~ Rapport de ZHPDiag v2015.5.5.46 - Nicolas Coolman  (05/05/2015)
~ Lancé par Kassou (06/05/2015 12:24:43)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 12.0
GCIE: Google Chrome v23.0.1271.91 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 1 (Build 6002)

---\\ Logiciels de protection du système
Microsoft Security Client FR-FR Language Pack v2.1.1116.0
McAfee Security Scan

---\\ Logiciels d'optimisation du système
Uniblue RegistryBooster 2009 v3.0  =>PUP.UniblueSystem

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.2 Security Update 1

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 2939 MB (76% free)
System Restore: Activé (Enable)
System drive C: has 19 GB (16%) free of 116 GB

---\\ Mode de connexion au système
~ Computer Name: TRÉSOR
~ User Name: Kassou
~ All Users Names: Kassou, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Kassou\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Kassou\AppData\Roaming\
~ %Desktop% : C:\Users\Kassou\Desktop\
~ %Favorites% : C:\Users\Kassou\Favorites\
~ %LocalAppData% : C:\Users\Kassou\AppData\Local\
~ %StartMenu% : C:\Users\Kassou\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 19 Go of 116 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 63 Go of 115 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified  =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 47 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/05/2011 - 23:59:30.) -- C:\Windows\System32\wininet.dll [1126912]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 13:49:35.) -- C:\Windows\system32\Drivers\MRxSmb.sys [105984]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/04/2009 - 07:32:55.) -- C:\Windows\system32\Drivers\volsnap.sys [226280]
~ Generic Processes:  Scanned in 00mn 05s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/316
~ Mes musiques (My Musics) : 1/75
~ Mes Videos (My Videos) : 1/13
~ Mes Favoris (My Favorites) : 1/5
~ Mes Documents (My Documents) : 1/3828
~ Mon Bureau (My Desktop) : 1/84
~ Menu demarrer (Programs) : 1/32
~ Hidden Files:  Scanned in 01mn 24s



---\\ Processus lancés
[MD5.3708CCEE4878EB0B9E7B92355A631853] - (.Microsoft Corporation - Aide et support Microsoft®.) -- C:\Windows\helppane.exe   [498176] [PID.224]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   [748336] [PID.880]
[MD5.A299EA000386A57EBAA2699A95FB91E0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [8207360] [PID.1268]
[MD5.C1F19D2BACBEE9AB64D9AE69E9859AC0] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe   [20456] [PID.848]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe   [61440] [PID.0]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Kassou\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] http://home.sweetim.com  =>PUP.SweetIM
G1 - GCS: Preference [User Data\Default] http://search.sweetim.com  =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [agbbmachalkmbecmaamehkfbhaggpckk] Webplayer Toolbar v.1.8 (Activé)
G2 - GCE: Preference [User Data\Default] [gaiilaahiahdejapggenmdmafpmbipje] DealPly v.3.9.7.9 (Activé)  =>PUP.DealPly
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Activé)  =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Security Toolbar v.14.2.0.1 (Activé)  =>Toolbar.AVGSearch

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 23 Legitimates Filtered in 00mn 19s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\prefs.js
M3 - MFPP: Plugins - [Kassou] -- C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\searchplugins\fileconverter-15-customized-web-search.xml  =>Toolbar.Conduit
M3 - MFPP: Plugins - [Kassou] -- C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\searchplugins\mywebsearch.xml  =>Adware.MyWebSearch
M3 - MFPP: Plugins - [Kassou] -- C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Kassou] -- C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\searchplugins\sweetim.xml  =>PUP.SweetIM
M3 - MFPP: Plugins - [Kassou] -- C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\searchplugins\Web Search.xml  =>Parasite.Pugi
M3 - MFPP: Plugins - [Kassou] -- C:\Program Files\Mozilla FireFox\searchplugins\avg-secure-search.xml  =>Toolbar.AVGSearch
M3 - MFPP: Plugins - [Kassou] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Kassou] -- C:\Program Files\Mozilla FireFox\searchplugins\Web Search.xml  =>Parasite.Pugi
M0 - MFSP: prefs.js [Kassou - osich24v.default] http://isearch.avg.com
M2 - MFEP: prefs.js [Kassou - osich24v.default\{c850fe9c-684f-4875-9eb2-604eb1996d5c}] [] Webplayer Toolbar v1.8 (..)
M2 - MFEP: prefs.js [Kassou - osich24v.default\{cfcb809c-3a22-4616-a916-6c007bd9d920}] [] FileConverter 1.5  v10.13.1.89 (..)
M2 - MFEP: prefs.js [Kassou - osich24v.default\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}] [] DealPly v2.0 (..)  =>PUP.Dealply
M2 - MFEP: prefs.js [Kassou - osich24v.default\{EEE6C361-6118-11DC-9C72-001320C79847}] [] SweetPacks Toolbar for Firefox v1.7.0.3 (..)  =>PUP.SweetIM
M2 - MFEP: Extension [Kassou - osich24v.default] WTB_GLOBAL.sqlite
M2 - MFEP: Extension [Kassou - osich24v.default] {20a82645-c095-46ed-80e3-08825760534b}(548)
M2 - MFEP: Extension [Kassou - osich24v.default] {c850fe9c-684f-4875-9eb2-604eb1996d5c}
M2 - MFEP: Extension [Kassou - osich24v.default] {cfcb809c-3a22-4616-a916-6c007bd9d920}
M2 - MFEP: Extension [Kassou - osich24v.default] {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}  =>PUP.Dealply
M2 - MFEP: Extension [Kassou - osich24v.default] {EEE6C361-6118-11DC-9C72-001320C79847}
P2 - FPN:Firefox Plugin Navigator . (.MyWebSearch.com - My Web Search Plugin Stub for 32-bit Windows.) -- C:\Program Files\Mozilla Firefox\Plugins\NPMyWebS.dll  =>Adware.MyWebSearch
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml  =>Toolbar.AVGSearch
~ Firefox Browser: 48 Legitimates Filtered in 00mn 02s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com  =>PUP.SweetIM
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com  =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com  =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com  =>PUP.CertifiedToolbar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com  =>PUP.CertifiedToolbar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com  =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com  =>PUP.CertifiedToolbar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://newtab.certified-toolbar.com  =>PUP.CertifiedToolbar
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (20)
~ Hosts File:  Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} . (.MyWebSearch.com - MyWebSearch Search Assistant.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.dll  =>Adware.MyWebSearch
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} . (...) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (.not file.)
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} . (.MyWebSearch.com - My Web Search Bar.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.dll  =>Adware.MyWebSearch
O2 - BHO: Webplayer Toolbar - {4a1b5397-2a80-4f7d-af70-327d9e2103c6} . (.Simplytech Ltd. - Simplytech toolbar.) -- C:\Users\Kassou\AppData\Roaming\WebplayerToolbar\WebplayerToolbar.dll  =>PUP.SimplyTech
O2 - BHO: ST_France - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Softonic_France\prxtbSof2.dll  =>Toolbar.Conduit
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.Pas de propriétaire - toolbar.dll.) -- C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll  =>Toolbar.AVGSearch
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (...) -- C:\Program Files\Windows Live\Companion\companioncore.dll (.not file.)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll  =>PUP.SweetIM
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (...) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (.not file.)
