Script ZHPFix EmptyPrefetch FirewallRaz PROXYFix EmptyTemp EmptyFlash EmptyClsid SysRestore [HKCU\Software\IObit Apps] [HKCU\Software\Store] =>PUP.Nosibay [HKLM\Software\Wow6432Node\IObit Apps] [HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart O43 - CFD: 18/07/2014 - 16:26:55 - [0] ----D C:\Program Files (x86)\sweetpacks bundle uninstaller_SPAMfighter_1551498 =>PUP.SweetIM O43 - CFD: 06/06/2014 - 16:13:33 - [] ----D C:\ProgramData\Software =>Adware.Boxore O90 - PUC: "4D7B2EA8AAB2D9B44A4F82D2D3031F0D" . (.IObit Apps Toolbar v7.2.) -- C:\Windows\Installer\{8AE2B7D4-2BAA-4B9D-A4F4-282D3D30F1D0}\ARPPRODUCTICON.exe =>PUP.Dealio HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASAPI32 =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\MyPC Backup_RASMANCS =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASAPI32 =>PUP.JDIBackup HKLM\SOFTWARE\Microsoft\Tracing\Signup Wizard_RASMANCS =>PUP.JDIBackup HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASAPI32 =>Adware.Incredibar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ExtensionUpdaterService_RASMANCS =>Adware.Incredibar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateZebar_RASAPI32 =>PUP.Zebar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateZebar_RASMANCS =>PUP.Zebar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilZebar_RASAPI32 =>PUP.Zebar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilZebar_RASMANCS =>PUP.Zebar [HKLM\Software\Google\Chrome\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg] =>PUP.CrossRider^ [HKLM\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae] =>PUP.Astromenda^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8AE2B7D4-2BAA-4B9D-A4F4-282D3D30F1D0}] =>PUP.Dealio^ [HKCU\Software\IObit Apps] =>PUP.Dealio [HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio [HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider C:\Users\hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg =>PUP.CrossRider^ C:\Users\hubert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae =>PUP.Astromenda^ C:\Program Files (x86)\sweetpacks bundle uninstaller_SPAMfighter_1551498 =>PUP.SweetIM^ C:\ProgramData\Software =>Adware.Boxore^ [HKCU\Software\Store] =>PUP.Nosibay^ [HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart^ O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {3C4BCD2A-8D3C-4663-9449-AB7B3AFD096F} O43 - CFD: 31/12/2012 - 13:18:11 - [] ----D C:\ProgramData\clp O43 - CFD: 22/08/2014 - 09:34:21 - [] ----D C:\ProgramData\ProductData O43 - CFD: 20/08/2014 - 12:14:19 - [] ----D C:\Users\hubert\AppData\Roaming\ProductData [MD5.33F6F3131EE8854F05C6BEAEA233B85F] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336] [PID.1036] [MD5.580BB8242B4B5D64FF645BA8A78084D2] - (.IObit - IObit Malware Fighter.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1601856] [PID.2840] O2 - BHO: (no name) [64Bits] - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} Clé orpheline O2 - BHO: (no name) [64Bits] - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} Clé orpheline O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} Clé orpheline O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E78569BE-555B-4B4A-B7E5-647C31CA7DDC} Clé orpheline [HKLM\Software\Wow6432Node\SOFTWARE] O51 - MPSK:{514b8ed2-d26d-11e1-8dbe-806e6f6e6963}\AutoRun\command. (...) -- F:\Setup.exe (.not file.) [HKCU\Software\MCAFEE] O43 - CFD: 18/01/2014 - 09:41:40 - [] ----D C:\ProgramData\McAfee [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O61 - LFC: 20/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR.exe [8033232] O61 - LFC: 21/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR (1).exe [8033232] O61 - LFC: 21/08/2014 - 08:48:30 ---A- . (.Driver-Soft Inc..) -- C:\Users\hubert\Downloads\Driver_Genius_Professional_AQFR (2).exe [8033232] O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.) O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.) O3 - Toolbar: avast! Online Security - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (...) -- (.not file.) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline [MD5.0E4185F75C1394897DB73CCC3368CA4B] [WIS][10/06/2014] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\af032.msi [475136] HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] C:\Windows\Installer\af032.msi