cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par corinne (04/02/2014 18:26:55)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC):


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v32.0.1700.107 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : Q27TJ
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Microsoft Security Client v4.4.0304.0

---\\ Logiciels d'optimisation du système
CCleaner v2.28 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader X
Java 7 Update 51

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (45% free)
System Restore: Activé (Enable)
System drive C: has 66 GB (50%) free of 129 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-CORINNE
~ User Name: corinne
~ All Users Names: UpdatusUser, corinne, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\corinne\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\corinne\AppData\Roaming\
~ %Desktop% : C:\Users\corinne\Desktop\
~ %Favorites% : C:\Users\corinne\Favorites\
~ %LocalAppData% : C:\Users\corinne\AppData\Local\
~ %StartMenu% : C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 66 Go of 129 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 92 Go of 104 Go)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 42 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.4CC9DF09C3D915BA0A101A11DB684F26] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2013 - 23:42:41.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parallèle.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/313
Mes musiques (My Musics) : 15/15 (Modified)
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/81
~ Mes Documents (My Documents) : 4/116
~ Mon Bureau (My Desktop) : 2/481
~ Menu demarrer (Programs) : 1/39
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.16AE89DB056690B77252A722023D506B] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [4431872] [PID.2296]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.2324]
[MD5.40A329FE101AE594F879D2133E223D0A] - (.Discordia, LTD - Data Manager.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe [1115536] [PID.2380] =>PUP.Datamngr
[MD5.6EA1BF3F6E6B0613351411A3EB6B85A2] - (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe [1561768] [PID.2396]
[MD5.2E068599FCF51B3F4640458950A069FC] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe [2420248] [PID.2404] =>Toolbar.AVGSearch
[MD5.01D92A226791867F2DED688F25271905] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe [1058400] [PID.2412]
[MD5.33BE35574E1081A91EACD2B98E0A472A] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1778640] [PID.2444] =>Toolbar.Ask
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.2460]
[MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.2504]
[MD5.5F2B7DEB7263CC6D65871675FBF31F66] - (.Inbox.com, Inc. - Inbox Toolbar.) -- C:\Program Files\Inbox Toolbar\Inbox.exe [1380328] [PID.2520]
[MD5.9D826FE5B102A4DF5225786DB5E586C9] - (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648] [PID.2528]
[MD5.C407F87EDD7F08D7C8B900A4C6C6C719] - (.Crawler.com - Online Vault Tray.) -- C:\Program Files\OnlineVault\OVTray.exe [371808] [PID.2672]
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe [959880] [PID.2824]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2840]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.2864]
[MD5.665CE80D2173C774EE80FEAC4B20C860] - (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe [1560576] [PID.2888]
[MD5.50BD5E267657BE1090FB667B7A4500CE] - (.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe [337264] [PID.2908]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.2924]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3096]
[MD5.43E6F2A7FB182F2D7CB0CE5B8F1005CF] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [757488] [PID.2700]
[MD5.F7480FE0B17C75FED24F2C11A5DB5F1E] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FARNILE.exe [264800] [PID.7220]
[MD5.5640B4C10682FBC39C86C8C7A8392B5E] - (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe [866632] [PID.2712]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4216]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.4896]
[MD5.E4284FCF99FEA13A7E1836F87AE356F6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) -- C:\Windows\system32\nvvsvc.exe [639776] [PID.952]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.968]
[MD5.B0F49DA36F30922F5DDC3B623B778FCE] - (.Microsoft Corporation - Antimalware Service Executable.) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208] [PID.1048]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1412]
[MD5.8619BE54EC51A74A2C3F82B313AB445E] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [873248] [PID.1636]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376] [PID.656]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2948]
[MD5.2297460EC100F34DC455CC0EFD21D442] - (.Avira Operations GmbH & Co. KG - Firewall NT service process.) -- C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe [1012280] [PID.2972]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376] [PID.3040]
[MD5.B342CD9AA44E4AE99E2368EBDBC2E17A] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352] [PID.3120] =>Toolbar.Ask
[MD5.D503DF3ABA595F551B98B9BAE017A271] - (.Apple Inc. - Apple Mobile Device Service.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [144672] [PID.3136]
[MD5.E9EFCB47B90FD5498695BB7FEFD36CAE] - (.Seiko Epson Corporation - Epson Scanner Service (32bit).) -- C:\Windows\system32\EscSvc.exe [122000] [PID.3164]
[MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.3212]
[MD5.C7F5C284B6F46FCAF6910EA4E644700B] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.3212]
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.3436]
[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\Windows\system32\IoctlSvc.exe [81920] [PID.3468]
[MD5.E155E09229624C69A1A6609C0CB3641F] - (.Ralink Technology, Corp. - RalinkRegistryWriter.) -- C:\Program Files\Ralink\Common\RaRegistry.exe [185632] [PID.3524]
[MD5.D6BFF86F1946B0E473BAE244FB1BB07F] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [1734680] [PID.3596] =>Toolbar.AVGSearch
[MD5.14240D6730C6BA73AD569F2CD759B504] - (.Pas de propriétaire - loggings Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe [159768] [PID.3900] =>Toolbar.AVGSearch
[MD5.6F1E9AB820B3DD8BD38C0190A206205D] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [431672] [PID.2272]
[MD5.0DD3DDCAEBEA9B0B3B8D008F6973185F] - (.Avira Operations GmbH & Co. KG - Antivirus MailScanner LSP Service.) -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [896056] [PID.2288]
[MD5.29D956C8CB67222D678FAF20D485B25B] - (.Avira Operations GmbH & Co. KG - AntiVir WebGuard Service.) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe [1011768] [PID.1188]
[MD5.42D33042371BFB1A7D40834590CAFD30] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Servi.) -- C:\Program Files\Microsoft Security Client\NisSrv.exe [280288] [PID.552]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://toolbar.inbox.com