~ BHO: 32 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: My Web Search - [HKLM]{07B18EA9-A523-4961-B6BB-170DE4475CCA} . (.MyWebSearch.com - My Web Search Bar.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.dll  =>Adware.MyWebSearch
O3 - Toolbar: Yahoo! Toolbar - [HKLM]{EF99BD32-C1FB-11D2-892F-0090271D4F88} . (...) -- C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ST_France Toolbar - [HKLM]{4daac69c-cba7-45e2-9bc8-1044483d3352} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Softonic_France\prxtbSof2.dll  =>Toolbar.Conduit
O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll  =>Toolbar.Bing
O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.Pas de propriétaire - toolbar.dll.) -- C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll  =>Toolbar.AVGSearch
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll  =>PUP.SweetIM
O3 - Toolbar: Webplayer Toolbar - [HKLM]{4a1b5397-2a80-4f7d-af70-327d9e2103c6} . (.Simplytech Ltd. - Simplytech toolbar.) -- C:\Users\Kassou\AppData\Roaming\WebplayerToolbar\WebplayerToolbar.dll  =>PUP.SimplyTech
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{4DAAC69C-CBA7-45E2-9BC8-1044483D3352} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{07B18EA9-A523-4961-B6BB-170DE4475CCA} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Kassou]: ParetoLogic FileCure.lnk . (...)  -- C:\Program Files\ParetoLogic\FileCure\FileCure.exe (.not file.)  =>PUP.Paretologic
O4 - GS\QuickLaunch [Kassou]: Uniblue RegistryBooster.lnk . (...)  -- C:\Program Files\Uniblue\RegistryBooster 2009\RegistryBooster.exe  =>PUP.UniblueSystem
~ Global Startup: 2 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe 
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe   =>.Oracle Corporation
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [Google EULA Launcher] . (...) -- c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe 
O4 - HKLM\..\Run: [Toshiba TEMPO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files\Toshiba TEMPRO\Toshiba.Tempo.UI.TrayApplication.exe   =>.Toshiba Corporation
O4 - HKLM\..\Run: [topi] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe   =>.Toshiba Corporation
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe   =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Skytel] . (.Realtek Semiconductor Corp. - Realtek Voice  Manager.) -- C:\Windows\Skytel.exe   =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe 
O4 - HKLM\..\Run: [SmoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe 
O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe 
O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba - Vista Registration.) -- C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe 
O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe 
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\Program Files\MYWEBS~1\bar\1.bin\M3PLUGIN.dll (.not file.)   =>Adware.MyWebSearch
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] . (.MyWebSearch.com - MyWebSearch SearchScope Monitor.) -- C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.exe   =>Adware.MyWebSearch
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.exe   =>Adware.MyWebSearch
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Co. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe   =>.Hewlett-Packard Co
O4 - HKLM\..\Run: [HPPQVideo] . (.Hewlett-Packard - ScheduledLaunch.) -- C:\Program Files\HP\ScheduledLaunch\HP LaserJet P2050 Series\bin\hppschlnch.exe 
O4 - HKLM\..\Run: [ToolBoxFX] . (.HP - HP ToolboxFX.) -- C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe 
O4 - HKLM\..\Run: [HPUsageTracking] . (...) -- C:\Program Files\HP\HP UT\bin\hppusg.exe 
O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe   =>.Microsoft Corporation
O4 - HKLM\..\Run: [Windows Mobile-based device management] . (.Microsoft Corporation - User session Windows Mobile device handler.) -- C:\Windows\WindowsMobile\wmdSync.exe 
O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe 
O4 - HKLM\..\Run: [Start_Icon225_IEWLauncher] . (...) -- C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\IEWLauncher.exe 
O4 - HKLM\..\Run: [Start_Update] . (.Pas de propriétaire - Orange Updater.) -- C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\UpdteApp.exe 
O4 - HKLM\..\Run: [Start_Statistics] . (...) -- C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\OrangeStats.exe 
O4 - HKLM\..\Run: [Start_SMSNotifier] . (.Pas de propriétaire - Notifier Orange.) -- C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\SmsNotifier.exe 
O4 - HKLM\..\Run: [Start_HSSModule] . (...) -- C:\Program Files\Orange\Orange Clé 3G+\{67B2F852-03B0-4abd-B7DE-9BF0EA317D2C}\HSSModule.exe 
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe 
O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe   =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.exe 
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe   =>PUP.SweetIM
O4 - HKLM\..\Run: [Sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe   =>PUP.SweetIM
O4 - HKLM\..\RunOnce: [My Web Search Installer] . (.MyWebSearch.com - My Web Search Bar Auto.) -- C:\Users\Kassou\AppData\LocalLow\MyWebSearch\bar\setups\My Web Search Installer.exe   =>Adware.MyWebSearch
O4 - HKLM\..\RunOnce: [BrowserBallot] . (.Microsoft Corporation - Choix de navigateur .) -- C:\Windows\System32\browserchoice.exe 
O4 - HKLM\..\RunOnce: [NoIE4StubProcessing] . (.Microsoft Corporation - Outil de Registre de la console.) -- C:\Windows\system32\reg.exe 
O4 - HKLM\..\RunOnce: [removeSearchqudatamngr] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>PUP.Datamngr
O4 - HKLM\..\RunOnce: [removeSearchqutoolbar] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>PUP.Datamngr
O4 - HKLM\..\RunOnce: [Del210808940] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>.Microsoft Corporation
O4 - HKLM\..\RunOnce: [Del283932817] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>.Microsoft Corporation
O4 - HKLM\..\RunOnce: [Del368956935] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>.Microsoft Corporation
O4 - HKLM\..\RunOnce: [Del455368587] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>.Microsoft Corporation
O4 - HKLM\..\RunOnce: [Del158343167] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>.Microsoft Corporation
O4 - HKLM\..\RunOnce: [Del67929933] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>.Microsoft Corporation
O4 - HKLM\..\RunOnce: [Del65372655] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>.Microsoft Corporation
O4 - HKLM\..\RunOnce: [Del20730926] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe   =>.Microsoft Corporation
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE 
O4 - HKCU\..\Run: [vaawa] C:\Users\Kassou\vaawa.exe (.not file.) 
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.) 
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) 
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.exe   =>Adware.MyWebSearch
O4 - HKCU\..\Run: [Bubble Dock] C:\Users\Kassou\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.)   =>PUP.BubbleDock
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe   =>.Microsoft Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [lollipop_05030249] . (...) -- c:\users\kassou\appdata\local\lollipop\lollipop_05030249.exe   =>Adware.Lollipop
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter 
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [TOSCDSPD] TOSCDSPD.EXE 
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [vaawa] C:\Users\Kassou\vaawa.exe (.not file.) 
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (.not file.) 
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) 
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.exe   =>Adware.MyWebSearch
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [Bubble Dock] C:\Users\Kassou\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.)   =>PUP.BubbleDock
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe   =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe   =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\Run: [lollipop_05030249] . (...) -- c:\users\kassou\appdata\local\lollipop\lollipop_05030249.exe   =>Adware.Lollipop
O4 - HKUS\S-1-5-21-994890449-2244576531-4216265433-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe 
~ Application:  Scanned in 00mn 03s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} -- C:\Program Files\Windows Live\Companion\companionres.dll (.not file.)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (.not file.)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PC Confidential - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} -- Clé orpheline
O9 - Extra button: eBay - Achetez, Vendez - {76577871-04EC-495E-A12B-91F7C3600AFA} -- c:\toshiba\Webshops\ebay.ico (.not file.)
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Amazon.fr - {8A918C1D-E123-4E36-B562-5C1519E434CE} -- c:\toshiba\Webshops\amazon.ico (.not file.)
O9 - Extra button: PC Confidential - {925DAB62-F9AC-4221-806A-057BFB1014AA} . (.Capital Intellect, Inc - Pas de description.) -- C:\Program Files\Winferno\PC Confidential\PCConfidential.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\MSMSGS.exe (.not file.)
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} ((no name)) - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab  =>Adware.MyWebSearch
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BA36CAAD-04F5-4A03-B1D5-16B01EDD2E5E}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{BA36CAAD-04F5-4A03-B1D5-16B01EDD2E5E}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS3\Services\Tcpip\..\{BA36CAAD-04F5-4A03-B1D5-16B01EDD2E5E}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: McAfee Application Installer Cleanup (0119741259546720) (0119741259546720mcinstcleanup) . (...) - C:\Windows\TEMP\011974~1.exe (.not file.)
