D26F9FE974ED7CE959E8CF6] - (...) -- C:\Users\Rémy\AppData\Roaming\VOPackage\VOsrv.exe [73216] [PID.2452] =>Adware.Downware [MD5.1CFA4A1F3C7BB4C8F299E00428EB8677] - (.Splashtop Inc. - Splashtop Software Updater Service.) -- C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe [370504] [PID.2472] =>Adware.IncrediBar [MD5.3BA2E41F87425B56A840746F5157C765] - (.TuneUp Software - TuneUp Utilities Service.) -- C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1774904] [PID.2504] [MD5.14BF6B3AB327D519ED007CDDC56F6900] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272] [PID.2944] [MD5.820EBE67AB99F033FDE25B2692157991] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416] [PID.3204] [MD5.626A24ED1228580B9518C01930936DF9] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [133104] [PID.2120] [MD5.BE01E566D1F569AAB32D0335613E1EEA] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.0] ~ Processes Running: Scanned in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Rémy\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [User Data\Default][HomePage] http://www.sweet-page.com =>PUP.SweetPage G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé) G2 - GCE: Preference [User Data\Default] [eofcbnmajmjmplflapaojjnihcjkigck] avast! SafePrice v.9.0.2022.120, (Désactivé) G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] avast! Online Security v.9.0.2021.112, (Désactivé) G2 - GCE: Preference [User Data\Default] [hlamakkjeanfidbooajjkmjeolhkmhld] Savevid Download Helper v.1.0 (Désactivé) =>Adware.Bandoo G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé) G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Google+ Hangouts v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé) G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé) ---\\ Liste des dossiers d'extension Google Chrome G2 - EXT: C:\Users\Rémy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlamakkjeanfidbooajjkmjeolhkmhld [Savevid Download Helper] =>Adware.Bandoo G2 - EXT: C:\Users\Rémy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [Google Wallet] ~ Google Lines Browser: 17 Scanned in 00mn 01s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\prefs.js C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\user.js M3 - MFPP: Plugins - [Rémy] -- C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchplugins\babylon.xml =>PUP.Babylon M3 - MFPP: Plugins - [Rémy] -- C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchplugins\bing-avast.xml M3 - MFPP: Plugins - [Rémy] -- C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchplugins\conduit.xml M3 - MFPP: Plugins - [Rémy] -- C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchplugins\delta.xml =>Toolbar.DeltaSearch M3 - MFPP: Plugins - [Rémy] -- C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchplugins\Search_Results.xml =>PUP.SearchResults M3 - MFPP: Plugins - [Rémy] -- C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchplugins\softonic.xml =>Toolbar.Conduit M3 - MFPP: Plugins - [Rémy] -- C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchplugins\yahoo-avast.xml M2 - MFEP: RegExtension {5932BCAD-47CC-DE58-D9CC-57BBB4D71873} . (...) -- C:\Program Files\di4BlockAndSurf\175.xpi (.not file.) =>PUP.BlockAndSurf M0 - MFSP: prefs.js [Rémy - 0hgq8dvw.default] http://www.do M2 - MFEP: prefs.js [Rémy - 0hgq8dvw.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.23 (..) M2 - MFEP: Extension [Rémy - 0hgq8dvw.default] {20a82645-c095-46ed-80e3-08825760534b} P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent v1.27 for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll =>P2P.BitComet P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll P2 - FPN:Firefox Plugin Navigator . (.RealPlayer - RealPlayer Download Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpplugin.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@ascendo-inc/DataVault;version=1] - (...) -- C:\Program Files\DataVault\npapi.dll P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll P2 - FPN: [HKLM] [@divx.com/DivX Web Player Plug-In,version=1.0.0] - (.DivX, LLC - DivX Web Player version 3.2.0.788.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll =>.Google Inc P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Picasa2\npPicasa3.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.7.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.30214.0.) -- C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@pandasecurity.com/activescan] - (.Panda Security - Panda ActiveScan 2.0 Plugin for Firefox.) -- C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=16.0.3.51] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprndlchromebrowserrecordext;version=1.3.3] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=1.3.3] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprndlpepperflashvideoshim;version=1.3.3] - (.RealNetworks, Inc. - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll P2 - FPN: [HKLM] [@real.com/nprpplugin;version=16.0.3.51] - (.RealPlayer - RealPlayer Download Plugin.) -- c:\program files\real\realplayer\Netscape6\nprpplugin.dll P2 - FPN: [HKLM] [@realnetworks.com/npdlplugin;version=1] - (.RealDownloader - RealDownloader Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.11] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - MetaStream 3 Plugin r4.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll =>Adware.MetaStream P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Rémy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Rémy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll ~ Firefox Browser: 56 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://fr.yahoo.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://fr.search.yahoo.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.) R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} . (.Google Inc. - Google Update.) (No version) -- (.not file.) R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 ~ IE Browser: 11 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Download and Record Plugin.) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Clé orpheline O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: NetCrawl - {769a91da-209f-47fe-88b9-b0321b0982c8} Clé orpheline =>PUP.NetCrawl O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Clé orpheline O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: BlockAndSurf - {932223CA-E363-89BE-9BD1-5CCC44FDE039} Clé orpheline =>PUP.BlockAndSurf O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Clé orpheline =>Adware.IMBooster O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} Clé orpheline O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (.FreeDownloadManager.ORG - Pas de description.) -- C:\Program Files\Free Download Manager\iefdm2.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} Clé orpheline ~ BHO: 28 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} Clé orpheline O3 - Toolbar: (no name) - [HKLM]{13be918c-a6b4-40d3-9b2a-04920e8755ed} Clé orpheline O3 - Toolbar: DataVault Bar - [HKLM]{0D792CB2-2654-4E99-A597-7FC317F04D61} . (...) -- C:\Program Files\DataVault\ie.dll O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EF99BD32-C1FB-11D2-892F-0090271D4F88} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Run: [XboxStat] . (.Microsoft Corporation - XBoxStat.exe.) -- C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe O4 - HKLM\..\Run: [ASUSWebStorage] . (.ASUS Cloud Corporation - AsusWebStorage.) -- C:\Program Files\ASUS\ASUS WebStorage\3.0.138.290\AsusWSPanel.exe O4 - HKLM\..\Run: [ASUS Sync Loader] . (.Futuredial Inc. - ASUS Sync.) -- C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe O4 - HKLM\..\Run: [IJNetworkScanUtility] . (.CANON INC. - Canon IJ Network Scan Utility.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe =>.RealNetworks, Inc O4 - HKLM\..\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Run: [AnyProtect Scanner] C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect O4 - HKLM\..\Run: [fst_fr_290] . (...) -- C:\Program Files\fst_fr_290\fst_fr_290.exe =>Adware.FreeSoftToday O4 - HKLM\..\RunOnce: [upfst_fr_290.exe] . (...) -- C:\Users\Rémy\AppData\Local\fst_fr_290\upfst_fr_290.exe =>Adware.FreeSoftToday O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files\MyTomTom 3\MyTomTomSA.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Rémy\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] . (.Google Inc. - Picasa.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] . (.Fujitsu Siemens Computers - Customer Registration.) -- C:\ProgramData\fsc-reg\fscreg.exe O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] . (.Google Inc. - Picasa.) -- C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] . (.Fujitsu Siemens Computers - Customer Registration.) -- C:\ProgramData\fsc-reg\fscreg.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-21-2191402373-2876939082-3148872585-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-2191402373-2876939082-3148872585-1000\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKUS\S-1-5-21-2191402373-2876939082-3148872585-1000\..\Run: [MyTomTomSA.exe] . (.TomTom - MyTomTom.) -- C:\Program Files\MyTomTom 3\MyTomTomSA.exe O4 - HKUS\S-1-5-21-2191402373-2876939082-3148872585-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Rémy\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Clé orpheline O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll ~ Winsock: 7 Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: Garmin Communicator Plug-In (Garmin Communicator Plug-In) - https://static.garmincdn.com/gcp/ie/4.0.1.0/GarminAxControl_32.CAB O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} ((no name)) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} ((no name)) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} ((no name)) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} ((no name)) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} ((no name)) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} ((no name)) - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} ((no name)) - http://securite-neufbox.sfr.fr/Ols/fscax.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E1E73B44-2D20-47A9-9CA2-B534CEBBF856} ((no name)) - http://securite-neufbox.sfr.fr/pchc/fscax.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{0A5F4232-DE3D-4EEA-AF56-4FC68D58A78C}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CCS\Services\Tcpip\..\{32851041-0934-4712-93C0-1EDDAC2043CD}: DhcpNameServer = 172.20.2.10 172.20.2.39 O17 - HKLM\System\CCS\Services\Tcpip\..\{39AB5346-DFB2-424A-97CA-5EEFFC432A73}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{4C7FF8FC-1978-4EF7-9274-4C4871DE84C2}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{9AAEA6C9-33B7-40C4-836B-B7D1E936D02D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{B0073D34-5C91-4DA0-9E59-2CCAB471BB13}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{F487C3FB-B295-439A-A117-C5D27DFA1D25}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{0A5F4232-DE3D-4EEA-AF56-4FC68D58A78C}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS1\Services\Tcpip\..\{32851041-0934-4712-93C0-1EDDAC2043CD}: DhcpNameServer = 172.20.2.10 172.20.2.39 O17 - HKLM\System\CS1\Services\Tcpip\..\{39AB5346-DFB2-424A-97CA-5EEFFC432A73}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{4C7FF8FC-1978-4EF7-9274-4C4871DE84C2}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{9AAEA6C9-33B7-40C4-836B-B7D1E936D02D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{B0073D34-5C91-4DA0-9E59-2CCAB471BB13}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{F487C3FB-B295-439A-A117-C5D27DFA1D25}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{0A5F4232-DE3D-4EEA-AF56-4FC68D58A78C}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS2\Services\Tcpip\..\{32851041-0934-4712-93C0-1EDDAC2043CD}: DhcpNameServer = 172.20.2.10 172.20.2.39 O17 - HKLM\System\CS2\Services\Tcpip\..\{39AB5346-DFB2-424A-97CA-5EEFFC432A73}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{4C7FF8FC-1978-4EF7-9274-4C4871DE84C2}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{9AAEA6C9-33B7-40C4-836B-B7D1E936D02D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{B0073D34-5C91-4DA0-9E59-2CCAB471BB13}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{F487C3FB-B295-439A-A117-C5D27DFA1D25}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{0A5F4232-DE3D-4EEA-AF56-4FC68D58A78C}: DhcpNameServer = 109.0.66.10 109.0.66.20 O17 - HKLM\System\CS3\Services\Tcpip\..\{32851041-0934-4712-93C0-1EDDAC2043CD}: DhcpNameServer = 172.20.2.10 172.20.2.39 O17 - HKLM\System\CS3\Services\Tcpip\..\{39AB5346-DFB2-424A-97CA-5EEFFC432A73}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{4C7FF8FC-1978-4EF7-9274-4C4871DE84C2}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{9AAEA6C9-33B7-40C4-836B-B7D1E936D02D}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{B0073D34-5C91-4DA0-9E59-2CCAB471BB13}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{F487C3FB-B295-439A-A117-C5D27DFA1D25}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll =>.Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ SSODL: 1 Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: AOL Connectivity Service (AOL ACS) . (.AOL LLC - AOL Connectivity Service.) - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: GlobalUpdater (GlobalUpdater) . (.SIEN S.A. - IMGUpdater.) - C:\Program Files\Common Files\IMGUpdater\IMGUpdater.exe O23 - Service: Google Update Service (gupdate1c991b3cf58e43b) (gupdate1c991b3cf58e43b) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc O23 - Service: IePlugin Services (IePluginServices) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: VO Service component (servervo) . (...) - C:\Users\Rémy\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware O23 - Service: Splashtop Software Updater Service (SSUService) . (.Splashtop Inc. - Splashtop Software Updater Service.) - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe =>Adware.IncrediBar O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu ~ Services: 14 Scanned in 00mn 04s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sdnclean.exe) - File not found ~ BEX: 2 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.A6B6AB9502B63F43A9A56AE6AFB22078] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [262320] [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect [MD5.1AD8512A5C40AD1A0558498D8E0AC2AA] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [808448] [MD5.0074AFB0570FC1A6AC9771D0133DF44A] [APT] [Check for updates (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [3907304] [MD5.71D490C463014E4FB88B8CBA700B111E] [APT] [EPUpdater] (...) -- C:\Users\Rémy\AppData\Roaming\BabSolution\Shared\BabMaint.exe [4608] =>Hijacker.BabSolution [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\Rémy\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [133104] [MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [133104] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000Core] (.Google Inc..) -- C:\Users\Rémy\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000UA] (.Google Inc..) -- C:\Users\Rémy\AppData\Local\Google\Update\GoogleUpdate.exe [136176] [MD5.D63797E8E7781EE1500A810CB6194FA6] [APT] [Java Update Scheduler] (.Oracle Corporation.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [MD5.F8CBC49CE231F5E5FF1F2194D890F820] [APT] [Launch ASUS Sync Loader] (.Futuredial Inc..) -- C:\Program Files\ASUS\ASUS Sync\asusUPCTLoader.exe [638976] [MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576] [MD5.F6158734F1E24C6C510155CF0D363911] [APT] [Programme de mise … jour en ligne de Real Player] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\update\realsched.exe [295512] [MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-2191402373-2876939082-3148872585-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [187984] [MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-2191402373-2876939082-3148872585-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [187984] [MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealUpgradeLogonTaskS-1-5-21-2191402373-2876939082-3148872585-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [187984] [MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealUpgradeLogonTaskS-1-5-21-2191402373-2876939082-3148872585-1001] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [187984] [MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealUpgradeScheduledTaskS-1-5-21-2191402373-2876939082-3148872585-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [187984] [MD5.2A356FA2650E30E139F0476979548BF6] [APT] [RealUpgradeScheduledTaskS-1-5-21-2191402373-2876939082-3148872585-1001] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [187984] [MD5.DF474E01CFC5F28CA952B0DBD6B132A9] [APT] [Refresh immunization (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [3633312] [MD5.CDEB46FE688F062D3033209B29755203] [APT] [Scan the system (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [3885120] [MD5.7BC313B855B469B918B75CB3F058CC66] [APT] [SpeedMaxPc] (.SpeedMaxPc.) -- C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe [5004064] =>PUP.SpeedMaxPc [MD5.1DE3E324847390D51970264CBFCAC1D8] [APT] [SpeedMaxPc Update3] (.SpeedMaxPc.) -- C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe [660768] =>PUP.SpeedMaxPc [MD5.D2F226446DA2CDE36C00DCCB3451DC7A] [APT] [TuneUpUtilities_Task_BkGndMaintenance2013] (.TuneUp Software.) -- C:\Program Files\TuneUp Utilities 2014\OneClick.exe [459576] [MD5.00000000000000000000000000000000] [APT] [{16E53724-FB84-4EB4-A74D-B4432CFC4ECE}] (...) -- D:\R‚my\Desktop\setupcalcfin2006.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{2E7E884C-5D1A-46FA-B3C4-1FFCAC2F99D1}] (...) -- D:\R‚my\documents\Associations\PortableFreemind\PortableFreemind\PortableFreemind.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{3BD8D2F6-5418-4D3E-A89E-E9F752E86005}] (...) -- E:\AOLbox\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{906DA8D5-A213-44BB-868A-31E5C98CBA7A}] (...) -- D:\R‚my\Downloads\A effacer 2\nerovision-express_nerovision_express_3.1.0.25_anglais_10914.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{92E5C8F6-07B0-4518-82FD-C0EC5CC10283}] (...) -- D:\R‚my\Desktop\PortableFreemind\PortableFreemind\PortableFreemind.exe (.not file.) [0] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984] [MD5.F3F032EC55DBC3A0E4844B864D113A93] [APT] [wavepadShakeIcon] (.NCH Software.) -- C:\Program Files\NCH Swift Sound\WavePad\WavePad.exe [1989124] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [366] =>PUP.AnyProtect O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [366] =>PUP.AnyProtect O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [364] =>PUP.AnyProtect O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [364] =>PUP.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [364] =>PUP.