G2 - GCE: Preference [User Data\Default] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.30.2, (Désactivé) =>Toolbar.Avira
G2 - GCE: Preference [User Data\Default] [apgjagobplilmcdfelodhgefiidomnfl] Inbox Toolbar v.1.0.0.12 (Désactivé)
G2 - GCE: Preference [User Data\Default] [bdcfkjjffkboloijgealjeijakofmalg] Interest Recognizer for Freecompressor v.3.1.1489.132 (Désactivé) =>Adware.SPointer
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.5.1 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [iahagolkpaghhinaljhjihagjgomdokb] La barre d'outils de Marche.fr v.1.3, (Désactivé)
G2 - GCE: Preference [User Data\Default] [kincjchfokkeneeofpeefomkikfkiedl] Facetheme v.1.0 (Désactivé) =>PUP.FCTPlugin
G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Secure Search v.17.1.2.1 (Désactivé) =>Toolbar.AVGSearch
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 18 Legitimates Filtered in 00mn 10s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\corinne\AppData\Roaming\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\prefs.js
P2 - FPN: [HKLM] [@ei.Allin1Convert_8h.com/Plugin] - (.Allin1Convert - Allin1Convert Installer Plugin Stub for 32-bit Windows.) -- C:\Program Files\Allin1Convert_8hEI\Installr\1.bin\NP8hEISB.dll =>Adware.Allin1Convert
~ Firefox Browser: 21 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://cherchermp3.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: WiseConvert 1.5 B2 - {e483a649-efc1-4ceb-bff6-8be71582056d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\WiseConvert_1.5_B2\prxtbWise.dll =>Toolbar.Conduit
~ BHO: 18 Legitimates Filtered in 00mn 03s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{FE063DB9-4EC0-403e-8DD8-394C54984B2C} Clé orpheline
O3 - Toolbar: DVDVideoSoftTB Toolbar - [HKLM]{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} . (...) -- C:\Program Files\DVDVideoSoft\tbDVDV.dll
O3 - Toolbar: Streaming Chercher MP3 Toolbar - [HKLM]{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (.Pas de propriétaire - IE Toolbar Engine.) -- C:\Program Files\Streaming Chercher MP3 Toolbar\tbcore3.dll
O3 - Toolbar: Searchqu Toolbar - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\searchqudtx.dll =>PUP.Datamngr
O3 - Toolbar: Ask Toolbar - [HKLM]{D4027C7F-154A-4066-A1AD-4243D8127440} . (.Ask - Ask Toolbar.) -- C:\Program Files\Ask.com\GenericAskToolbar.dll =>Toolbar.Ask
O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: E-Web Print - [HKLM]{201CF130-E29C-4E5C-A73F-CD197DEFA6AE} . (.SEIKO EPSON CORPORATION - ewps_tb.) -- C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll
O3 - Toolbar: Avira SearchFree Toolbar - [HKLM]{41564952-412D-5637-00A7-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll =>Toolbar.Ask
O3 - Toolbar: WiseConvert 1.5 B2 Toolbar - [HKLM]{e483a649-efc1-4ceb-bff6-8be71582056d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\WiseConvert_1.5_B2\prxtbWise.dll =>Toolbar.Conduit
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{FE063DB9-4EC0-403E-8DD8-394C54984B2C} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{C86FF9FA-AEED-451B-A9CC-39A53173AE2E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E483A649-EFC1-4CEB-BFF6-8BE71582056D} Clé orpheline
~ Toolbar: Scanned in 00mn 03s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Epson Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION - Pas de description.) -- C:\Program Files\EPSON Software\Easy Photo Print\EPQuicker.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: FreeCompressor.lnk . (...) -- C:\Program Files\TUGzip\TUGZip.exe
O4 - GS\Desktop [Public]: Guide d'utilisation EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Useg\index.htm
O4 - GS\Desktop [Public]: Guide réseau EPSON XP-205 207 Series.lnk . (...) -- C:\Program Files\EPSON Software\Epson Manual\EPSON XP-205 207 Series\fr\Netg\index.htm
O4 - GS\QuickLaunch [corinne]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [corinne]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [corinne]: SFR Cloud.lnk . (...) -- C:\Users\corinne\AppData\Local\F-Secure\SFR Cloud\Application\SFR Cloud.exe (.not file.)
O4 - GS\QuickLaunch [corinne]: SpeedMaxPc.lnk . (.SpeedMaxPc - SpeedMaxPc.) -- C:\Users\corinne\SpeedMaxPc\SpeedMaxPc.exe =>PUP.SpeedMaxPc
O4 - GS\Program [corinne]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [corinne]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [corinne]: Agent X - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [corinne]: AttestationsScolaire - Raccourci.lnk . (...) -- C:\Users\corinne\Documents\Downloads\AttestationsScolaire.pdf
O4 - GS\Desktop [corinne]: coco - Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [corinne]: Corbeille - Raccourci.lnk - Clé orpheline
~ Global Startup: 68 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: Ralink Wireless Utility.lnk . (.Ralink Technology, Corp. - RaUI MFC Application.) -- C:\Program Files\Ralink\Common\RaUI.exe
O4 - GS\Startup [corinne]: Microsoft Office Groove.lnk . (.Microsoft Corporation - Microsoft Office Groove.) -- C:\Program Files\Microsoft Office\Office12\GROOVE.exe
O4 - GS\Startup [corinne]: OneNote 2007 - Capture d'écran et lancement.lnk . (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [EoEngine] Clé orpheline
O4 - HKLM\..\Run: [NWEReboot] Clé orpheline
O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
O4 - HKLM\..\Run: [eorezo] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Run: [RDesc] Clé orpheline
O4 - HKLM\..\Run: [DATAMNGR] . (.Discordia, LTD - Data Manager.) -- C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe =>PUP.Datamngr
O4 - HKLM\..\Run: [ApnUpdater] . (.Ask - Ask Updater.) -- C:\Program Files\Ask.com\Updater\Updater.exe
O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SearchSettings] . (.Spigot, Inc. - Search Settings.) -- C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe =>PUP.Dealio
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [InboxToolbar] . (.Inbox.com, Inc. - Inbox Toolbar.) -- C:\Program Files\Inbox Toolbar\Inbox.exe
O4 - HKLM\..\Run: [Online Vault] . (.Crawler.com - Online Vault Tray.) -- C:\Program Files\OnlineVault\OVTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [NTRedirect] . (.Pas de propriétaire - enhancedNT.) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll =>Hijacker.BabSolution
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\corinne\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\corinne\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2840378466-716466986-1421125182-1000\..\Run: [NTRedirect] . (.Pas de propriétaire - enhancedNT.) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\enhancedNT.dll =>Hijacker.BabSolution
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Streaming Chercher MP3 Toolbar - {C86FF9FA-AEED-451B-A9CC-39A53173AE2E} . (...) -- C:\Program Files\Streaming Chercher MP3 Toolbar\favicon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://www.ma-config.com/plugins/MaConfig_6_0_1_1.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{26CC9913-151B-4770-A5A9-005A2300254F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (.AVG Secure Search - Pas de description.) -- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll =>Toolbar.AVGSearch