O23 - Service: McAfee Services (mcmscsvc) . (...) - C:\Program Files\McAfee\MSC\mcmscsvc.exe (.not file.)
O23 - Service: McAfee Network Agent (McNASvc) . (...) - C:\Program Files\COMMON~1\mcafee\mna\mcnasvc.exe (.not file.)
O23 - Service: McAfee Proxy Service (McProxy) . (...) - C:\Program Files\COMMON~1\mcafee\mcproxy\mcproxy.exe (.not file.)
O23 - Service: McAfee Real-time Scanner (McShield) . (...) - C:\Program Files\McAfee\VIRUSS~1\mcshield.exe (.not file.)
O23 - Service: McAfee Personal Firewall Service (MpfService) . (...) - C:\Program Files\McAfee\MPF\MPFSrv.exe (.not file.)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) . (...) - C:\Program Files\McAfee\MSK\MskSrver.exe (.not file.)
O23 - Service: My Web Search Service (MyWebSearchService) . (.MyWebSearch.com - My Web Search Bar.) - C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.exe  =>Adware.MyWebSearch
O23 - Service:  (vToolbarUpdater14.2.0) . (.Pas de propriétaire - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe  =>Toolbar.AVGSearch
~ Services: 11 Legitimates Filtered in 00mn 04s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [1002]
O39 - APT:  - (..) -- C:\Windows\Tasks\FileCure Default.job   [366]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FileCure Default   [366]
O39 - APT:  - (..) -- C:\Windows\Tasks\FileCure Startup.job   [382]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\FileCure Startup   [382]
O39 - APT:  - (..) -- C:\Windows\Tasks\Final Media Player Update Checker.job   [388]  =>PUP.Mysoftpack
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Final Media Player Update Checker   [388]  =>PUP.Mysoftpack
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [1052]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [1056]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\Norton Security Scan for Kassou   [476]
O39 - APT:  - (..) -- C:\Windows\Tasks\ParetoLogic Registration3.job   [446]  =>PUP.Paretologic
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ParetoLogic Registration3   [446]  =>PUP.Paretologic
O39 - APT:  - (..) -- C:\Windows\Tasks\ParetoLogic Update Version3.job   [420]  =>PUP.Paretologic
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ParetoLogic Update Version3   [420]  =>PUP.Paretologic
O39 - APT:  - (..) -- C:\Windows\Tasks\PCConfidential.job   [416]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\PCConfidential   [416]
O39 - APT:  - (..) -- C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job   [342]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\ROC_JAN2013_TB_rmv   [342]
O39 - APT:  - (..) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{54F6A373-89A6-4DD0-A521-11788D43DD3D}   [434]
O39 - APT:  - (..) -- C:\Windows\Tasks\{05849190-B79D-4EB4-BA30-BC4D2E3098F8}.job   [362]
~ Scheduled Task: 13 Legitimates Filtered in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: McAfee Inc. mfehidk (mfehidk) . (. - .) - C:\Windows\System32\drivers\mfehidk.sys (.not file.)
O41 - Driver:  (MPFP) . (. - .) - C:\Windows\System32\Drivers\Mpfp.sys (.not file.)
~ Drivers: 63 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Lollipop - (.Lollipop Network, S.L..) [HKCU] -- lollipop_05030249  =>Adware.Lollipop
O42 - Logiciel: My Web Search (Cursor Mania) - (.My Web Search.) [HKLM] -- MyWebSearch bar Uninstall  =>Adware.MyWebSearch
O42 - Logiciel: PC Confidential 2008 - (.Winferno.com.) [HKLM] -- PCConfidential_is1
O42 - Logiciel: Protected Search 1.1 - (.Protected Search.) [HKLM] -- Protected Search_is1  =>Spyware.ProtectedSearch
O42 - Logiciel: Softonic_France Toolbar - (...) [HKLM] -- Softonic_France Toolbar  =>Toolbar.Conduit
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4}  =>PUP.SweetIM
O42 - Logiciel: SweetPacks bundle uninstaller - (.SweetIM Technologies Ltd..) [HKLM] -- {953AA732-9AFB-49C9-84A4-7F96CA0A08DA}  =>PUP.SweetIM
O42 - Logiciel: UNO© Freeware - (...) [HKLM] -- UNO© Freeware
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0}  =>PUP.SweetIM
O42 - Logiciel: Update for DealPly - (.Update for DealPly.) [HKCU] -- DealPly  =>PUP.DealPly
O42 - Logiciel: WebPlayerV2 - (.Kreapixel.) [HKLM] -- {F21ABA47-CE22-4B3D-8F47-8BF08C21C094}  =>Adware.SocialSkinz
O42 - Logiciel: iLivid - (.Bandoo Media Inc..) [HKLM] -- {8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}  =>Adware.Bandoo
~ Logic: 32 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\MyWebSearch]  =>Adware.MyWebSearch
[HKCU\Software\ParetoLogic]  =>PUP.Paretologic
[HKCU\Software\ProtectedSearch]  =>Spyware.ProtectedSearch
[HKCU\Software\Softonic]  =>Toolbar.Conduit
[HKCU\Software\SweetIM]  =>PUP.SweetIM
[HKCU\Software\lollipop]  =>Adware.Lollipop
[HKLM\Software\Bandoo]  =>Adware.Bandoo
[HKLM\Software\Conduit]  =>Toolbar.Conduit
[HKLM\Software\DealPly]  =>PUP.DealPly
[HKLM\Software\FocusInteractive]
[HKLM\Software\Freeze.com]  =>Adware.Freeze
[HKLM\Software\Fun Web Products]  =>Adware.MyWebSearch
[HKLM\Software\MyWebSearch]  =>Adware.MyWebSearch
[HKLM\Software\Paretologic]  =>PUP.Paretologic
[HKLM\Software\ShopperReports3]  =>Adware.ShopperReports
[HKLM\Software\Softonic_France]  =>Toolbar.Conduit
[HKLM\Software\Stratoware]
[HKLM\Software\SweetIM]  =>PUP.SweetIM
[HKLM\Software\ilivid]  =>Adware.Bandoo
~ Key Software: 359 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/05/2013 - 15:03:52 - [] ----D C:\Program Files\DealPly  =>PUP.DealPly
O43 - CFD: 01/12/2009 - 02:19:05 - [] ----D C:\Program Files\MyWebSearch  =>Adware.MyWebSearch
O43 - CFD: 26/11/2012 - 15:59:40 - [] ----D C:\Program Files\Protected Search  =>Spyware.ProtectedSearch
O43 - CFD: 14/08/2010 - 21:35:34 - [] ----D C:\Program Files\ShopperReports3  =>Adware.ShopperReports
O43 - CFD: 08/01/2013 - 21:15:38 - [] ----D C:\Program Files\Softonic_France  =>Toolbar.Conduit
O43 - CFD: 08/06/2010 - 00:19:45 - [] ----D C:\Program Files\Stratoware
O43 - CFD: 18/11/2012 - 15:02:23 - [] ----D C:\Program Files\SweetIM  =>PUP.SweetIM
O43 - CFD: 20/09/2010 - 18:31:52 - [] ----D C:\Program Files\Common Files\ParetoLogic  =>PUP.Paretologic
O43 - CFD: 18/11/2012 - 15:02:23 - [] ----D C:\ProgramData\SweetIM  =>PUP.SweetIM
O43 - CFD: 30/08/2012 - 16:21:09 - [] ----D C:\ProgramData\Trymedia  =>Adware.Trymedia
O43 - CFD: 18/11/2012 - 15:02:18 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly  =>PUP.DealPly
O43 - CFD: 08/08/2011 - 13:51:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid  =>Adware.Bandoo
O43 - CFD: 17/11/2010 - 14:08:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParetoLogic  =>PUP.Paretologic
O43 - CFD: 26/11/2012 - 15:59:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search  =>Spyware.ProtectedSearch
O43 - CFD: 14/08/2010 - 21:35:51 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports  =>Adware.ShopperReports
O43 - CFD: 30/08/2012 - 15:28:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skip98
O43 - CFD: 02/11/2006 - 14:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 15/03/2013 - 15:02:49 - [] ----D C:\Users\Kassou\AppData\Roaming\DealPly  =>PUP.DealPly
O43 - CFD: 22/03/2010 - 01:46:32 - [] ----D C:\Users\Kassou\AppData\Roaming\igraal  =>PUP.iGraal
O43 - CFD: 14/08/2010 - 21:35:34 - [0] ----D C:\Users\Kassou\AppData\Roaming\ShopperReports3  =>Adware.ShopperReports
O43 - CFD: 08/01/2013 - 21:15:17 - [] ----D C:\Users\Kassou\AppData\Local\Conduit
O43 - CFD: 08/08/2011 - 13:52:40 - [] ----D C:\Users\Kassou\AppData\Local\Ilivid Player  =>Adware.Bandoo
O43 - CFD: 05/05/2013 - 23:08:21 - [] ----D C:\Users\Kassou\AppData\Local\Lollipop  =>Adware.Lollipop
~ 257 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 591 Legitimates Filtered in 00mn 17s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.46B9B167930755CB8B4F49872CD5916F] - 06/05/2015 - 11:13:26 ---A- . (...) -- C:\Windows\ntbtlog.txt   [9337128]
~ Files: 3 Legitimates Filtered in 00mn 43s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{32168c8d-ef16-11e0-9fcd-001e3371bb4a}\AutoRun\command. (...) -- G:\autorun.exe (.not file.)
