~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014) ~ Lancé par corinne (04/02/2014 18:26:55) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): ---\\ Navigateurs Internet MSIE: Internet Explorer v9.0.8112.16421 GCIE: Google Chrome v32.0.1700.107 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_COA_NSLP channel Windows ID Activation : OK ~ Windows Partial Key : Q27TJ Windows License : OK Windows Automatic Updates : OK ---\\ Logiciels de protection du système Microsoft Security Client v4.4.0304.0 ---\\ Logiciels d'optimisation du système CCleaner v2.28 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 ActiveX Adobe Reader X Java 7 Update 51 ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2046 MB (45% free) System Restore: Activé (Enable) System drive C: has 66 GB (50%) free of 129 GB ---\\ Mode de connexion au système ~ Computer Name: PC-DE-CORINNE ~ User Name: corinne ~ All Users Names: UpdatusUser, corinne, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\corinne\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\corinne\AppData\Roaming\ ~ %Desktop% : C:\Users\corinne\Desktop\ ~ %Favorites% : C:\Users\corinne\Favorites\ ~ %LocalAppData% : C:\Users\corinne\AppData\Local\ ~ %StartMenu% : C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques A: Floppy drive, Flash card reader, USB Key (Not Inserted) C: Hard drive, Flash drive, Thumb drive (Free 66 Go of 129 Go) D: CD-ROM drive (Not Inserted) E: Hard drive, Flash drive, Thumb drive (Free 92 Go of 104 Go) ---\\ Etat du Centre de Sécurité Windows ~ Security Center: 42 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.4CC9DF09C3D915BA0A101A11DB684F26] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2013 - 23:42:41.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856] [MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232] [MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192] [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/313 Mes musiques (My Musics) : 15/15 (Modified) ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/81 ~ Mes Documents (My Documents) : 4/116 ~ Mon Bureau (My Desktop) : 2/481 ~ Menu demarrer (Programs) : 1/39 ~ Hidden Files: Scanned in 00mn 00s ---\\ Processus lancés [MD5.16AE89DB056690B77252A722023D506B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4431872] [PID.2296] [MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.2324] [MD5.40A329FE101AE594F879D2133E223D0A] - (.Discordia, LTD - Data Manager.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1115536] [PID.2380] =>PUP.Datamngr [MD5.6EA1BF3F6E6B0613351411A3EB6B85A2] - (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe [1561768] [PID.2396] [MD5.2E068599FCF51B3F4640458950A069FC] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe [2420248] [PID.2404] =>Toolbar.AVGSearch [MD5.01D92A226791867F2DED688F25271905] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1058400] [PID.2412] [MD5.33BE35574E1081A91EACD2B98E0A472A] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640] [PID.2444] =>Toolbar.Ask [MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.2460] [MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.2504] [MD5.5F2B7DEB7263CC6D65871675FBF31F66] - (.Inbox.com, Inc. - Inbox Toolbar.) -- C:\Program Files\Inbox Toolbar\Inbox.exe [1380328] [PID.2520] [MD5.9D826FE5B102A4DF5225786DB5E586C9] - (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648] [PID.2528] [MD5.C407F87EDD7F08D7C8B900A4C6C6C719] - (.Crawler.com - Online Vault Tray.) -- C:\Program Files\OnlineVault\OVTray.exe [371808] [PID.2672] [MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe [959880] [PID.2824] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2840] [MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.2864] [MD5.665CE80D2173C774EE80FEAC4B20C860] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe [1560576] [PID.2888] [MD5.50BD5E267657BE1090FB667B7A4500CE] - (.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe [337264] [PID.2908] [MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.2924] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3096] [MD5.43E6F2A7FB182F2D7CB0CE5B8F1005CF] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757488] [PID.2700] [MD5.F7480FE0B17C75FED24F2C11A5DB5F1E] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FARNILE.exe [264800] [PID.7220] [MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe [866632] [PID.2712] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4216] [MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.4896] [MD5.E4284FCF99FEA13A7E1836F87AE356F6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe [639776] [PID.952] [MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.968] [MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1048] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1412] [MD5.8619BE54EC51A74A2C3F82B313AB445E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [873248] [PID.1636] [MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.656] [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2948] [MD5.2297460EC100F34DC455CC0EFD21D442] - (.Avira Operations GmbH & Co. KG - Firewall NT service process.) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [1012280] [PID.2972] [MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.3040] [MD5.B342CD9AA44E4AE99E2368EBDBC2E17A] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.3120] =>Toolbar.Ask [MD5.D503DF3ABA595F551B98B9BAE017A271] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.3136] [MD5.E9EFCB47B90FD5498695BB7FEFD36CAE] - (.Seiko Epson Corporation - Epson Scanner Service (32bit).) -- C:\Windows\system32\EscSvc.exe [122000] [PID.3164] [MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.3212] [MD5.C7F5C284B6F46FCAF6910EA4E644700B] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.3212] [MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.3436] [MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.3468] [MD5.E155E09229624C69A1A6609C0CB3641F] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\Ralink\Common\RaRegistry.exe [185632] [PID.3524] [MD5.D6BFF86F1946B0E473BAE244FB1BB07F] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680] [PID.3596] =>Toolbar.AVGSearch [MD5.14240D6730C6BA73AD569F2CD759B504] - (.Pas de propriétaire - loggings Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe [159768] [PID.3900] =>Toolbar.AVGSearch [MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.2272] [MD5.0DD3DDCAEBEA9B0B3B8D008F6973185F] - (.Avira Operations GmbH & Co. KG - Antivirus MailScanner LSP Service.) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [896056] [PID.2288] [MD5.29D956C8CB67222D678FAF20D485B25B] - (.Avira Operations GmbH & Co. KG - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe [1011768] [PID.1188] [MD5.42D33042371BFB1A7D40834590CAFD30] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Servi.) -- C:\Program Files\Microsoft Security Client\NisSrv.exe [280288] [PID.552] ~ Processes Running: Scanned in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] http://toolbar.inbox.com G2 - GCE: Preference [User Data\Default] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.30.2, (Désactivé) =>Toolbar.Avira G2 - GCE: Preference [User Data\Default] [apgjagobplilmcdfelodhgefiidomnfl] Inbox Toolbar v.1.0.0.12 (Désactivé) G2 - GCE: Preference [User Data\Default] [bdcfkjjffkboloijgealjeijakofmalg] Interest Recognizer for Freecompressor v.3.1.1489.132 (Désactivé) =>Adware.SPointer G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.1 (Désactivé) =>Toolbar.DeltaSearch G2 - GCE: Preference [User Data\Default] [iahagolkpaghhinaljhjihagjgomdokb] La barre d'outils de Marche.fr v.1.3, (Désactivé) G2 - GCE: Preference [User Data\Default] [kincjchfokkeneeofpeefomkikfkiedl] Facetheme v.1.0 (Désactivé) =>PUP.FCTPlugin G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.17.1.2.1 (Désactivé) =>Toolbar.AVGSearch G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) ~ Google Browser: 18 Legitimates Filtered in 00mn 10s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\corinne\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js P2 - FPN: [HKLM] [@ei.Allin1Convert_8h.com/Plugin] - (.Allin1Convert - Allin1Convert Installer Plugin Stub for 32-bit Windows.) -- C:\Program Files\Allin1Convert_8hEI\Installr\1.bin\NP8hEISB.dll =>Adware.Allin1Convert ~ Firefox Browser: 21 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cherchermp3.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr ~ IE Browser: 15 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch O2 - BHO: WiseConvert 1.5 B2 - {e483a649-efc1-4ceb-bff6-8be71582056d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\WiseConvert_1.5_B2\prxtbWise.dll =>Toolbar.Conduit ~ BHO: 18 Legitimates Filtered in 00mn 03s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{FE063DB9-4EC0-403e-8DD8-394C54984B2C} Clé orpheline O3 - Toolbar: DVDVideoSoftTB Toolbar - [HKLM]{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} . (...) -- C:\Program Files\DVDVideoSoft\tbDVDV.dll O3 - Toolbar: Streaming Chercher MP3 Toolbar - [HKLM]{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\Streaming Chercher MP3 Toolbar\tbcore3.dll O3 - Toolbar: Searchqu Toolbar - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\searchqudtx.dll =>PUP.Datamngr O3 - Toolbar: Ask Toolbar - [HKLM]{D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar: E-Web Print - [HKLM]{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} . (.SEIKO EPSON CORPORATION - ewps_tb.) -- C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll O3 - Toolbar: Avira SearchFree Toolbar - [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll =>Toolbar.Ask O3 - Toolbar: WiseConvert 1.5 B2 Toolbar - [HKLM]{e483a649-efc1-4ceb-bff6-8be71582056d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\WiseConvert_1.5_B2\prxtbWise.dll =>Toolbar.Conduit O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{FE063DB9-4EC0-403E-8DD8-394C54984B2C} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E483A649-EFC1-4CEB-BFF6-8BE71582056D} Clé orpheline ~ Toolbar: Scanned in 00mn 03s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files\EPSON Software\Easy Photo Print\EPQuicker.exe O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe O4 - GS\Desktop [Public]: FreeCompressor.lnk . (...) -- C:\Program Files\TUGzip\TUGZip.exe O4 - GS\Desktop [Public]: Guide d'utilisation EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Useg\index.htm O4 - GS\Desktop [Public]: Guide réseau EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Netg\index.htm O4 - GS\QuickLaunch [corinne]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch [corinne]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [corinne]: SFR Cloud.lnk . (...) -- C:\Users\corinne\AppData\Local\F-Secure\SFR Cloud\Application\SFR Cloud.exe (.not file.) O4 - GS\QuickLaunch [corinne]: SpeedMaxPc.lnk . (.SpeedMaxPc - SpeedMaxPc.) -- C:\Users\corinne\SpeedMaxPc\SpeedMaxPc.exe =>PUP.SpeedMaxPc O4 - GS\Program [corinne]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SystemTools [corinne]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Desktop [corinne]: Agent X - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [corinne]: AttestationsScolaire - Raccourci.lnk . (...) -- C:\Users\corinne\Documents\Downloads\AttestationsScolaire.pdf O4 - GS\Desktop [corinne]: coco - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [corinne]: Corbeille - Raccourci.lnk - Clé orpheline ~ Global Startup: 68 Legitimates Filtered in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - GS\Startup [Public]: Ralink Wireless Utility.lnk . (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe O4 - GS\Startup [corinne]: Microsoft Office Groove.lnk . (.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe O4 - GS\Startup [corinne]: OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Run: [EoEngine] Clé orpheline O4 - HKLM\..\Run: [NWEReboot] Clé orpheline O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe O4 - HKLM\..\Run: [eorezo] Clé orpheline =>PUP.Eorezo O4 - HKLM\..\Run: [RDesc] Clé orpheline O4 - HKLM\..\Run: [DATAMNGR] . (.Discordia, LTD - Data Manager.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe =>PUP.Datamngr O4 - HKLM\..\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [SearchSettings] . (.Spigot, Inc. - Search Settings.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe =>PUP.Dealio O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [InboxToolbar] . (.Inbox.com, Inc. - Inbox Toolbar.) -- C:\Program Files\Inbox Toolbar\Inbox.exe O4 - HKLM\..\Run: [Online Vault] . (.Crawler.com - Online Vault Tray.) -- C:\Program Files\OnlineVault\OVTray.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKCU\..\Run: [NTRedirect] . (.Pas de propriétaire - enhancedNT.) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll =>Hijacker.BabSolution O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [NTRedirect] . (.Pas de propriétaire - enhancedNT.) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll =>Hijacker.BabSolution ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO O9 - Extra button: Streaming Chercher MP3 Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (...) -- C:\Program Files\Streaming Chercher MP3 Toolbar\favicon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://www.ma-config.com/plugins/MaConfig_6_0_1_1.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (.AVG Secure Search - Pas de description.) -- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll =>Toolbar.AVGSearch O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask O23 - Service: (vToolbarUpdater17.1.2) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe =>Toolbar.AVGSearch ~ Services: 19 Legitimates Filtered in 00mn 19s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc Registration3.job [444] =>PUP.SpeedMaxPc O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc Update3.job [402] =>PUP.SpeedMaxPc O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc.job [336] =>Hijacker.iHaveNet [MD5.00000000000000000000000000000000] [APT] [Advanced System Protector] (...) -- C:\Program Files\RegClean Pro\SystweakASP.exe (.not file.) [0] =>PUP.AdvancedSystemProtector [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe (.not file.) [0] [MD5.ADB62392BC0711707E58E70186CC4AC2] [APT] [EPUpdater] (...) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\BabMaint.exe [10224] =>Hijacker.BabSolution [MD5.00000000000000000000000000000000] [APT] [Maintenance en 1 clic] (...) -- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe (.not file.) [0] [MD5.013414E136AC76598B19552DC31DE718] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files\Ask.com\UpdateTask.exe [135336] =>Toolbar.Ask [MD5.7BC313B855B469B918B75CB3F058CC66] [APT] [SpeedMaxPc] (.SpeedMaxPc.) -- C:\Users\corinne\SpeedMaxPc\SpeedMaxPc.exe [5004064] =>PUP.SpeedMaxPc [MD5.1DE3E324847390D51970264CBFCAC1D8] [APT] [SpeedMaxPc Update3] (.SpeedMaxPc.) -- C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe [660768] =>PUP.SpeedMaxPc [MD5.00000000000000000000000000000000] [APT] [{3545F003-AAD7-4EFA-92A4-460073A3B532}] (...) -- C:\Users\corinne\Desktop\93.71_forceware_winxp2k_international_whql.