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
O23 - Service: (vToolbarUpdater17.1.2) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 19 Legitimates Filtered in 00mn 19s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [350]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [350]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc Registration3.job [444] =>PUP.SpeedMaxPc
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc Update3.job [402] =>PUP.SpeedMaxPc
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc.job [336] =>Hijacker.iHaveNet
[MD5.00000000000000000000000000000000] [APT] [Advanced System Protector] (...) -- C:\Program Files\RegClean Pro\SystweakASP.exe (.not file.) [0] =>PUP.AdvancedSystemProtector
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{DD139D03-5DC0-430C-974A-B4CB947908A8}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{67DAA24A-73FF-4FC8-B23B-3CF6F8940773}.exe (.not file.) [0]
[MD5.ADB62392BC0711707E58E70186CC4AC2] [APT] [EPUpdater] (...) -- C:\Users\corinne\AppData\Roaming\BabSolution\Shared\BabMaint.exe [10224] =>Hijacker.BabSolution
[MD5.00000000000000000000000000000000] [APT] [Maintenance en 1 clic] (...) -- C:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe (.not file.) [0]
[MD5.013414E136AC76598B19552DC31DE718] [APT] [Scheduled Update for Ask Toolbar] (...) -- C:\Program Files\Ask.com\UpdateTask.exe [135336] =>Toolbar.Ask
[MD5.7BC313B855B469B918B75CB3F058CC66] [APT] [SpeedMaxPc] (.SpeedMaxPc.) -- C:\Users\corinne\SpeedMaxPc\SpeedMaxPc.exe [5004064] =>PUP.SpeedMaxPc
[MD5.1DE3E324847390D51970264CBFCAC1D8] [APT] [SpeedMaxPc Update3] (.SpeedMaxPc.) -- C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe [660768] =>PUP.SpeedMaxPc
[MD5.00000000000000000000000000000000] [APT] [{3545F003-AAD7-4EFA-92A4-460073A3B532}] (...) -- C:\Users\corinne\Desktop\93.71_forceware_winxp2k_international_whql.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4D79829A-4087-45F9-B3A1-D4F6E13D64CC}] (...) -- C:\Users\corinne\Desktop\Auto-‚cole 3D\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5C8C302B-B8E3-4CB2-998B-FBE18091AE17}] (...) -- C:\Users\corinne\Desktop\SoftonicToolbar.exe (.not file.) [0] =>Toolbar.Conduit
[MD5.00000000000000000000000000000000] [APT] [{C916364F-1A39-48C2-863D-D97A3F85E98C}] (...) -- D:\Drivers\Lan\Utility\setup.exe (.not file.) [0]
[MD5.9D826FE5B102A4DF5225786DB5E586C9] [APT] [ASUS ACPI Service Provider] (...) -- C:\Program Files\ASUS\AASP\1.00.33\aaCenter.exe [603648]
[MD5.2E5039A6599CAF0C4A406ED9460F80A1] [APT] [ASUS RegRun Loader] (...) -- C:\Program Files\ASUS\AASP\1.00.33\AsLoader.exe [363008]
~ Scheduled Task: 43 Legitimates Filtered in 00mn 07s



---\\ Logiciels installés (O42)
O42 - Logiciel: Ask Toolbar - (.Ask.com.) [HKLM] -- {86D4B82A-ABED-442A-BE86-96357B70F4FE} =>Toolbar.Ask
O42 - Logiciel: Ask.com Search Assistant 1.0.2 - (.Ask.com.) [HKLM] -- Ask.com Search Assistant
O42 - Logiciel: AutocompletePro - (...) [HKLM] -- AutocompletePro3_is1 =>Adware.PredictAd
O42 - Logiciel: BitGuard - (.MediaTechSoft Inc..) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>PUP.BitGuard
O42 - Logiciel: DVDVideoSoft Toolbar - (...) [HKLM] -- DVDVideoSoft Toolbar
O42 - Logiciel: Facemoods - (.Secure Digital Services.) [HKLM] -- {D0198889-7766-424B-AB81-F16F8EDDFEF4} =>Adware.Facemoods
O42 - Logiciel: Facetheme - (.facetheme.com.) [HKLM] -- facetheme =>PUP.FCTPlugin
O42 - Logiciel: Inbox Toolbar - (.Inbox.com, Inc..) [HKLM] -- {612AD33D-9824-4E87-8396-92374E91C4BB}_is1
O42 - Logiciel: ItsTV 3.0 - (.Its Label.) [HKLM] -- ItsTV_is1
O42 - Logiciel: Online Vault - (.PCRx.com, LLC.) [HKLM] -- {FE60B87C-63A2-4A45-AC06-FFEFD5DB7846}_is1 =>PUP.PCRx
O42 - Logiciel: SpeedMaxPc - (.SpeedMaxPc.) [HKLM] -- {D894938C-8EE1-4854-9254-8F9AEF2BFE46} =>PUP.SpeedMaxPc
O42 - Logiciel: Streaming Chercher MP3 Toolbar - (.Abingerdale, Ltd..) [HKLM] -- TBSB07458.TBSB07458Toolbar
O42 - Logiciel: SweetIM for Messenger 3.6 - (.SweetIM Technologies Ltd..) [HKLM] -- {A81A974F-8A22-43E6-9243-5198FF758DA1} =>PUP.SweetIM
O42 - Logiciel: Windows iLivid Toolbar - (.Bandoo Media, Inc.) [HKLM] -- Searchqu 406 MediaBar =>PUP.Datamngr
O42 - Logiciel: WiseConvert 1.5 B2 Toolbar for IE - (.WiseConvert 1.5 B2.) [HKLM] -- IECT3297966 =>Toolbar.Conduit
O42 - Logiciel: eoJet 1.1 - (.EoRezo.) [HKLM] -- eoJet_is1 =>PUP.Eorezo
~ Logic: 22 Legitimates Filtered in 00mn 02s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5f53d6d8e66dbe15] =>Hijacker.Eazel
[HKCU\Software\APN]
[HKCU\Software\Alexa Internet]
[HKCU\Software\Ask.com]
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\AskSearchAsst]
[HKCU\Software\AutocompleteProBHO] =>Adware.PredictAd
[HKCU\Software\AutocompletePro] =>Adware.PredictAd
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\EoRezo] =>PUP.Eorezo
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Inbox Toolbar]
[HKCU\Software\ItsLabel] =>PUP.ItsLabel
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\Search Settings] =>Adware.SearchSettings
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\WLANUtil]
[HKCU\Software\WideStream] =>Adware.SPointer
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\eojet] =>PUP.Eorezo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKLM\Software\5f53d6d8e66dbe15] =>Hijacker.Eazel
[HKLM\Software\APN]
[HKLM\Software\Allin1Convert_8hEI] =>Adware.Allin1Convert
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\AskToolbar]
[HKLM\Software\Bandoo] =>Adware.Bandoo
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\EoRezo] =>PUP.Eorezo
[HKLM\Software\Inbox Toolbar]
[HKLM\Software\Search Settings] =>Adware.SearchSettings
[HKLM\Software\SearchquMediabarTb] =>PUP.Datamngr
[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\WiseConvert_1.5_B2] =>Toolbar.Conduit
~ Key Software: 365 Legitimates Filtered in 00mn 02s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/08/2013 - 14:49:19 - [0,789] ----D C:\Program Files\Allin1Convert_8hEI =>Adware.Allin1Convert
O43 - CFD: 07/08/2010 - 10:01:35 - [0,120] ----D C:\Program Files\Ask Search Assistant
O43 - CFD: 05/09/2012 - 15:47:39 - [3,428] ----D C:\Program Files\Ask.com
O43 - CFD: 24/07/2013 - 15:36:08 - [14,206] ----D C:\Program Files\AskPartnerNetwork
O43 - CFD: 11/03/2010 - 13:41:28 - [0] ----D C:\Program Files\Audio Video Converter
O43 - CFD: 08/09/2010 - 17:11:05 - [0,824] ----D C:\Program Files\AutocompletePro =>Adware.PredictAd
O43 - CFD: 12/02/2010 - 19:38:33 - [1,603] ----D C:\Program Files\Conduit
O43 - CFD: 25/05/2013 - 19:59:46 - [0,109] ----D C:\Program Files\EoRezo =>PUP.Eorezo
O43 - CFD: 22/08/2010 - 12:37:30 - [0] ----D C:\Program Files\Fluendo =>Adware.SPointer
O43 - CFD: 17/12/2013 - 13:34:33 - [6,870] ----D C:\Program Files\Inbox Toolbar
O43 - CFD: 13/02/2010 - 19:34:08 - [3,635] ----D C:\Program Files\ItsLabel =>PUP.ItsLabel
O43 - CFD: 06/12/2010 - 11:59:08 - [0,020] ----D C:\Program Files\LimeWire