O51 - MPSK:{790cf74c-d9c9-11de-8591-001e3371bb4a}\AutoRun\command. (...) -- C:\Windows\system32\D:\jtpEr.exe (.not file.)
O51 - MPSK:{8a52670b-112f-11e1-90f9-001e3371bb4a}\AutoRun\command. (...) -- G:\Setup.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [342584]
O58 - SDL:02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys   [35944]
O58 - SDL:02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys   [35944]
O58 - SDL:23/04/2007 - 10:50:50 ---A- . (.Windows (R) Codename Longhorn DDK provider - Realtek Utility I/O Driver.) -- C:\Windows\System32\Drivers\RtlProt.sys   [25896]
O58 - SDL:25/10/2007 - 17:26:10 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys   [5632]
O58 - SDL:21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys   [238648]
O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys   [98408]
O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys   [115816]
O58 - SDL:02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:31/03/2009 - 09:39:36 ---A- . (...) -- C:\Windows\System32\FsUsbExDisk.Sys   [36608]
O58 - SDL:02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]
~ Drivers: 86 Legitimates Filtered in 01mn 36s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
O63 - Logiciel: ZHPFix 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 23/04/2007 - C:\Windows\System32\DRIVERS\rtlprot.sys (RtlProt)  .(.Windows (R) Codename Longhorn DDK provider - Realtek Utility I/O Driver.) - LEGACY_RTLPROT
~ Legacy: 125 Legitimates Filtered in 00mn 03s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 13 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("CT3241952.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3241952&SearchSource=2&q=");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("Smartbar.ConduitHomepagesList", "");  =>Hijacker.SmartBar
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("Smartbar.ConduitSearchEngineList", "FileConverter 1.5 Customized Web Search");  =>Hijacker.SmartBar
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3241952&SearchSource=2&q=");  =>Hijacker.SmartBar
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.cc", "FR");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.client_js_http_src", "");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.client_js_https_src", "");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.currLocale", "fr");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.date", "1361996174000");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.finished", "14.2.0.1");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardCount", 1);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardCountInit", 156);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardKUCount", 2);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardKUCountInit", 156);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardPopupCount", 8);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardPopupCountInit", -1);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardSPCount", 0);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardSPCountInit", 156);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardSPPopupCount", 3);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guardSPPopupCountInit", -1);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.guid", "{199e811f-637a-45cc-a180-069b387fdd37}");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1");  =>Toolbar.AVGSearch
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.istoolbarhp", true);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.istoolbarsearch", true);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.lastUpdaterReq", "1390324068000");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.laststatreq", "1390324068000");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.newtab", true);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.overlayVersion", "634961130452065000");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.rewardsDisabled", true);
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.userHPSettings", "");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("avg.install.userSPSettings", "Web Search");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("browser.search.defaultengine", "Web Search");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("browser.search.defaultenginename", "Web Search");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("browser.search.order.1", "Web Search");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("browser.search.selectedEngine", "Web Search");
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("extensions.mywebsearch.openSearchURL", "http://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=ZCxdm941YYMQ&ptb=[...]  =>Adware.MyWebSearch
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("extensions.mywebsearch.prevKwdEnabled", true);  =>Adware.MyWebSearch
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");  =>Adware.MyWebSearch
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.Visibility.enable", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.Visibility.intervaldays", "7");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.cargo", "3.02010003");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.0.enable", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.0.height", "335");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version[...]  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.0.width", "761");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.1.enable", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.1.height", "300");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.1.width", "500");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.2.enable", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.2.height", "150");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.2.url", "http://www.sweetim.com/simffbar/simcdadialog.asp");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dialogs.2.width", "530");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.[...]  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.mode.debug", "false");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.newtab.created", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.newtab.enable", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.previous.browser.newtab.url", "http://newtab.certified-toolbar.com/nff?si=38268&tid=77&new=true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "AVG Secure Search");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "AVG Secure Search");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://isearch.avg.com/?cid={25FF217A-E994-4645-98B5-0A4125897916}[...]  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.previous.keyword.URL", "");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.0.enable", "false");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.1.enable", "false");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.2.callback", "");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*[...]  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.2.enable", "false");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\[...]  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.search.history.capacity", "10");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.searchguard.enable", "false");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.simapp_id", "{039315F1-0A0F-4F57-A459-7CA2EA0B2252}");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?st=17&barid={039315F1-0A0F-4F57-A459-7CA2EA0B2252}");  =>PUP.SweetIM
O69 - SBI: prefs.js [Kassou - osich24v.default] user_pref("sweetim.toolbar.version", "1.7.0.3");  =>PUP.SweetIM
O69 - SBI: SearchScopes [HKCU] {105E99FF-8B9A-4492-B155-06194B9056D2} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {56256A51-B582-467e-B8D4-7786EDA79AE0} - (Web Search) - http://search.certified-toolbar.com  =>PUP.CertifiedToolbar
O69 - SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {8DE6235E-A7F6-4117-8C47-797ECE8A98A8} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com  =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {A531D99C-5A22-449b-83DA-872725C6D0ED} - (Recherche alOt) - http://search.alot.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (My Web Search) - http://www.mywebsearch.com  =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com  =>PUP.SweetIM
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.BFA0C63BF713A86198500A8CF047694F] [SPRF][22/12/2013] (...) -- C:\Users\Kassou\AppData\Roaming\wklnhst.dat   [2314]
~ Files: 2 Legitimates Filtered in 00mn 02s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{0BE1A28B-1DB0-485C-A931-BC9D27C654F5}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe  =>PUP.SweetIM