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{4D79829A-4087-45F9-B3A1-D4F6E13D64CC}] (...) -- C:\Users\corinne\Desktop\Auto-‚cole 3D\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{5C8C302B-B8E3-4CB2-998B-FBE18091AE17}] (...) -- C:\Users\corinne\Desktop\SoftonicToolbar.exe (.not file.) [0] =>Toolbar.Conduit [MD5.00000000000000000000000000000000] [APT] [{C916364F-1A39-48C2-863D-D97A3F85E98C}] (...) -- D:\Drivers\Lan\Utility\setup.exe (.not file.) [0] [MD5.9D826FE5B102A4DF5225786DB5E586C9] [APT] [ASUS ACPI Service Provider] (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648] [MD5.2E5039A6599CAF0C4A406ED9460F80A1] [APT] [ASUS RegRun Loader] (...) -- C:\Program Files\ASUS\AASP\1.00.33\AsLoader.exe [363008] ~ Scheduled Task: 43 Legitimates Filtered in 00mn 07s ---\\ Logiciels installés (O42) O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant O42 - Logiciel: AutocompletePro - (...) [HKLM] -- AutocompletePro3_is1 =>Adware.PredictAd O42 - Logiciel: BitGuard - (.MediaTechSoft Inc..) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>PUP.BitGuard O42 - Logiciel: DVDVideoSoft Toolbar - (...) [HKLM] -- DVDVideoSoft Toolbar O42 - Logiciel: Facemoods - (.Secure Digital Services.) [HKLM] -- {D0198889-7766-424B-AB81-F16F8EDDFEF4} =>Adware.Facemoods O42 - Logiciel: Facetheme - (.facetheme.com.) [HKLM] -- facetheme =>PUP.FCTPlugin O42 - Logiciel: Inbox Toolbar - (.Inbox.com, Inc..) [HKLM] -- {612AD33D-9824-4E87-8396-92374E91C4BB}_is1 O42 - Logiciel: ItsTV 3.0 - (.Its Label.) [HKLM] -- ItsTV_is1 O42 - Logiciel: Online Vault - (.PCRx.com, LLC.) [HKLM] -- {FE60B87C-63A2-4A45-AC06-FFEFD5DB7846}_is1 =>PUP.PCRx O42 - Logiciel: SpeedMaxPc - (.SpeedMaxPc.) [HKLM] -- {D894938C-8EE1-4854-9254-8F9AEF2BFE46} =>PUP.SpeedMaxPc O42 - Logiciel: Streaming Chercher MP3 Toolbar - (.Abingerdale, Ltd..) [HKLM] -- TBSB07458.TBSB07458Toolbar O42 - Logiciel: SweetIM for Messenger 3.6 - (.SweetIM Technologies Ltd..) [HKLM] -- {A81A974F-8A22-43E6-9243-5198FF758DA1} =>PUP.SweetIM O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM] -- Searchqu 406 MediaBar =>PUP.Datamngr O42 - Logiciel: WiseConvert 1.5 B2 Toolbar for IE - (.WiseConvert 1.5 B2.) [HKLM] -- IECT3297966 =>Toolbar.Conduit O42 - Logiciel: eoJet 1.1 - (.EoRezo.) [HKLM] -- eoJet_is1 =>PUP.Eorezo ~ Logic: 22 Legitimates Filtered in 00mn 02s ---\\ HKCU & HKLM Software Keys [HKCU\Software\5f53d6d8e66dbe15] =>Hijacker.Eazel [HKCU\Software\APN] [HKCU\Software\Alexa Internet] [HKCU\Software\Ask.com] [HKCU\Software\AskPartnerNetwork] [HKCU\Software\AskSearchAsst] [HKCU\Software\AutocompleteProBHO] =>Adware.PredictAd [HKCU\Software\AutocompletePro] =>Adware.PredictAd [HKCU\Software\BabSolution] =>Hijacker.BabSolution [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\DataMngr] =>PUP.Datamngr [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr [HKCU\Software\EoRezo] =>PUP.Eorezo [HKCU\Software\FileScout] =>PUP.FileScout [HKCU\Software\FissaSearch] =>PUP.OfferBox [HKCU\Software\Inbox Toolbar] [HKCU\Software\ItsLabel] =>PUP.ItsLabel [HKCU\Software\OfferBox] =>PUP.OfferBox [HKCU\Software\Search Settings] =>Adware.SearchSettings [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKCU\Software\WLANUtil] [HKCU\Software\WideStream] =>Adware.SPointer [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\eojet] =>PUP.Eorezo [HKCU\Software\ilivid] =>Adware.Bandoo [HKLM\Software\5f53d6d8e66dbe15] =>Hijacker.Eazel [HKLM\Software\APN] [HKLM\Software\Allin1Convert_8hEI] =>Adware.Allin1Convert [HKLM\Software\AskPartnerNetwork] [HKLM\Software\AskToolbar] [HKLM\Software\Bandoo] =>Adware.Bandoo [HKLM\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\DataMngr] =>PUP.Datamngr [HKLM\Software\EoRezo] =>PUP.Eorezo [HKLM\Software\Inbox Toolbar] [HKLM\Software\Search Settings] =>Adware.SearchSettings [HKLM\Software\SearchquMediabarTb] =>PUP.Datamngr [HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\WiseConvert_1.5_B2] =>Toolbar.Conduit ~ Key Software: 365 Legitimates Filtered in 00mn 02s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 15/08/2013 - 14:49:19 - [0,789] ----D C:\Program Files\Allin1Convert_8hEI =>Adware.Allin1Convert O43 - CFD: 07/08/2010 - 10:01:35 - [0,120] ----D C:\Program Files\Ask Search Assistant O43 - CFD: 05/09/2012 - 15:47:39 - [3,428] ----D C:\Program Files\Ask.com O43 - CFD: 24/07/2013 - 15:36:08 - [14,206] ----D C:\Program Files\AskPartnerNetwork O43 - CFD: 11/03/2010 - 13:41:28 - [0] ----D C:\Program Files\Audio Video Converter O43 - CFD: 08/09/2010 - 17:11:05 - [0,824] ----D C:\Program Files\AutocompletePro =>Adware.PredictAd O43 - CFD: 12/02/2010 - 19:38:33 - [1,603] ----D C:\Program Files\Conduit O43 - CFD: 25/05/2013 - 19:59:46 - [0,109] ----D C:\Program Files\EoRezo =>PUP.Eorezo O43 - CFD: 22/08/2010 - 12:37:30 - [0] ----D C:\Program Files\Fluendo =>Adware.SPointer O43 - CFD: 17/12/2013 - 13:34:33 - [6,870] ----D C:\Program Files\Inbox Toolbar O43 - CFD: 13/02/2010 - 19:34:08 - [3,635] ----D C:\Program Files\ItsLabel =>PUP.ItsLabel O43 - CFD: 06/12/2010 - 11:59:08 - [0,020] ----D C:\Program Files\LimeWire O43 - CFD: 11/09/2012 - 12:11:24 - [0,065] ----D C:\Program Files\Object O43 - CFD: 29/05/2010 - 15:04:58 - [7,103] ----D C:\Program Files\Streaming Chercher MP3 Toolbar O43 - CFD: 30/01/2011 - 15:22:53 - [0,217] ----D C:\Program Files\Widestream6 =>Adware.SPointer O43 - CFD: 02/06/2011 - 07:48:43 - [6,288] ----D C:\Program Files\Windows iLivid Toolbar =>Adware.Bandoo O43 - CFD: 01/11/2013 - 11:48:53 - [7,784] ----D C:\Program Files\WiseConvert_1.5_B2 =>Toolbar.Conduit O43 - CFD: 11/03/2010 - 13:41:28 - [10,116] ----D C:\Program Files\Common Files\ArmDic O43 - CFD: 28/01/2014 - 11:43:13 - [1,612] ----D C:\Program Files\Common Files\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 13/08/2013 - 14:20:01 - [1,355] ----D C:\Program Files\Common Files\Spigot =>PUP.Dealio O43 - CFD: 24/07/2013 - 15:35:20 - [0] ----D C:\ProgramData\APN O43 - CFD: 23/10/2011 - 11:54:21 - [0] ----D C:\ProgramData\Ask O43 - CFD: 24/07/2013 - 15:36:08 - [2,503] ----D C:\ProgramData\AskPartnerNetwork O43 - CFD: 25/07/2013 - 16:04:03 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon O43 - CFD: 02/10/2013 - 17:22:07 - [0,082] ----D C:\ProgramData\BitGuard =>PUP.BitGuard O43 - CFD: 01/11/2013 - 11:48:54 - [1,686] ----D C:\ProgramData\Conduit O43 - CFD: 15/08/2013 - 14:58:18 - [0,003] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain O43 - CFD: 28/01/2014 - 11:43:13 - [0,020] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 19/09/2012 - 17:12:23 - [3,425] --H-D C:\ProgramData\{EF2D8223-8F3C-423E-BFA7-5E8BEEA8A6C2} O43 - CFD: 24/08/2013 - 15:50:05 - [0] ----D C:\Users\corinne\AppData\Roaming\Advanced System Protector =>PUP.AdvancedSystemProtector O43 - CFD: 15/08/2013 - 14:58:43 - [1,566] ----D C:\Users\corinne\AppData\Roaming\BabSolution =>Hijacker.BabSolution O43 - CFD: 25/07/2013 - 16:04:03 - [0,007] ----D C:\Users\corinne\AppData\Roaming\Babylon =>PUP.Babylon O43 - CFD: 21/06/2010 - 15:35:47 - [240,845] ----D C:\Users\corinne\AppData\Roaming\EoRezo =>PUP.Eorezo O43 - CFD: 15/08/2013 - 15:08:24 - [0,308] ----D C:\Users\corinne\AppData\Roaming\File