O43 - CFD: 11/09/2012 - 12:11:24 - [0,065] ----D C:\Program Files\Object
O43 - CFD: 29/05/2010 - 15:04:58 - [7,103] ----D C:\Program Files\Streaming Chercher MP3 Toolbar
O43 - CFD: 30/01/2011 - 15:22:53 - [0,217] ----D C:\Program Files\Widestream6 =>Adware.SPointer
O43 - CFD: 02/06/2011 - 07:48:43 - [6,288] ----D C:\Program Files\Windows iLivid Toolbar =>Adware.Bandoo
O43 - CFD: 01/11/2013 - 11:48:53 - [7,784] ----D C:\Program Files\WiseConvert_1.5_B2 =>Toolbar.Conduit
O43 - CFD: 11/03/2010 - 13:41:28 - [10,116] ----D C:\Program Files\Common Files\ArmDic
O43 - CFD: 28/01/2014 - 11:43:13 - [1,612] ----D C:\Program Files\Common Files\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 13/08/2013 - 14:20:01 - [1,355] ----D C:\Program Files\Common Files\Spigot =>PUP.Dealio
O43 - CFD: 24/07/2013 - 15:35:20 - [0] ----D C:\ProgramData\APN
O43 - CFD: 23/10/2011 - 11:54:21 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 24/07/2013 - 15:36:08 - [2,503] ----D C:\ProgramData\AskPartnerNetwork
O43 - CFD: 25/07/2013 - 16:04:03 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 02/10/2013 - 17:22:07 - [0,082] ----D C:\ProgramData\BitGuard =>PUP.BitGuard
O43 - CFD: 01/11/2013 - 11:48:54 - [1,686] ----D C:\ProgramData\Conduit
O43 - CFD: 15/08/2013 - 14:58:18 - [0,003] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 28/01/2014 - 11:43:13 - [0,020] ----D C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 19/09/2012 - 17:12:23 - [3,425] --H-D C:\ProgramData\{EF2D8223-8F3C-423E-BFA7-5E8BEEA8A6C2}
O43 - CFD: 24/08/2013 - 15:50:05 - [0] ----D C:\Users\corinne\AppData\Roaming\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 15/08/2013 - 14:58:43 - [1,566] ----D C:\Users\corinne\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 25/07/2013 - 16:04:03 - [0,007] ----D C:\Users\corinne\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 21/06/2010 - 15:35:47 - [240,845] ----D C:\Users\corinne\AppData\Roaming\EoRezo =>PUP.Eorezo
O43 - CFD: 15/08/2013 - 15:08:24 - [0,308] ----D C:\Users\corinne\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 15/08/2010 - 13:27:59 - [0,035] ----D C:\Users\corinne\AppData\Roaming\FissaSearch =>PUP.OfferBox
O43 - CFD: 14/02/2010 - 13:29:39 - [0,206] ----D C:\Users\corinne\AppData\Roaming\ItsLabel =>PUP.ItsLabel
O43 - CFD: 23/08/2011 - 16:26:28 - [0,013] ----D C:\Users\corinne\AppData\Roaming\Kalifoo.0158780AE3ACB0DC5B6FDCEC9DBFE5182B05BD40.1
O43 - CFD: 23/08/2013 - 14:59:59 - [0] ----D C:\Users\corinne\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 15/08/2013 - 15:18:17 - [21,042] ----D C:\Users\corinne\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 15/08/2013 - 14:58:15 - [0,081] ----D C:\Users\corinne\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 02/12/2013 - 15:37:09 - [0] ----D C:\Users\corinne\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc
O43 - CFD: 17/04/2010 - 19:37:12 - [0,001] ----D C:\Users\corinne\AppData\Roaming\widestream =>Adware.SPointer
O43 - CFD: 25/12/2013 - 16:53:07 - [0,371] ----D C:\Users\corinne\AppData\Local\Alexa
O43 - CFD: 25/07/2013 - 16:04:08 - [5,806] ----D C:\Users\corinne\AppData\Local\Babylon =>PUP.Babylon
O43 - CFD: 01/11/2013 - 11:48:50 - [2,692] ----D C:\Users\corinne\AppData\Local\Conduit
O43 - CFD: 16/10/2011 - 11:56:31 - [1,131] ----D C:\Users\corinne\AppData\Local\eojet =>PUP.Eorezo
O43 - CFD: 16/01/2014 - 18:40:04 - [0,003] ----D C:\Users\corinne\AppData\Local\iLivid =>Adware.Bandoo
O43 - CFD: 19/09/2012 - 17:11:22 - [0,014] ----D C:\Users\corinne\AppData\Local\Ilivid Player =>Adware.Bandoo
O43 - CFD: 30/01/2011 - 15:20:28 - [0,163] ----D C:\Users\corinne\AppData\Local\widestream6 Air =>Adware.SPointer
O43 - CFD: 07/08/2010 - 10:01:35 - [0,002] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ask Search Assistant
O43 - CFD: 13/10/2013 - 19:01:35 - [0] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard
O43 - CFD: 28/01/2014 - 11:43:21 - [0,001] ----D C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc =>PUP.SpeedMaxPc
~ 55 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 335 Legitimates Filtered in 00mn 06s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{6a14f727-70e0-11df-b5cd-001bfcfe3b34}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
O51 - MPSK:{afe1c1c5-0f43-11e0-a474-001bfcfe3b34}\AutoRun\command - Clé orpheline
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 15 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.DCDAAB8697A47894A554050CE18D0B56] - 18/10/2006 - 06:44:48 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [7680]
O58 - SDL:[MD5.310C1844D7B7144288196DCF19FF578C] - 19/10/2006 - 03:11:12 ---A- . (...) -- C:\Windows\System32\Drivers\AsInsHelp32.sys [10304]
O58 - SDL:[MD5.51E2A3E5CE3F7D63845E06832E627F2D] - 19/10/2006 - 03:11:30 ---A- . (...) -- C:\Windows\System32\Drivers\AsInsHelp64.sys [12096]
O58 - SDL:[MD5.663F2FB92608073824EE3106886120F3] - 18/10/2006 - 20:12:16 R--A- . (...) -- C:\Windows\System32\Drivers\AsIO.sys [12664]
O58 - SDL:[MD5.C2A6683C9FF46AA70E2C2092B008EDC7] - 11/10/2006 - 04:33:58 ---A- . (...) -- C:\Windows\System32\Drivers\ASUSHWIO.SYS [10288]
O58 - SDL:[MD5.662ECAEC0FAE2C2069B75EF8A762BE87] - 08/08/2013 - 18:34:12 ---A- . (.Avira GmbH - Packet filtering kernel driver ( NDIS IM ).) -- C:\Windows\System32\Drivers\avfwim.sys [92448]
O58 - SDL:[MD5.E4DC0228AB7492086B96FCC8298CF3B6] - 08/08/2013 - 18:34:12 ---A- . (.Avira GmbH - TDI filtering kernel driver.) -- C:\Windows\System32\Drivers\avfwot.sys [113024]
O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [316520]
O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 08/08/2013 - 18:34:13 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 12/11/2009 - 13:48:56 ---A- . (...) -- C:\Windows\System32\Drivers\StarOpen.sys [7168]
O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [235112]
O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 15 Legitimates Filtered in 00mn 04s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\corinne\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] 263EB1DA9C6A45DB82841E2D6A8C8007 - (Yahoo! Search) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] 917275CB17CB4FAB99963AC0E747610A - (Amazon) - http://www.amazon.frch
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {361EC19A-B1D5-48D7-A46C-3E5F64D65FD8} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {8A96AF9E-4074-43b7-BEA3-87217BDA7406} - (Web Search) - http://www.searchqu.com =>PUP.Datamngr
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {A531D99C-5A22-449b-83DA-872725C6D0ED} - (Recherche alOt) - http://search.alot.com
O69 - SBI: SearchScopes [HKCU] {EF5833B6-08B1-49E4-91EE-DF722F79EF77} - (Live Search) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {F3D844A1-3EA4-46AE-BAD4-DF59A7DB0C73} - (Ask Search) - http://avira.search.ask.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.607C0C229A5AED4A019D8736E1261E3B] [SPRF][21/11/2011] (...) -- C:\Users\corinne\AppData\Local\d3d9caps.dat [1356]