O87 - FAEL: "{5C18ADA4-52A5-4E08-8640-CAFB3285EAB1}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe  =>PUP.SweetIM
O87 - FAEL: "{FDD7D042-297E-4C0E-8660-6ABCD02DBE5E}" | In - None - P17 - TRUE | .(.Simplygen - ProtectedSearch.) -- C:\Program Files\Protected Search\ProtectedSearch.exe  =>Adware.PredictAd
O87 - FAEL: "{319A05E6-7C58-4E95-BB5A-3F781187B0CC}" | Out - None - P17 - TRUE | .(.Simplygen - ProtectedSearch.) -- C:\Program Files\Protected Search\ProtectedSearch.exe  =>Adware.PredictAd
~ Firewall: 4 Legitimates Filtered in 00mn 04s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe  =>PUP.SweetIM
O90 - PUC: "B2FD9C0A5B9838449838816A28001F4B" . (.SweetIM for Messenger 3.7.) -- C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}\ARPPRODUCTICON.exe  =>PUP.SweetIM
~ Update Products: 2 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.3AAC980511CFB5D82991716B0F7A70D2] [WIS][08/08/2011] (.Bandoo Media Inc. - iLivid Installation.) -- C:\Windows\Installer\31236e.msi   [262656]  =>Adware.Bandoo
[MD5.39881598736836E6286790DB97AA6821] [WIS][01/12/2009] (.Uniblue Systems Ltd. - Uniblue RegistryBooster 2009 Installation.) -- C:\Windows\Installer\385486c.msi   [270848]  =>PUP.UniblueSystem
[MD5.9FE5BB9C0D020ABC14D8F3BB7A34B096] [WIS][18/11/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\4e70de3.msi   [2046464]  =>PUP.SweetIM
[MD5.AB7C91E0702DB535E852C1FFE922A560] [WIS][18/11/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\4e70de9.msi   [2089984]  =>PUP.SweetIM
[MD5.DD64C65D5876C07E29B24E59860AAA98] [WIS][18/11/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\4e70def.msi   [2093568]  =>PUP.SweetIM
[MD5.8BB22AA622138E8FE1D58C3CC3E6BFA7] [WIS][18/11/2012] (.SweetIM Technologies Ltd. - SweetPacks bundle uninstaller.) -- C:\Windows\Installer\4e70df5.msi   [2555392]  =>PUP.SweetIM
[MD5.2955542C58680D49FD52F3D1F3046E8B] [WIS][13/09/2011] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\8ab8bc.msi   [990208]  =>Toolbar.Bing
~ WIS: 7 Legitimates Filtered in 00mn 55s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}] (MyWebSearch Search Assistant BHO)  =>Adware.MyWebSearch
[HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] (My Web Search)  =>Adware.MyWebSearch
[HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}] (MyWebSearch Settings)  =>Adware.MyWebSearch
[HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}] (My Web Search Quick View)  =>Adware.MyWebSearch
[HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}] (Fun Web Products HTML Menu)  =>Adware.MyWebSearch
[HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}] (MyWebSearch HTML)  =>Adware.MyWebSearch
[HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}] (MyWebSearch Toolbar Plugin)  =>Adware.MyWebSearch
[HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}] (MyWebSearch Skin Settings)  =>Adware.MyWebSearch
[HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}] (MyWebSearch Pseudo Transparent Plugin)  =>Adware.MyWebSearch
[HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}] (MyWebSearch Popup Menu Plugin)  =>Adware.MyWebSearch
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar)  =>Toolbar.Bing
[HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}] (AVG Security Toolbar)  =>Toolbar.AVGSearch
[HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}] (Fun Web Products HTML Menu)  =>Adware.MyWebSearch
[HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}] (Searchqu Toolbar)  =>PUP.Datamngr
[HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}] (My Web Search for Outlook)  =>Adware.MyWebSearch
[HKCR\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}] (BandooCore Class)  =>Adware.Bandoo
[HKCR\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D}] (ShopperReports)  =>Adware.ShopperReports
[HKCR\CLSID\{CFC16189-8A92-4a29-A940-60248385F426}] (ShopperReports)  =>Adware.ShopperReports
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper)  =>Toolbar.Bing
[HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}] (MyWebSearch Chat Session Plugin)  =>Adware.MyWebSearch
[HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}] (SweetPacks Toolbar for Internet Explorer)  =>PUP.SweetIM
[HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}] (SweetPacks Browser Helper)  =>PUP.SweetIM
[HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}] (SweetIM ToolbarURLSearchHook Class)  =>PUP.SweetIM
~ BCK: 6436 Legitimates Filtered in 00mn 35s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 22/07/1658 0 |  (0119741259546720mcinstcleanup) . (...) - C:\Windows\TEMP\011974~1.exe
SS - | Demand 13/03/2013 253656 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 05/10/2006 9216 |  (AgereModemAudio) . (.Agere Systems.) - C:\Windows\system32\agrsmsvc.exe
SS - | Auto 16/04/2008 40960 |  (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
SS - | Demand 22/07/1658 0 |  (GoogleDesktopManager-110309-193829) . (...) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Demand 29/11/2009 182768 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 22/07/1658 0 |  (mcmscsvc) . (...) - C:\Program Files\McAfee\MSC\mcmscsvc.exe
SS - | Auto 22/07/1658 0 |  (McNASvc) . (...) - C:\Program Files\COMMON~1\mcafee\mna\mcnasvc.exe
SS - | Demand 22/07/1658 0 |  (McODS) . (...) - C:\Program Files\McAfee\VIRUSS~1\mcods.exe
SS - | Auto 22/07/1658 0 |  (McProxy) . (...) - C:\Program Files\COMMON~1\mcafee\mcproxy\mcproxy.exe
SS - | Demand 22/07/1658 0 |  (McSysmon) . (...) - C:\Program Files\McAfee\VIRUSS~1\mcsysmon.exe
SS - | Demand 27/02/2013 129976 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 22/07/1658 0 |  (MpfService) . (...) - C:\Program Files\McAfee\MPF\MPFSrv.exe
SS - | Auto 22/07/1658 0 |  (MSK80Service) . (...) - C:\Program Files\McAfee\MSK\MskSrver.exe
SS - | Auto 01/12/2009 28762 |  (MyWebSearchService) . (.MyWebSearch.com.) - C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.exe  =>Adware.MyWebSearch
SS - | Demand 22/07/1658 0 |  (Partner Service) . (...) - C:\ProgramData\Partner\partner.exe
SS - | Auto 07/02/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 24/04/2008 73728 |  (SmartFaceVWatchSrv) . (.Toshiba.) - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
SS - | Auto 24/04/2008 99720 |  (TempoMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files\Toshiba TEMPRO\TempoSVC.exe  =>.Toshiba Corporation
SS - | Auto 18/07/2008 83312 |  (TNaviSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
SS - | Auto 21/11/2007 129632 |  (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe
SS - | Auto 17/01/2008 431456 |  (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
SS - | Auto 06/02/2008 126976 |  (TOSHIBA SMART Log Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
SS - | Auto 23/08/2006 49152 |  (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SS - | Auto 19/02/2013 968880 |  (vToolbarUpdater14.2.0) . (...) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe  =>Toolbar.AVGSearch
SS - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/07/1658 0 |  (McShield) . (...) - C:\Program Files\McAfee\VIRUSS~1\mcshield.exe
SR - | Auto 27/01/2013 20456 |  (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
~ Services:  Scanned in 00mn 37s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (05/05/2015)
Clés trouvées (Keys found) : 453
Valeurs trouvées (Values found) : 6
Dossiers trouvés  (Folders found) : 46
Fichiers trouvés  (Files found) : 47

[HKLM\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje]   =>PUP.DealPly^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn]   =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof]   =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D}]   =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]   =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A1B5397-2A80-4F7D-AF70-327D9E2103C6}]   =>PUP.SimplyTech^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4DAAC69C-CBA7-45E2-9BC8-1044483D3352}]   =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]   =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService]   =>Adware.MyWebSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater14.2.0]   =>Toolbar.AVGSearch^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\lollipop_05030249]   =>Adware.Lollipop^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall]   =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1]   =>Spyware.ProtectedSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_France Toolbar]   =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}]   =>PUP.SweetIM^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly]   =>PUP.DealPly^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F21ABA47-CE22-4B3D-8F47-8BF08C21C094}]   =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}]   =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0069B690-7A2B-41C5-98CA-9F535B4C8532}]   =>Trojan.TheBlinkx
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{02AED140-2B62-4B49-8B3B-179020CC39B9}]   =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}]   =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{07b18eac-a523-4961-b6bb-170de4475cca}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\AppID\{0D82ACD6-A652-4496-A298-2BDE705F4227}]   =>Adware.ClickPotato
[HKLM\Software\Classes\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{1093995a-ba37-41d2-836e-091067c4ad17}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{120927bf-1700-43bc-810f-fab92549b390}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}]   =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{17BF1E05-C0E8-413C-BD1F-A481EEA3B8E9}]   =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{1f52a5fa-a705-4415-b975-88503b291728}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{21BA420E-161C-413A-B21E-4E42AE1F4226}]   =>Adware.ClickPotato
[HKLM\Software\Classes\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{25560540-9571-4d7b-9389-0f166788785a}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}]   =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}]   =>Adware.iWinArcade
[HKLM\Software\Classes\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{3e720451-b472-4954-b7aa-33069eb53906}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{3e720452-b472-4954-b7aa-33069eb53906}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{3e720453-b472-4954-b7aa-33069eb53906}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{453db0c5-f41c-4d97-8dd6-cc72ecd5f699}]   =>Adware.ClickPotato
[HKLM\Software\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}]   =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4a1b5397-2a80-4f7d-af70-327d9e2103c6}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4a1b5397-2a80-4f7d-af70-327d9e2103c6}]   =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{4a1b5397-2a80-4f7d-af70-327d9e2103c6}]   =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}]   =>Adware.ClickPotato
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}]   =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4daac69c-cba7-45e2-9bc8-1044483d3352}]   =>PUP.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4daac69c-cba7-45e2-9bc8-1044483d3352}]   =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}]   =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}]   =>Adware.AdRotator
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}]   =>Adware.AdRotator
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{6511ce4c-4722-40d0-ad3d-4afa2f50978a}]   =>Adware.ShopperReports
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\AppID\{7025E484-D4B0-441a-9F0B-69063BD679CE}]   =>Adware.ClickPotato
[HKLM\Software\Classes\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}]   =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{8258B35C-05B8-4c0e-9525-9BCCC70F8F2D}]   =>Adware.ClickPotato
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{83b2fe06-ba20-4f7d-96c6-6fc3a4e877d3}]   =>Adware.SmartShopper
[HKLM\Software\Classes\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89F88394-3828-4d03-A0CF-8203604C3DA6}]   =>Adware.Hotbar
[HKLM\Software\Classes\Interface\{8AD9AD05-36BE-4E40-BA62-5422EB0D02FB}]   =>Adware.ShopperReports
[HKLM\Software\Classes\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{991aac62-b100-47ce-8b75-253965244f69}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}]   =>PUP.Dealio
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2}]   =>Adware.SmartShopper
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]   =>PUP.ToparcadeHits
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}]   =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}]   =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}]   =>Adware.Comet
[HKLM\Software\Classes\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\AppID\{A89256AD-EC17-4a83-BEF5-4B8BC4F39306}]   =>Adware.ClickPotato
[HKLM\Software\Classes\TypeLib\{ACC62306-9A63-4864-BD2F-C8825D2D7EA6}]   =>Adware.ClickPotato
[HKLM\Software\Classes\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0}]   =>Adware.ShopperReports
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]   =>PUP.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]   =>PUP.Conduit
[HKLM\Software\Classes\Interface\{b32966a2-f7c2-4362-a6cf-399ec8b44110}]   =>Adware.SmartShopper
[HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{b86d82bf-d39f-439a-a07c-43eddc6f6ea6}]   =>Adware.ShopperReports
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{bb76a90b-2b4c-4378-8506-9a2b6e16943c}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}]   =>PUP.Conduit
[HKLM\Software\Classes\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D}]   =>Adware.ShopperReports
[HKLM\Software\Classes\TypeLib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2}]   =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{CFC16189-8A92-4a29-A940-60248385F426}]   =>Adware.ShopperReports
[HKLM\Software\Classes\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{d136987f-e1c4-4ccc-a220-893df03ec5df}]   =>Adware.ShopperReports
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4233F04-1789-483c-A137-731E8F113DD5}]   =>Adware.Hotbar
[HKLM\Software\Classes\TypeLib\{d518921a-4a03-425e-9873-b9a71756821e}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{da6305b9-0869-4235-8c1d-533a65e639e5}]   =>Adware.ClickPotato
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a}]   =>Adware.ShopperReports
[HKLM\Software\Classes\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}]   =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\TypeLib\{f42228fb-e84e-479e-b922-fbbd096e792c}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}]   =>PUP.Babylon
[HKLM\Software\Classes\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978}]   =>Adware.MyWebSearch
[HKLM\Software\Classes\Interface\{f8b4ec8a-2407-4be0-aee2-0f430d65a90d}]   =>Adware.ClickPotato
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}]   =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}]   =>Adware.Bandoo
[HKLM\Software\Classes\AppID\bandoocore.exe]   =>Adware.Bandoo
[HKLM\Software\Classes\AppID\BRNstIE.DLL]   =>Adware.ClickPotato
[HKLM\Software\Classes\AppID\CmndFF.DLL]   =>Adware.ClickPotato
[HKLM\Software\Classes\AppID\mozillaps.dll]   =>Adware.ClickPotato
[HKLM\Software\Classes\AppID\Pltfrm.DLL]   =>Adware.ClickPotato
[HKLM\Software\Classes\AppID\ScriptHelper.EXE]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe]   =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search]   =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall]   =>Adware.BHO
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic_France Toolbar]   =>PUP.Conduit
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj.1]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\ilivid]   =>
[HKLM\Software\Classes\S]   =>Toolbar.Agent
[HKLM\Software\Classes\screensavercontrol.screensaverinstaller]   =>Adware.BHO
[HKLM\Software\Classes\screensavercontrol.screensaverinstaller.1]   =>Adware.BHO
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\sim-packages]   =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1]   =>Toolbar.AVGSearch
[HKLM\Software\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160]   =>Adware.Bandoo
[HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160]   =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\&search]   =>Adware.BHO
[HKLM\Software\Bandoo]   =>Adware.Bandoo
[HKLM\Software\focusinteractive]   =>Adware.MyWebSearch
[HKLM\Software\freeze.com]   =>Adware.BHO
[HKCU\Software\AppDataLow\Software\Fun Web Products]   =>Adware.MyWebSearch
[HKLM\Software\Fun Web Products]   =>Adware.MyWebSearch
[HKCU\Software\AppDataLow\Software\FunWebProducts]   =>Adware.MyWebSearch
[HKLM\Software\FunWebProducts]   =>Adware.MyWebSearch
[HKCU\Software\lollipop]   =>Adware.Lollipop
[HKLM\Software\ilivid]   =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\PriceGong]   =>Adware.PriceGong
[HKLM\Software\ShopperReports3]   =>Adware.ShopperReports
[HKCU\Software\Softonic]   =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\Softonic_France]   =>PUP.Conduit
[HKLM\Software\Softonic_France]   =>PUP.Conduit
[HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B]   =>PUP.SweetIM
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\SweetIM]   =>PUP.SweetIM
[HKCU\Software\AppDataLow\Toolbar]   =>PUP.Conduit
[HKCU\Software\DealPly]   =>PUP.DealPly
[HKLM\Software\DealPly]   =>PUP.DealPly
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{b0439fd3-8f96-400d-9515-eb8122ee1f21}_is1]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\low rights\rundll32policy\f3scrctr.dll]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss]   =>Adware.MyWebSearch
[HKLM\Software\microsoft\office\outlook\addins\mywebsearch.outlookaddin]   =>Adware.MyWebSearch
[HKLM\Software\microsoft\office\word\addins\mywebsearch.outlookaddin]   =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Associations]:bak_Application   =>Hijacker.Agent
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}]   =>Adware.PredictAd
[HKLM\Software\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}]   =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}]   =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}]   =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}]   =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}]   =>Adware.PredictAd
[HKLM\Software\Classes\wtb.Band]   =>Adware.PredictAd
[HKLM\Software\Classes\wtb.Band.1]   =>Adware.PredictAd
[HKLM\Software\Classes\wtb.NotificationSource]   =>Adware.PredictAd
[HKLM\Software\Classes\wtb.NotificationSource.1]   =>Adware.PredictAd
[HKLM\Software\Classes\wtb.SourceSinkImpl]   =>Adware.PredictAd
[HKLM\Software\Classes\wtb.SourceSinkImpl.1]   =>Adware.PredictAd
[HKLM\Software\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}]   =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils]   =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1]   =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator]   =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =>PUP.SweetIM
[HKLM\Software\Classes\wtb.ToolbarInfo]   =>Adware.PredictAd
[HKLM\Software\Classes\wtb.ToolbarInfo.1]   =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1]   =>Spyware.ProtectedSearch
[HKCU\Software\ParetoLogic]   =>PUP.Paretologic
[HKLM\Software\ParetoLogic]   =>PUP.Paretologic
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1]   =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}]   =>Toolbar.Yahoo
[HKLM\Software\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}]   =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}]   =>Toolbar.Yahoo
[HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}]   =>Toolbar.AVGSearch
[HKLM\Software\Classes\BandooCore.BandooCore]   =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.BandooCore.1]   =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.ResourcesMngr]   =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.ResourcesMngr.1]   =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.SettingsMngr]   =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.SettingsMngr.1]   =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.StatisticMngr]   =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.StatisticMngr.1]   =>Adware.Bandoo
[HKLM\Software\Classes\FunWebProducts.DataControl]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.DataControl.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.HistoryKillerScheduler.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.HistorySwatterControlBar.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.HTMLMenu]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.HTMLMenu.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.HTMLMenu.2]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.IECookiesManager]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.IECookiesManager.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.KillerObjManager]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.KillerObjManager.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.PopSwatterBarButton.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl]   =>Adware.MyWebSearch
[HKLM\Software\Classes\FunWebProducts.PopSwatterSettingsControl.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.ChatSessionPlugin.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.HTMLPanel]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.HTMLPanel.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.OutlookAddin]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.OutlookAddin.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearch.PseudoTransparentPlugin.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearchToolBar.SettingsPlugin.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin]   =>Adware.MyWebSearch
[HKLM\Software\Classes\MyWebSearchToolBar.ToolbarPlugin.1]   =>Adware.MyWebSearch
[HKLM\Software\Classes\ShopperReports.AsyncReporter]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.AsyncReporter.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.CntntDic]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.CntntDic.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.CntntDisp]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.CntntDisp.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.Dwnldr]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.Dwnldr.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.HbAx]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.HbAx.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.HbGuru]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.HbGuru.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.HbInfoBand]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.HbInfoBand.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.IEButton]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.IEButton.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.IEButtonA]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.IEButtonA.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.KOPFF]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.KOPFF.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.MozillaNvgtnTrpr.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.MozillaPSExecuter]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.MozillaPSExecuter.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.ReportData]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.ReportData.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.Reporter]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.Reporter.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.RprtCtrl]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.RprtCtrl.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.Scopes]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.Scopes.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.Stock]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.Stock.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.TriggerImmidiate]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.TriggerImmidiate.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.TriggerImmidiateOrRandomTS.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.TriggerOnceInDay]   =>Adware.ShopperReports
[HKLM\Software\Classes\ShopperReports.TriggerOnceInDay.1]   =>Adware.ShopperReports
[HKLM\Software\Classes\SWEETIE.IEToolbar]   =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1]   =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook]   =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar.CT2542115]   =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]:ShopperReports 3.0.489.0   =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{07B18EA9-A523-4961-B6BB-170DE4475CCA}   =>Adware.MyWebSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:MyWebSearch Plugin   =>Adware.MyWebSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:My Web Search Installer   =>Adware.MyWebSearch^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:MyWebSearch Email Plugin   =>Adware.MyWebSearch^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{07b18ea9-a523-4961-b6bb-170de4475cca}   =>Adware.MyWebSearch
[HKLM\Software\Mozilla\Firefox\Extensions]:shopperreports@shopperreports.com   =>Adware.ShopperReports
C:\Users\Kassou\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje   =>PUP.DealPly^
C:\Users\Kassou\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn   =>PUP.SweetIM^
C:\Users\Kassou\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof   =>Toolbar.AVGSearch^
C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}   =>PUP.Dealply^
C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}   =>PUP.SweetIM^
C:\Program Files\DealPly   =>PUP.DealPly^
C:\Program Files\MyWebSearch   =>Adware.MyWebSearch^
C:\Program Files\Protected Search   =>Spyware.ProtectedSearch^
C:\Program Files\ShopperReports3   =>Adware.ShopperReports^
C:\Program Files\Softonic_France   =>Toolbar.Conduit^
C:\Program Files\SweetIM   =>PUP.SweetIM^
C:\Program Files\Common Files\ParetoLogic   =>PUP.Paretologic^
C:\ProgramData\SweetIM   =>PUP.SweetIM^
C:\ProgramData\Trymedia   =>Adware.Trymedia^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly   =>PUP.DealPly^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLivid   =>Adware.Bandoo^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ParetoLogic   =>PUP.Paretologic^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search   =>Spyware.ProtectedSearch^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports   =>Adware.ShopperReports^
C:\Users\Kassou\AppData\Roaming\DealPly   =>PUP.DealPly^
C:\Users\Kassou\AppData\Roaming\igraal   =>PUP.iGraal^
C:\Users\Kassou\AppData\Roaming\ShopperReports3   =>Adware.ShopperReports^
C:\Users\Kassou\AppData\Local\Ilivid Player   =>Adware.Bandoo^
C:\Users\Kassou\AppData\Local\Lollipop   =>Adware.Lollipop^
C:\Program Files\AVG Secure Search   =>Toolbar.AVGSearch
C:\Program Files\Webplayer setup   =>Adware.SocialSkinz
C:\Program Files\WebplayerToolbar   =>Toolbar.Webplayer
C:\Program Files\Common Files\AVG Secure Search   =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search   =>Toolbar.AVGSearch
C:\Users\Kassou\AppData\Roaming\WebPlayerBdd   =>Adware.SocialSkinz
C:\Users\Kassou\AppData\Roaming\WebplayerToolbar   =>Toolbar.Webplayer
C:\Users\Kassou\AppData\Local\AVG Secure Search   =>Toolbar.AVGSearch
C:\Users\Kassou\AppData\Local\Conduit   =>PUP.Conduit
C:\Users\Kassou\AppData\LocalLow\AVG Secure Search   =>Toolbar.AVGSearch
C:\Users\Kassou\AppData\LocalLow\Conduit   =>PUP.Conduit
C:\Users\Kassou\AppData\LocalLow\FunWebProducts   =>Adware.MyWebSearch
C:\Users\Kassou\AppData\LocalLow\MyWebSearch   =>Adware.MyWebSearch
C:\Users\Kassou\AppData\LocalLow\PriceGong   =>Adware.PriceGong
C:\Users\Kassou\AppData\LocalLow\searchquband   =>Adware.Bandoo
C:\Users\Kassou\AppData\LocalLow\searchqutb   =>Adware.Bandoo
C:\Users\Kassou\AppData\LocalLow\ShopperReports3   =>Adware.ShopperReports
C:\Users\Kassou\AppData\LocalLow\Softonic_France   =>PUP.Conduit
C:\Users\Kassou\AppData\LocalLow\SweetIM   =>PUP.SweetIM
C:\Users\Kassou\AppData\LocalLow\WebplayerToolbar   =>Toolbar.Webplayer
C:\Users\Kassou\AppData\Local\Google\Chrome\User Data\Default\Extensions\agbbmachalkmbecmaamehkfbhaggpckk   =>Toolbar.Webplayer
C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\Smartbar   =>Hijacker.SmartBar
C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml   =>Toolbar.Agent
C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\SearchPlugins\SearchResults.xml   =>Toolbar.Agent
C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\SearchPlugins\sweetim.xml   =>PUP.SweetIM
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified   =>Hijacker.Application^
C:\Users\Kassou\AppData\Roaming\Mozilla\Firefox\Profiles\osich24v.default\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}   =>PUP.Dealply^
C:\Windows\Tasks\Final Media Player Update Checker.job   =>PUP.Mysoftpack^
C:\Windows\System32\Tasks\Final Media Player Update Checker   =>PUP.Mysoftpack^
C:\Windows\Tasks\ParetoLogic Registration3.job   =>PUP.Paretologic^
C:\Windows\System32\Tasks\ParetoLogic Registration3   =>PUP.Paretologic^
C:\Windows\Tasks\ParetoLogic Update Version3.job   =>PUP.Paretologic^
C:\Windows\System32\Tasks\ParetoLogic Update Version3   =>PUP.Paretologic^
[HKCU\Software\MyWebSearch]   =>Adware.MyWebSearch^
[HKCU\Software\ProtectedSearch]   =>Spyware.ProtectedSearch^
[HKLM\Software\Conduit]   =>Toolbar.Conduit^
[HKLM\Software\Freeze.com]   =>Adware.Freeze^
[HKLM\Software\MyWebSearch]   =>Adware.MyWebSearch^
[HKLM\Software\Paretologic]   =>PUP.Paretologic^
C:\Windows\Installer\31236e.msi   =>Adware.Bandoo^
C:\Windows\Installer\385486c.msi   =>PUP.UniblueSystem^
C:\Windows\Installer\4e70de3.msi   =>PUP.SweetIM^
C:\Windows\Installer\4e70de9.msi   =>PUP.SweetIM^
C:\Windows\Installer\4e70def.msi   =>PUP.SweetIM^
C:\Windows\Installer\4e70df5.msi   =>PUP.SweetIM^
C:\Windows\Installer\8ab8bc.msi   =>Toolbar.Bing^
[HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}] (MyWebSearch Search Assistant BHO)   =>Adware.MyWebSearch^
[HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] (My Web Search)   =>Adware.MyWebSearch^
[HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}] (MyWebSearch Settings)   =>Adware.MyWebSearch^
[HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}] (My Web Search Quick View)   =>Adware.MyWebSearch^
[HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}] (Fun Web Products HTML Menu)   =>Adware.MyWebSearch^
[HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}] (MyWebSearch HTML)   =>Adware.MyWebSearch^
[HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}] (MyWebSearch Toolbar Plugin)   =>Adware.MyWebSearch^
[HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}] (MyWebSearch Skin Settings)   =>Adware.MyWebSearch^
[HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}] (MyWebSearch Pseudo Transparent Plugin)   =>Adware.MyWebSearch^
[HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}] (MyWebSearch Popup Menu Plugin)   =>Adware.MyWebSearch^
[HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}] (Bing Bar)   =>Toolbar.Bing^
[HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}] (AVG Security Toolbar)   =>Toolbar.AVGSearch^
[HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}] (Fun Web Products HTML Menu)   =>Adware.MyWebSearch^
[HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}] (Searchqu Toolbar)   =>PUP.Datamngr^
[HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}] (My Web Search for Outlook)   =>Adware.MyWebSearch^
[HKCR\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}] (BandooCore Class)   =>Adware.Bandoo^
[HKCR\CLSID\{CC7BD6F1-565C-47ce-A5BB-9C935E77B59D}] (ShopperReports)   =>Adware.ShopperReports^
[HKCR\CLSID\{CFC16189-8A92-4a29-A940-60248385F426}] (ShopperReports)   =>Adware.ShopperReports^
[HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] (Bing Bar Helper)   =>Toolbar.Bing^
[HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}] (MyWebSearch Chat Session Plugin)   =>Adware.MyWebSearch^
[HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}] (SweetPacks Toolbar for Internet Explorer)   =>PUP.SweetIM^
[HKCR\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}] (SweetPacks Browser Helper)   =>PUP.SweetIM^
[HKCR\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}] (SweetIM ToolbarURLSearchHook Class)   =>PUP.SweetIM^
~ Additionnel Scan: 271237 Items scanned in 03mn 52s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g0-page-de-demarrage-google-chrome/  =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/g2-google-chrome-extensions/  =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/  =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/  =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/  =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/  =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/  =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 7 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/  =>PUP.UniblueSystem
http://www.nicolascoolman.fr/blog/  =>Hijacker.Application
http://nicolascoolman.fr/pup-sweetim  =>PUP.SweetIM
http://nicolascoolman.fr/pup-dealply  =>PUP.DealPly
http://nicolascoolman.fr/toolbar-conduit  =>Toolbar.Conduit
http://nicolascoolman.fr/adware-mywebsearch  =>Adware.MyWebSearch
http://nicolascoolman.fr/parasite-pugi  =>Parasite.Pugi
http://nicolascoolman.fr/pup-certifiedtoolbar  =>PUP.CertifiedToolbar
http://www.nicolascoolman.fr/blog/  =>PUP.SimplyTech
http://nicolascoolman.fr/30068076-pup-paretologic  =>PUP.Paretologic
http://nicolascoolman.fr/pup-datamngr  =>PUP.Datamngr
http://nicolascoolman.fr/pup-bubbledock  =>PUP.BubbleDock
http://nicolascoolman.fr/adware-lollipop  =>Adware.Lollipop
http://www.nicolascoolman.fr/blog/  =>PUP.Mysoftpack
http://nicolascoolman.fr/spyware-protectedsearch  =>Spyware.ProtectedSearch
http://nicolascoolman.fr/adware-socialskinz  =>Adware.SocialSkinz
http://nicolascoolman.fr/adware-bandoo  =>Adware.Bandoo
http://nicolascoolman.fr/adware-freeze  =>Adware.Freeze
http://www.nicolascoolman.fr/blog/  =>Adware.ShopperReports
http://nicolascoolman.fr/adware-trymedia  =>Adware.Trymedia
http://www.nicolascoolman.fr/blog/  =>PUP.iGraal
http://nicolascoolman.fr/hijacker-smartbar  =>Hijacker.SmartBar
http://nicolascoolman.fr/adware-predictad  =>Adware.PredictAd
http://www.nicolascoolman.fr/blog/  =>Trojan.TheBlinkx
http://nicolascoolman.fr/adware-clickpotato  =>Adware.ClickPotato
http://nicolascoolman.fr/adware-iwinarcade  =>Adware.iWinArcade
http://www.nicolascoolman.fr/blog/  =>Toolbar.Agent
http://www.nicolascoolman.fr/blog/  =>PUP.Conduit
http://nicolascoolman.fr/adware-adrotator  =>Adware.AdRotator
http://www.nicolascoolman.fr/blog/  =>Adware.SmartShopper
http://nicolascoolman.fr/adware-hotbar  =>Adware.Hotbar
http://nicolascoolman.fr/pup-dealio  =>PUP.Dealio
http://nicolascoolman.fr/pup-toparcadehits  =>PUP.ToparcadeHits
http://nicolascoolman.fr/pup-babylon  =>PUP.Babylon
http://nicolascoolman.fr/adware-comet  =>Adware.Comet
http://www.nicolascoolman.fr/blog/  =>Adware.BHO
http://nicolascoolman.fr/adware-pricegong  =>Adware.PriceGong
http://www.nicolascoolman.fr/blog/  =>Hijacker.Agent
http://www.nicolascoolman.fr/blog/  =>Toolbar.Yahoo
http://www.nicolascoolman.fr/blog/  =>Toolbar.Webplayer
~ MSI: 40 link(s) detected in 00mn 00s



~ 1307 Legitimates filtered by white list
End of the scan (1411 lines in 10mn 37s)(0.4)