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [364] =>PUP.AnyProtect O39 - APT: Check for updates (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job [644] O39 - APT: Check for updates (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\System32\Tasks\Check for updates (Spybot - Search & Destroy) [644] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052] O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1052] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056] O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1056] O39 - APT: GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000Core.job [1022] O39 - APT: GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000Core [1022] O39 - APT: GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000UA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000UA.job [1074] O39 - APT: GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000UA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2191402373-2876939082-3148872585-1000UA [1074] O39 - APT: Refresh immunization (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job [616] O39 - APT: Refresh immunization (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\System32\Tasks\Refresh immunization (Spybot - Search & Destroy) [616] O39 - APT: Scan the system (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job [446] O39 - APT: Scan the system (Spybot - Search & Destroy) - (.Safer-Networking Ltd..) -- C:\Windows\System32\Tasks\Scan the system (Spybot - Search & Destroy) [446] O39 - APT: - (..) -- C:\Windows\Tasks\SpeedMaxPc Registration3.job [438] =>PUP.SpeedMaxPc O39 - APT: - (..) -- C:\Windows\System32\Tasks\SpeedMaxPc Registration3 [438] =>PUP.SpeedMaxPc O39 - APT: SpeedMaxPc Update3 - (.SpeedMaxPc.) -- C:\Windows\Tasks\SpeedMaxPc Update3.job [396] =>PUP.SpeedMaxPc O39 - APT: SpeedMaxPc Update3 - (.SpeedMaxPc.) -- C:\Windows\System32\Tasks\SpeedMaxPc Update3 [396] =>PUP.SpeedMaxPc O39 - APT: SpeedMaxPc - (.SpeedMaxPc.) -- C:\Windows\Tasks\SpeedMaxPc.job [374] =>PUP.SpeedMaxPc O39 - APT: SpeedMaxPc - (.SpeedMaxPc.) -- C:\Windows\System32\Tasks\SpeedMaxPc [374] =>PUP.SpeedMaxPc ~ Scheduled Task: 51 Scanned in 00mn 05s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll O40 - ASIC: Viewpoint Media Player - {03F998B2-0E00-11D3-A498-00104B6EB52E} . (.Viewpoint Corporation - Viewpoint Media Player for Internet Explorer.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll =>Adware.MetaStream O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.6.0_07\bin\regutils.dll O40 - ASIC: Viewpoint Media Player - {1B00725B-C455-4DE6-BFB6-AD540AD427CD} . (.Viewpoint Corporation - Viewpoint Media Player for Internet Explorer.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\AxMetaStream.dll =>Adware.MetaStream O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 14.0 r0.) -- C:\Windows\system32\Macromed\Flash\Flash32_14_0_0_145.ocx ~ Active Setup: 15 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (aswKbd) . (.AVAST Software - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys O41 - Driver: (AswRdr) . (.AVAST Software - avast! TDI Redirect Driver.) - C:\Windows\system32\drivers\aswRdr.sys O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\Windows\system32\drivers\aswTdi.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: (RtlProt) . (.Windows (R) Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - C:\Windows\System32\DRIVERS\rtlprot.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: ({6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys =>PUP.LinkiDoo ~ Drivers: 108 Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: A New Zero - (...) [HKLM] -- A New Zero O42 - Logiciel: ANIWZCS2 Service - (...) [HKLM] -- {4C590030-7469-453E-8589-D15DA9D03F52} O42 - Logiciel: ANT Drivers 0.1.2.0 - (.ANT Drivers.) [HKLM] -- ANT Drivers_is1 O42 - Logiciel: AOL - Assistant de désinstallation - (...) [HKLM] -- Programme de désinstallation AOL O42 - Logiciel: ASUS Android USB Drivers - (.ASUSTeK Computer Inc..) [HKLM] -- {D3A8B9D5-EEE5-4F2A-9EDE-7EC3AADDA5D4} O42 - Logiciel: ASUS Sync - (.FutureDial Inc..) [HKLM] -- {6C2CB5E8-B928-4954-BEBB-A7C973ACC73C} O42 - Logiciel: ASUS WebStorage - (.ASUS Cloud Corporation.) [HKLM] -- ASUS WebStorage O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {0A3925EA-5B0E-401B-A189-7419149747B2} O42 - Logiciel: Adobe Flash Player 14 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 14 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader 9.5.5 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A95000000001} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Agendus for Windows Outlook Edition - (.iambic, Inc..) [HKLM] -- {1CEE552A-5E9E-49C3-9DE6-0BD978E20663}_is1 O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {46F044A5-CE8B-4196-984E-5BD6525E361D} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {0592EF96-69D8-4E4B-9CC9-88F58EA86F01} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Applian Director - (.Applian Technologies Inc..) [HKLM] -- Applian Director2.0 O42 - Logiciel: Ascendo DataVault 4.9.12 - (.Ascendo.) [HKLM] -- DataVault O42 - Logiciel: Audacity 1.3.12 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1 O42 - Logiciel: Boris Graffiti - (.Boris FX, Inc..) [HKLM] -- {262BF2CD-601D-4F43-919C-4B00B1D1F338} O42 - Logiciel: Burn4Free CD & DVD 4.9.0.0 - (.Ikysasoft s.r.l. uninominale.) [HKLM] -- Burn4Free CD & DVD_is1 O42 - Logiciel: CCleaner (remove only) - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 O42 - Logiciel: Canon IJ Network Scan Utility - (...) [HKLM] -- Canon_IJ_Network_Scan_UTILITY O42 - Logiciel: Canon IJ Network Tool - (...) [HKLM] -- Canon_IJ_Network_UTILITY O42 - Logiciel: Canon MP Navigator EX 2.0 - (...) [HKLM] -- MP Navigator EX 2.0 O42 - Logiciel: Canon MP620 series MP Drivers - (...) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (...) [HKLM] -- Easy-PhotoPrint EX O42 - Logiciel: Canon Utilities My Printer - (...) [HKLM] -- CanonMyPrinter O42 - Logiciel: Canon Utilities Solution Menu - (...) [HKLM] -- CanonSolutionMenu O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {CBC82AAC-FEEE-4EC4-B118-1454A5ADBFE2} O42 - Logiciel: ClickImpôts first step 2012.1.058 - (.Harvest.) [HKLM] -- {657795DA-0255-4A86-81B3-6936B8934416} O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup O42 - Logiciel: D-Link Wireless G DWA-110 - (.D-Link.) [HKLM] -- {5F753314-628E-4C13-B8AE-BFA7FD514CBE} O42 - Logiciel: DVDStyler v1.7.2 - (...) [HKLM] -- DVDStyler_is1 O42 - Logiciel: Documents Activstudio (FRA) v3.7.1 - (.Promethean Ltd..) [HKLM] -- {1387DCFE-114E-49EF-BEA7-8DF4FD14B73F} O42 - Logiciel: Driver et Moniteur WiFi OLITEC - (.REALTEK Semiconductor Corp..) [HKLM] -- {D23A9BE4-6956-41a9-81E3-DCDCCE7F8A0A} O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU] -- Dropbox O42 - Logiciel: EBP Mon Budget Perso 2009 9.0 - (.EBP.) [HKLM] -- {F4725114-B94A-4316-AD98-842E36CDF0DF} O42 - Logiciel: EPSON PERFECTION V200 PHOTO Manuel - (...) [HKLM] -- EPSON PERFECTION V200 PHOTO Guide d'utilisation O42 - Logiciel: EPSON Scan - (...) [HKLM] -- EPSON Scanner O42 - Logiciel: Emailchemy 9 - (.Weird Kid Software LLC.) [HKLM] -- Emailchemy 9 O42 - Logiciel: Enregistrement utilisateur de Canon MP620 series - (...) [HKLM] -- Enregistrement utilisateur de Canon MP620 series =>.Canon Inc O42 - Logiciel: Express Burn - (.NCH Software.) [HKLM] -- ExpressBurn O42 - Logiciel: FIFA 2003 - (...) [HKLM] -- {6A1DC8D4-9FA4-43C3-00B3-5993B4BBE7D4} O42 - Logiciel: FileViewPro - (.Solvusoft Corporation.) [HKLM] -- FileViewPro_is1 O42 - Logiciel: Free Download Manager 3.9.2 - (.FreeDownloadManager.ORG.) [HKLM] -- Free Download Manager_is1 O42 - Logiciel: Free Mp3 Wma Converter V 1.81 - (...) [HKLM] -- Free Mp3 Wma Converter_is1 O42 - Logiciel: Free PDF to Word Converter 1.5 - (.Free-PDF-to-Word.com.) [HKLM] -- Free PDF to Word Converter_is1 O42 - Logiciel: Free Video Converter V 2.92 - (.Koyote Soft.) [HKLM] -- Free Video Converter_is1 O42 - Logiciel: Free Videos To DVD V 4.0.0 - (.Koyote soft.) [HKLM] -- Free Videos To DVD_is1 O42 - Logiciel: Free YouTube to MP3 Converter version 3.12.3.610 - (.DVDVideoSoft Ltd..) [HKLM] -- Free YouTube to MP3 Converter_is1 O42 - Logiciel: FreeSoftToday 001.290 - (.FREESOFTTODAY.) [HKLM] -- fst_fr_290_is1 =>Adware.FreeSoftToday O42 - Logiciel: GIMP 2.6.7 - (...) [HKLM] -- WinGimp-2.0_is1 O42 - Logiciel: Geonaute Software - (.Geonaute.) [HKLM] -- {548CBD79-054A-42F1-A1DA-B4F3FEF490ED}_is1 O42 - Logiciel: Gestionnaire de Connexion 3G SFR 2009.11 - (...) [HKLM] -- Gestionnaire de Connexion 3G SFR_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM] -- {75939021-3B68-419D-8DC1-E9823BFF9658} O42 - Logiciel: Google SketchUp 7 - (.Google, Inc..) [HKLM] -- {5AD045DF-11AA-473D-B4AA-2A4F0E213047} O42 - Logiciel: Google SketchUp 8 - (.Google, Inc..) [HKLM] -- {E3F4EA31-41D7-4789-9AC4-F26CDAF797BA} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} O42 - Logiciel: Grab & Burn, Version 5.0.2 Free( Build 2006-08-23, Win32, CSS ) - (.Rocket Division Software.) [HKLM] -- Rocket Division Software Grab & Burn_is1 O42 - Logiciel: HFX Volume 1 - (.Pinnacle Systems.) [HKLM] -- {468B359F-BAEF-466F-BB82-5EDEA1D8B2FB} O42 - Logiciel: HFX Volume 2 - (.Pinnacle Systems.) [HKLM] -- {37F79692-6F8A-487E-BF5A-A1E3227D9830} O42 - Logiciel: IZArc 4.0 beta 1 - (.Ivan Zahariev.) [HKLM] -- {97C82B44-D408-4F14-9252-47FC1636D23E}_is1 O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- IMBoosterARP =>Adware.IMBooster O42 - Logiciel: IminentToolbar - (.Iminent.) [HKLM] -- IminentToolbar =>Adware.IMBooster O42 - Logiciel: InfraRecorder - (...) [HKLM] -- InfraRecorder O42 - Logiciel: Inkjet Printer/Scanner Extended Survey Program - (...) [HKLM] -- CANONIJPLM100 O42 - Logiciel: Installer - (...) [HKLM] -- VOPackage =>Adware.Downware O42 - Logiciel: Internet Explorer (Enable DEP) - (...) [HKLM] -- {a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb O42 - Logiciel: Java 7 Update 60 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF} O42 - Logiciel: Java(TM) 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070} O42 - Logiciel: LAME v3.98.2 for Audacity - (...) [HKLM] -- LAME for Audacity_is1 O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2721691) - (.Microsoft Corporation.) [HKLM] -- {355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94} O42 - Logiciel: Magic Bullet Looks Studio - (...) [HKLM] -- Magic Bullet Looks Studio O42 - Logiciel: Maxtor MaxBlast - (.Maxtor.) [HKLM] -- {81A60A13-224D-4637-8203-3EAC03B121A4} O42 - Logiciel: MediaCUB - (.zoug.) [HKLM] -- {C31FE5F6-AFC5-4DC9-A439-83600629D0E9} O42 - Logiciel: MediaInfo 0.7.14 - (.MediaArea.net.) [HKLM] -- MediaInfo O42 - Logiciel: Microsoft LifeChat - (.Microsoft.) [HKLM] -- {66039B36-96AE-40D1-8A32-071F7A61B738} O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM] -- Money2005b O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Xbox 360 Accessories 1.1 - (.Microsoft.) [HKLM] -- {9F5DF7FC-3AF2-4502-9084-F62FC00A5A3F} O42 - Logiciel: Mon Univers Fotocompil - (.CEWE COLOR AG u Co. OHG.) [HKLM] -- Mon Univers Fotocompil O42 - Logiciel: Mozilla Firefox 31.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 31.0 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: MyFreeCodec - (...) [HKCU] -- MyFreeCodec O42 - Logiciel: MyHeritage Family Tree Builder - (.MyHeritage.com.) [HKLM] -- Family Tree Builder O42 - Logiciel: MyTomTom 3.2.0.1116 - (.TomTom.) [HKLM] -- MyTomTom O42 - Logiciel: NCH Toolbar - (...) [HKLM] -- NCH Toolbar O42 - Logiciel: NDAS Software 3.20.1521 - (.XIMETA, Inc..) [HKLM] -- {2FA770B5-E51E-447E-8426-9074D358E044} O42 - Logiciel: Next Video Converter 3.61 - (.NextVideoSoft, Inc..) [HKLM] -- {2AD89908-0987-4B9E-8AB4-905899E4D754}_is1 O42 - Logiciel: OpenAL - (...) [HKLM] -- OpenAL O42 - Logiciel: OpenOffice 4.0.1 - (.Apache Software Foundation.) [HKLM] -- {8D5D54B8-3D29-4AB4-8DA8-1868DAF941D8} O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E} O42 - Logiciel: PL-2303 Vista Driver Installer - (.Prolific.) [HKLM] -- {EEC010D0-1252-4E1D-BAD9-F1B8F414535C} O42 - Logiciel: POIbase 1.041 - (.POIbase.) [HKLM] -- POIbase_is1 O42 - Logiciel: Panda ActiveScan 2.0 - (.Panda Security.) [HKLM] -- ActiveScan 2.0 O42 - Logiciel: Photodex Presenter - (...) [HKLM] -- Photodex Presenter O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 O42 - Logiciel: Pilote vidéo Pinnacle - (.Pinnacle Systems.) [HKLM] -- {5EB90C06-964F-4195-B83E-BD7E55C88415} O42 - Logiciel: Pinnacle Instant DVD Recorder - (.Pinnacle Systems.) [HKLM] -- {C1212AE3-DBB9-4365-8473-F8ABC7B06BBB} O42 - Logiciel: Pinnacle Studio 12 - (.Pinnacle Systems.) [HKLM] -- {D041EB9E-890A-4098-8F94-51DA194AC72A} O42 - Logiciel: Pinnacle Studio 12 Ultimate Plugins - (.Pinnacle Systems.) [HKLM] -- {D1860E6E-520E-4380-8433-E58E8F88B473} O42 - Logiciel: Pluzzed version 0.9.1 - (.czmaster.) [HKLM] -- {139495F2-4CCF-40A1-BE46-25614610AF29}_is1 O42 - Logiciel: PoiEdit - (...) [HKLM] -- PoiEdit O42 - Logiciel: ProShow Gold - (...) [HKLM] -- ProShow Gold O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} O42 - Logiciel: RTC Client API v1.2 - (.Microsoft.) [HKLM] -- {44CDBD1B-89FB-4E02-8319-2A4C550F664A} O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE} O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 16.0 O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recovery Toolbox for Outlook 1.5 - (.Recovery ToolBox.) [HKLM] -- Recovery Toolbox for Outlook_is1 O42 - Logiciel: Replay Video Capture - (.Applian Technologies Inc..) [HKLM] -- Replay Video Capture4.2 O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {FA4C2D53-205F-4245-9717-F3761154824D} O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {88547073-C566-4895-9005-EBE98EA3F7C7} O42 - Logiciel: SaveVid Plug-in - (.Bandoo Media, Inc.) [HKLM] -- {8D15E1B2-D2B7-4A17-B44B-D2DDE5981405} =>Adware.Bandoo O42 - Logiciel: Services d’impression Bonjour - (.Apple Inc..) [HKLM] -- {9D210D79-AEC5-453B-960C-4DD2C73931E1} O42 - Logiciel: Smart Audio Converter - (.SmartSoft.) [HKLM] -- Smart Audio Converter_is1 O42 - Logiciel: SoftwareUpdate 1.0 - (.eoRezo.) [HKLM] -- SoftwareUpdate_is1 =>PUP.Eorezo O42 - Logiciel: SpeedMaxPc - (.SpeedMaxPc.) [HKLM] -- {D894938C-8EE1-4854-9254-8F9AEF2BFE46} =>PUP.SpeedMaxPc O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004} O42 - Logiciel: Splashtop Streamer - (.Splashtop Inc..) [HKLM] -- InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109} O42 - Logiciel: Splashtop Streamer - (.Splashtop Inc..) [HKLM] -- {2EFEAD58-3311-4B2B-9D8A-8D663581D109} O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 O42 - Logiciel: Streaming Video Recorder V2.1.2 - (.Apowersoft.) [HKLM] -- {2CD65167-671F-49A3-B6C7-3B919DF028E2}_is1 O42 - Logiciel: Studio Premium Pack 1 - (.Pinnacle Systems.) [HKLM] -- {9FE67144-F235-4FAB-8E0E-1C04D724B2CE} O42 - Logiciel: Studio Premium Pack 2 - (.Pinnacle Systems.) [HKLM] -- {CA9B76C4-4E1F-4946-80B1-9E5E8886D7AE} O42 - Logiciel: Switch Sound File Converter - (.NCH Software.) [HKLM] -- Switch O42 - Logiciel: SystemDiagnostics - (.Fujitsu Technology Solutions.) [HKLM] -- {EF59DB7F-7426-426E-B862-7031F83ED304} O42 - Logiciel: TuneUp Utilities 2014 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities O42 - Logiciel: Uniblue SystemTweaker - (.Uniblue Systems Ltd.) [HKLM] -- {DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1 O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F} O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027} O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: Viewpoint Media Player - (...) [HKLM] -- ViewpointMediaPlayer =>Adware.MetaStream O42 - Logiciel: Virtual COM Port Driver - (.STMicroelectronics.) [HKLM] -- InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF} O42 - Logiciel: Visual Studio C++ 10.0 Runtime - (.TomTom International B.V..) [HKLM] -- {4412F224-3849-4461-A3E9-DEEF8D252790} O42 - Logiciel: WavePad Sound Editor - (.NCH Software.) [HKLM] -- WavePad O42 - Logiciel: West Point Bridge Designer 2007 - (...) [HKLM] -- West_Point_Bridge_Designer_2007 O42 - Logiciel: Windows Searchqu Toolbar - (.Bandoo Media Inc.) [HKLM] -- Windows Searchqu Toolbar =>PUP.Datamngr O42 - Logiciel: WindowsMangerProtect20.0.0.502 - (.WindowsProtect LIMITED.) [HKLM] -- WindowsMangerProtect =>PUP.Fuyu O42 - Logiciel: WiseFixer 3.5 - (.FoxthSoft.) [HKLM] -- {900C2AB5-3F37-4F84-B58C-893FA5F42D7D}_is1 O42 - Logiciel: Wondershare Dr.Fone pour iOS(Build 3.5.0.25) - (.Wondershare Software Co.,Ltd..) [HKLM] -- {A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1 O42 - Logiciel: XnView 1.96.5 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1 O42 - Logiciel: avast! Pro Antivirus v9.0.2021 - (.AVAST Software.) [HKLM] -- avast O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {C197BC08-3D82-4651-8886-E68C21578A38} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: proDAD Vitascene 1.0 - (...) [HKLM] -- proDAD-Vitascene-1.0 O42 - Logiciel: sweet-page uninstall - (.sweet-page.) [HKLM] -- sweet-page uninstall =>PUP.SweetPage ~ Logic: 88 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\5255dad9b168ba15] =>Hijacker.Eazel [HKCU\Software\AC3Filter] [HKCU\Software\ANI] [HKCU\Software\ATI Technologies Inc.] [HKCU\Software\ATI] [HKCU\Software\AVS4YOU] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Alexa Internet] [HKCU\Software\America Online] [HKCU\Software\Amerigomedia] [HKCU\Software\AnyProtect] =>PUP.AnyProtect [HKCU\Software\AppDataLow\Aurigma] [HKCU\Software\AppDataLow\F-Secure] [HKCU\Software\AppDataLow\FSOLS.Fscax.1] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\BlockAndSurf] =>PUP.BlockAndSurf [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow\Software\Monitored] [HKCU\Software\AppDataLow\Software\NCH] [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKCU\Software\AppDataLow\Software\Search Settings] =>Adware.SearchSettings [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software\savevidtoolbargaw] =>Adware.Bandoo [HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr [HKCU\Software\AppDataLow\Software\settings] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Applian] [HKCU\Software\ArcSoft] [HKCU\Software\Ascendo Inc] [HKCU\Software\Audacity] [HKCU\Software\Avast Software] [HKCU\Software\Avg] [HKCU\Software\BabSolution] =>Hijacker.BabSolution [HKCU\Software\BitComet] =>P2P.BitComet [HKCU\Software\Bugsplat] [HKCU\Software\Burn4Free] [HKCU\Software\CDDB] [HKCU\Software\Canneverbe Limited] [HKCU\Software\CanonBJ] [HKCU\Software\Canon] [HKCU\Software\CeWe Color] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\CoreAAC] [HKCU\Software\Cygnus Solutions] [HKCU\Software\DVDStyler] [HKCU\Software\DVDVideoSoft] [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr [HKCU\Software\Datamngr] =>PUP.Datamngr [HKCU\Software\DefaultPackStatus] [HKCU\Software\Distromatic] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Dnote Software] [HKCU\Software\ECAREME] [HKCU\Software\EPSON] [HKCU\Software\F-Secure] [HKCU\Software\Folder Manager] [HKCU\Software\FreeDownloadManager.ORG] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Green Eclipse] [HKCU\Software\HARVEST S.A.] [HKCU\Software\IM