[MD5.A15CB6D9953E3A7766156B92012537F0] [SPRF][26/01/2014] (...) -- C:\Users\corinne\AppData\Local\Temp\defaultCache.reg [81586]
[MD5.8F13E62A5E662B44E0C5E74265DBDFCF] [SPRF][23/05/2009] (.SilentNight Network and Security Tool - Standalone CD/DVD Burner.) -- C:\Users\corinne\Desktop\copier cd dvd.exe [1503744]
~ Files: 4 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{AA94EC3F-F430-4B76-ABA2-F7568CE67187}C:\program files\fluendo\moovida\moovida.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\fluendo\moovida\moovida.exe (.not file.) =>Adware.SPointer
O87 - FAEL: "UDP Query User{215084E8-1FBD-40BD-B82A-855839151943}C:\program files\fluendo\moovida\moovida.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\fluendo\moovida\moovida.exe (.not file.) =>Adware.SPointer
O87 - FAEL: "{74ABB953-4F7A-47C7-B51F-39CD376C4C54}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\LimeWire\LimeWire.exe (.not file.)
O87 - FAEL: "{24C6491D-06A3-44A6-9DFA-0E7F6FF1DDFE}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\LimeWire\LimeWire.exe (.not file.)
O87 - FAEL: "{98F68253-D4DA-423B-B194-F1EFC9CE26A7}" | In - Public - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\dtUser.exe =>Adware.Bandoo
O87 - FAEL: "{CA9E88CF-A2D4-4C23-BCBD-D0196119DD22}" | In - Public - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows iLivid Toolbar\ToolBar\dtUser.exe =>Adware.Bandoo
~ Firewall: 196 Legitimates Filtered in 00mn 05s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "02639FE151B44BD40BAE88E9F2810718" . (.FreeCompressor.) -- C:\Windows\Installer\{1EF93620-4B15-4DB4-B0EA-889E2F187081}\ARPPRODUCTICON.exe
O90 - PUC: "25946514D2147365007A7A857BC0A000" . (.Avira SearchFree Toolbar.) -- C:\Windows\Installer\{41564952-412D-5637-00A7-A758B70C0A00}\ToolbarIcon.exe =>Toolbar.Avira
O90 - PUC: "9888910D6677B424BA181FF6E8DDEF4F" . (.Facemoods.) -- C:\Windows\Installer\{D0198889-7766-424B-AB81-F16F8EDDFEF4}\ARPPRODUCTICON.exe =>Adware.Facemoods
O90 - PUC: "A28B4D68DEBAA244EB686953B7074FEF" . (.Ask Toolbar.) -- C:\Program Files\Ask.com\favicon.ico =>Toolbar.Ask
O90 - PUC: "E0710AC8E9E65A34EAF1588A82028B74" . (.FreeCompressor.) -- C:\Windows\Installer\{8CA0170E-6E9E-43A5-AE1F-85A82820B847}\ARPPRODUCTICON.exe
O90 - PUC: "FA20CB7A821113A4CB8FA1E38E303D3B" . (.SweetIM Toolbar for Internet Explorer 4.2.) -- C:\Windows\Installer\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}\ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 104 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5f53d6d8e66dbe15\2.6.1673.238\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\2.6.1694.246\upd]:="upd=1" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:dllName="BrowserDefender.dll" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:exeName="BrowserDefender.exe" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:folderName="BrowserDefender" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:serviceName="BrowserDefendert" =>PUA.BrowserDefendert
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:version="2.6.1519.190" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:exeName="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:folderName="BitGuard" =>PUP.BitGuard
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:serviceName="BitGuard" =>PUP.BitGuard
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:version="2.6.1673.238" =>Hijacker.Eazel
[HKCU\Software\5f53d6d8e66dbe15]:version="2.6.1694.246" =>Hijacker.Eazel
[HKLM\Software\5f53d6d8e66dbe15]:version="2.6.1694.246" =>Hijacker.Eazel
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.E6C81BAC8BDBCA158FFA224A40EA3F7F] [WIS][13/08/2013] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\17de69.msi [1462272] =>PUP.Dealio
[MD5.AE5C5BD1ABC76C73F5C8BF6965281B65] [WIS][24/07/2010] (.Secure Digital Services - FreeCompressor.) -- C:\Windows\Installer\1adbf1.msi [3413504] =>Adware.SPointer
[MD5.E2848C16D95A1E060C0D018FAE9EF598] [WIS][04/07/2010] (.Secure Digital Services - FreeCompressor.) -- C:\Windows\Installer\25cb2.msi [2588672] =>Adware.SPointer
[MD5.16AA6129639915714A7F56296606E751] [WIS][22/12/2013] (.APN, LLC - Avira SearchFree Toolbar.) -- C:\Windows\Installer\30a7f.msi [809472] =>Toolbar.Avira
[MD5.94C044E15F74CC06760F25D33307A252] [WIS][28/10/2011] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.6.) -- C:\Windows\Installer\410025.msi [1947136] =>PUP.SweetIM
[MD5.3BD9B3A689C9505B844B07F52B19A9C1] [WIS][28/10/2011] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\41002b.msi [1837056] =>PUP.SweetIM
[MD5.07C1BBF5E73DA7FEAC2BB897DD2A8110] [WIS][15/08/2010] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.1.) -- C:\Windows\Installer\ba5a6.msi [1377792] =>PUP.SweetIM
[MD5.96C7D828E5DF1AB3F016B2611DFB9E81] [WIS][15/08/2010] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 3.9.) -- C:\Windows\Installer\ba5ac.msi [1146880] =>PUP.SweetIM
[MD5.8AAE00C6020D344416D50DFC4D893573] [WIS][27/02/2011] (.Secure Digital Services - Facemoods.) -- C:\Windows\Installer\dd63b9.msi [1837568] =>Adware.Facemoods
~ WIS: 110 Legitimates Filtered in 00mn 12s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 06/03/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 06/03/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 14/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 12/12/2008 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
SS - | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files\WinPcap\rpcapd.exe
SS - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 13/01/2014 1012280 | (AntiVirFirewallService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avfwsvc.exe
SR - | Auto 13/01/2014 896056 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
SR - | Auto 13/01/2014 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 13/01/2014 1011768 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SR - | Auto 20/12/2013 166352 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask
SR - | Auto 16/04/2010 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 11/12/2011 122000 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc.exe
SR - | Auto 23/10/2013 22208 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 02/12/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
SR - | Auto 30/09/2008 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 12/11/2009 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SR - | Auto 18/01/2013 639776 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe
SR - | Auto 14/07/2009 185632 | (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files\Ralink\Common\RaRegistry.exe
SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 10/11/2013 1734680 | (vToolbarUpdater17.1.2) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 15s



---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 408
Valeurs trouvées (Values found) : 5
Dossiers trouvés (Folders found) : 67
Fichiers trouvés (Files found) : 34

[HKLM\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh] =>Toolbar.Avira^