Scout =>PUP.FileScout O43 - CFD: 15/08/2010 - 13:27:59 - [0,035] ----D C:\Users\corinne\AppData\Roaming\FissaSearch =>PUP.OfferBox O43 - CFD: 14/02/2010 - 13:29:39 - [0,206] ----D C:\Users\corinne\AppData\Roaming\ItsLabel =>PUP.ItsLabel O43 - CFD: 23/08/2011 - 16:26:28 - [0,013] ----D C:\Users\corinne\AppData\Roaming\Kalifoo.0158780AE3ACB0DC5B6FDCEC9DBFE5182B05BD40.1 O43 - CFD: 23/08/2013 - 14:59:59 - [0] ----D C:\Users\corinne\AppData\Roaming\OfferBox =>PUP.OfferBox O43 - CFD: 15/08/2013 - 15:18:17 - [21,042] ----D C:\Users\corinne\AppData\Roaming\OpenCandy =>Adware.OpenCandy O43 - CFD: 15/08/2013 - 14:58:15 - [0,081] ----D C:\Users\corinne\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis O43 - CFD: 02/12/2013 - 15:37:09 - [0] ----D C:\Users\corinne\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc O43 - CFD: 17/04/2010 - 19:37:12 - [0,001] ----D C:\Users\corinne\AppData\Roaming\widestream =>Adware.SPointer O43 - CFD: 25/12/2013 - 16:53:07 - [0,371] ----D C:\Users\corinne\AppData\Local\Alexa O43 - CFD: 25/07/2013 - 16:04:08 - [5,806] ----D C:\Users\corinne\AppData\Local\Babylon =>PUP.Babylon O43 - CFD: 01/11/2013 - 11:48:50 - [2,692] ----D C:\Users\corinne\AppData\Local\Conduit O43 - CFD: 16/10/2011 - 11:56:31 - [1,131] ----D C:\Users\corinne\AppData\Local\eojet =>PUP.Eorezo O43 - CFD: 16/01/2014 - 18:40:04 - [0,003] ----D C:\Users\corinne\AppData\Local\iLivid =>Adware.Bandoo O43 - CFD: 19/09/2012 - 17:11:22 - [0,014] ----D C:\Users\corinne\AppData\Local\Ilivid Player =>Adware.Bandoo O43 - CFD: 30/01/2011 - 15:20:28 - [0,163] ----D C:\Users\corinne\AppData\Local\widestream6 Air =>Adware.SPointer O43 - CFD: 07/08/2010 - 10:01:35 - [0,002] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant O43 - CFD: 13/10/2013 - 19:01:35 - [0] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard O43 - CFD: 28/01/2014 - 11:43:21 - [0,001] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc =>PUP.SpeedMaxPc ~ 55 Dossiers CLSID vides (CLSID Empty Folders) ~ Program Folder: 335 Legitimates Filtered in 00mn 06s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{6a14f727-70e0-11df-b5cd-001bfcfe3b34}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) O51 - MPSK:{afe1c1c5-0f43-11e0-a474-001bfcfe3b34}\AutoRun\command - Clé orpheline ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 ~ MWPS: 15 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.DCDAAB8697A47894A554050CE18D0B56] - 18/10/2006 - 06:44:48 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [7680] O58 - SDL:[MD5.310C1844D7B7144288196DCF19FF578C] - 19/10/2006 - 03:11:12 ---A- . (...) -- C:\Windows\System32\Drivers\AsInsHelp32.sys [10304] O58 - SDL:[MD5.51E2A3E5CE3F7D63845E06832E627F2D] - 19/10/2006 - 03:11:30 ---A- . (...) -- C:\Windows\System32\Drivers\AsInsHelp64.sys [12096] O58 - SDL:[MD5.663F2FB92608073824EE3106886120F3] - 18/10/2006 - 20:12:16 R--A- . (...) -- C:\Windows\System32\Drivers\AsIO.sys [12664] O58 - SDL:[MD5.C2A6683C9FF46AA70E2C2092B008EDC7] - 11/10/2006 - 04:33:58 ---A- . (...) -- C:\Windows\System32\Drivers\ASUSHWIO.SYS [10288] O58 - SDL:[MD5.662ECAEC0FAE2C2069B75EF8A762BE87] - 08/08/2013 - 18:34:12 ---A- . (.Avira GmbH - Packet filtering kernel driver ( NDIS IM ).) -- C:\Windows\System32\Drivers\avfwim.sys [92448] O58 - SDL:[MD5.E4DC0228AB7492086B96FCC8298CF3B6] - 08/08/2013 - 18:34:12 ---A- . (.Avira GmbH - TDI filtering kernel driver.) -- C:\Windows\System32\Drivers\avfwot.sys [113024] O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [316520] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944] O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 08/08/2013 - 18:34:13 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520] O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 13:48:56 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [7168] O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [235112] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672] ~ Drivers: 15 Legitimates Filtered in 00mn 04s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] 263EB1DA9C6A45DB82841E2D6A8C8007 - (Yahoo! Search) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKCU] 917275CB17CB4FAB99963AC0E747610A - (Amazon) - http://www.amazon.frch O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch O69 - SBI: SearchScopes [HKCU] {361EC19A-B1D5-48D7-A46C-3E5F64D65FD8} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA7406} - (Web Search) - http://www.searchqu.com =>PUP.Datamngr O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch O69 - SBI: SearchScopes [HKCU] {A531D99C-5A22-449b-83DA-872725C6D0ED} - (Recherche alOt) - http://search.alot.com O69 - SBI: SearchScopes [HKCU] {EF5833B6-08B1-49E4-91EE-DF722F79EF77} - (Live Search) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {F3D844A1-3EA4-46AE-BAD4-DF59A7DB0C73} - (Ask Search) - http://avira.search.ask.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.607C0C229A5AED4A019D8736E1261E3B] [SPRF][21/11/2011] (...) -- C:\Users\corinne\AppData\Local\d3d9caps.dat [1356] [MD5.A15CB6D9953E3A7766156B92012537F0] [SPRF][26/01/2014] (...) -- C:\Users\corinne\AppData\Local\Temp\defaultCache.reg [81586] [MD5.8F13E62A5E662B44E0C5E74265DBDFCF] [SPRF][23/05/2009] (.SilentNight Network and Security Tool - Standalone CD/DVD Burner.) -- C:\Users\corinne\Desktop\copier cd dvd.exe [1503744] ~ Files: 4 Legitimates Filtered in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "TCP Query User{AA94EC3F-F430-4B76-ABA2-F7568CE67187}C:\program files\fluendo\moovida\moovida.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\fluendo\moovida\moovida.exe (.not file.) =>Adware.SPointer O87 - FAEL: "UDP Query User{215084E8-1FBD-40BD-B82A-855839151943}C:\program files\fluendo\moovida\moovida.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\fluendo\moovida\moovida.exe (.not file.) =>Adware.SPointer O87 - FAEL: "{74ABB953-4F7A-47C7-B51F-39CD376C4C54}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\LimeWire\LimeWire.exe (.not file.) O87 - FAEL: "{24C6491D-06A3-44A6-9DFA-0E7F6FF1DDFE}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\LimeWire\LimeWire.exe (.not file.) O87 - FAEL: "{98F68253-D4DA-423B-B194-F1EFC9CE26A7}" | In - Public - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\dtUser.exe =>Adware.Bandoo O87 - FAEL: "{CA9E88CF-A2D4-4C23-BCBD-D0196119DD22}" | In - Public - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\dtUser.exe =>Adware.Bandoo ~ Firewall: 196 Legitimates Filtered in 00mn 05s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "02639FE151B44BD40BAE88E9F2810718" . (.FreeCompressor.) -- C:\Windows\Installer\{1EF93620-4B15-4DB4-B0EA-889E2F187081}\ARPPRODUCTICON.exe O90 - PUC: "25946514D2147365007A7A857BC0A000" . (.Avira SearchFree Toolbar.