Providers] [HKCU\Software\IZSoftware] [HKCU\Software\InfraRecorder] [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\InstallShield] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\LeaderTech] [HKCU\Software\Licenses] [HKCU\Software\Ligos] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\MAGISTER] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Matrox] [HKCU\Software\Maxtor] [HKCU\Software\MimarSinan] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\MyHeritage.com] [HKCU\Software\Myfree Codec] [HKCU\Software\NCH Software] [HKCU\Software\NCH Swift Sound] [HKCU\Software\NDAS] [HKCU\Software\Nektra] [HKCU\Software\Nero] [HKCU\Software\NetCrawl] =>PUP.NetCrawl [HKCU\Software\Netscape] [HKCU\Software\NextVideoSoft] [HKCU\Software\Nico Mak Computing] [HKCU\Software\Northcode Inc] [HKCU\Software\ODBC] [HKCU\Software\OpenOffice.org] [HKCU\Software\OpenOffice] [HKCU\Software\PC SOFT] [HKCU\Software\ParetoLogic] =>PUP.Paretologic [HKCU\Software\Photodex] [HKCU\Software\Pinnacle Systems] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Promethean] [HKCU\Software\RadLight] [HKCU\Software\RealNetworks] [HKCU\Software\Realtek] [HKCU\Software\Recovery Toolbox for Outlook] [HKCU\Software\Red Giant Software] [HKCU\Software\RedGiantSoftware] [HKCU\Software\Redemption] [HKCU\Software\Redemption] [HKCU\Software\Replay Video Capture] [HKCU\Software\Research In Motion] [HKCU\Software\Riva] [HKCU\Software\Roxio] [HKCU\Software\SEIKO EPSON] [HKCU\Software\SFR] [HKCU\Software\Safer Networking Limited] [HKCU\Software\Samsung] [HKCU\Software\Smart Soft] [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\Sonic Solutions] [HKCU\Software\Sonic] [HKCU\Software\Sony Corporation] [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKCU\Software\Splashtop Inc.] [HKCU\Software\Studio 10] [HKCU\Software\SubSystems] [HKCU\Software\Systweak] [HKCU\Software\TechSmith] [HKCU\Software\The Complete Genealogy Reporter] [HKCU\Software\TomTom] [HKCU\Software\Trolltech] [HKCU\Software\TuneUp] [HKCU\Software\TutoTag] =>PUP.AgenceExclusive [HKCU\Software\Tutorials] =>PUP.AgenceExclusive [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VOB] [HKCU\Software\VSRevoGroup] [HKCU\Software\WinZip Computing] [HKCU\Software\WinkHandler] =>Adware.IMBooster [HKCU\Software\Wintertree] [HKCU\Software\Wondershare] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\Zyrax Software] [HKCU\Software\delta LTD] [HKCU\Software\eDrawings] [HKCU\Software\ej-technologies] [HKCU\Software\freesofttoday] =>Adware.FreeSoftToday [HKCU\Software\iLivid] =>Adware.Bandoo [HKCU\Software\iambic Software] [HKCU\Software\keyhole.com] [HKCU\Software\proDAD] [HKCU\Software\savevidtoolbargaw] =>Adware.Bandoo [HKCU\Software\softonicToolbar] =>Toolbar.Conduit [HKCU\Software\www.RocketDivision] [HKCU\Software\yahoo] [HKLM\Software\ACTIV Software] [HKLM\Software\ANI] [HKLM\Software\AOL] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\AVAST Software] [HKLM\Software\AVS4YOU] [HKLM\Software\Acronis] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\Alpha Networks] [HKLM\Software\America Online] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Apps] [HKLM\Software\Audible] [HKLM\Software\AviSynth] [HKLM\Software\Babylon] =>PUP.Babylon [HKLM\Software\Boris FX, Inc.] [HKLM\Software\BrowserChoice] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\CoreSecurity] [HKLM\Software\Cygnus Solutions] [HKLM\Software\D-Link] [HKLM\Software\DVDVideoSoft] [HKLM\Software\Data Fellows] [HKLM\Software\DataMngr] =>PUP.Datamngr [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\DomaIQ] =>Adware.DomaIQ [HKLM\Software\DriverTuner] [HKLM\Software\DriverTuner_Init] [HKLM\Software\Dropbox] [HKLM\Software\EA SPORTS] [HKLM\Software\ECAREME] [HKLM\Software\EPSON] [HKLM\Software\Electronic Arts] [HKLM\Software\Eset] [HKLM\Software\FAST Multimedia] [HKLM\Software\FrEeSoFtToDaY] =>Adware.FreeSoftToday [HKLM\Software\FreeDownloadManager.ORG] [HKLM\Software\Fujitsu] [HKLM\Software\GEAR Software] [HKLM\Software\Geonaute] [HKLM\Software\Google] [HKLM\Software\HPS] [HKLM\Software\IMGUpdater] [HKLM\Software\IZSoftware] [HKLM\Software\Iminent] =>Adware.IMBooster [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\Inventel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Lame for Audacity] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\Maxtor] [HKLM\Software\MediaArea.net] [HKLM\Software\MetaStream] =>Adware.MetaStream [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\MyHeritage.com] [HKLM\Software\Myfree Codec] [HKLM\Software\NCH Software] [HKLM\Software\NCH Swift Sound] [HKLM\Software\NCH] [HKLM\Software\NDAS] [HKLM\Software\Nero] [HKLM\Software\NetCrawl] =>PUP.NetCrawl [HKLM\Software\ODBC] [HKLM\Software\OpenOffice] [HKLM\Software\PalmSource] [HKLM\Software\Panda Software] [HKLM\Software\Paragon Software] [HKLM\Software\ParetoLogic] =>PUP.Paretologic [HKLM\Software\Pegasus Imaging] [HKLM\Software\PegasusImaging] [HKLM\Software\Photodex Media Sources] [HKLM\Software\Pinnacle Systems] [HKLM\Software\Policies] [HKLM\Software\PowerQuest] [HKLM\Software\Prolific Technology INC] [HKLM\Software\Prolific] [HKLM\Software\REALTEK Semiconductor Corp.] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek] [HKLM\Software\Red Giant Software] [HKLM\Software\RegisteredApplications] [HKLM\Software\Replay Video Capture] [HKLM\Software\Roxio] [HKLM\Software\RtWLan] [HKLM\Software\SAMSUNG] [HKLM\Software\SFR] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\SavevidSRTB] =>Adware.Bandoo [HKLM\Software\SearchquMediabarTb] =>PUP.Datamngr [HKLM\Software\Services] [HKLM\Software\Silicon Laboratories, Inc.] [HKLM\Software\SmartPCFixer] [HKLM\Software\Sonic] [HKLM\Software\Sony Corporation] [HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\Splashtop Inc.] [HKLM\Software\SupDp] =>PUP.SupTab [HKLM\Software\Supreme Savings] =>PUP.RewardsArcade [HKLM\Software\Symantec] [HKLM\Software\Systweak] [HKLM\Software\TomTom] [HKLM\Software\Trad-FR] [HKLM\Software\TuneUp] [HKLM\Software\Tutorials] =>PUP.AgenceExclusive [HKLM\Software\Umbrella] [HKLM\Software\Uniblue] [HKLM\Software\Unreal] [HKLM\Software\VideoLAN] [HKLM\Software\Viewpoint] =>Adware.MetaStream [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\Waves Audio] [HKLM\Software\Windows] [HKLM\Software\WiseFixer] [HKLM\Software\Wondershare] [HKLM\Software\Xerox] [HKLM\Software\Xing Technology Corp.] [HKLM\Software\XnView] [HKLM\Software\Yahoo] [HKLM\Software\ej-technologies] [HKLM\Software\iLividSRTB] =>Adware.Bandoo [HKLM\Software\mozilla.org] [HKLM\Software\proDAD] [HKLM\Software\supTab] =>PUP.SupTab [HKLM\Software\supWPM] =>PUP.WpManager [HKLM\Software\supWindowsMangerProtect] =>PUP.Fuyu [HKLM\Software\sweet-pageSoftware] =>PUP.SweetPage ~ Key Software: 570 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 01/07/2009 - 09:48:38 - [] ----D C:\Program Files\A New Zero O43 - CFD: 27/10/2010 - 14:11:54 - [] ----D C:\Program Files\Activ Software O43 - CFD: 15/06/2012 - 22:35:22 - [] ----D C:\Program Files\Adobe O43 - CFD: 14/06/2009 - 10:43:12 - [] ----D C:\Program Files\Ahead O43 - CFD: 24/10/2008 - 18:56:18 - [] ----D C:\Program Files\ANI O43 - CFD: 05/04/2013 - 19:57:24 - [] ----D C:\Program Files\ANT Drivers O43 - CFD: 04/06/2013 - 11:59:50 - [] ----D C:\Program Files\AOL O43 - CFD: 30/10/2008 - 16:33:11 - [] ----D C:\Program Files\AOL 9.0 VR O43 - CFD: 25/10/2011 - 14:21:21 - [] ----D C:\Program Files\Apowersoft O43 - CFD: 13/07/2011 - 10:40:30 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc O43 - CFD: 02/01/2011 - 00:45:38 - [] ----D C:\Program Files\Applian Director O43 - CFD: 10/07/2012 - 21:51:31 - [] ----D C:\Program Files\ASUS O43 - CFD: 10/07/2008 - 20:48:53 - [] ----D C:\Program Files\ATI O43 - CFD: 10/07/2008 - 20:49:46 - [] ----D C:\Program Files\ATI Technologies O43 - CFD: 21/06/2010 - 21:51:36 - [] ----D C:\Program Files\Audacity 1.3 Beta (Unicode) O43 - CFD: 01/10/2013 - 18:25:21 - [] ----D C:\Program Files\AVAST Software O43 - CFD: 24/10/2008 - 09:01:44 - [] ----D C:\Program Files\AVG O43 - CFD: 24/04/2009 - 22:37:58 - [] ----D C:\Program Files\AviSynth 2.5 O43 - CFD: 22/04/2009 - 22:32:12 - [0] ----D C:\Program Files\AVS4YOU O43 - CFD: 22/04/2009 - 22:14:09 - [] ----D C:\Program Files\BEIKS O43 - CFD: 27/09/2012 - 16:06:46 - [0] ----D C:\Program Files\BitComet =>P2P.BitComet O43 - CFD: 06/01/2014 - 11:10:33 - [] ----D C:\Program Files\Bonjour Print Services O43 - CFD: 05/10/2011 - 21:11:21 - [] ----D C:\Program Files\Bonjour(0) O43 - CFD: 15/11/2008 - 16:56:28 - [] ----D C:\Program Files\Boris FX, Inc O43 - CFD: 20/05/2010 - 07:54:32 - [] ----D C:\Program Files\Burn4Free O43 - CFD: 27/10/2008 - 16:48:16 - [] ----D C:\Program Files\Canon O43 - CFD: 27/10/2008 - 16:30:07 - [] --H-D C:\Program Files\CanonBJ O43 - CFD: 09/10/2009 - 00:54:06 - [] ----D C:\Program Files\CCleaner O43 - CFD: 20/01/2012 - 20:29:12 - [] ----D C:\Program Files\CDBurnerXP O43 - CFD: 09/01/2012 - 13:15:56 - [] ----D C:\Program Files\ClickImpots first step 2012 O43 - CFD: 24/06/2014 - 16:55:51 - [] ----D C:\Program Files\Common Files O43 - CFD: 09/10/2012 - 17:57:02 - [] ----D C:\Program Files\Comptes bancaires O43 - CFD: 24/10/2008 - 18:54:40 - [] ----D C:\Program Files\D-Link O43 - CFD: 06/01/2014 - 11:09:11 - [] ----D C:\Program Files\DataVault O43 - CFD: 26/12/2010 - 12:39:33 - [] ----D C:\Program Files\directx O43 - CFD: 12/05/2014 - 10:19:42 - [] ----D C:\Program Files\DivX O43 - CFD: 30/03/2012 - 01:01:35 - [] ----D C:\Program Files\Dnote Software O43 - CFD: 13/05/2013 - 22:24:08 - [] ----D C:\Program Files\DomaIQ Uninstaller =>Adware.DomaIQ O43 - CFD: 16/11/2013 - 17:49:00 - [] --H-D C:\Program Files\Dr.Fone_Temp O43 - CFD: 09/01/2014 - 13:09:36 - [0] ----D C:\Program Files\Driver-Soft O43 - CFD: 07/07/2013 - 23:03:48 - [] ----D C:\Program Files\Dropbox O43 - CFD: 30/07/2009 - 16:53:17 - [] ----D C:\Program Files\DVDStyler O43 - CFD: 21/11/2013 - 00:49:35 - [] ----D C:\Program Files\DVDVideoSoft O43 - CFD: 26/12/2010 - 12:43:35 - [] ----D C:\Program Files\EA SPORTS O43 - CFD: 14/06/2009 - 23:05:00 - [] ----D C:\Program Files\EBP O43 - CFD: 24/06/2014 - 16:54:28 - [] ----D C:\Program Files\Emailchemy O43 - CFD: 22/02/2013 - 10:12:24 - [] ----D C:\Program Files\Enregistrer des vidéos O43 - CFD: 05/03/2009 - 20:37:39 - [] ----D C:\Program Files\epson O43 - CFD: 24/04/2009 - 22:37:35 - [] ----D C:\Program Files\eRightSoft O43 - CFD: 11/11/2009 - 11:53:47 - [] ----D C:\Program Files\Family Toolbar O43 - CFD: 23/10/2008 - 16:49:24 - [] -SH-D C:\Program Files\Fichiers communs O43 - CFD: 24/06/2014 - 17:03:57 - [] ----D C:\Program Files\FileViewPro O43 - CFD: 02/12/2009 - 00:30:23 - [] ----D C:\Program Files\Fotocompil O43 - CFD: 30/07/2009 - 16:53:17 - [] ----D C:\Program Files\Free Audio Pack O43 - CFD: 05/03/2013 - 15:18:04 - [] ----D C:\Program Files\Free Download Manager O43 - CFD: 08/12/2009 - 00:56:14 - [] ----D C:\Program Files\Free PDF to Word Converter O43 - CFD: 20/05/2011 - 21:19:01 - [] ----D C:\Program Files\Free Video Converter O43 - CFD: 20/01/2012 - 19:23:28 - [] ----D C:\Program Files\Free Videos To DVD O43 - CFD: 10/07/2014 - 20:59:51 - [] ----D C:\Program Files\fst_fr_290 =>Adware.FreeSoftToday O43 - CFD: 19/04/2009 - 22:44:01 - [] ----D C:\Program Files\Fujitsu O43 - CFD: 20/12/2008 - 16:19:51 - [] ----D C:\Program Files\Fujitsu Siemens Computers O43 - CFD: 10/11/2011 - 23:27:57 - [] ----D C:\Program Files\Geonaute KeyMaze 500-700 O43 - CFD: 05/04/2013 - 19:56:36 - [] ----D C:\Program Files\Geonaute Software O43 - CFD: 17/10/2009 - 23:43:44 - [] ----D C:\Program Files\GIMP-2.0 O43 - CFD: 05/06/2014 - 23:12:01 - [] ----D C:\Program Files\Google O43 - CFD: 11/11/2009 - 11:50:46 - [] ----D C:\Program Files\Généalogie O43 - CFD: 27/01/2009 - 00:42:03 - [] ----D C:\Program Files\iambic Software O43 - CFD: 24/06/2014 - 16:56:00 - [] ---AD C:\Program Files\Iminent =>Adware.IMBooster O43 - CFD: 19/08/2009 - 12:55:56 - [] ----D C:\Program Files\InfraRecorder graver cd audio O43 - CFD: 09/01/2014 - 11:43:45 - [] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 24/07/2014 - 20:52:10 - [] ----D C:\Program Files\Internet Explorer O43 - CFD: 17/11/2013 - 11:56:23 - [] ----D C:\Program Files\iPod O43 - CFD: 05/10/2011 - 21:14:49 - [] ----D C:\Program Files\iPod(131) O43 - CFD: 17/11/2013 - 11:57:31 - [] ----D C:\Program Files\iTunes O43 - CFD: 05/10/2011 - 21:15:35 - [] ----D C:\Program Files\iTunes(132) O43 - CFD: 14/09/2009 - 23:35:01 - [] ----D C:\Program Files\IZArc O43 - CFD: 24/06/2014 - 16:59:55 - [] ----D C:\Program Files\Java O43 - CFD: 21/06/2010 - 23:26:51 - [] ----D C:\Program Files\Lame for Audacity O43 - CFD: 15/11/2008 - 10:34:31 - [] ----D C:\Program Files\LooksBuilderSE O43 - CFD: 06/10/2009 - 08:42:56 - [] ----D C:\Program Files\Maxtor O43 - CFD: 19/04/2009 - 21:30:55 - [] ----D C:\Program Files\MediaCoder O43 - CFD: 01/06/2010 - 23:37:27 - [] ----D C:\Program Files\MediaCUB O43 - CFD: 19/04/2009 - 22:57:05 - [] ----D C:\Program Files\MediaInfo O43 - CFD: 01/02/2011 - 01:26:43 - [] ----D C:\Program Files\Microsoft ATS O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Microsoft Games O43 - CFD: 05/11/2008 - 10:25:50 - [] ----D C:\Program Files\Microsoft LifeChat O43 - CFD: 14/04/2014 - 15:23:47 - [] ----D C:\Program Files\Microsoft Money 2005 O43 - CFD: 01/09/2011 - 19:13:04 - [] ----D C:\Program Files\Microsoft Office O43 - CFD: 28/04/2014 - 19:46:32 - [] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 05/11/2011 - 19:24:50 - [] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 05/11/2011 - 19:25:17 - [] ----D C:\Program Files\Microsoft Works O43 - CFD: 19/12/2011 - 00:16:17 - [] ----D C:\Program Files\Microsoft Xbox 360 Accessories O43 - CFD: 25/06/2010 - 22:01:50 - [] ----D C:\Program Files\Microsoft.NET O43 - CFD: 16/06/2011 - 00:26:23 - [] ----D C:\Program Files\Movie Maker O43 - CFD: 10/08/2014 - 13:54:35 - [] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 12/08/2014 - 16:09:16 - [] ----D C:\Program Files\Mozilla Maintenance Service O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\MSBuild O43 - CFD: 19/08/2009 - 12:50:05 - [] ----D C:\Program Files\MSECache O43 - CFD: 15/06/2012 - 22:35:00 - [] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 09/01/2014 - 00:35:27 - [] ----D C:\Program Files\MyFree Codec O43 - CFD: 12/11/2013 - 23:15:02 - [] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup O43 - CFD: 10/10/2012 - 21:57:53 - [] ----D C:\Program Files\MyTomTom 3 O43 - CFD: 28/06/2011 - 17:54:05 - [] ----D C:\Program Files\NCH O43 - CFD: 11/05/2014 - 13:09:58 - [] ----D C:\Program Files\NCH Software O43 - CFD: 28/06/2011 - 17:53:44 - [] ----D C:\Program Files\NCH Swift Sound O43 - CFD: 15/02/2010 - 19:59:11 - [] ----D C:\Program Files\NDAS O43 - CFD: 10/07/2008 - 20:54:05 - [] ----D C:\Program Files\Nero O43 - CFD: 28/06/2011 - 17:50:37 - [] ----D C:\Program Files\Next Video Converter O43 - CFD: 23/10/2008 - 17:27:27 - [] ----D C:\Program Files\Norman O43 - CFD: 23/08/2011 - 12:41:07 - [] ----D C:\Program Files\OLITEC O43 - CFD: 27/05/2009 - 22:45:27 - [] ----D C:\Program Files\Open Office O43 - CFD: 01/07/2009 - 09:48:38 - [] ----D C:\Program Files\OpenAL O43 - CFD: 11/12/2013 - 13:17:55 - [] ----D C:\Program Files\OpenOffice 4 O43 - CFD: 11/12/2013 - 13:16:37 - [] ----D C:\Program Files\OpenOffice.org 3 O43 - CFD: 21/06/2013 - 10:41:29 - [] ----D C:\Program Files\Optimizer Pro =>PUP.OptimizerPro O43 - CFD: 19/06/2009 - 18:29:32 - [] ----D C:\Program Files\Palm O43 - CFD: 30/07/2009 - 16:53:19 - [] ----D C:\Program Files\Panda Security O43 - CFD: 24/10/2008 - 11:18:37 - [] ----D C:\Program Files\Paragon Software O43 - CFD: 14/04/2009 - 21:30:55 - [] ----D C:\Program Files\Photodex O43 - CFD: 23/06/2009 - 23:37:54 - [] ----D C:\Program Files\Photodex Presenter O43 - CFD: 07/01/2014 - 16:35:37 - [] ----D C:\Program Files\Picasa2 O43 - CFD: 30/07/2009 - 16:53:20 - [] ----D C:\Program Files\Pinnacle O43 - CFD: 11/05/2014 - 12:17:29 - [] ----D C:\Program Files\Pluzzed O43 - CFD: 21/03/2012 - 16:34:13 - [] ----D C:\Program Files\POIbase O43 - CFD: 15/11/2008 - 10:34:36 - [] ----D C:\Program Files\proDAD O43 - CFD: 18/02/2009 - 12:12:42 - [] ----D C:\Program Files\Prolific O43 - CFD: 25/05/2013 - 21:27:31 - [] ----D C:\Program Files\QuickTime O43 - CFD: 05/10/2011 - 21:08:17 - [] ----D C:\Program Files\QuickTime(134) O43 - CFD: 25/09/2013 - 10:47:41 - [] ----D C:\Program Files\Real O43 - CFD: 25/09/2013 - 10:48:34 - [] ----D C:\Program Files\RealNetworks O43 - CFD: 05/11/2011 - 18:53:07 - [] ----D C:\Program Files\Recovery Toolbox for Outlook O43 - CFD: 02/11/2006 - 14:37:34 - [] ----D C:\Program Files\Reference Assemblies O43 - CFD: 14/12/2013 - 11:01:13 - [0] ----D C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner O43 - CFD: 02/01/2011 - 22:44:14 - [] ----D C:\Program Files\Replay Video Capture O43 - CFD: 20/01/2010 - 19:39:30 - [] ----D C:\Program Files\Riva O43 - CFD: 04/06/2009 - 22:14:24 - [] ----D C:\Program Files\Rocket Division Software O43 - CFD: 12/09/2012 - 21:52:15 - [] ----D C:\Program Files\Safari O43 - CFD: 09/01/2014 - 11:45:18 - [] ----D C:\Program Files\Samsung O43 - CFD: 16/03/2013 - 12:54:06 - [] ----D C:\Program Files\SavevidPlug-in =>Adware.Bandoo O43 - CFD: 14/11/2010 - 02:09:27 - [] ----D C:\Program Files\SFR O43 - CFD: 05/04/2013 - 20:22:47 - [] ----D C:\Program Files\Silabs O43 - CFD: 27/06/2011 - 19:31:14 - [] ----D C:\Program Files\SmartAudioConverter O43 - CFD: 02/12/2009 - 17:05:16 - [] ----D C:\Program Files\Sony O43 - CFD: 28/04/2014 - 17:59:41 - [] ----D C:\Program Files\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 15/06/2012 - 22:40:34 - [] ----D C:\Program Files\Splashtop O43 - CFD: 13/12/2013 - 19:44:58 - [] ----D C:\Program Files\Spybot - Search & Destroy 2 O43 - CFD: 05/04/2013 - 20:21:47 - [] ----D C:\Program Files\STMicroelectronics O43 - CFD: 05/07/2014 - 10:09:03 - [] ----D C:\Program Files\SupTab =>PUP.SupTab O43 - CFD: 11/07/2012 - 23:09:28 - [] ----D C:\Program Files\TomTom International B.V O43 - CFD: 01/10/2012 - 16:00:06 - [] ----D C:\Program Files\Trend Micro O43 - CFD: 28/04/2014 - 19:59:45 - [] ----D C:\Program Files\TuneUp Utilities 2014 O43 - CFD: 21/06/2013 - 10:44:21 - [] ----D C:\Program Files\Uniblue O43 - CFD: 02/11/2006 - 15:01:55 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 10/06/2014 - 10:38:57 - [] ----D C:\Program Files\VideoLAN O43 - CFD: 30/10/2008 - 16:31:24 - [] ----D C:\Program Files\Viewpoint =>Adware.MetaStream O43 - CFD: 24/02/2012 - 00:25:10 - [] ----D C:\Program Files\VS Revo Group O43 - CFD: 27/08/2009 - 23:15:55 - [] ----D C:\Program Files\West Point Bridge Designer 2007 O43 - CFD: 02/11/2009 - 20:08:58 - [] ----D C:\Program Files\Windows Calendar O43 - CFD: 02/11/2009 - 20:08:55 - [] ----D C:\Program Files\Windows Collaboration O43 - CFD: 02/11/2009 - 20:08:47 - [] ----D C:\Program Files\Windows Defender O43 - CFD: 24/07/2014 - 20:52:12 - [] ----D C:\Program Files\Windows Journal O43 - CFD: 27/11/2010 - 16:25:09 - [] ----D C:\Program Files\Windows Live O43 - CFD: 13/04/2012 - 00:42:55 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation O43 - CFD: 13/10/2010 - 22:21:51 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 23/10/2008 - 16:49:24 - [] ----D C:\Program Files\Windows NT O43 - CFD: 02/11/2009 - 20:08:53 - [] ----D C:\Program Files\Windows Photo Gallery O43 - CFD: 17/11/2009 - 23:59:55 - [] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 20/01/2012 - 19:26:13 - [] ----D C:\Program Files\Windows Searchqu Toolbar =>PUP.Datamngr O43 - CFD: 02/11/2009 - 20:08:56 - [] ----D C:\Program Files\Windows Sidebar O43 - CFD: 06/11/2011 - 13:34:14 - [] ----D C:\Program Files\WiseFixer O43 - CFD: 16/11/2013 - 17:48:56 - [] ----D C:\Program Files\Wondershare O43 - CFD: 04/10/2009 - 23:17:48 - [] ----D C:\Program Files\XnView compresser les images O43 - CFD: 04/10/2009 - 23:16:29 - [] ----D C:\Program Files\Xnview pour compresser les images O43 - CFD: 27/10/2010 - 16:24:01 - [0] ----D C:\Program Files\Yahoo! O43 - CFD: 27/10/2010 - 16:26:56 - [] ----D C:\Program Files\Common Files\Activ Software O43 - CFD: 30/01/2012 - 23:14:29 - [] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 14/05/2014 - 22:20:30 - [] ----D C:\Program Files\Common Files\Adobe AIR O43 - CFD: 14/06/2009 - 10:42:47 - [] ----D C:\Program Files\Common Files\Ahead O43 - CFD: 04/06/2013 - 11:59:49 - [] ----D C:\Program Files\Common Files\aol O43 - CFD: 30/10/2008 - 16:32:38 - [] ----D C:\Program Files\Common Files\aolback O43 - CFD: 30/10/2008 - 16:31:59 - [] ----D C:\Program Files\Common Files\aolshare O43 - CFD: 17/11/2013 - 11:56:21 - [] ----D C:\Program Files\Common Files\Apple O43 - CFD: 22/04/2009 - 22:32:14 - [] ----D C:\Program Files\Common Files\AVSMedia O43 - CFD: 27/10/2008 - 16:35:18 - [] ----D C:\Program Files\Common Files\CANON O43 - CFD: 14/05/2014 - 22:03:15 - [] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 12/05/2014 - 10:19:34 - [] ----D C:\Program Files\Common Files\DivX Shared O43 - CFD: 21/11/2013 - 00:49:29 - [] ----D C:\Program Files\Common Files\DVDVideoSoft O43 - CFD: 19/04/2009 - 22:44:03 - [] ----D C:\Program Files\Common Files\Fujitsu O43 - CFD: 24/06/2014 - 16:55:51 - [] ----D C:\Program Files\Common Files\IMGUpdater O43 - CFD: 25/01/2009 - 12:10:24 - [] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 02/05/2013 - 23:31:13 - [] ----D C:\Program Files\Common Files\Java O43 - CFD: 06/10/2009 - 08:42:59 - [] ----D C:\Program Files\Common Files\Maxtor O43 - CFD: 02/03/2012 - 20:18:25 - [] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 13/05/2009 - 21:32:08 - [] ----D C:\Program Files\Common Files\Nero O43 - CFD: 30/10/2008 - 16:31:58 - [] ----D C:\Program Files\Common Files\Nullsoft O43 - CFD: 15/11/2008 - 01:33:09 - [] ----D C:\Program Files\Common Files\Pegasus Imaging O43 - CFD: 15/11/2008 - 01:39:13 - [] ----D C:\Program Files\Common Files\Pinnacle O43 - CFD: 23/06/2013 - 09:57:22 - [] ----D C:\Program Files\Common Files\Real O43 - CFD: 27/09/2012 - 16:04:58 - [] ----D C:\Program Files\Common Files\Roxio Shared O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\Services O43 - CFD: 02/11/2006 - 13:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 28/04/2014 - 17:59:41 - [] ----D C:\Program Files\Common Files\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 20/01/2010 - 19:39:38 - [] ----D C:\Program Files\Common Files\SWF Studio O43 - CFD: 09/11/2011 - 23:00:37 - [] ----D C:\Program Files\Common Files\System O43 - CFD: 24/06/2014 - 16:55:51 - [] ----D C:\Program Files\Common Files\Umbrella O43 - CFD: 24/10/2008 - 11:32:30 - [] -SH-D C:\Program Files\Common Files\WindowsLiveInstaller O43 - CFD: 16/11/2013 - 17:49:04 - [] ----D C:\Program Files\Common Files\Wondershare O43 - CFD: 25/09/2013 - 10:47:35 - [] ----D C:\Program Files\Common Files\xing shared O43 - CFD: 15/11/2008 - 01:33:08 - [] ----D C:\Program Files\Common Files\Yahoo! O43 - CFD: 17/11/2013 - 11:57:31 - [] ----D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 O43 - CFD: 26/04/2009 - 21:52:10 - [] ----D C:\ProgramData\Activ Software O43 - CFD: 16/06/2013 - 22:22:50 - [] ----D C:\ProgramData\Adobe O43 - CFD: 13/05/2009 - 16:14:05 - [] ----D C:\ProgramData\Ahead O43 - CFD: 27/11/2010 - 16:46:04 - [] ----D C:\ProgramData\AOL O43 - CFD: 15/02/2010 - 10:38:22 - [] ----D C:\ProgramData\AOL Downloads O43 - CFD: 30/10/2008 - 17:07:00 - [0] ----D C:\ProgramData\AOL OCP O43 - CFD: 07/01/2014 - 23:58:09 - [] ----D C:\ProgramData\Apple O43 - CFD: 30/10/2008 - 19:41:23 - [] ----D C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 15/06/2012 - 22:38:40 - [] ----D C:\ProgramData\ASUS WebStorage O43 - CFD: 10/07/2008 - 21:03:27 - [] ----D C:\ProgramData\ATI O43 - CFD: 04/12/2013 - 00:08:40 - [] ----D C:\ProgramData\AVAST Software O43 - CFD: 19/04/2009 - 18:18:31 - [] ----D C:\ProgramData\AVS4YOU O43 - CFD: 13/05/2013 - 22:19:22 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon O43 - CFD: 18/02/2011 - 01:21:16 - [] ----D C:\ProgramData\bEdOeBo06511 O43 - CFD: 16/03/2013 - 12:54:16 - [] ----D C:\ProgramData\boost_interprocess O43 - CFD: 22/02/2013 - 13:04:21 - [0] ----D C:\ProgramData\Browser Manager O43 - CFD: 23/10/2008 - 16:49:24 - [] -SH-D C:\ProgramData\Bureau O43 - CFD: 20/01/2012 - 20:29:29 - [] ----D C:\ProgramData\Canneverbe Limited O43 - CFD: 27/10/2008 - 16:31:43 - [] --H-D C:\ProgramData\CanonBJ O43 - CFD: 25/09/2012 - 18:08:28 - [] ----D C:\ProgramData\CanonIJ O43 - CFD: 27/10/2008 - 23:03:44 - [] --H-D C:\ProgramData\CanonIJEGV O43 - CFD: 27/10/2008 - 16:59:31 - [] --H-D C:\ProgramData\CanonIJEPPEX O43 - CFD: 27/10/2008 - 16:48:26 - [] --H-D C:\ProgramData\CanonIJMyPrinter O43 - CFD: 07/10/2012 - 12:23:19 - [] ----D C:\ProgramData\CanonIJPLM O43 - CFD: 27/10/2008 - 16:49:29 - [] --H-D C:\ProgramData\CanonIJScan O43 - CFD: 27/10/2008 - 16:52:09 - [] --H-D C:\ProgramData\CanonIJSolutionMenu O43 - CFD: 21/11/2013 - 00:51:15 - [] --H-D C:\ProgramData\Common Files O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 12/05/2014 - 10:19:42 - [] ----D C:\ProgramData\DivX O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 14/02/2012 - 22:33:21 - [] ----D C:\ProgramData\Driver Manager O43 - CFD: 07/01/2014 - 22:08:03 - [0] ----D C:\ProgramData\DriverGenius O43 - CFD: 29/10/2010 - 09:39:06 - [] ----D C:\ProgramData\f-secure O43 - CFD: 23/10/2008 - 16:49:24 - [] -SH-D C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 09/10/2009 - 00:35:23 - [] ----D C:\ProgramData\Fighters O43 - CFD: 04/06/2013 - 11:54:04 - [] ----D C:\ProgramData\Free Download Manager O43 - CFD: 23/10/2008 - 16:55:32 - [] ----D C:\ProgramData\fsc-reg O43 - CFD: 15/02/2010 - 13:06:32 - [] ----D C:\ProgramData\fssg O43 - CFD: 19/04/2009 - 22:44:03 - [] ----D C:\ProgramData\Fujitsu O43 - CFD: 05/04/2013 - 19:56:29 - [] ----D C:\ProgramData\Geonaute O43 - CFD: 24/05/2012 - 23:25:26 - [] ----D C:\ProgramData\Google O43 - CFD: 24/08/2012 - 18:49:04 - [] ----D C:\ProgramData\hps O43 - CFD: 05/07/2014 - 10:09:09 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService O43 - CFD: 25/01/2009 - 12:13:01 - [] ----D C:\ProgramData\InstallShield O43 - CFD: 24/06/2014 - 17:04:34 - [] ----D C:\ProgramData\IsolatedStorage O43 - CFD: 30/10/2008 - 16:32:39 - [] ----D C:\ProgramData\Macromedia O43 - CFD: 05/08/2009 - 09:32:07 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 18/10/2009 - 22:44:42 - [] ----D C:\ProgramData\Maxtor O43 - CFD: 23/10/2008 - 16:49:24 - [] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 28/04/2014 - 20:09:19 - [] ----D C:\ProgramData\Microsoft O43 - CFD: 10/07/2014 - 21:02:05 - [] ----D C:\ProgramData\Microsoft Help O43 - CFD: 23/10/2008 - 16:49:24 - [] -SH-D C:\ProgramData\Modèles O43 - CFD: 02/05/2013 - 23:31:50 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 11/11/2009 - 11:57:16 - [] ----D C:\ProgramData\MyHeritage O43 - CFD: 11/05/2014 - 13:09:58 - [] ----D C:\ProgramData\NCH Software O43 - CFD: 05/07/2011 - 17:53:48 - [] ----D C:\ProgramData\NCH Swift Sound O43 - CFD: 13/05/2009 - 21:32:08 - [] ----D C:\ProgramData\Nero O43 - CFD: 13/11/2008 - 22:05:10 - [] ----D C:\ProgramData\Office Genuine Advantage O43 - CFD: 24/06/2014 - 17:00:00 - [0] ----D C:\ProgramData\Oracle O43 - CFD: 09/01/2014 - 12:52:43 - [] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic O43 - CFD: 15/11/2008 - 01:44:13 - [] ----D C:\ProgramData\Pinnacle O43 - CFD: 15/11/2008 - 01:33:07 - [0] ----D C:\ProgramData\Pinnacle Studio Plus O43 - CFD: 15/11/2008 - 09:36:44 - [] ----D C:\ProgramData\Pinnacle Studio Ultimate O43 - CFD: 24/04/2012 - 23:51:25 - [] ----D C:\ProgramData\POIbase O43 - CFD: 26/08/2013 - 06:47:49 - [] ----D C:\ProgramData\Real O43 - CFD: 25/09/2013 - 10:48:30 - [] ----D C:\ProgramData\RealNetworks O43 - CFD: 27/09/2012 - 16:04:56 - [] ----D C:\ProgramData\Roxio O43 - CFD: 09/01/2014 - 11:47:31 - [] ----D C:\ProgramData\Samsung O43 - CFD: 25/01/2009 - 12:12:59 - [] ----D C:\ProgramData\Sonic O43 - CFD: 02/12/2009 - 17:04:09 - [] ----D C:\ProgramData\Sony Corporation O43 - CFD: 28/04/2014 - 17:59:42 - [] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 03/07/2012 - 23:57:19 - [] ----D C:\ProgramData\Splashtop O43 - CFD: 13/12/2013 - 19:48:22 - [] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 02/11/2006 - 15:02:03 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 15/11/2008 - 01:33:07 - [] ----D C:\ProgramData\Studio 12 O43 - CFD: 24/05/2011 - 22:59:42 - [] ----D C:\ProgramData\Sun O43 - CFD: 20/06/2013 - 09:54:35 - [0] ---AD C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 15:02:04 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 18/03/2014 - 00:33:40 - [] ----D C:\ProgramData\tmp O43 - CFD: 01/10/2012 - 15:55:49 - [] ----D C:\ProgramData\Trend Micro O43 - CFD: 21/11/2013 - 14:40:26 - [] ----D C:\ProgramData\TuneUp Software O43 - CFD: 30/10/2008 - 16:31:24 - [] ----D C:\ProgramData\Viewpoint =>Adware.MetaStream O43 - CFD: 05/07/2014 - 10:09:00 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu O43 - CFD: 06/05/2009 - 23:09:16 - [] ----D C:\ProgramData\WindowsSearch O43 - CFD: 24/10/2008 - 11:29:35 - [] ----D C:\ProgramData\WLInstaller O43 - CFD: 16/11/2013 - 17:48:56 - [] ----D C:\ProgramData\Wondershare O43 - CFD: 03/01/2014 - 13:35:02 - [] ----D C:\ProgramData\Xerox O43 - CFD: 22/11/2013 - 01:25:17 - [0] ----D C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} O43 - CFD: 22/11/2013 - 01:25:17 - [0] --H-D C:\ProgramData\{41A79276-7AAF-45AD-A25F-CEE57757E847} O43 - CFD: 22/11/2013 - 01:25:17 - [0] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 22/11/2013 - 01:25:17 - [0] --H-D C:\ProgramData\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46} O43 - CFD: 22/11/2013 - 01:25:18 - [0] ----D C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD} O43 - CFD: 22/11/2013 - 01:25:18 - [0] ----D C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} O43 - CFD: 22/11/2013 - 01:25:18 - [0] --H-D C:\ProgramData\{C296F8FF-A964-4BB7-814C-2DE7755A03C9} O43 - CFD: 12/12/2013 - 08:49:38 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} O43 - CFD: 15/06/2012 - 22:35:23 - [] ----D C:\Users\Rémy\AppData\Roaming\Adobe O43 - CFD: 30/10/2008 - 18:50:50 - [] ----D C:\Users\Rémy\AppData\Roaming\AOL O43 - CFD: 16/02/2010 - 20:16:34 - [] ----D C:\Users\Rémy\AppData\Roaming\Apowersoft O43 - CFD: 03/04/2013 - 15:15:13 - [] ----D C:\Users\Rémy\AppData\Roaming\Apple Computer O43 - CFD: 30/07/2009 - 16:53:32 - [] ----D C:\Users\Rémy\AppData\Roaming\ArchiFacile O43 - CFD: 21/06/2013 - 10:31:33 - [] ----D C:\Users\Rémy\AppData\Roaming\Arcsoft O43 - CFD: 12/06/2009 - 00:48:33 - [] ----D C:\Users\Rémy\AppData\Roaming\Ascendo O43 - CFD: 21/09/2013 - 15:10:31 - [] ----D C:\Users\Rémy\AppData\Roaming\ASUS O43 - CFD: 17/03/2014 - 00:06:15 - [] ----D C:\Users\Rémy\AppData\Roaming\ASUS WebStorage O43 - CFD: 15/06/2012 - 23:11:32 - [] ----D C:\Users\Rémy\AppData\Roaming\ASUS.AF361EFD06694D11175EA8BF6E21597A36AD9F1D.1 O43 - CFD: 23/10/2008 - 16:57:16 - [] ----D C:\Users\Rémy\AppData\Roaming\ATI O43 - CFD: 28/06/2011 - 18:06:58 - [] ----D C:\Users\Rémy\AppData\Roaming\Audacity O43 - CFD: 04/12/2013 - 10:55:19 - [] ----D C:\Users\Rémy\AppData\Roaming\AVAST Software O43 - CFD: 19/04/2009 - 18:18:32 - [] ----D C:\Users\Rémy\AppData\Roaming\AVS4YOU O43 - CFD: 13/05/2013 - 22:19:44 - [] ----D C:\Users\Rémy\AppData\Roaming\BabSolution =>Hijacker.BabSolution O43 - CFD: 13/05/2013 - 22:19:21 - [] ----D C:\Users\Rémy\AppData\Roaming\Babylon =>PUP.Babylon O43 - CFD: 27/09/2012 - 15:55:19 - [] ----D C:\Users\Rémy\AppData\Roaming\BitComet =>P2P.BitComet O43 - CFD: 19/04/2009 - 21:30:52 - [0] ----D C:\Users\Rémy\AppData\Roaming\Broad Intelligence O43 - CFD: 20/01/2012 - 20:29:28 - [] ----D C:\Users\Rémy\AppData\Roaming\Canneverbe Limited O43 - CFD: 12/01/2011 - 17:12:20 - [] ----D C:\Users\Rémy\AppData\Roaming\Canon O43 - CFD: 12/05/2014 - 11:53:52 - [] ----D C:\Users\Rémy\AppData\Roaming\DivX O43 - CFD: 03/01/2014 - 12:52:57 - [] ----D C:\Users\Rémy\AppData\Roaming\DriverCure O43 - CFD: 13/08/2014 - 11:27:00 - [] ----D C:\Users\Rémy\AppData\Roaming\Dropbox O43 - CFD: 12/02/2010 - 20:36:19 - [] ----D C:\Users\Rémy\AppData\Roaming\dvdcss O43 - CFD: 21/11/2013 - 00:50:11 - [] ----D C:\Users\Rémy\AppData\Roaming\DVDVideoSoft O43 - CFD: 21/11/2013 - 00:49:36 - [] ----D C:\Users\Rémy\AppData\Roaming\DVDVideoSoftIEHelpers O43 - CFD: 15/06/2012 - 22:31:26 - [] ----D C:\Users\Rémy\AppData\Roaming\eCareme O43 - CFD: 17/06/2009 - 15:06:32 - [] ----D C:\Users\Rémy\AppData\Roaming\EoRezo =>PUP.Eorezo O43 - CFD: 02/10/2010 - 10:00:47 - [] ----D C:\Users\Rémy\AppData\Roaming\EPSON O43 - CFD: 21/11/2009 - 15:53:55 - [] ----D C:\Users\Rémy\AppData\Roaming\F-Secure O43 - CFD: 12/05/2014 - 10:19:45 - [] ----D C:\Users\Rémy\AppData\Roaming\Free Download Manager O43 - CFD: 07/12/2012 - 23:53:27 - [] ----D C:\Users\Rémy\AppData\Roaming\FreeMoviesToDVD O43 - CFD: 22/02/2013 - 10:24:49 - [] ----D C:\Users\Rémy\AppData\Roaming\FreeVideoConverter O43 - CFD: 24/05/2012 - 23:25:27 - [] ----D C:\Users\Rémy\AppData\Roaming\Google O43 - CFD: 04/07/2014 - 23:13:29 - [] ----D C:\Users\Rémy\AppData\Roaming\gtk-2.0 O43 - CFD: 09/01/2012 - 13:16:07 - [] ----D C:\Users\Rémy\AppData\Roaming\HARVEST S.A O43 - CFD: 19/06/2009 - 18:29:37 - [] ----D C:\Users\Rémy\AppData\Roaming\HotSync O43 - CFD: 27/01/2009 - 20:37:07 - [] ----D C:\Users\Rémy\AppData\Roaming\iambic O43 - CFD: 23/10/2008 - 16:56:47 - [] ----D C:\Users\Rémy\AppData\Roaming\Identities O43 - CFD: 19/08/2009 - 16:43:40 - [] ----D C:\Users\Rémy\AppData\Roaming\InfraRecorder O43 - CFD: 25/01/2009 - 12:47:45 - [] ----D C:\Users\Rémy\AppData\Roaming\InstallShield O43 - CFD: 24/06/2014 - 17:04:34 - [] ----D C:\Users\Rémy\AppData\Roaming\IsolatedStorage O43 - CFD: 24/10/2008 - 08:59:21 - [] ----D C:\Users\Rémy\AppData\Roaming\Macromedia O43 - CFD: 05/08/2009 - 09:32:12 - [] ----D C:\Users\Rémy\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 14:37:34 - [0] ----D C:\Users\Rémy\AppData\Roaming\Media Center Programs O43 - CFD: 16/01/2013 - 13:02:31 - [] -S--D C:\Users\Rémy\AppData\Roaming\Microsoft O43 - CFD: 24/02/2011 - 23:08:02 - [] ----D C:\Users\Rémy\AppData\Roaming\Mozilla O43 - CFD: 11/11/2009 - 12:00:25 - [] ----D C:\Users\Rémy\AppData\Roaming\MyHeritage O43 - CFD: 28/06/2011 - 17:53:44 - [] ----D C:\Users\Rémy\AppData\Roaming\NCH Software O43 - CFD: 05/07/2011 - 17:53:48 - [] ----D C:\Users\Rémy\AppData\Roaming\NCH Swift Sound O43 - CFD: 24/10/2008 - 11:15:09 - [] ----D C:\Users\Rémy\AppData\Roaming\Nero O43 - CFD: 14/04/2009 - 21:31:46 - [] ----D C:\Users\Rémy\AppData\Roaming\Netscape O43 - CFD: 21/11/2013 - 00:49:07 - [] ----D C:\Users\Rémy\AppData\Roaming\OpenCandy =>Adware.OpenCandy O43 - CFD: 11/12/2013 - 20:51:21 - [] ----D C:\Users\Rémy\AppData\Roaming\OpenOffice O43 - CFD: 27/10/2008 - 19:15:25 - [] ----D C:\Users\Rémy\AppData\Roaming\OpenOffice.org O43 - CFD: 15/06/2012 - 23:11:35 - [0] ----D C:\Users\Rémy\AppData\Roaming\Outlook O43 - CFD: 03/01/2014 - 12:52:57 - [] ----D C:\Users\Rémy\AppData\Roaming\ParetoLogic =>PUP.Paretologic O43 - CFD: 30/01/2013 - 23:50:47 - [0] ----D C:\Users\Rémy\AppData\Roaming\PeerNetworking O43 - CFD: 23/06/2009 - 23:39:01 - [] ----D C:\Users\Rémy\AppData\Roaming\Photodex O43 - CFD: 15/11/2008 - 10:34:38 - [] ----D C:\Users\Rémy\AppData\Roaming\proDAD O43 - CFD: 31/12/2012 - 14:09:22 - [] ----D C:\Users\Rémy\AppData\Roaming\Real O43 - CFD: 25/09/2013 - 10:50:27 - [] ----D C:\Users\Rémy\AppData\Roaming\RealNetworks O43 - CFD: 25/01/2009 - 12:15:53 - [] ----D C:\Users\Rémy\AppData\Roaming\Research In Motion O43 - CFD: 23/04/2009 - 22:31:02 - [] ----D C:\Users\Rémy\AppData\Roaming\Roxio O43 - CFD: 09/01/2014 - 11:45:18 - [] ----D C:\Users\Rémy\AppData\Roaming\Samsung O43 - CFD: 11/02/2010 - 22:45:01 - [] ----D C:\Users\Rémy\AppData\Roaming\Search Settings =>Adware.SearchSettings O43 - CFD: 14/11/2010 - 02:18:04 - [] ----D C:\Users\Rémy\AppData\Roaming\SFR O43 - CFD: 02/12/2009 - 17:45:56 - [] ----D C:\Users\Rémy\AppData\Roaming\Sony Corporation O43 - CFD: 28/04/2014 - 17:59:55 - [] ----D C:\Users\Rémy\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 05/07/2014 - 10:09:00 - [0] ----D C:\Users\Rémy\AppData\Roaming\SupTab =>PUP.SupTab O43 - CFD: 05/07/2014 - 10:08:20 - [] ----D C:\Users\Rémy\AppData\Roaming\sweet-page =>PUP.SweetPage O43 - CFD: 14/12/2013 - 11:01:12 - [] ----D C:\Users\Rémy\AppData\Roaming\Systweak O43 - CFD: 17/06/2012 - 17:30:31 - [] ----D C:\Users\Rémy\AppData\Roaming\temp O43 - CFD: 24/10/2008 - 22:29:06 - [] ----D C:\Users\Rémy\AppData\Roaming\Template O43 - CFD: 11/11/2009 - 11:53:12 - [0] ----D C:\Users\Rémy\AppData\Roaming\The Complete Genealogy Reporter - FTB O43 - CFD: 29/03/2012 - 19:36:13 - [] ----D C:\Users\Rémy\AppData\Roaming\TomTom O43 - CFD: 21/11/2013 - 00:53:42 - [] ----D C:\Users\Rémy\AppData\Roaming\TuneUp Software O43 - CFD: 16/06/2011 - 08:04:28 - [] ----D C:\Users\Rémy\AppData\Roaming\U3 O43 - CFD: 21/06/2013 - 10:44:22 - [] ----D C:\Users\Rémy\AppData\Roaming\Uniblue O43 - CFD: 26/09/2012 - 22:59:01 - [] ----D C:\Users\Rémy\AppData\Roaming\visviva O43 - CFD: 12/08/2014 - 23:45:30 - [] ----D C:\Users\Rémy\AppData\Roaming\vlc O43 - CFD: 24/06/2014 - 16:57:26 - [] ----D C:\Users\Rémy\AppData\Roaming\VOPackage =>Adware.Downware O43 - CFD: 18/06/2014 - 00:06:17 - [] ----D C:\Users\Rémy\AppData\Roaming\XnView O43 - CFD: 09/10/2009 - 00:54:01 - [] ----D C:\Users\Rémy\AppData\Roaming\Yahoo! O43 - CFD: 13/08/2014 - 00:19:58 - [] ----D C:\Users\Rémy\AppData\Roaming\Ymsoft O43 - CFD: 13/08/2014 - 12:03:42 - [] ----D C:\Users\Rémy\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 13/08/2014 - 11:43:27 - [] ----D C:\Users\Rémy\AppData\Local\83EA8911-5167-4A6F-A371-AEEBB7F6C72B.aplzod O43 - CFD: 25/01/2014 - 10:58:03 - [] ----D C:\Users\Rémy\AppData\Local\Adobe O43 - CFD: 13/05/2009 - 16:03:36 - [] ----D C:\Users\Rémy\AppData\Local\Ahead O43 - CFD: 04/06/2013 - 11:59:51 - [] ----D C:\Users\Rémy\AppData\Local\AOL O43 - CFD: 30/10/2008 - 19:37:57 - [] ----D C:\Users\Rémy\AppData\Local\Apple O43 - CFD: 17/11/2012 - 15:53:31 - [] ----D C:\Users\Rémy\AppData\Local\Apple Computer O43 - CFD: 14/12/2013 - 19:12:35 - [] ----D C:\Users\Rémy\AppData\Local\Apps O43 - CFD: 23/10/2008 - 16:57:16 - [] ----D C:\Users\Rémy\AppData\Local\ATI O43 - CFD: 18/04/2009 - 11:32:48 - [] ----D C:\Users\Rémy\AppData\Local\Broad Intelligence O43 - CFD: 03/10/2010 - 21:20:33 - [] ----D C:\Users\Rémy\AppData\Local\Canon Easy-PhotoPrint