[HKLM\Software\Google\Chrome\Extensions\bdcfkjjffkboloijgealjeijakofmalg] =>Adware.SPointer^
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl] =>PUP.FCTPlugin^
[HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E483A649-EFC1-4CEB-BFF6-8BE71582056D}] =>Toolbar.Conduit^
[HKLM\SYSTEM\CurrentControlSet\Services\APNMCP] =>Toolbar.Ask^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.1.2] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AutocompletePro3_is1] =>Adware.PredictAd^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BitGuard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D0198889-7766-424B-AB81-F16F8EDDFEF4}] =>Adware.Facemoods^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\facetheme] =>PUP.FCTPlugin^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FE60B87C-63A2-4A45-AC06-FFEFD5DB7846}_is1] =>PUP.PCRx^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D894938C-8EE1-4854-9254-8F9AEF2BFE46}] =>PUP.SpeedMaxPc^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IECT3297966] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoJet_is1] =>PUP.Eorezo^
[HKLM\Software\Classes\Interface\{2bef239c-752e-4001-8048-f256e0d8cd93}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{49c00a51-6e59-41fe-b3fa-2d2157fad67b}] =>Adware.RecordNRip
[HKLM\Software\Classes\CLSID\{5eb0259d-ab79-4ae6-a6e6-24ffe21c3da4}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{6dff5dba-ae3a-46db-b301-ecffc6db2982}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{de34cd67-f1c8-4001-9a23-b8a68f63f377}] =>Adware.RecordNRip
[HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKLM\Software\Classes\TypeLib\{01bcb858-2f62-4f06-a8f4-48f927c15333}] =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}] =>PUP.BearShare
[HKLM\Software\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKLM\Software\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}] =>Adware.PredictAd
[HKLM\Software\Classes\TypeLib\{11109EB1-7D52-4512-88AD-9D837AEED46F}] =>PUP.Kiwee
[HKLM\Software\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{20FE21D0-8895-4F5F-A5D2-709170290006}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{20FE21D0-8895-4F5F-A5D2-709170290006}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{27f69c85-64e1-43ce-98b5-3c9f22fb408e}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}] =>PUP.iMesh
[HKLM\Software\Classes\AppID\{442f13bc-2031-42d5-9520-437f65271153}] =>Adware.PredictAd
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}] =>PUP.BearShare
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{5791B7D3-8B34-4218-9750-6A8E45D0AD32}] =>PUP.Dealio
[HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}] =>PUP.Kiwee
[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{6ad30cb8-7064-4664-8039-d9bb95cba878}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6ad30cb8-7064-4664-8039-d9bb95cba878}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}] =>PUP.iMesh
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{7713A018-8482-48FA-8BD3-46A9D319693F}] =>PUP.Kiwee
[HKLM\Software\Classes\Interface\{7894081D-0CF3-4663-B371-79DB59C32FC3}] =>PUP.Kiwee
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{85fe1096-281b-4cb9-82b6-d8eba5830035}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{85fe1096-281b-4cb9-82b6-d8eba5830035}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}] =>PUP.Dealio
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9D2F73EA-AA92-4C9C-9FA5-666B725E8E75}] =>PUP.Kiwee
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}] =>Adware.CometSystems
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A531D99C-5A22-449b-83DA-872725C6D0ED}] =>Adware.CometSystems
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a83c3565-302c-4bf8-b000-6b6f1811d892}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a83c3565-302c-4bf8-b000-6b6f1811d892}] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{a83c3565-302c-4bf8-b000-6b6f1811d892}] =>Adware.SPointer
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{b0d071a1-36b3-4757-a126-14c89c56013a}] =>PUP.Eorezo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b13e6377-ec0a-4c07-ac89-dcd48b57203d}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{B4C656C9-F2E9-4E77-B3F4-443DF2BD778F}] =>PUP.Eorezo
[HKLM\Software\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{bb76a90b-2b4c-4378-8506-9a2b6e16943c}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C382B99A-E317-4842-8448-70ADDAC750CA}] =>PUP.Kiwee
[HKLM\Software\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}] =>Parasite.Pugi
[HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}] =>Toolbar.InBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}] =>Toolbar.InBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] =>Toolbar.InBox
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] =>Toolbar.InBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}] =>Toolbar.InBox
[HKLM\Software\Classes\TypeLib\{DD68F52E-1436-4C5C-8191-A1FA6AE566D4}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\Interface\{E6E1D9F5-DC91-458F-89B8-FACFBD132A91}] =>PUP.Kiwee
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{E9E9C4BC-BD4D-4486-9092-C43FDF8F911B}] =>PUP.Kiwee
[HKLM\Software\Classes\Interface\{E9E9C4BC-BD4D-4486-9092-C43FDF8F911B}] =>PUP.Kiwee
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{ED846B6D-C294-4DFF-9AF6-44BDA49C0ED1}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D19F074C042AD34BAB463D4175A062E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{f011f437-ee07-463c-8217-97c0522117ab}] =>PUP.Kiwee
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}] =>PUP.iMesh
[HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}] =>PUP.iMesh
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{fe063dbb-4ec0-403e-8dd8-394c54984b2c}] =>Toolbar.AskTBar
[HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\autocompletepro.dll] =>Adware.PredictAd
[HKLM\Software\Classes\AppID\bandoocore.exe] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\NCTAudioCompress3.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\NCTAudioFile3.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\NCTAudioFormatSettings3.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKLM\Software\Google\Chrome\Extensions\defdhglnppeioeflggkmglipcecffkhk] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ask.com Search Assistant] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\autocompletepro3_is1] =>Adware.PredictAd
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods] =>Adware.Facemoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdate_is1] =>PUP.Eorezo
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent
[HKLM\Software\Classes\escort.escrtBtn.1] =>PUP.Babylon
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Toolbar.Ask
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Toolbar.Ask
[HKLM\Software\Classes\imside1egate.application.1] =>Adware.BHO
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho] =>Adware.PredictAd
[HKLM\Software\Classes\suggestmeyes.suggestmeyesbho.1] =>Adware.PredictAd