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0A00}\ToolbarIcon.exe =>Toolbar.Avira O90 - PUC: "9888910D6677B424BA181FF6E8DDEF4F" . (.Facemoods.) -- C:\Windows\Installer\{D0198889-7766-424B-AB81-F16F8EDDFEF4}\ARPPRODUCTICON.exe =>Adware.Facemoods O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Program Files\Ask.com\favicon.ico =>Toolbar.Ask O90 - PUC: "E0710AC8E9E65A34EAF1588A82028B74" . (.FreeCompressor.) -- C:\Windows\Installer\{8CA0170E-6E9E-43A5-AE1F-85A82820B847}\ARPPRODUCTICON.exe O90 - PUC: "FA20CB7A821113A4CB8FA1E38E303D3B" . (.SweetIM Toolbar for Internet Explorer 4.2.) -- C:\Windows\Installer\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}\ARPPRODUCTICON.exe =>PUP.SweetIM ~ Update Products: 104 Legitimates Filtered in 00mn 00s ---\\ Export de clés de registre aléatoires (O91) [HKCU\Software\5f53d6d8e66dbe15\2.6.1673.238\upd]:="upd=1" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15\2.6.1694.246\upd]:="upd=1" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:dllName="BrowserDefender.dll" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:exeName="BrowserDefender.exe" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:folderName="BrowserDefender" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:serviceName="BrowserDefendert" =>PUA.BrowserDefendert [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:version="2.6.1519.190" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:exeName="BitGuard.exe" =>PUP.BitGuard [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:folderName="BitGuard" =>PUP.BitGuard [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:serviceName="BitGuard" =>PUP.BitGuard [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:version="2.6.1673.238" =>Hijacker.Eazel [HKCU\Software\5f53d6d8e66dbe15]:version="2.6.1694.246" =>Hijacker.Eazel [HKLM\Software\5f53d6d8e66dbe15]:version="2.6.1694.246" =>Hijacker.Eazel ~ Export Key Software: Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.E6C81BAC8BDBCA158FFA224A40EA3F7F] [WIS][13/08/2013] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\17de69.msi [1462272] =>PUP.Dealio [MD5.AE5C5BD1ABC76C73F5C8BF6965281B65] [WIS][24/07/2010] (.Secure Digital Services - FreeCompressor.) -- C:\Windows\Installer\1adbf1.msi [3413504] =>Adware.SPointer [MD5.E2848C16D95A1E060C0D018FAE9EF598] [WIS][04/07/2010] (.Secure Digital Services - FreeCompressor.) -- C:\Windows\Installer\25cb2.msi [2588672] =>Adware.SPointer [MD5.16AA6129639915714A7F56296606E751] [WIS][22/12/2013] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\30a7f.msi [809472] =>Toolbar.Avira [MD5.94C044E15F74CC06760F25D33307A252] [WIS][28/10/2011] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.6.) -- C:\Windows\Installer\410025.msi [1947136] =>PUP.SweetIM [MD5.3BD9B3A689C9505B844B07F52B19A9C1] [WIS][28/10/2011] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\41002b.msi [1837056] =>PUP.SweetIM [MD5.07C1BBF5E73DA7FEAC2BB897DD2A8110] [WIS][15/08/2010] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.1.) -- C:\Windows\Installer\ba5a6.msi [1377792] =>PUP.SweetIM [MD5.96C7D828E5DF1AB3F016B2611DFB9E81] [WIS][15/08/2010] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 3.9.) -- C:\Windows\Installer\ba5ac.msi [1146880] =>PUP.SweetIM [MD5.8AAE00C6020D344416D50DFC4D893573] [WIS][27/02/2011] (.Secure Digital Services - Facemoods.) -- C:\Windows\Installer\dd63b9.msi [1837568] =>Adware.Facemoods ~ WIS: 110 Legitimates Filtered in 00mn 12s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 06/03/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 06/03/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 14/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 12/12/2008 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe SS - | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files\WinPcap\rpcapd.exe SS - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 13/01/2014 1012280 | (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe SR - | Auto 13/01/2014 896056 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe SR - | Auto 13/01/2014 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 27/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 13/01/2014 1011768 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe SR - | Auto 20/12/2013 166352 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask SR - | Auto 16/04/2010 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 11/12/2011 122000 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc.exe SR - | Auto 23/10/2013 22208 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe SR - | Auto 02/12/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe SR - | Auto 30/09/2008 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe SR - | Auto 12/11/2009 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe SR - | Auto 18/01/2013 639776 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe SR - | Auto 14/07/2009 185632 | (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files\Ralink\Common\RaRegistry.exe SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 10/11/2013 1734680 | (vToolbarUpdater17.1.2) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe =>Toolbar.AVGSearch SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 15s ---\\ Scan Additionnel (O88) Database Version : 13030 - (25/01/2014) Clés trouvées (Keys found) : 408 Valeurs trouvées (Values found) : 5 Dossiers trouvés (Folders found) : 67 Fichiers trouvés (Files found) : 34 [HKLM\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh] =>Toolbar.Avira^ [HKLM\Software\Google\Chrome\Extensions\bdcfkjjffkboloijgealjeijakofmalg] =>Adware.SPointer^ [HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^ [HKLM\Software\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl] =>PUP.FCTPlugin^ [HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E483A649-EFC1-4CEB-BFF6-8BE71582056D}] =>Toolbar.Conduit^ [HKLM\SYSTEM\CurrentControlSet\Services\APNMCP] =>Toolbar.Ask^ [HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.1.2] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1] =>Adware.PredictAd^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BitGuard^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0198889-7766-424B-AB81-F16F8EDDFEF4}] =>Adware.Facemoods^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\facetheme] =>PUP.FCTPlugin^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FE60B87C-63A2-4A45-AC06-FFEFD5DB7846}_is1] =>PUP.PCRx^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D894938C-8EE1-4854-9254-8F9AEF2BFE46}] =>PUP.SpeedMaxPc^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar] =>PUP.Datamngr^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IECT3297966] =>Toolbar.Conduit^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoJet_is1] =>PUP.Eorezo^ [HKLM\Software\Classes\Interface\{2bef239c-752e-4001-8048-f256e0d8cd93}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{49c00a51-6e59-41fe-b3fa-2d2157fad67b}] =>Adware.RecordNRip [HKLM\Software\Classes\CLSID\{5eb0259d-ab79-4ae6-a6e6-24ffe21c3da4}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{6dff5dba-ae3a-46db-b301-ecffc6db2982}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{de34cd67-f1c8-4001-9a23-b8a68f63f377}] =>Adware.RecordNRip [HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar [HKLM\Software\Classes\TypeLib\{01bcb858-2f62-4f06-a8f4-48f927c15333}] =>Adware.PredictAd [HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}] =>PUP.BearShare [HKLM\Software\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}] =>Adware.Bandoo [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd [HKLM\Software\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd [HKLM\Software\Classes\TypeLib\{11109EB1-7D52-4512-88AD-9D837AEED46F}] =>PUP.Kiwee [HKLM\Software\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{20FE21D0-8895-4F5F-A5D2-709170290006}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{20FE21D0-8895-4F5F-A5D2-709170290006}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent [HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade [HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}] =>PUP.iMesh [HKLM\Software\Classes\AppID\{442f13bc-2031-42d5-9520-437f65271153}] =>Adware.PredictAd [HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}] =>PUP.BearShare [HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}] =>PUP.BearShare [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}] =>PUP.Dealio [HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}] =>PUP.Kiwee [HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{6ad30cb8-7064-4664-8039-d9bb95cba878}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6ad30cb8-7064-4664-8039-d9bb95cba878}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}] =>PUP.iMesh [HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{7713A018-8482-48FA-8BD3-46A9D319693F}] =>PUP.Kiwee [HKLM\Software\Classes\Interface\{7894081D-0CF3-4663-B371-79DB59C32FC3}] =>PUP.Kiwee [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}] =>PUP.iMesh [HKLM\Software\Classes\CLSID\{85fe1096-281b-4cb9-82b6-d8eba5830035}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85fe1096-281b-4cb9-82b6-d8eba5830035}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo [HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}] =>PUP.Dealio [HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask [HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{9D2F73EA-AA92-4C9C-9FA5-666B725E8E75}] =>PUP.Kiwee [HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits [HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>PUP.Babylon [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}] =>Adware.CometSystems [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A531D99C-5A22-449b-83DA-872725C6D0ED}] =>Adware.CometSystems [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}] =>PUP.SweetIM [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a83c3565-302c-4bf8-b000-6b6f1811d892}] =>Adware.SPointer [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a83c3565-302c-4bf8-b000-6b6f1811d892}] =>Adware.SPointer [HKLM\Software\Classes\CLSID\{a83c3565-302c-4bf8-b000-6b6f1811d892}] =>Adware.SPointer [HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{b0d071a1-36b3-4757-a126-14c89c56013a}] =>PUP.Eorezo [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b13e6377-ec0a-4c07-ac89-dcd48b57203d}] =>Toolbar.Agent [HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}] =>PUP.Eorezo [HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{bb76a90b-2b4c-4378-8506-9a2b6e16943c}] =>Adware.Bandoo [HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{C382B99A-E317-4842-8448-70ADDAC750CA}] =>PUP.Kiwee [HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}] =>Adware.Bandoo [HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}] =>Parasite.Pugi [HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}] =>PUP.BearShare [HKLM\Software\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}] =>Toolbar.InBox [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}] =>Toolbar.InBox [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira [HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira [HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}] =>Adware.SocialSkinz [HKLM\Software\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] =>Toolbar.InBox [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] =>Toolbar.InBox [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] =>Toolbar.InBox [HKLM\Software\Classes\TypeLib\{DD68F52E-1436-4C5C-8191-A1FA6AE566D4}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar [HKLM\Software\Classes\Interface\{E6E1D9F5-DC91-458F-89B8-FACFBD132A91}] =>PUP.Kiwee [HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{E9E9C4BC-BD4D-4486-9092-C43FDF8F911B}] =>PUP.Kiwee [HKLM\Software\Classes\Interface\{E9E9C4BC-BD4D-4486-9092-C43FDF8F911B}] =>PUP.Kiwee [HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz [HKLM\Software\Classes\TypeLib\{ED846B6D-C294-4DFF-9AF6-44BDA49C0ED1}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM [HKLM\Software\Classes\CLSID\{f011f437-ee07-463c-8217-97c0522117ab}] =>PUP.Kiwee [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>PUP.Babylon [HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}] =>PUP.iMesh [HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}] =>PUP.iMesh [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fe063dbb-4ec0-403e-8dd8-394c54984b2c}] =>Toolbar.AskTBar [HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo [HKLM\Software\Classes\AppID\autocompletepro.dll] =>Adware.PredictAd [HKLM\Software\Classes\AppID\bandoocore.exe] =>Adware.Bandoo [HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask [HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\NCTAudioCompress3.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\NCTAudioFile3.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\NCTAudioFormatSettings3.DLL] =>PUP.BearShare [HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch [HKLM\Software\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk] =>Adware.PredictAd [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\autocompletepro3_is1] =>Adware.PredictAd [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search] =>Toolbar.AVGSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods] =>Adware.Facemoods [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1] =>PUP.Eorezo [HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch [HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent [HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent [HKLM\Software\Classes\escort.escrtBtn.1] =>PUP.Babylon [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.Ask [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.Ask [HKLM\Software\Classes\imside1egate.application.1] =>Adware.BHO [HKLM\Software\Classes\S] =>Toolbar.Agent [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch [HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo [HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo [HKLM\Software\Classes\sim-packages] =>Toolbar.Agent [HKLM\Software\Classes\suggestmeyes.suggestmeyesbho] =>Adware.PredictAd [HKLM\Software\Classes\suggestmeyes.suggestmeyesbho.1] =>Adware.PredictAd [HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent [HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent [HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch [HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask [HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask [HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch [HKCU\Software\APN] =>Toolbar.Ask [HKLM\Software\APN] =>Toolbar.Ask [HKCU\Software\Ask.com] =>Toolbar.AskBar [HKCU\Software\AskSearchAsst] =>Toolbar.AskBarDis [HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar [HKLM\Software\AskToolbar] =>Toolbar.AskTBar [HKCU\Software\AutocompletePro] =>Adware.PredictAd [HKCU\Software\AutocompleteProBHO] =>Adware.PredictAd [HKLM\Software\Bandoo] =>Adware.Bandoo [HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\DataMngr] =>Adware.Bandoo [HKCU\Software\eorezo] =>PUP.Eorezo [HKLM\Software\eorezo] =>PUP.Eorezo [HKCU\Software\FissaSearch] =>PUP.OfferBox [HKCU\Software\freeCompressor] =>Adware.SPointer [HKLM\Software\freeCompressor] =>Adware.SPointer [HKCU\Software\ilivid] =>Adware.Bandoo [HKCU\Software\Inbox Toolbar] =>Adware.WebAdSystem [HKLM\Software\Inbox Toolbar] =>Adware.WebAdSystem [HKCU\Software\ItsLabel] =>PUP.ItsLabel [HKCU\Software\OfferBox] =>PUP.OfferBox [HKCU\Software\Search Settings] =>PUP.Dealio [HKLM\Software\Search Settings] =>PUP.Dealio [HKLM\Software\SearchquMediabarTb] =>Adware.Bandoo [HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc [HKCU\Software\Spointer] =>Adware.SPointer [HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit [HKCU\Software\WideStream] =>Adware.SPointer [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\softwareupdate_is1] =>PUP.Eorezo [HKLM\Software\Classes\Prod.cap] =>PUP.Babylon [HKLM\Software\Classes\Installer\Features\02639FE151B44BD40BAE88E9F2810718] =>Adware.SPointer [HKLM\Software\Classes\Installer\Products\02639FE151B44BD40BAE88E9F2810718] =>Adware.SPointer [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02639FE151B44BD40BAE88E9F2810718] =>Adware.SPointer [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1EF93620-4B15-4DB4-B0EA-889E2F187081}] =>Adware.SPointer [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1B812BD0725DF36459D5BA985C9193C4] =>PUP.Kiwee [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2514EB7147619DA498D025C07B3421DD] =>PUP.Kiwee [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73962F57F2FA32C43A431C9C05459330] =>PUP.OfferBox [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B63FC54A3B9D36449AD536B3C29D2A97] =>PUP.OfferBox [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C512D8DDA7F6553429ACE05EC3197DAB] =>PUP.OfferBox [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\eoJet_is1] =>PUP.Eorezo [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8] =>PUP.SweetIM [HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM [HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM [HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM [HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM [HKLM\Software\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}] =>Toolbar.InBox [HKLM\Software\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}] =>Toolbar.InBox [HKLM\Software\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}] =>Toolbar.InBox [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}] =>Toolbar.InBox [HKLM\Software\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}] =>Toolbar.InBox [HKLM\Software\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}] =>Toolbar.InBox [HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox] =>Toolbar.InBox [HKLM\Software\Classes\Installer\Features\E0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer [HKLM\Software\Classes\Installer\Products\E0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8CA0170E-6E9E-43A5-AE1F-85A82820B847}] =>Adware.SPointer [HKLM\Software\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar] =>Toolbar.DeltaSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF] =>PUP.Dealio [HKLM\Software\Classes\AlxSSB.AlxTBSSB] =>Toolbar.Alexa [HKLM\Software\Classes\AlxSSB.AlxTBSSB.1] =>Toolbar.Alexa [HKLM\Software\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}] =>Toolbar.Alexa [HKLM\Software\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}] =>Toolbar.Alexa [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}] =>Toolbar.Alexa [HKLM\Software\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}] =>Toolbar.Alexa [HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder [HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask [HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1CD4D45E-4851-496D-840F-2C2E752ECFB7}] =>PUP.SweetIM [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites [HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme] =>PUP.FCTPlugin [HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] =>Toolbar.AVGSearch [HKLM\Software\Classes\SpeedUpMyPC] =>Rogue.SpeedUpMyPC [HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector [HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector [HKLM\Software\Classes\BandooCore.BandooCore] =>Adware.Bandoo [HKLM\Software\Classes\BandooCore.BandooCore.1] =>Adware.Bandoo [HKLM\Software\Classes\BandooCore.ResourcesMngr] =>Adware.Bandoo [HKLM\Software\Classes\BandooCore.ResourcesMngr.1] =>Adware.Bandoo [HKLM\Software\Classes\BandooCore.SettingsMngr] =>Adware.Bandoo [HKLM\Software\Classes\BandooCore.SettingsMngr.1] =>Adware.Bandoo [HKLM\Software\Classes\BandooCore.StatisticMngr] =>Adware.Bandoo [HKLM\Software\Classes\BandooCore.StatisticMngr.1] =>Adware.Bandoo [HKLM\Software\Classes\EoRezoBHO.EoBho] =>PUP.Eorezo [HKLM\Software\Classes\EoRezoBHO.EoBho.1] =>PUP.Eorezo [HKLM\Software\Classes\Freecompressor.Spointer] =>Adware.SPointer [HKLM\Software\Classes\Freecompressor.Spointer.1] =>Adware.SPointer [HKLM\Software\Classes\Freecompressor.SpointerCtrl] =>Adware.SPointer [HKLM\Software\Classes\Freecompressor.SpointerCtrl.1] =>Adware.SPointer [HKLM\Software\Classes\Freecompressor.SpointerWebDisp] =>Adware.SPointer [HKLM\Software\Classes\Freecompressor.SpointerWebDisp.1] =>Adware.SPointer [HKLM\Software\Classes\TBSB07458.IEToolbar] =>Toolbar.Agent [HKLM\Software\Classes\TBSB07458.IEToolbar.1] =>Toolbar.Agent [HKLM\Software\Classes\TBSB07458.TBSB07458] =>Toolbar.Agent [HKLM\Software\Classes\TBSB07458.TBSB07458.3] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.TBSB07458] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.TBSB07458.1] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar.CT2124320] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar.CT2269050] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar.CT2542115] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar.CT2567681] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar.CT3297966] =>Toolbar.Conduit [HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent [HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Searchqu 406 MediaBar] =>Adware.Bandoo [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\TBSB07458.TBSB07458Toolbar] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07458.TBSB07458Toolbar] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{99079a25-328f-4bd4-be04-00955acaa0a7} =>PUP.Datamngr^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:eorezo =>PUP.Eorezo^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^ [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira [HKLM\Software\Mozilla\Firefox\Extensions]:freecompressor@spointer.com =>Adware.SPointer C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh =>Toolbar.Avira^ C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdcfkjjffkboloijgealjeijakofmalg =>Adware.SPointer^ C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^ C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kincjchfokkeneeofpeefomkikfkiedl =>PUP.FCTPlugin^ C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch^ C:\Program Files\Allin1Convert_8hEI =>Adware.Allin1Convert^ C:\Program Files\AutocompletePro =>Adware.PredictAd^ C:\Program Files\EoRezo =>PUP.Eorezo^ C:\Program Files\Fluendo =>Adware.SPointer^ C:\Program Files\ItsLabel =>PUP.ItsLabel^ C:\Program Files\Widestream6 =>Adware.SPointer^ C:\Program Files\Windows iLivid Toolbar =>Adware.Bandoo^ C:\Program Files\WiseConvert_1.5_B2 =>Toolbar.Conduit^ C:\Program Files\Common Files\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Program Files\Common Files\Spigot =>PUP.Dealio^ C:\ProgramData\Babylon =>PUP.Babylon^ C:\ProgramData\BitGuard =>PUP.BitGuard^ C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^ C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Users\corinne\AppData\Roaming\Advanced System Protector =>PUP.AdvancedSystemProtector^ C:\Users\corinne\AppData\Roaming\BabSolution =>Hijacker.BabSolution^ C:\Users\corinne\AppData\Roaming\Babylon =>PUP.Babylon^ C:\Users\corinne\AppData\Roaming\EoRezo =>PUP.Eorezo^ C:\Users\corinne\AppData\Roaming\File Scout =>PUP.FileScout^ C:\Users\corinne\AppData\Roaming\FissaSearch =>PUP.OfferBox^ C:\Users\corinne\AppData\Roaming\ItsLabel =>PUP.ItsLabel^ C:\Users\corinne\AppData\Roaming\OfferBox =>PUP.OfferBox^ C:\Users\corinne\AppData\Roaming\OpenCandy =>Adware.OpenCandy^ C:\Users\corinne\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis^ C:\Users\corinne\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Users\corinne\AppData\Roaming\widestream =>Adware.SPointer^ C:\Users\corinne\AppData\Local\Babylon =>PUP.Babylon^ C:\Users\corinne\AppData\Local\eojet =>PUP.Eorezo^ C:\Users\corinne\AppData\Local\iLivid =>Adware.Bandoo^ C:\Users\corinne\AppData\Local\Ilivid Player =>Adware.Bandoo^ C:\Users\corinne\AppData\Local\widestream6 Air =>Adware.SPointer^ C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard^ C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc =>PUP.SpeedMaxPc^ C:\Program Files\Application Updater =>PUP.Dealio C:\Program Files\Ask.com =>Toolbar.AskBar C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch C:\Program Files\Conduit =>Toolbar.Conduit C:\Program Files\FreeCompressor =>Adware.SPointer C:\Program Files\Inbox Toolbar =>Toolbar.Agent C:\Program Files\object =>PUP.FCTPlugin C:\Program Files\AskPartnerNetwork =>Toolbar.Ask C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch C:\ProgramData\Conduit =>Toolbar.Conduit C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCompressor =>Adware.SPointer C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar =>Toolbar.Agent C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ItsLabel =>PUP.ItsLabel C:\Users\corinne\AppData\Roaming\FreeCompressor =>Adware.SPointer C:\Users\corinne\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch C:\Users\corinne\AppData\Local\Conduit =>Toolbar.Conduit C:\Users\corinne\AppData\Local\moovida air =>Adware.SPointer C:\Users\corinne\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar C:\Users\corinne\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch C:\Users\corinne\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\corinne\AppData\LocalLow\facemoods.com =>Adware.Facemoods C:\Users\corinne\AppData\LocalLow\Inbox Toolbar =>Toolbar.Agent C:\Users\corinne\AppData\LocalLow\Search Settings =>PUP.Dealio C:\Users\corinne\AppData\LocalLow\searchquband =>Adware.Bandoo C:\Users\corinne\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo C:\Users\corinne\AppData\LocalLow\SweetIM =>PUP.SweetIM C:\Users\corinne\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe =>PUP.Datamngr^ C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^ C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask^ C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask^ C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe =>Toolbar.AVGSearch^ C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe =>Toolbar.AVGSearch^ C:\Windows\Tasks\SpeedMaxPc Registration3.job =>PUP.SpeedMaxPc^ C:\Windows\Tasks\SpeedMaxPc Update3.job =>PUP.SpeedMaxPc^ C:\Windows\Tasks\SpeedMaxPc.job =>Hijacker.iHaveNet^ C:\Users\corinne\AppData\Roaming\BabSolution\Shared\BabMaint.exe =>Hijacker.BabSolution^ C:\Program Files\Ask.com\UpdateTask.exe =>Toolbar.Ask^ C:\Users\corinne\SpeedMaxPc\SpeedMaxPc.exe =>PUP.SpeedMaxPc^ C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe =>PUP.SpeedMaxPc^ [HKCU\Software\BabSolution] =>Hijacker.BabSolution^ [HKCU\Software\Conduit] =>Toolbar.Conduit^ [HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^ [HKCU\Software\EoRezo] =>PUP.Eorezo^ [HKCU\Software\FileScout] =>PUP.FileScout^ [HKCU\Software\eojet] =>PUP.Eorezo^ [HKLM\Software\Allin1Convert_8hEI] =>Adware.Allin1Convert^ [HKLM\Software\Conduit] =>Toolbar.Conduit^ [HKLM\Software\EoRezo] =>PUP.Eorezo^ [HKLM\Software\WiseConvert_1.5_B2] =>Toolbar.Conduit^ [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:dllName="BrowserDefender.dll" =>Hijacker.Eazel^ [HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard^ C:\Windows\Installer\17de69.msi =>PUP.Dealio^ C:\Windows\Installer\1adbf1.msi =>Adware.SPointer^ C:\Windows\Installer\25cb2.msi =>Adware.SPointer^ C:\Windows\Installer\30a7f.msi =>Toolbar.Avira^ C:\Windows\Installer\410025.msi =>PUP.SweetIM^ C:\Windows\Installer\41002b.msi =>PUP.SweetIM^ C:\Windows\Installer\ba5a6.msi =>PUP.SweetIM^ C:\Windows\Installer\ba5ac.msi =>PUP.SweetIM^ C:\Windows\Installer\dd63b9.msi =>Adware.Facemoods^ ~ Additionnel Scan: 302311 Items scanned in 01mn 12s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/30049678-pup-fctplugin =>PUP.FCTPlugin ~ http://nicolascoolman.webs.com/apps/blog/show/30478407-adware-allin1convert =>Adware.Allin1Convert ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/28947219-pup-speedmaxpc =>PUP.SpeedMaxPc ~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo ~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio ~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution ~ http://nicolascoolman.webs.com/apps/blog/show/33336602-hijacker-ihavenet =>Hijacker.iHavenet ~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector ~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd ~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard ~ http://nicolascoolman.webs.com/apps/blog/show/26764465-adware-facemoods =>Adware.Facemoods ~ http://nicolascoolman.webs.com/apps/blog/show/33007053-pup-pcrx =>PUP.PCRx ~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM ~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel ~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout ~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox ~ http://nicolascoolman.webs.com/apps/blog/show/28143661-pup-itslabel =>PUP.ItsLabel ~ http://nicolascoolman.webs.com/apps/blog/show/27529295-adware-searchsettings =>Adware.SearchSettings ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon ~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain ~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy ~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis ~ http://nicolascoolman.webs.com/apps/blog/show/35127313-pua-browserdefendert =>PUA.BrowserDefendert ~ http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip ~ http://nicolascoolman.webs.com/apps/blog/show/26705717-pup-bearshare =>PUP.BearShare ~ http://nicolascoolman.webs.com/apps/blog/show/28863080-toolbar-kiwee =>PUP.Kiwee ~ http://nicolascoolman.webs.com/apps/blog/show/28766471-adware-iwinarcade =>Adware.iWinArcade ~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz ~ http://nicolascoolman.webs.com/apps/blog/show/28441146-pup-imesh =>PUP.iMesh ~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits ~ http://nicolascoolman.webs.com/apps/blog/show/26664342-adware-comet =>Adware.Comet ~ http://nicolascoolman.webs.com/apps/blog/show/26632288-parasite-pugi =>Parasite.Pugi ~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar ~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch ~ http://nicolascoolman.webs.com/apps/blog/show/27531758-adware-webadsystem =>Adware.WebAdSystem ~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites ~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector ~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC ~ MSI: 44 link(s) detected in 01mn 14s ~ 1550 Legitimates filtered by white list End of the scan (1270 lines in 04mn 38s)(0)