EX O43 - CFD: 18/04/2014 - 23:25:52 - [0] ----D C:\Users\Rémy\AppData\Local\Downloaded Installations O43 - CFD: 07/01/2014 - 22:08:03 - [0] ----D C:\Users\Rémy\AppData\Local\ElevatedDiagnostics O43 - CFD: 24/06/2014 - 17:04:42 - [] ----D C:\Users\Rémy\AppData\Local\FileViewPro O43 - CFD: 13/08/2014 - 11:28:51 - [] ----D C:\Users\Rémy\AppData\Local\fst_fr_290 =>Adware.FreeSoftToday O43 - CFD: 10/11/2011 - 23:24:03 - [] ----D C:\Users\Rémy\AppData\Local\Geonaute O43 - CFD: 27/05/2013 - 14:16:11 - [] ----D C:\Users\Rémy\AppData\Local\Google O43 - CFD: 03/07/2012 - 14:27:46 - [] ----D C:\Users\Rémy\AppData\Local\Macromedia O43 - CFD: 03/01/2014 - 13:35:08 - [] ----D C:\Users\Rémy\AppData\Local\Microsoft O43 - CFD: 27/10/2008 - 09:17:57 - [] ----D C:\Users\Rémy\AppData\Local\Microsoft Games O43 - CFD: 28/04/2014 - 17:54:07 - [] ----D C:\Users\Rémy\AppData\Local\Microsoft Help O43 - CFD: 19/08/2010 - 17:16:40 - [] ----D C:\Users\Rémy\AppData\Local\MigWiz O43 - CFD: 24/02/2011 - 23:08:02 - [] ----D C:\Users\Rémy\AppData\Local\Mozilla O43 - CFD: 12/05/2011 - 22:03:22 - [0] ----D C:\Users\Rémy\AppData\Local\PackageAware O43 - CFD: 20/01/2012 - 20:06:19 - [] ----D C:\Users\Rémy\AppData\Local\Pinnacle O43 - CFD: 25/04/2012 - 00:23:30 - [] ----D C:\Users\Rémy\AppData\Local\PoiEdit O43 - CFD: 05/11/2011 - 18:53:11 - [] ----D C:\Users\Rémy\AppData\Local\Recovery Toolbox for Outlook O43 - CFD: 09/01/2014 - 11:45:18 - [0] ----D C:\Users\Rémy\AppData\Local\Samsung O43 - CFD: 12/05/2014 - 10:18:07 - [] ----D C:\Users\Rémy\AppData\Local\SearchProtect =>PUP.SearchProtect O43 - CFD: 23/10/2008 - 16:56:30 - [] ----D C:\Users\Rémy\AppData\Local\Seven Zip O43 - CFD: 04/06/2013 - 12:01:36 - [0] ----D C:\Users\Rémy\AppData\Local\Supreme Savings =>PUP.RewardsArcade O43 - CFD: 13/08/2014 - 12:02:40 - [] ----D C:\Users\Rémy\AppData\Local\Temp O43 - CFD: 29/03/2012 - 19:36:13 - [] ----D C:\Users\Rémy\AppData\Local\TomTom O43 - CFD: 25/03/2014 - 15:11:30 - [] ----D C:\Users\Rémy\AppData\Local\TuneUp Software O43 - CFD: 24/10/2008 - 19:51:22 - [] ----D C:\Users\Rémy\AppData\Local\VirtualStore O43 - CFD: 13/02/2010 - 10:35:01 - [] ----D C:\Users\Rémy\AppData\Local\WinAVI O43 - CFD: 16/11/2013 - 17:49:05 - [] ----D C:\Users\Rémy\AppData\Local\Wondershare O43 - CFD: 01/06/2010 - 23:38:47 - [] ----D C:\Users\Rémy\AppData\Local\zoug O43 - CFD: 15/06/2012 - 22:39:10 - [] ----D C:\Users\Rémy\AppData\Local\{BA5F88F1-D2F2-4E27-85A3-42F74C7F2FC2} O43 - CFD: 03/07/2012 - 23:55:19 - [] ----D C:\Users\Rémy\AppData\Local\{BD52D38F-4F0D-4325-BB9E-32223CCB54AA} O43 - CFD: 15/06/2012 - 23:08:20 - [] ----D C:\Users\Rémy\AppData\Local\{FFFA2FB9-4857-4475-8379-F36343DA5801} O43 - CFD: 30/07/2009 - 16:53:33 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A New Zero O43 - CFD: 30/07/2009 - 16:53:33 - [] R---D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 30/07/2009 - 16:53:33 - [] R---D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 05/07/2014 - 10:08:34 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect O43 - CFD: 11/05/2014 - 13:09:59 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audio Related Programs O43 - CFD: 13/04/2009 - 22:36:41 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BEIKS O43 - CFD: 09/10/2009 - 00:53:58 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 04/08/2014 - 00:26:24 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox O43 - CFD: 13/01/2013 - 17:29:32 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 30/07/2009 - 16:53:33 - [] R---D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 30/07/2009 - 16:53:33 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo O43 - CFD: 30/05/2011 - 18:32:01 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyHeritage.com O43 - CFD: 11/05/2014 - 13:09:59 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Suite O43 - CFD: 24/02/2012 - 00:25:11 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 27/06/2011 - 19:31:13 - [0] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartAudioConverter O43 - CFD: 28/04/2014 - 17:59:44 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 04/08/2014 - 00:26:41 - [] R---D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 17/11/2008 - 19:55:56 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Studio 12 O43 - CFD: 24/06/2014 - 16:55:36 - [] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware O43 - CFD: 31/08/2011 - 22:37:31 - [0] ----D C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip ~ Program Folder: 453 Scanned in 00mn 02s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.B94ADE389B5D8DE38EA68FCCDF8D5A1F] - 04/08/2014 - 16:22:27 ---A- . (...) -- C:\Windows\MEMORY.DMP [317917732] O44 - LFC:[MD5.4E39E113E8F5FEE3C49160A0D657A4D5] - 05/08/2014 - 10:31:33 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [26136] O44 - LFC:[MD5.357CEBBCD99C8928A2D1A61A6CACC168] - 05/08/2014 - 10:31:43 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43152] O44 - LFC:[MD5.588C2C48CB267E1C4B5A9EB5ACFF0116] - 05/08/2014 - 10:31:43 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [276432] O44 - LFC:[MD5.3BFBB5DAE801CB893B8B46345FED6437] - 05/08/2014 - 10:31:44 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184] O44 - LFC:[MD5.B7750AF7EDFD95674EB7CA92BCDD3358] - 05/08/2014 - 10:31:44 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944] O44 - LFC:[MD5.90BEE0170D70D6744CEF2355EEAF8086] - 05/08/2014 - 10:31:44 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [192352] O44 - LFC:[MD5.C3014C735F450FE822C97FFBB0627113] - 05/08/2014 - 10:31:44 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [67824] O44 - LFC:[MD5.26C51C289E39E8EE0F12B8B06B71E436] - 05/08/2014 - 10:31:44 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [57800] O44 - LFC:[MD5.D6C9024F5D14843D33ADA8A6A10A1BE1] - 05/08/2014 - 10:31:44 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\Windows\System32\Drivers\aswrdr.sys [55112] O44 - LFC:[MD5.51FDE588D860857A97E4C4B560E40C9B] - 05/08/2014 - 10:31:44 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [779536] O44 - LFC:[MD5.1AEB8CDB797666AF709A291B47AE81E0] - 05/08/2014 - 10:32:00 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [414520] O44 - LFC:[MD5.C3CE94CEBAB1FF673A3DBB4FC521B1F6] - 05/08/2014 - 10:34:03 ---A- . (...) -- C:\Windows\win.ini [429] O44 - LFC:[MD5.03119B773E3E00AD181BC2AF94063C16] - 05/08/2014 - 11:20:16 ---A- . (...) -- C:\Windows\PFRO.log [3592] O44 - LFC:[MD5.2E00CC12842E85E0C5F1E0CBF165E9A8] - 13/08/2014 - 10:24:02 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.74DC68EC12BC61A91EDD16FA46E219CE] - 13/08/2014 - 10:29:35 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1233484] O44 - LFC:[MD5.3AC28E6627BCE971A45AD3355916C3B3] - 13/08/2014 - 10:34:31 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1662198] O44 - LFC:[MD5.5A9073073B57C34810781282BC6B37C9] - 13/08/2014 - 10:34:31 ---A- . (...) -- C:\Windows\System32\perfc009.dat [125650] O44 - LFC:[MD5.359560DAF6F987167B0E91A20F1AE25D] - 13/08/2014 - 10:34:31 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [151916] O44 - LFC:[MD5.1A3C84B3023B8939B44DEC8E92187F6A] - 13/08/2014 - 10:34:31 ---A- . (...) -- C:\Windows\System32\perfh009.dat [651206] O44 - LFC:[MD5.60E579B90469DD6874C4D442A5313264] - 13/08/2014 - 10:34:31 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [739022] ~ Files: 21 Scanned in 00mn 34s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.FD735EE4F3A48B5699E0098F02CC67D8] - 13/08/2014 - 10:32:27 ---A- - C:\Windows\Prefetch\FST_FR_290.EXE-CD0D5372.pf =>Adware.FreeSoftToday O45 - LFCP:[MD5.DE7235659126B97F6C0BF54FB202E8FC] - 13/08/2014 - 10:28:52 ---A- - C:\Windows\Prefetch\UPFST_FR_290.EXE-5B18D615.pf =>Adware.FreeSoftToday O45 - LFCP:[MD5.62CA51F184B9F48AF65A82CC959567C9] - 13/08/2014 - 10:54:32 ---A- - C:\Windows\Prefetch\VOPACKAGE.EXE-CB0220BC.pf =>Adware.Downware ~ Prefetcher: 3 Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe ~ Keys Export: 4 Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Authentication Packages . (.Acronis - Acronis Relogon Authentication Package.) -- C:\Windows\System32\relog_ap.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll ~ LSA: 8 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - airgcfg.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - asuswspanel.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - d-link wizard.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - DatamngrCoordinator.exe - tasklist.exe =>PUP.Datamngr O50 - IFEO:Image File Execution Options - excel.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - googledrivesync.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - install.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - isuspm.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - itunes.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - maxblast.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - mediabuilder.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - msaccess.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - msoxmled.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - mspub.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - mstore.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - mytomtomsa.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - ndasbind.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - ndasmgmt.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - offdiag.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - ois.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - outlook.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - powerpnt.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - pptview.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - presentationhost.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - proshow.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - restart.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - setup.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - sfr_dialer_3g.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - srserver.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - systemdiagnostics.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - tabtip.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - unins000.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - uninst.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - uninstall mytomtom3.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" O50 - IFEO:Image File Execution Options - winword.exe - "C:\Program Files\TuneUp Utilities 2014\TUAutoReactivator32.exe" ~ IFEO: Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{0ba44559-b78b-11df-8b32-00038a000015}\AutoRun\command - Clé orpheline O51 - MPSK:{182b0094-8298-11de-95a7-00038a000015}\AutoRun\command. (...) -- N:\LaunchU3.exe (.not file.) O51 - MPSK:{64418345-9f6d-11de-8917-00038a000015}\AutoRun\command. (...) -- C:\Windows\system32\RavMonE.exe (.not file.) O51 - MPSK:{b03355e1-a195-11dd-ae42-0021850787d6}\AutoRun\command. (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\system32\wscript.exe ~ Keys: Scanned in 00mn 11s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.yv12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 5 Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Acronis Scheduler2 Service [Key] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Common Files\Maxtor\Schedule2\schedhlp.exe O53 - SMSR:HKLM\...\startupreg\AcronisTimounterMonitor [Key] . (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Maxtor\MaxBlast\TimounterMonitor.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\ANIWZCS2Service [Key] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O53 - SMSR:HKLM\...\startupreg\AOL Fast Start [Key] . (.AOL - AOL.) -- C:\Program Files\AOL9~1.0VR\AOL.exe O53 - SMSR:HKLM\...\startupreg\BlackBerryAutoUpdate [Key] . (...) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\CanonMyPrinter [Key] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenu [Key] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe O53 - SMSR:HKLM\...\startupreg\ehTray.exe [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O53 - SMSR:HKLM\...\startupreg\Google Desktop Search [Key] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O53 - SMSR:HKLM\...\startupreg\Google EULA Launcher [Key] . (...) -- c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe O53 - SMSR:HKLM\...\startupreg\ISUSPM [Key] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\LifeChat [Key] . (.Microsoft Corporation - LifeChat.exe.) -- C:\Program Files\Microsoft LifeChat\LifeChat.exe O53 - SMSR:HKLM\...\startupreg\MaxBlastMonitor.exe [Key] . (.Maxtor - Maxtor MaxBlast Monitor.) -- C:\Program Files\Maxtor\MaxBlast\MaxBlastMonitor.exe O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\NBKeyScan [Key] . (...) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\Windows\system32\NeroCheck.exe O53 - SMSR:HKLM\...\startupreg\NPCTray [Key] . (...) -- C:\Program Files\Norman\npc\bin\npc_tray.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O53 - SMSR:HKLM\...\startupreg\RIMDeviceManager [Key] . (...) -- C:\Program Files\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\RoxWatchTray [Key] . (...) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (...) -- C:\Program Files\Java\jre6\bin\jusched.exe (.not file.) =>.Oracle Corporation O53 - SMSR:HKLM\...\startupreg\swg [Key] . (...) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (...) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation ~ SMSR Keys: 29 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2 O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ MWPE Keys: 2 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:16/06/2008 - 13:38:28 ---A- . (.Promethean - Promethean Activboard.) -- C:\Windows\System32\Drivers\activhidsermini.sys [57088] O58 - SDL:16/06/2008 - 13:38:34 ---A- . (.Promethean - Promethean Multiple Screen Mouse Filter.) -- C:\Windows\System32\Drivers\activmouse.sys [4480] O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968] O58 - SDL:21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [300600] O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys [101432] O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [149560] O58 - SDL:23/02/2005 - 14:58:56 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\Windows\System32\Drivers\afc.sys [11776] O58 - SDL:19/12/2007 - 18:45:00 ----- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\ahcix86s.sys [170000] O58 - SDL:21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [17464] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [79416] O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [79928] O58 - SDL:05/08/2014 - 10:31:44 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184] =>.ALWIL Software O58 - SDL:05/08/2014 - 10:31:33 ---A- . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [26136] O58 - SDL:05/08/2014 - 10:31:44 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [67824] O58 - SDL:05/08/2014 - 10:31:44 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\Windows\System32\Drivers\aswrdr.sys [55112] O58 - SDL:05/05/2014 - 22:01:38 ---A- . (.AVAST Software - avast! TDI Redirect Driver.) -- C:\Windows\System32\Drivers\aswrdr.sys.1400187705207 [54832] O58 - SDL:05/08/2014 - 10:31:44 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software O58 - SDL:05/08/2014 - 10:31:44 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [779536] O58 - SDL:05/05/2014 - 22:01:38 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400187705207 [776976] O58 - SDL:05/08/2014 - 10:32:00 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [414520] O58 - SDL:05/08/2014 - 10:31:44 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\System32\Drivers\aswTdi.sys [57800] O58 - SDL:05/08/2014 - 10:31:44 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [192352] =>.ALWIL Software O58 - SDL:29/03/2008 - 01:24:16 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\Drivers\atikmdag.sys [3544064] O58 - SDL:13/04/2007 - 18:30:39 ---A- . (.America Online - ATW Protocol Driver.) -- C:\Windows\System32\Drivers\atwpkt2.sys [25136] O58 - SDL:13/04/2007 - 18:30:43 ---A- . (.America Online - ATW Protocol Driver.) -- C:\Windows\System32\Drivers\atwpkt264.sys [33592] O58 - SDL:02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568] O58 - SDL:02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248] O58 - SDL:02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [71808] O58 - SDL:02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336] O58 - SDL:02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160] O58 - SDL:02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904] O58 - SDL:02/02/2007 - 04:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdr4_xp.sys [9336] O58 - SDL:02/02/2007 - 04:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdralw2k.sys [9464] O58 - SDL:21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [19000] O58 - SDL:02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [71272] O58 - SDL:31/01/2007 - 00:01:00 ---A- . (.Ralink Technology Inc. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\Dr71WU.sys [256000] O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\System32\Drivers\E1G60I32.sys [118784] O58 - SDL:21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584] O58 - SDL:21/08/2012 - 12:01:22 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [26840] O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys [40504] O58 - SDL:29/09/2007 - 23:03:12 ----- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStor.sys [308248] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys [235064] O58 - SDL:02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41576] O58 - SDL:02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944] O58 - SDL:02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944] O58 - SDL:03/04/2008 - 13:58:46 ----- . (.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) -- C:\Windows\System32\Drivers\jraid.sys [76688] O58 - SDL:11/04/2007 - 10:42:00 ---A- . (.XIMETA, Inc. - NDAS LFS Filter.) -- C:\Windows\System32\Drivers\lfsfilt.sys [254704] O58 - SDL:24/01/2013 - 11:17:00 ---A- . (.http://libusb-win32.sourceforge.net - LibUSB-Win32 - Kernel Driver.) -- C:\Windows\System32\Drivers\libusb0.sys [42592] O58 - SDL:11/04/2007 - 10:42:00 ---A- . (.XIMETA, Inc. - Lean Packet eXchange Protocol.) -- C:\Windows\System32\Drivers\lpx.sys [61424] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [96312] O58 - SDL:21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89656] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96312] O58 - SDL:23/09/2005 - 23:18:32 ---A- . (.Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator.) -- C:\Windows\System32\Drivers\MarvinBus.sys [171520] O58 - SDL:10/06/2008 - 19:02:40 ---A- . (...) -- C:\Windows\System32\Drivers\mbam.sys [15864] O58 - SDL:10/06/2008 - 19:02:44 ---A- . (...) -- C:\Windows\System32\Drivers\mbamcatchme.sys [34296] O58 - SDL:29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\Drivers\mbamswissarmy.sys [38224] O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys [31288] O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [386616] O58 - SDL:02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys [33384] O58 - SDL:28/08/2006 - 17:12:04 ---A- . (...) -- C:\Windows\System32\Drivers\MTictwl.sys [13312] O58 - SDL:13/03/2003 - 21:23:28 ---A- . (.Maxtor Corp. - 1394 Storage Front-Panel driver.) -- C:\Windows\System32\Drivers\mxofwfp.sys [19712] O58 - SDL:11/04/2007 - 10:42:00 ---A- . (.XIMETA, Inc. - NDAS Bus Enumerator.) -- C:\Windows\System32\Drivers\ndasbus.sys [76144] O58 - SDL:11/04/2007 - 10:42:00 ---A- . (.XIMETA, Inc. - NDAS SCSI Miniport.) -- C:\Windows\System32\Drivers\ndasscsi.sys [187632] O58 - SDL:10/05/2011 - 07:06:14 ---A- . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\Drivers\netaapl.sys [18432] O58 - SDL:02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [45160] O58 - SDL:21/10/2009 - 01:19:44 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [50704] O58 - SDL:02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\System32\Drivers\ntrigdigi.sys [20608] O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [102968] O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [45112] O58 - SDL:04/12/2007 - 17:10:30 ---A- . (.PalmSource, Inc. - USB Driver for Palm OS Handheld Devices.) -- C:\Windows\System32\Drivers\PalmUSBD.sys [16640] O58 - SDL:19/06/2008 - 17:24:30 ---A- . (.Panda Security, S.L. - Panda Boot Driver.) -- C:\Windows\System32\Drivers\pavboot.sys [28544] O58 - SDL:03/04/2007 - 10:43:28 ---A- . (.Philips Semiconductors GmbH - Ph3xIBxx.) -- C:\Windows\System32\Drivers\Ph3xIB32.sys [1131136] O58 - SDL:20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\System32\Drivers\pxhelp20.sys [43872] O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1122360] O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106088] O58 - SDL:18/01/2007 - 10:24:58 ---A- . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\Windows\System32\Drivers\RimSerial.sys [26496] O58 - SDL:29/04/2008 - 16:31:00 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RtHDMIV.sys [143328] O58 - SDL:02/06/2008 - 17:11:40 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [2147544] O58 - SDL:27/08/2008 - 10:46:42 R--A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\Drivers\rtl8187B.sys [340992] O58 - SDL:02/05/2008 - 12:59:40 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\Drivers\Rtlh86.sys [122368] O58 - SDL:23/04/2007 - 09:50:50 ---A- . (.Windows (R) Codename Longhorn DDK provider - Realtek Utility I/O Driver.) -- C:\Windows\System32\Drivers\RtlProt.sys [25896] O58 - SDL:02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480] O58 - SDL:12/03/2010 - 18:22:18 ---A- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\Windows\System32\Drivers\ser2pl.sys [81920] O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [74808] O58 - SDL:06/10/2009 - 07:43:02 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\System32\Drivers\snapman.sys [120992] O58 - SDL:02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys [35944] O58 - SDL:02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys [31848] O58 - SDL:02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys [34920] O58 - SDL:06/10/2009 - 07:43:08 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\System32\Drivers\tifsfilt.sys [32768] O58 - SDL:06/10/2009 - 07:43:08 ---A- . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\System32\Drivers\timntr.sys [400864] O58 - SDL:21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648] O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816] O58 - SDL:13/12/2012 - 13:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056] O58 - SDL:21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [20024] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [130616] O58 - SDL:29/11/2006 - 23:24:57 ---A- . (.America Online, Inc. - Wan Miniport (ATW).) -- C:\Windows\System32\Drivers\wanatw4.sys [33588] O58 - SDL:07/07/2014 - 16:04:18 ---A- . (.Corsica - Web Instrumentation Driver.) -- C:\Windows\System32\Drivers\webinstr.sys [51336] O58 - SDL:09/10/2009 - 11:44:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbmdm6k.sys [105088] O58 - SDL:21/08/2009 - 16:43:00 ---A- . (.ZTE Corporation. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\ZTEusbnet.sys [114688] O58 - SDL:09/10/2009 - 11:44:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbnmea.sys [105088] O58 - SDL:09/10/2009 - 11:44:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbnmeaext.sys [105088] O58 - SDL:09/10/2009 - 11:44:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbnmeaext2.sys [105088] O58 - SDL:09/10/2009 - 11:44:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbser6k.sys [105088] O58 - SDL:09/10/2009 - 11:44:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ZTEusbvoice.sys [105088] O58 - SDL:04/07/2014 - 08:42:56 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys [55224] =>PUP.LinkiDoo O58 - SDL:02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672] O58 - SDL:27/11/2010 - 15:18:17 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 Protocol Driver.) -- C:\Windows\System32\PCANDIS5.sys [17134] O58 - SDL:03/08/2005 - 16:05:02 ---A- . (.Prolific Technology Inc. - USB-Serial USB Driver.) -- C:\Windows\System32\SER9PL.sys [35892] O58 - SDL:03/06/2011 - 09:24:00 ---A- . (.Silicon Laboratories - SiLib WDM Support Driver.) -- C:\Windows\System32\SiLib.sys [17408] O58 - SDL:03/06/2011 - 09:24:00 ---A- . (.Silicon Laboratories - SiUSBXp.sys.) -- C:\Windows\System32\SIUSBXP.sys [14592] ~ Drivers: 125 Scanned in 00mn 05s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 08/08/2014 - 12:04:45 ----- . (...) -- C:\Users\Rémy\AppData\Local\Temp\is45637729\1913373_stp\Generic_vo.exe [172262] O61 - LFC: 08/08/2014 - 12:04:57 ----- . (...) -- C:\Users\Rémy\Local Settings\Temp\is45637729\1913373_stp\Generic_vo.exe [172262] O61 - LFC: 12/08/2014 - 12:04:45 ----- . (...) -- C:\Users\Rémy\AppData\Local\Temp\is45637729\1893391_stp\Generic_vo.exe [171937] O61 - LFC: 12/08/2014 - 12:04:57 ----- . (...) -- C:\Users\Rémy\Local Settings\Temp\is45637729\1893391_stp\Generic_vo.exe [171937] O61 - LFC: 13/08/2014 - 12:04:44 ---A- . (...) -- C:\Users\Rémy\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp27qmxf.dll [43008] O61 - LFC: 13/08/2014 - 12:04:45 ----- . (...) -- C:\Users\Rémy\AppData\Local\Temp\is45637729\1936535_stp\Generic_vo.exe [171628] O61 - LFC: 13/08/2014 - 12:04:48 ---A- . (...) -- C:\Users\Rémy\AppData\Roaming\Adobe\Acrobat\9.0\UserCache.bin [89275] O61 - LFC: 13/08/2014 - 12:04:54 ---A- . (...) -- C:\Users\Rémy\Application Data\Adobe\Acrobat\9.0\UserCache.bin [89275] O61 - LFC: 13/08/2014 - 12:04:57 ----- . (...) -- C:\Users\Rémy\Local Settings\Temp\is45637729\1936535_stp\Generic_vo.exe [171628] O61 - LFC: 13/08/2014 - 12:04:57 ---A- . (...) -- C:\Users\Rémy\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp27qmxf.dll [43008] ~ 651 Fichiers temporaires (Temporary files) ~ 20 Fichiers cookies (Cookies files) ~ Files: 10 Scanned in 00mn 16s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 05/08/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID O64 - Services: CurCS - 05/08/2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - 05/08/2014 - C:\Windows\system32\drivers\aswRdr.sys (AswRdr) .(.AVAST Software - avast! TDI Redirect Driver.) - LEGACY_ASWRDR O64 - Services: CurCS - 05/08/2014 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT O64 - Services: CurCS - 05/08/2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX O64 - Services: CurCS - 05/08/2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP O64 - Services: CurCS - 05/08/2014 - C:\Windows\system32\drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI O64 - Services: CurCS - 05/08/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM O64 - Services: CurCS - 11/04/2007 - C:\Windows\System32\DRIVERS\lfsfilt.sys (lfsfilt) .(.XIMETA, Inc. - NDAS LFS Filter.) - LEGACY_LFSFILT O64 - Services: CurCS - 11/04/2007 - C:\Windows\System32\DRIVERS\lpx.sys (lpx) .(.XIMETA, Inc. - Lean Packet eXchange Protocol.) - LEGACY_LPX O64 - Services: CurCS - 21/10/2009 - C:\Windows\System32\drivers\npf.sys (NPF) .(.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) - LEGACY_NPF O64 - Services: CurCS - 19/06/2008 - C:\Windows\System32\drivers\pavboot.sys (pavboot) .(.Panda Security, S.L. - Panda Boot Driver.) - LEGACY_PAVBOOT O64 - Services: CurCS - 23/04/2007 - C:\Windows\System32\DRIVERS\rtlprot.sys (RtlProt) .(.Windows (R) Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - LEGACY_RTLPROT O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 06/10/2009 - C:\Windows\System32\DRIVERS\tifsfilt.sys (tifsfilter) .(.Acronis - Acronis True Image File System Filter.) - LEGACY_TIFSFILTER O64 - Services: CurCS - 18/09/2013 - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys (TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV O64 - Services: CurCS - 07/07/2014 - C:\Windows\system32\Drivers\webinstr.sys (webinstr) .(.Corsica - Web Instrumentation Driver.) - LEGACY_WEBINSTR O64 - Services: CurCS - 04/07/2014 - C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt.sys ({6fcd6092-9615-4f7f-8898-8df53980e5d2}Gt) .(.StdLib - StdLib.) - LEGACY_{6FCD6092-9615-4F7F-8898-8DF53980E5D2}GT =>PUP.LinkiDoo ~ Legacy: 94 Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Rémy\AppData\Local\Google\Chrome\Application\chrome.exe ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.AOL - AOL.) -- C:\Program Files\AOL 9.0 VR\aol.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Rémy\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchplugins\conduit.xml O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678..clientLogIsEnabled", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.BrowserCompStateIsOpen_1000515", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.BrowserCompStateIsOpen_129808998463171277", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.CT2117678", "CT2117678"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.CurrentServerDate", "17-7-2012"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.DSInstall", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.DialogsAlignMode", "LTR"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.DialogsGetterLastCheckTime", "Tue Jul 17 2012 21:54:19 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.DownloadReferralCookieData", ""); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.FirstServerDate", "27-4-2012"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.FirstTime", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.FirstTimeFF3", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.FixPageNotFoundErrors", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.GroupingServerCheckInterval", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.GroupingServiceUrl", "http://grouping.services.conduit.com/"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.HPInstall", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.HasUserGlobalKeys", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.Initialize", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.InitializeCommonPrefs", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.InstallationAndCookieDataSentCount", 3); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.InstallationType", "Unknown"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.InstalledDate", "Fri Apr 27 2012 21:16:45 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.IsGrouping", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.IsInitSetupIni", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.IsMulticommunity", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.IsOpenThankYouPage", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.IsOpenUninstallPage", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.LanguagePackLastCheckTime", "Tue Jul 17 2012 21:54:19 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.LanguagePackReloadIntervalMM", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.LastLogin_3.12.0.7", "Fri Apr 27 2012 21:17:02 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.LastLogin_3.12.2.3", "Sat Jun 02 2012 18:10:28 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.LastLogin_3.13.0.6", "Tue Jul 17 2012 21:54:19 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.LatestVersion", "3.13.0.6"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.Locale", "en-us"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.MCDetectTooltipHeight", "83"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.MCDetectTooltipWidth", "295"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.MyStuffEnabledAtInstallation", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.OriginalFirstVersion", "3.12.0.7"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SavedHomepage", "http://www.searchqu.com/418"); =>PUP.Datamngr O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SearchCaption", "NCH Customized Web Search"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SearchFromAddressBarIsInit", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2117678&q="); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SearchInNewTabEnabled", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SearchInNewTabIntervalMM", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SearchInNewTabLastCheckTime", "Tue Jul 17 2012 21:54:13 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SendProtectorDataViaLogin", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.ServiceMapLastCheckTime", "Tue Jul 17 2012 21:54:18 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SettingsLastCheckTime", "Tue Jul 17 2012 21:54:12 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.SettingsLastUpdate", "1342346658"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2117678&SearchSource=13"); =>PUP.SweetPage O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.ToolbarShrinkedFromSetup", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.TrusteLinkUrl", "http://trust.conduit.com/CT2117678"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.UserID", "UN33226535009561387"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.alertChannelId", "522511"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.components.1000515", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.homepageProtectorEnableByLogin", true); =>PUP.SweetPage O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.initDone", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.myStuffEnabled", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.myStuffPublihserMinWidth", 400); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.myStuffServiceIntervalMM", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.navigateToUrlOnSearch", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.revertSettingsEnabled", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.searchProtectorDialogDelayInSec", 10); =>PUP.SearchProtect O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.searchProtectorEnableByLogin", true); =>PUP.SearchProtect O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.testingCtid", ""); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.toolbarAppMetaDataLastCheckTime", "Tue Jul 17 2012 21:54:19 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2117678.usagesFlag", 2); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050..clientLogIsEnabled", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.AppTrackingLastCheckTime", "Sun Sep 02 2012 10:52:29 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.BrowserCompStateIsOpen_1000515", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.BrowserCompStateIsOpen_129977890572899945", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.BrowserCompStateIsOpen_130100683276316706", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.BrowserCompStateIsOpen_1359634297000", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.CT2269050", "CT2269050"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.CurrentServerDate", "4-6-2013"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.DSChangedManually", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.DSInstall", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.DSProtectChoice", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.DSProtectCount", 2); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.DialogsAlignMode", "LTR"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.DialogsGetterLastCheckTime", "Tue May 28 2013 13:50:33 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.DownloadReferralCookieData", ""); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.EMailNotifierPollDate", "Tue Jun 04 2013 09:51:07 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.FirstServerDate", "17-7-2012"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.FirstTime", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.FirstTimeFF3", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.FirstTimeHiddenVer", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.FixPageNotFoundErrors", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.GroupingServerCheckInterval", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.GroupingServiceUrl", "http://grouping.services.conduit.com/"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.HPInstall", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.HPProtectChoice", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.HPProtectCount", 3); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.HasUserGlobalKeys", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.HomePageProtectorEnabled", false); =>PUP.SweetPage O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.HomepageBeforeUnload", "http://www.searchqu.com/418"); =>PUP.Datamngr O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.Initialize", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.InitializeCommonPrefs", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.InstallationAndCookieDataSentCount", 3); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.InstallationType", "Unknown"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.InstalledDate", "Tue Jul 17 2012 22:33:07 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.InvalidateCache", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.IsAlertDBUpdated", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.IsGrouping", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.IsInitSetupIni", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.IsMulticommunity", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.IsOpenThankYouPage", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.IsOpenUninstallPage", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.IsProtectorsInit", true); =>PUP.Mocaflix O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LanguagePackLastCheckTime", "Mon Jun 03 2013 15:14:37 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LastLogin_3.14.1.0", "Sun Sep 02 2012 10:52:26 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LastLogin_3.15.1.0", "Sat Nov 17 2012 00:24:05 GMT+0100"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LastLogin_3.16.0.100", "Fri Feb 08 2013 13:11:32 GMT+0100"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LastLogin_3.16.0.3", "Sun Dec 30 2012 18:22:14 GMT+0100"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LastLogin_3.18.0.7", "Tue Jun 04 2013 09:51:17 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.LatestVersion", "3.18.0.7"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.Locale", "en"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.MCDetectTooltipHeight", "83"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.MCDetectTooltipWidth", "295"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.MyStuffEnabledAtInstallation", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.OriginalFirstVersion", "3.14.1.0"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioIsPodcast", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioLastCheckTime", "Mon Jun 03 2013 15:14:34 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioLastUpdateIPServer", "3"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioMediaID", "12473383"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioMediaType", "Media Player"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioShrinkedFromSetup", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioStationName", "Hotmix%20108"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.RadioStationURL", "http://67.202.67.18:8082"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SavedHomepage", "http://www.searchqu.com/418"); =>PUP.Datamngr O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchCaption", "DVDVideoSoftTB Customized Web Search"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchEngineBeforeUnload", "DVDVideoSoftTB Customized Web Search"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchFromAddressBarIsInit", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q="); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchInNewTabEnabled", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchInNewTabIntervalMM", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchInNewTabLastCheckTime", "Mon Jun 03 2013 15:14:34 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID"); =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchProtectorEnabled", false); =>PUP.SearchProtect O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SearchProtectorToolbarDisabled", false); =>PUP.SearchProtect O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SendProtectorDataViaLogin", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.ServiceMapLastCheckTime", "Mon Jun 03 2013 15:14:37 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SettingsLastCheckTime", "Tue Jun 04 2013 09:51:06 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.SettingsLastUpdate", "1370329769"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2269050&SearchSource=13"); =>PUP.SweetPage O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.ThirdPartyComponentsInterval", 504); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Sat Jun 01 2013 15:02:58 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1331805997"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.ToolbarShrinkedFromSetup", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.TrusteLinkUrl", "http://trust.conduit.com/CT2269050"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.UserID", "UN53093324521692466"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.ValidationData_Search", 2); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.ValidationData_Toolbar", 2); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.WeatherNetwork", ""); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.WeatherPollDate", "Tue Jun 04 2013 09:51:11 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.WeatherUnit", "C"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.alertChannelId", "666138"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e+x305", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e.:2z527", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747370787677797A747E242F4B49474F42357D5D5C3D"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e0x305", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e2x305", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e31;cj>fj>@lahd&nc", "247E61393F236B25747870752A212C6E414F444D327A344A52564A4C584D5450325[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e3x305", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e4x305", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e6x305", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e8x305", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7e9x305", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b+7ed", "666C3C3C3E6C70757A76777A79204A777C20257D7D21522A2629552527295B2B592C2F2A"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b-0?3g@6:5;", ""); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b-0?3gfa7ef", "2B2E2C3D"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A232E333E58604F645[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b/556,bi5a>g", "6E6D6C7171716D707570727872"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b/>01=9a6k6@44i48?", "372C2D326975763342363341484779213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...]3=>@44i48?", "372C2D326975763342363341484779213F3E484F4E4D4648502B564B4E2E5959595F4C564F376[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b5ba==9cjag", "696B3E6A723F6E757A42747774467A7A764A7A517D"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6A72707173746E74707977"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b9643g3/9e", "6A"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b<:222h64<", "393F352F3E"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage./9b<:222h64Adware.PriceGong O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_appstate_windowshopper", "6F6E"); =>Adware.ShoppingReport O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_appstatereporttime", "31333730333332323930323539"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_configuration", "7B22636F6E66696775726174696F6E223A5B7B226964223A2245617379746F626F6F6B[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_currentversion", "312E382E302E34"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_first_time", "31"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_lastlogintime", "31333730333332323835303030"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_localization", O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_settings1.6.0.1", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_settings1.8.0.4", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_showclosebutton", "74727565"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_showwelcomegadget", "66616C7365"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.mam_gk_userid", "66646133646461322D306362342D343632372D623139632D613836613036666164353534"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.pg_enable", "74727565"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.searchappstate", "33"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.searchapptracking", "31"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.sf_just_installed", "46414C5345"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.sf_status", "454E41424C4544"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.sf_user_id", "6369645F3232343230313330383332323937343535"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "576564204F637420313720323031322032313A32393A303720474D542B30323030")[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "6672616E6365"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.backendstorage.url_history0001", "687474703A2F2F77686F726573747562652E636F6D2F6367692D62696E2F616D61646575732[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.components.1000515", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Sat Jun 01 2013 15:03:03 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.homepageProtectorEnableByLogin", true); =>PUP.SweetPage O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.initDone", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.isAppTrackingManagerOn", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.isFirstRadioInstallation", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.myStuffEnabled", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.myStuffPublihserMinWidth", 400); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.myStuffServiceIntervalMM", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.navigateToUrlOnSearch", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.revertSettingsEnabled", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.searchProtectorDialogDelayInSec", 10); =>PUP.SearchProtect O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.searchProtectorEnableByLogin", true); =>PUP.SearchProtect O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.testingCtid", ""); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Mon Jun 03 2013 15:14:37 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Tue May 28 2013 13:50:33 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CT2269050.usagesFlag", 2); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2117678&SearchSource=13,http://search.condui[...] =>PUP.SweetPage O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ConduitSearchList", "NCH Customized Web Search,DVDVideoSoftTB Customized Web Search"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "G9mW7heT/8xIX1frcdu[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=CT2269050", "G9mW[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQME[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=CT2269050", "2E1/v[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ru[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=CT2269050", "UgzX[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=CT2269050", "4BgM4Mh[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Rémy\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\0hgq8dvw.defa[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.18.0.7"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.MiniIPageGadgetSize.http://pricegong.conduitapps.com/v4//agreement/agree.html#pg_ext_msg_key_3c7fe5da,[...] =>Adware.PriceGong O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://dts.search-results.com/sr?src=ffb&appid=0&systemid=418&sr=0&q="[...] O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ToolbarsList", "CT2117678,CT2269050"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2117678,CT2269050"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.ToolbarsList4", "CT2117678,CT2269050"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.globalUserId", "7ed16766-226c-423b-b8d6-b2075400dc6d"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2269050"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 28 2013 13:50:35 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.alertEnabled", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Jun 03 2013 15:14:45 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.locale", "en"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Mon Jun 03 2013 15:14:37 GMT+0200"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.notifications.userId", "ebc7442f-a776-422e-a2ea-ef5f04886aae"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.originalHomepage", "http://www.searchqu.com/418"); =>PUP.Datamngr O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("CommunityToolbar.originalSearchEngine", "Yahoo"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.crossrider.bic", "13ea51ae34ef72b73a8acbfd66baa0ab"); =>PUP.CrossRider O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.admin", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.aflt", "babsst"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.autoRvrt", "false"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.dfltLng", "fr"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.excTlbr", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.ffxUnstlRst", true); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.id", "9c405dfd000000000000020406080a0c"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.instlDay", "15872"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.instlRef", "sst"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.newTab", false); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.prdct", "delta"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.prtnrId", "delta"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.rvrt", "false"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.smplGrp", "none"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.tlbrId", "base"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.tlbrSrchUrl", ""); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.vrsn", "1.8.21.5"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.vrsnTs", "1.8.21.522:22:45"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta.vrsni", "1.8.21.5"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta_i.babExt", ""); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta_i.babTrack", "affID=119982&tt=120613_ndt"); O69 - SBI: prefs.js [Rémy - 0hgq8dvw.default] user_pref("extensions.delta_i.srcExt", "ss"); O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Trovi search) - http://www.trovi.com =>Hijacker.TroviCom O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Search the web) - http://www.do =>Adware.IMBooster O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (sweet-page) - http://www.sweet-page.com =>PUP.SweetPage O69 - SBI: SearchScopes [HKCU] {49B0865E-0F0B-4F2B-A73E-3020C9210B19} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster O69 - SBI: SearchScopes [HKCU] {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} - (Microsoft (Bing)) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.fr O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2418} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} [DefaultScope] - (Yahoo! (Avast)) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (TranslatorBar 1 Customized Web Search) - http://search.conduit.com O69 - SBI: SearchScopes [HKCU] {BCA14DF7-DF23-4364-B65D-7DC777C02199} - (Yahoo! Search) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKCU] {BE28C22E-F666-424d-B5FD-125C4AFEE34E} - (Chercher) - http://search.myheritage.com O69 - SBI: SearchScopes [HKCU] {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} - (StartWeb) - http://start.iminent.com =>Adware.IMBooster O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576] O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [36152] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [444928] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [315392] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449024] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096] ~ Services: 32 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.13867ABE07A9DD25E2FE249E09AE13C2] [SPRF][08/11/2008] (...) -- C:\Users\Rémy\AppData\Roaming\wklnhst.dat [270] [MD5.20AEBC4CC1CDFFE692A8CA0DE3A10E4B] [SPRF][24/06/2014] (.Pas de propriétaire - install.) -- D:\Rémy\Desktop\VOPackage.exe [289525] =>Adware.Downware [MD5.13503068B82E6E7488DA52D9AA802739] [SPRF][13/08/2014] (.Nicolas Coolman - ZHPDiag Setup.) -- D:\Rémy\Desktop\ZHPDiag2.exe [6857408] [MD5.BB482DD127289F0FAD474610F5A4C3E3] [SPRF][30/06/2008] (.Panda Security - Panda ActiveScan 2.0 Stub Library.) -- C:\Windows\Downloaded Program Files\as2stubie.dll [128256] [MD5.C4E12970865FC1C5CEDE8358DA3A865D] [SPRF][07/03/2008] (.F-Secure Corporation - F-Secure Automatic Update Agent API DLL.) -- C:\Windows\Downloaded Program Files\auc_lib.dll [290816] [MD5.EC9027D2484E3062CBE0A048696A66D9] [SPRF][09/02/2010] (.Direction Générale des Impôts - Module de délivrance de certificat MINEFI.) -- C:\Windows\Downloaded Program Files\CERTDGI1.dll [105344] [MD5.238A6FFC7EE17330C1C5859C7827EE2D] [SPRF][27/04/2009] (.Facebook - Contact Extractor.) -- C:\Windows\Downloaded Program Files\contactx.dll [160488] [MD5.F73790021AEF115A7FC34824E047101B] [SPRF][07/03/2008] (.F-Secure Corporation - daas.) -- C:\Windows\Downloaded Program Files\daas_s.dll [495616] [MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616] [MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648] [MD5.DE2EB468A14E00F9A99326C6C9C07075] [SPRF][02/02/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1914440] [MD5.C53C80D81BE9A7D391F587327320D203] [SPRF][07/03/2008] (.F-Secure Corporation - F-Secure Health Check.) -- C:\Windows\Downloaded Program Files\fscax.dll [380928] [MD5.57F17FFE45365B3D57E2E9EEE537170C] [SPRF][07/03/2008] (.F-Secure Corporation - F-Secure Localization and Customization API library.) -- C:\Windows\Downloaded Program Files\fsld32.dll [159744] [MD5.780281FB98685D9A8DCF2BF593E14C73] [SPRF][07/03/2008] (.F-Secure Corporation - F-Secure GateLauncher.) -- C:\Windows\Downloaded Program Files\gatelauncher.exe [588456] [MD5.364F3804CB3AD2BA1E4BB8FE7918EEA2] [SPRF][07/03/2008] (.F-Secure Corporation - F-Secure GateLauncher.) -- C:\Windows\Downloaded Program Files\gatelauncheradmin.exe [588456] [MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272] ~ Files: 16 Scanned in 00mn 03s ---\\ Export de clés de registre aléatoires (O91) [HKCU\Software\5255dad9b168ba15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKCU\Software\5255dad9b168ba15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:version="2.6.1249.132" =>Hijacker.Eazel [HKCU\Software\5255dad9b168ba15] =>PUP.Babylon^ ~ Export Key Software: Scanned in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: ASUS WebStorage Drive - {d6044399-0b9e-4084-a9ac-c4b7c7800fcf} O92 - MNS: Flux de photos - {F0D63F85-37EC-4097-B30D-61B4A8917118} ~ MNS: 2 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.7430097F3C263506169B9FA14DB56831] [WIS][16/03/2013] (.Bandoo Media, Inc - Savevid Installation.) -- C:\Windows\Installer\af14a1.msi [263680] =>Adware.Bandoo ~ WIS: 1 Scanned in 00mn 25s ---\\ Recherche de clés de registre CLSID (O101) [HKCR\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}] (MetaStreamCtl Class) =>Adware.MetaStream [HKCR\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] (MetaStreamCtl Class) =>Adware.MetaStream ~ BCK: 6103 Scanned in 00mn 07s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Disabled 20/08/2007 410904 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files\Common Files\Maxtor\Schedule2\schedul2.exe SS - | Demand 10/07/2014 262320 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Disabled 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SS - | Demand 23/10/2008 29744 | (GoogleDesktopManager-022208-143751) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe SS - | Auto 18/02/2009 133104 | (gupdate1c991b3cf58e43b) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 18/02/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 13/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SS - | Disabled 22/01/2008 103808 | (IJPLMSVC) . (...) - C:\Program Files\Canon\IJPLM\IJPLMSVC.exe SS - | Disabled 02/11/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 10/08/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SS - | Disabled 11/04/2007 236784 | (ndassvc) . (.XIMETA, Inc..) - C:\Program Files\NDAS\System\ndassvc.exe SS - | Disabled 27/07/2007 36864 | (OLITEC87B) . (.Realtek.) - C:\Program Files\OLITEC\Moniteur WiFi OLITEC USB\RtlService.exe SS - | Disabled 02/11/2009 181312 | (ScsiAccess) . (...) - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe SS - | Disabled 05/11/2009 657536 | (ServiceSFRABCD) . (.SFR & Celliance.) - C:\Program Files\SFR\Gestionnaire de Connexion 3G SFR\SFRABCDService.exe SS - | Disabled 15/06/2012 548264 | (SplashtopRemoteService) . (.Splashtop Inc..) - C:\Program Files\Splashtop\Splashtop Remote\Server\SRService.exe SS - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 23/10/2006 46640 | (AOL ACS) . (.AOL LLC.) - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe SR - | Auto 28/03/2008 667648 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe SR - | Auto 05/08/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 18/06/2014 378152 | (GlobalUpdater) . (.SIEN S.A..) - C:\Program Files\Common Files\IMGUpdater\IMGUpdater.exe SR - | Auto 19/06/2014 757872 | (IePluginServices) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe SR - | Auto 15/10/2013 3921880 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe SR - | Auto 20/09/2013 1042272 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe SR - | Auto 13/09/2013 171416 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe SR - | Auto 24/06/2014 73216 | (servervo) . (...) - C:\Users\Rémy\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware SR - | Auto 15/03/2012 370504 | (SSUService) . (.Splashtop Inc..) - C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe SR - | Auto 15/04/2014 1774904 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe SR - | Auto 21/01/2008 21504 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe SR - | Auto 05/07/2014 535936 | (WindowsMangerProtect) . (.Fuyu LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 09s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Rémy at 13/08/2014 12:07:14 device: opened successfully user: MBR read successfully Disk trace: called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 1 nt!IofCallDriver[0x84C5215F] >> \Device\Harddisk0\DR0[0x88C8C1E8] 3 CLASSPNP[0x8DE148B3] >> nt!IofCallDriver[0x84C5215F] >> [0x8816D918] 5 acpi[0x85A536BC] >> nt!IofCallDriver[0x84C5215F] >> \Device\Ide\IdeDeviceP2T0L0-2[0x881BF390] kernel: MBR read successfully user & kernel MBR OK ~ MBR: 13 Scanned in 00mn 02s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Rémy at 13/08/2014 12:07:16 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 13026 - (13/08/2014) Clés trouvées (Keys found) : 152 Valeurs trouvées (Values found) : 4 Dossiers trouvés (Folders found) : 48 Fichiers trouvés (Files found) : 55 [HKLM\Software\Google\Chrome\Extensions\hlamakkjeanfidbooajjkmjeolhkmhld] =>Adware.Bandoo^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{769A91DA-209F-47FE-88B9-B0321B0982C8}] =>PUP.NetCrawl^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{932223CA-E363-89BE-9BD1-5CCC44FDE039}] =>PUP.BlockAndSurf^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster^ [HKLM\SYSTEM\CurrentControlSet\Services\IePluginServices] =>PUP.IePluginService^ [HKLM\SYSTEM\CurrentControlSet\Services\servervo] =>Adware.Downware^ [HKLM\SYSTEM\CurrentControlSet\Services\SSUService] =>Adware.IncrediBar^ [HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_290_is1] =>Adware.FreeSoftToday^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] =>Adware.Downware^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981405}] =>Adware.Bandoo^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1] =>PUP.Eorezo^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D894938C-8EE1-4854-9254-8F9AEF2BFE46}] =>PUP.SpeedMaxPc^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer] =>Adware.MetaStream^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar] =>PUP.Datamngr^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] =>PUP.Fuyu^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstall] =>PUP.SweetPage^ [HKLM\Software\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster [HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip [HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}] =>PUP.Dealio [HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}] =>PUP.BearShare [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon [HKCU\Software\delta LTD] =>Toolbar.DeltaSearch [HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream [HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream [HKLM\Software\Classes\CLSID\{1c311aaa-d8b1-4a0a-bee5-2387fec583da}] =>Adware.Burn4Free [HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}] =>PUP.BearShare [HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent [HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}] =>PUP.BearShare [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz [HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}] =>PUP.iMesh [HKLM\Software\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}] =>PUP.BearShare [HKLM\Software\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}] =>Adware.IMBooster [HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}] =>PUP.Kiwee [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5f05c28d-dea9-4ad6-a73a-064175988eab}] =>PUP.Dealio [HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster [HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}] =>PUP.iMesh [HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}] =>Toolbar.Agent [HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}] =>PUP.iMesh [HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}] =>PUP.Babylon [HKLM\Software\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}] =>PUP.iMesh [HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}] =>PUP.iMesh [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}] =>Adware.IMBooster [HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}] =>Adware.IMBooster [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{c878cd69-85db-426b-81a3-e71175aaeb91}] =>Adware.SearchSettings [HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}] =>PUP.BearShare [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster [HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz [HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}] =>PUP.iMesh [HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}] =>PUP.iMesh [HKLM\Software\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo [HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector [HKLM\Software\Classes\AppID\NCTAudioCompress3.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\NCTAudioFile3.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\NCTAudioFileWMA3.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\NCTAudioFormatSettings3.DLL] =>PUP.BearShare [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1] =>PUP.Eorezo [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer] =>Adware.MetaStream [HKLM\Software\Classes\axmetastream.metastreamctl] =>Adware.MetaStream [HKLM\Software\Classes\axmetastream.metastreamctl.1] =>Adware.MetaStream [HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary] =>Adware.MetaStream [HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1] =>Adware.MetaStream [HKLM\Software\Classes\b4fm.sxcontextmenu1] =>Adware.Burn4Free [HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent [HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent [HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo [HKLM\Software\Classes\DnsBHO.BHO.1] =>Adware.Bandoo [HKLM\Software\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl] =>Adware.IMBooster [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\iLividSRTB] =>Adware.Bandoo [HKCU\Software\ilivid] =>Adware.Bandoo [HKLM\Software\Iminent] =>Adware.IMBooster [HKLM\Software\MetaStream] =>Adware.MetaStream [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKCU\Software\AppDataLow\Software\Search Settings] =>PUP.Dealio [HKLM\Software\SearchquMediabarTb] =>Adware.Bandoo [HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Viewpoint] =>Adware.MetaStream [HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon [HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods [HKLM\Software\MozillaPlugins\@viewpoint.com/VMP] =>Adware.MetaStream [HKLM\Software\Classes\Prod.cap] =>PUP.Babylon [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo [HKLM\Software\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar] =>Toolbar.DeltaSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF] =>PUP.Dealio [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}] =>PUP.Datamngr [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}] =>PUP.Datamngr [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\ParetoLogic] =>PUP.Paretologic [HKLM\Software\ParetoLogic] =>PUP.Paretologic [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo [HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox [HKLM\Software\Classes\Iminent] =>Adware.IMBooster [HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster [HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster [HKLM\Software\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster [HKLM\Software\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster [HKLM\Software\Classes\Toolbar.CT2391419] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar.CT2392836] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar3.MHTBPos00] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.MHTBPos00.1] =>Toolbar.Agent [HKLM\Software\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\IminentToolbar] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Windows Searchqu Toolbar] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2418}] =>Adware.Bandoo^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:AnyProtect Scanner =>PUP.AnyProtect^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:upfst_fr_290.exe =>Adware.FreeSoftToday^ [HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{84FF7BD6-B47F-46F8-9130-01B2696B36CB} =>Adware.IMBooster [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{EF99BD32-C1FB-11D2-892F-0090271D4F88} =>Toolbar.Yahoo C:\Users\Rémy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlamakkjeanfidbooajjkmjeolhkmhld =>Adware.Bandoo^ C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\EP: RegExtension {5932BCAD-47CC-DE58-D9CC-57BBB4D71873} . (...) -- C:\extensions\Program Files\di4BlockAndSurf\175.xpi (.not file.) =>PUP.BlockAndSurf^ C:\Program Files\BitComet =>P2P.BitComet^ C:\Program Files\DomaIQ Uninstaller =>Adware.DomaIQ^ C:\Program Files\fst_fr_290 =>Adware.FreeSoftToday^ C:\Program Files\Iminent =>Adware.IMBooster^ C:\Program Files\MyPC Backup =>PUP.MyPCBackup^ C:\Program Files\Optimizer Pro =>PUP.OptimizerPro^ C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner^ C:\Program Files\SavevidPlug-in =>Adware.Bandoo^ C:\Program Files\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Program Files\SupTab =>PUP.SupTab^ C:\Program Files\Viewpoint =>Adware.MetaStream^ C:\Program Files\Windows Searchqu Toolbar =>PUP.Datamngr^ C:\Program Files\Common Files\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\ProgramData\Babylon =>PUP.Babylon^ C:\ProgramData\IePluginServices =>PUP.IePluginService^ C:\ProgramData\ParetoLogic =>PUP.Paretologic^ C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\ProgramData\Viewpoint =>Adware.MetaStream^ C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^ C:\Users\Rémy\AppData\Roaming\BabSolution =>Hijacker.BabSolution^ C:\Users\Rémy\AppData\Roaming\Babylon =>PUP.Babylon^ C:\Users\Rémy\AppData\Roaming\BitComet =>P2P.BitComet^ C:\Users\Rémy\AppData\Roaming\EoRezo =>PUP.Eorezo^ C:\Users\Rémy\AppData\Roaming\OpenCandy =>Adware.OpenCandy^ C:\Users\Rémy\AppData\Roaming\ParetoLogic =>PUP.Paretologic^ C:\Users\Rémy\AppData\Roaming\Search Settings =>Adware.SearchSettings^ C:\Users\Rémy\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Users\Rémy\AppData\Roaming\SupTab =>PUP.SupTab^ C:\Users\Rémy\AppData\Roaming\sweet-page =>PUP.SweetPage^ C:\Users\Rémy\AppData\Roaming\VOPackage =>Adware.Downware^ C:\Users\Rémy\AppData\Local\fst_fr_290 =>Adware.FreeSoftToday^ C:\Users\Rémy\AppData\Local\SearchProtect =>PUP.SearchProtect^ C:\Users\Rémy\AppData\Local\Supreme Savings =>PUP.RewardsArcade^ C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect^ C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^ C:\Program Files\Family Toolbar =>Toolbar.Agent C:\Program Files\Common Files\Umbrella =>Adware.IMBooster C:\ProgramData\Browser Manager =>PUP.Babylon C:\Users\Rémy\AppData\LocalLow\searchresultstb =>Toolbar.Agent C:\Users\Rémy\AppData\LocalLow\PriceGong =>Adware.PriceGong C:\Users\Rémy\AppData\LocalLow\searchquband =>Adware.Bandoo C:\Users\Rémy\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo C:\Program Files\IZArc\OpenCandy =>Adware.OpenCandy C:\Program Files\MediaInfo\OpenCandy =>Adware.OpenCandy C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\searchqutoolbar =>Adware.Bandoo C:\Users\Rémy\AppData\Roaming\Mozilla\Firefox\Profiles\0hgq8dvw.default\SearchPlugins\conduit.xml =>Toolbar.Conduit C:\Users\Rémy\AppData\Local\fst_fr_290\upfst_fr_290.exe =>Adware.FreeSoftToday^ C:\Program Files\fst_fr_290\fst_fr_290.exe =>Adware.FreeSoftToday^ C:\ProgramData\IePluginServices\PluginService.exe =>PUP.IePluginService^ C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu^ C:\Users\Rémy\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware^ C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe =>Adware.IncrediBar^ C:\Users\Rémy\AppData\Roaming\BabSolution\Shared\BabMaint.exe =>Hijacker.BabSolution^ C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe =>PUP.SpeedMaxPc^ C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe =>PUP.SpeedMaxPc^ C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^ C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^ C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^ C:\Windows\Tasks\SpeedMaxPc Registration3.job =>PUP.SpeedMaxPc^ C:\Windows\System32\Tasks\SpeedMaxPc Registration3 =>PUP.SpeedMaxPc^ C:\Windows\Tasks\SpeedMaxPc Update3.job =>PUP.SpeedMaxPc^ C:\Windows\System32\Tasks\SpeedMaxPc Update3 =>PUP.SpeedMaxPc^ C:\Windows\Tasks\SpeedMaxPc.job =>PUP.SpeedMaxPc^ C:\Windows\System32\Tasks\SpeedMaxPc =>PUP.SpeedMaxPc^ [HKCU\Software\AnyProtect] =>PUP.AnyProtect^ [HKCU\Software\AppDataLow\Software\BlockAndSurf] =>PUP.BlockAndSurf^ [HKCU\Software\AppDataLow\Software\savevidtoolbargaw] =>Adware.Bandoo^ [HKCU\Software\BabSolution] =>Hijacker.BabSolution^ [HKCU\Software\BitComet] =>P2P.BitComet^ [HKCU\Software\Conduit] =>Toolbar.Conduit^ [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^ [HKCU\Software\Datamngr] =>PUP.Datamngr^ [HKCU\Software\NetCrawl] =>PUP.NetCrawl^ [HKCU\Software\TutoTag] =>PUP.AgenceExclusive^ [HKCU\Software\WinkHandler] =>Adware.IMBooster^ [HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^ [HKCU\Software\iLivid] =>Adware.Bandoo^ [HKCU\Software\savevidtoolbargaw] =>Adware.Bandoo^ [HKCU\Software\softonicToolbar] =>Toolbar.Conduit^ [HKLM\Software\Babylon] =>PUP.Babylon^ [HKLM\Software\Conduit] =>Toolbar.Conduit^ [HKLM\Software\DomaIQ] =>Adware.DomaIQ^ [HKLM\Software\FrEeSoFtToDaY] =>Adware.FreeSoftToday^ [HKLM\Software\NetCrawl] =>PUP.NetCrawl^ [HKLM\Software\SavevidSRTB] =>Adware.Bandoo^ [HKLM\Software\SupDp] =>PUP.SupTab^ [HKLM\Software\Supreme Savings] =>PUP.RewardsArcade^ [HKLM\Software\supTab] =>PUP.SupTab^ [HKLM\Software\supWPM] =>PUP.WpManager^ [HKLM\Software\supWindowsMangerProtect] =>PUP.Fuyu^ [HKLM\Software\sweet-pageSoftware] =>PUP.SweetPage^ D:\Rémy\Desktop\VOPackage.exe =>Adware.Downware^ [HKCU\Software\5255dad9b168ba15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^ [HKCU\Software\5255dad9b168ba15] =>PUP.Babylon^^ C:\Windows\Installer\af14a1.msi =>Adware.Bandoo^ [HKCR\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}] (MetaStreamCtl Class) =>Adware.MetaStream^ [HKCR\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] (MetaStreamCtl Class) =>Adware.MetaStream^ ~ Additionnel Scan: 439544 Items scanned in 00mn 38s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/g0-page-de-demarrage-google-chrome/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) ~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPKS) (O51) ~ AMI: 8 Scanned in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/adware-freesofttoday =>Adware.FreeSoftToday http://nicolascoolman.fr/adware-downware =>Adware.Downware http://nicolascoolman.fr/adware-incredibar =>Adware.IncrediBar http://nicolascoolman.fr/pup-sweetpage =>PUP.SweetPage http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo http://nicolascoolman.fr/pup-babylon =>PUP.Babylon http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch http://nicolascoolman.fr/pup-searchresults =>PUP.SearchResults http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit http://nicolascoolman.fr/pup-blockandsurf =>PUP.BlockAndSurf http://nicolascoolman.fr/adware-metastream =>Adware.MetaStream http://nicolascoolman.fr/pup-netcrawl =>PUP.NetCrawl http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect http://nicolascoolman.fr/hijacker-babsolution =>Hijacker.BabSolution http://nicolascoolman.fr/pup-speedmaxpc =>PUP.SpeedMaxPc http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo http://nicolascoolman.fr/pup-eorezo =>PUP.Eorezo http://nicolascoolman.fr/pup-datamngr =>PUP.Datamngr http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong http://nicolascoolman.fr/adware-searchsettings =>Adware.SearchSettings http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore http://nicolascoolman.fr/30068076-pup-paretologic =>PUP.Paretologic http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive http://nicolascoolman.fr/adware-domaiq =>Adware.DomaIQ http://nicolascoolman.fr/pup-suptab =>PUP.SupTab http://nicolascoolman.fr/pup-rewardsarcade =>PUP.RewardsArcade http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro http://nicolascoolman.fr/rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect http://nicolascoolman.fr/pup-mocaflix =>PUP.Mocaflix http://nicolascoolman.fr/adware-shoppingreport =>Adware.ShoppingReport http://nicolascoolman.fr/hijacker-trovicom =>Hijacker.TroviCom http://nicolascoolman.fr/adware-recordnrip =>Adware.RecordNRip http://nicolascoolman.fr/pup-dealio =>PUP.Dealio http://nicolascoolman.fr/pup-bearshare =>PUP.BearShare http://nicolascoolman.fr/pup-v9software =>PUP.V9Software http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz http://nicolascoolman.fr/pup-imesh =>PUP.iMesh http://nicolascoolman.fr/pup-kiwee =>PUP.Kiwee http://nicolascoolman.fr/pup-whitesmoke =>PUP.Whitesmoke http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods http://nicolascoolman.fr/adware-browsefox =>Adware.BrowseFox ~ MSI: 49 link(s) detected in 00mn 00s End of the scan (2808 lines in 05mn 52s)(0)