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\APN] =>Toolbar.Ask
[HKCU\Software\Ask.com] =>Toolbar.AskBar
[HKCU\Software\AskSearchAsst] =>Toolbar.AskBarDis
[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar
[HKLM\Software\AskToolbar] =>Toolbar.AskTBar
[HKCU\Software\AutocompletePro] =>Adware.PredictAd
[HKCU\Software\AutocompleteProBHO] =>Adware.PredictAd
[HKLM\Software\Bandoo] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\eorezo] =>PUP.Eorezo
[HKLM\Software\eorezo] =>PUP.Eorezo
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\freeCompressor] =>Adware.SPointer
[HKLM\Software\freeCompressor] =>Adware.SPointer
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKCU\Software\Inbox Toolbar] =>Adware.WebAdSystem
[HKLM\Software\Inbox Toolbar] =>Adware.WebAdSystem
[HKCU\Software\ItsLabel] =>PUP.ItsLabel
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\Search Settings] =>PUP.Dealio
[HKLM\Software\Search Settings] =>PUP.Dealio
[HKLM\Software\SearchquMediabarTb] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKLM\Software\SpeedMaxPc] =>PUP.SpeedMaxPc
[HKCU\Software\Spointer] =>Adware.SPointer
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\WideStream] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ask.com Search Assistant] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\softwareupdate_is1] =>PUP.Eorezo
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Classes\Installer\Features\02639FE151B44BD40BAE88E9F2810718] =>Adware.SPointer
[HKLM\Software\Classes\Installer\Products\02639FE151B44BD40BAE88E9F2810718] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\02639FE151B44BD40BAE88E9F2810718] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1EF93620-4B15-4DB4-B0EA-889E2F187081}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1B812BD0725DF36459D5BA985C9193C4] =>PUP.Kiwee
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2514EB7147619DA498D025C07B3421DD] =>PUP.Kiwee
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73962F57F2FA32C43A431C9C05459330] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B63FC54A3B9D36449AD536B3C29D2A97] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C512D8DDA7F6553429ACE05EC3197DAB] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\eoJet_is1] =>PUP.Eorezo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E337925F629CF4C4FB08F3D9674DD839] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1AC67655DD68F8240B2860F2D511EBD8] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}] =>Toolbar.InBox
[HKLM\Software\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}] =>Toolbar.InBox
[HKLM\Software\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}] =>Toolbar.InBox
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}] =>Toolbar.InBox
[HKLM\Software\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}] =>Toolbar.InBox
[HKLM\Software\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}] =>Toolbar.InBox
[HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox] =>Toolbar.InBox
[HKLM\Software\Classes\Installer\Features\E0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer
[HKLM\Software\Classes\Installer\Products\E0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E0710AC8E9E65A34EAF1588A82028B74] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8CA0170E-6E9E-43A5-AE1F-85A82820B847}] =>Adware.SPointer
[HKLM\Software\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF] =>PUP.Dealio
[HKLM\Software\Classes\AlxSSB.AlxTBSSB] =>Toolbar.Alexa
[HKLM\Software\Classes\AlxSSB.AlxTBSSB.1] =>Toolbar.Alexa
[HKLM\Software\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}] =>Toolbar.Alexa
[HKLM\Software\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}] =>Toolbar.Alexa
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}] =>Toolbar.Alexa
[HKLM\Software\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}] =>Toolbar.Alexa
[HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1CD4D45E-4851-496D-840F-2C2E752ECFB7}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme] =>PUP.FCTPlugin
[HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\SpeedUpMyPC] =>Rogue.SpeedUpMyPC
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Classes\BandooCore.BandooCore] =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.BandooCore.1] =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.ResourcesMngr] =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.ResourcesMngr.1] =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.SettingsMngr] =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.SettingsMngr.1] =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.StatisticMngr] =>Adware.Bandoo
[HKLM\Software\Classes\BandooCore.StatisticMngr.1] =>Adware.Bandoo
[HKLM\Software\Classes\EoRezoBHO.EoBho] =>PUP.Eorezo
[HKLM\Software\Classes\EoRezoBHO.EoBho.1] =>PUP.Eorezo
[HKLM\Software\Classes\Freecompressor.Spointer] =>Adware.SPointer
[HKLM\Software\Classes\Freecompressor.Spointer.1] =>Adware.SPointer
[HKLM\Software\Classes\Freecompressor.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Classes\Freecompressor.SpointerCtrl.1] =>Adware.SPointer
[HKLM\Software\Classes\Freecompressor.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Classes\Freecompressor.SpointerWebDisp.1] =>Adware.SPointer
[HKLM\Software\Classes\TBSB07458.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB07458.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB07458.TBSB07458] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB07458.TBSB07458.3] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB07458] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB07458.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar.CT2124320] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2269050] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2542115] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2567681] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT3297966] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Searchqu 406 MediaBar] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\TBSB07458.TBSB07458Toolbar] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07458.TBSB07458Toolbar] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{99079a25-328f-4bd4-be04-00955acaa0a7} =>PUP.Datamngr^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:eorezo =>PUP.Eorezo^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
[HKLM\Software\Mozilla\Firefox\Extensions]:freecompressor@spointer.com =>Adware.SPointer
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh =>Toolbar.Avira^
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdcfkjjffkboloijgealjeijakofmalg =>Adware.SPointer^
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\kincjchfokkeneeofpeefomkikfkiedl =>PUP.FCTPlugin^
C:\Users\corinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch^
C:\Program Files\Allin1Convert_8hEI =>Adware.Allin1Convert^
C:\Program Files\AutocompletePro =>Adware.PredictAd^
C:\Program Files\EoRezo =>PUP.Eorezo^
C:\Program Files\Fluendo =>Adware.SPointer^
C:\Program Files\ItsLabel =>PUP.ItsLabel^
C:\Program Files\Widestream6 =>Adware.SPointer^
C:\Program Files\Windows iLivid Toolbar =>Adware.Bandoo^
C:\Program Files\WiseConvert_1.5_B2 =>Toolbar.Conduit^
C:\Program Files\Common Files\SpeedMaxPc =>PUP.SpeedMaxPc^
C:\Program Files\Common Files\Spigot =>PUP.Dealio^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\BitGuard =>PUP.BitGuard^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc^
C:\Users\corinne\AppData\Roaming\Advanced System Protector =>PUP.AdvancedSystemProtector^
C:\Users\corinne\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\corinne\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\corinne\AppData\Roaming\EoRezo =>PUP.Eorezo^
C:\Users\corinne\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Users\corinne\AppData\Roaming\FissaSearch =>PUP.OfferBox^
C:\Users\corinne\AppData\Roaming\ItsLabel =>PUP.ItsLabel^
C:\Users\corinne\AppData\Roaming\OfferBox =>PUP.OfferBox^
C:\Users\corinne\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\corinne\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis^
C:\Users\corinne\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc^
C:\Users\corinne\AppData\Roaming\widestream =>Adware.SPointer^
C:\Users\corinne\AppData\Local\Babylon =>PUP.Babylon^
C:\Users\corinne\AppData\Local\eojet =>PUP.Eorezo^
C:\Users\corinne\AppData\Local\iLivid =>Adware.Bandoo^
C:\Users\corinne\AppData\Local\Ilivid Player =>Adware.Bandoo^
C:\Users\corinne\AppData\Local\widestream6 Air =>Adware.SPointer^
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard =>PUP.BitGuard^
C:\Users\corinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc =>PUP.SpeedMaxPc^
C:\Program Files\Application Updater =>PUP.Dealio
C:\Program Files\Ask.com =>Toolbar.AskBar
C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\FreeCompressor =>Adware.SPointer
C:\Program Files\Inbox Toolbar =>Toolbar.Agent
C:\Program Files\object =>PUP.FCTPlugin
C:\Program Files\AskPartnerNetwork =>Toolbar.Ask
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\Conduit =>Toolbar.Conduit
C:\ProgramData\AskPartnerNetwork =>Toolbar.Ask
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCompressor =>Adware.SPointer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar =>Toolbar.Agent
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ItsLabel =>PUP.ItsLabel
C:\Users\corinne\AppData\Roaming\FreeCompressor =>Adware.SPointer
C:\Users\corinne\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\corinne\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\corinne\AppData\Local\moovida air =>Adware.SPointer
C:\Users\corinne\AppData\LocalLow\AskToolbar =>Toolbar.AskTBar
C:\Users\corinne\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\corinne\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\corinne\AppData\LocalLow\facemoods.com =>Adware.Facemoods
C:\Users\corinne\AppData\LocalLow\Inbox Toolbar =>Toolbar.Agent
C:\Users\corinne\AppData\LocalLow\Search Settings =>PUP.Dealio
C:\Users\corinne\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\corinne\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Users\corinne\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\corinne\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit
C:\Program Files\Windows iLivid Toolbar\Datamngr\datamngrUI.exe =>PUP.Datamngr^
C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.Ask^
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.Ask^
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe =>Toolbar.AVGSearch^
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe =>Toolbar.AVGSearch^
C:\Windows\Tasks\SpeedMaxPc Registration3.job =>PUP.SpeedMaxPc^
C:\Windows\Tasks\SpeedMaxPc Update3.job =>PUP.SpeedMaxPc^
C:\Windows\Tasks\SpeedMaxPc.job =>Hijacker.iHaveNet^
C:\Users\corinne\AppData\Roaming\BabSolution\Shared\BabMaint.exe =>Hijacker.BabSolution^
C:\Program Files\Ask.com\UpdateTask.exe =>Toolbar.Ask^
C:\Users\corinne\SpeedMaxPc\SpeedMaxPc.exe =>PUP.SpeedMaxPc^
C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe =>PUP.SpeedMaxPc^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\EoRezo] =>PUP.Eorezo^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\eojet] =>PUP.Eorezo^
[HKLM\Software\Allin1Convert_8hEI] =>Adware.Allin1Convert^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\EoRezo] =>PUP.Eorezo^
[HKLM\Software\WiseConvert_1.5_B2] =>Toolbar.Conduit^
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1519.190]:dllName="BrowserDefender.dll" =>Hijacker.Eazel^
[HKCU\Software\5f53d6d8e66dbe15\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1673.238]:dllName="BitGuard.dll" =>PUP.BitGuard^
C:\Windows\Installer\17de69.msi =>PUP.Dealio^
C:\Windows\Installer\1adbf1.msi =>Adware.SPointer^
C:\Windows\Installer\25cb2.msi =>Adware.SPointer^
C:\Windows\Installer\30a7f.msi =>Toolbar.Avira^
C:\Windows\Installer\410025.msi =>PUP.SweetIM^
C:\Windows\Installer\41002b.msi =>PUP.SweetIM^
C:\Windows\Installer\ba5a6.msi =>PUP.SweetIM^
C:\Windows\Installer\ba5ac.msi =>PUP.SweetIM^
C:\Windows\Installer\dd63b9.msi =>Adware.Facemoods^
~ Additionnel Scan: 302311 Items scanned in 01mn 12s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/30049678-pup-fctplugin =>PUP.FCTPlugin
~ http://nicolascoolman.webs.com/apps/blog/show/30478407-adware-allin1convert =>Adware.Allin1Convert
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/28947219-pup-speedmaxpc =>PUP.SpeedMaxPc
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/33336602-hijacker-ihavenet =>Hijacker.iHavenet
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/32979753-pup-bitguard =>PUP.BitGuard
~ http://nicolascoolman.webs.com/apps/blog/show/26764465-adware-facemoods =>Adware.Facemoods
~ http://nicolascoolman.webs.com/apps/blog/show/33007053-pup-pcrx =>PUP.PCRx
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/28143661-pup-itslabel =>PUP.ItsLabel
~ http://nicolascoolman.webs.com/apps/blog/show/27529295-adware-searchsettings =>Adware.SearchSettings
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/35127313-pua-browserdefendert =>PUA.BrowserDefendert
~ http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip
~ http://nicolascoolman.webs.com/apps/blog/show/26705717-pup-bearshare =>PUP.BearShare
~ http://nicolascoolman.webs.com/apps/blog/show/28863080-toolbar-kiwee =>PUP.Kiwee
~ http://nicolascoolman.webs.com/apps/blog/show/28766471-adware-iwinarcade =>Adware.iWinArcade
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/28441146-pup-imesh =>PUP.iMesh
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/26664342-adware-comet =>Adware.Comet
~ http://nicolascoolman.webs.com/apps/blog/show/26632288-parasite-pugi =>Parasite.Pugi
~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27531758-adware-webadsystem =>Adware.WebAdSystem
~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC
~ MSI: 44 link(s) detected in 01mn 14s



~ 1550 Legitimates filtered by white list
End of the scan (1270 lines in 04mn 38s)(0)

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !