~ ZHPDiag v2015.7.29.105 Par Nicolas Coolman (2015/07/29)
~ Démarré par info (Administrator) (2015/07/31 08:20:02)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Etat de la version: Version OK
~ Mode: Scanner
~ Rapport: C:\Users\info\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\info\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Démarrage du système: Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)

---\\ Navigateurs Internet (3) - 0s
GCIE: Google Chrome v44.0.2403.125
MFIE: Mozilla Firefox 14.0.1 (x86 fr) v14.0.1
MSIE: Internet Explorer v11.0.9600.17914

---\\ Informations sur les produits Windows (10) - 2s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 4
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ Surveillance de Logiciels (2) - 4s
Adobe Flash Player 12 ActiveX & Plugin
Adobe Reader XI

---\\ Informations sur le système (6) - 0s
~ Operating System: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3069.808 MB (40% free)
~ System Restore: Activé (Enable)
~ System drive C: has 125 GB free of 199 GB

---\\ Mode de connexion au système (3) - 0s
~ Computer Name: SOUKAINA
~ User Name: info
~ Logged in as Administrator

---\\ Enumération des unités disques (3) - 0s
~ Drive C: has 125 GB free of 199 GB (System)
~ Drive D: has 144 GB free of 249 GB
~ Drive E: has 265 GB free of 265 GB

---\\ Etat du Centre de Sécurité Windows (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Recherche particulière de fichiers génériques (23) - 2s
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.63B01F72FD727D5736DBEF54174D8F93] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [1951232]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.01C5B803F6E1FDF8F16F0763DA9B997D] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [124416]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Processus lancés (18) - 7s
[MD5.FA25836EE747B6057FB137373F8AAB02] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096] [PID.1208]
[MD5.C73CA0CFDC55865F17706C6AE91DC195] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1011416] [PID.1232]
[MD5.911F179646EBF2FAEE370C1C55D3D307] - (.Windows SysTool - Windows SysTool.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [545280] [PID.1472] =>PUP.Optional.Fuyu
[MD5.DC4801AA07678ECAEB0AA2BE3F69CF86] - (.Taiwan Shui Mu Chih Ching Technology Limited. - dsk service.) -- C:\Program Files\WinZipper\winzipersvc.exe [337040] [PID.1496]
[MD5.A6CE73469591554279DA63BE715DBC93] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [87968] [PID.1784]
[MD5.7FE34FD5652C54BDA8D2DF8AC92E833A] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664] [PID.1892]
[MD5.59B5A12463E9C8F967051D1FCDF8C525] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files\MiuiTab\ProtectService.exe [125112] [PID.1932] =>PUP.Optional.MiuiTab
[MD5.B88A592C93319B477A36FC9D4D2B1FB2] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [755536] [PID.2032]
[MD5.D834F199FBAF404EB763002C443C21C7] - (.http://lucky-tab.com/ - http://lucky-tab.com/.) -- C:\Program Files\LuckyTab\LuckyTab.exe [1394112] [PID.2360] =>PUP.Optional.LuckyTab
[MD5.5DDAB1319ACA5F9DAED11F27D8B615BB] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568] [PID.2604]
[MD5.79D99CA9DBD21DBE9CA0C4ACB4BAD419] - (.RealNetworks, Inc. - RealPlayer Cloud Service.) -- c:\program files\Real\realplayer\RPDS\Bin\rpdsvc.exe [1141848] [PID.2684]
[MD5.A1AC400C87A5B819285899645FE12DAE] - (...) -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552] [PID.2732]
[MD5.FF513BC3B9A0B0FCF321DEA523E9546F] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3565432] [PID.3316]
[MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616] [PID.3324]
[MD5.FF786A74F62361A71AECDB8F8AC95D6F] - (.Somoto - FilesFrog.com Update Checker.) -- C:\Users\info\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808] [PID.3392] =>PUP.Optional.MegaSearch
[MD5.432F4E8794A2EA8A64E4C75EA80B790E] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe [1694560] [PID.3628]
[MD5.4F9236BE13917B89F7A03DEA85F220FA] - (.Copyright 2012 - WebPlayer.) -- C:\Users\info\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752] [PID.3776]
[MD5.77FBCE63719BE1DFDA9E5178CD7EE7CF] - (.RealNetworks, Inc. - RealPlayer Cloud Service UI.) -- C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [822880] [PID.3908]

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (12) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.v9.com?type=hp&ts=1435062742&from=mych123&uid=toshibaxmq01abd075_62t8p3gxtxx62t8p3gxt&z=f83a289d9cdda61ec5597a6g4z3cew5e0q6o7m4zao
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ocifcklkibdehekfnmflempfgjhbedch] __MSG_name__
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (31) - 7s
M0 - MFSP: prefs.js [info - gefs9udw.default] http://www.v9.com?type=hp&ts=1436188533&from=mych123&uid=toshibaxmq01abd075_62t8p3gxtxx62t8p3gxt&z=38ba810fc0ab2e74e327a24gdzfc9q4g6b1b0w7ccc
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\addon@defaulttab.com.xpi
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{085c65b5-43c5-4fdc-b8eb-849f6dc50c84}.xpi
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\ask-web-search.xml
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\babylon.xml =>PUP.Optional.Babylon
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\bingp.xml
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\dsrlte.xml
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\utorrentbarfr-customized-web-search.xml =>PUP.Optional.uTorrentBar
P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\V9.xml
P2 - EXT: (.Mindspark - Utility Chest.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\49ffxtbr@www.utilitychest.com =>PUP.Optional.MyWebSearch
P2 - EXT: (.lightningnewtab.com - Default NewTab.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\default_newtabff@gmail.com =>PUP.Optional.LightningNewTab
P2 - EXT: (.lightning - Security Protection.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\detgdp@gmail.com
P2 - EXT: (.Plus HD - Plus-HD-V1.8c.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\EOPN29927080@OCIFAPD100469180.com
P2 - EXT: (.lightningnewtab.com - Fast Start.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\faststartff@gmail.com =>PUP.Optional.FastStart
P2 - EXT: (.lightningnewtab.com - QuickSearch.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\quick_searchff@gmail.com =>PUP.Optional.QuickSearch
P2 - EXT: (. - WS-Recommender.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\recws@ws.com
P2 - EXT: (. - WebSite Recommendation.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\WebSiteRecommendation@weliketheweb.com
P2 - EXT: (.ClientConnect Ltd. - uTorrentBar_FR .) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} =>PUP.Optional.ClientConnect
P2 - EXT: (. - AppsHat.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
P2 - FPN: [HKLM] [@adobe.com/AuthorwarePlayer] - (.Macromedia, Inc..) -- C:\Windows\System32\Macromed\AUTHORWA\np32asw.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_77.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=17.0.12.0] - (.RealNetworks, Inc..) -- c:\program files\Real\realplayer\Netscape6\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=17.0.12] - (.RealNetworks, Inc..) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=17.0.12.0] - (.RealPlayer Cloud.) -- c:\program files\Real\realplayer\Netscape6\nprpplugin.dll
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.Optional.GlobalUpdate
P2 - FPN: [HKLM] [@UtilityChest_49.com/Plugin] - (.UtilityChest_49.) -- C:\Program Files\UtilityChest_49\bar\1.bin\NP49Stub.dll =>PUP.Optional.MyWebSearch
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.3] - (.VideoLAN.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (14) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/ =>PUP.Optional.Qvo6
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/ =>PUP.Optional.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/ =>PUP.Optional.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/ =>PUP.Optional.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/ =>PUP.Optional.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/ =>PUP.Optional.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/ =>PUP.Optional.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/ =>PUP.Optional.IsStart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} Orphean
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R3 - URLSearchHook: (no name) - {539F76FD-084E-4858-86D5-62F02F54AE86} Orphean

---\\ Internet Explorer, Proxy Management (R5) (6) - 1s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896; =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object de navigateur (BHO) (O2) (10) - 1s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Search Assistant BHO - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} . (...) -- C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll (.not file.)
O2 - BHO: CrossriderApp0059568 - {11111111-1111-1111-1111-110511951168} . (.InfoHD-V1.8 - HD-V1.9 BHO.) -- C:\Program Files\HD-V1.9\HD-V1.9-bho.dll =>PUP.Optional.CrossRider
O2 - BHO: GoodTab Class - {1F91A9A1-01BA-4c81-863D-3BA0751E1419} . (.Thinkgood Co. Limited - GoodTab.) -- C:\Program Files\MiuiTab\SupTab.dll =>PUP.Optional.MiuiTab
O2 - BHO: Record Page - {2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} . (...) -- C:\Program Files\Record Page\Extensions\2335267c-dbba-4dd5-a9d0-c4db8e6a75a4.dll (.not file.) =>RecordPage
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Video Downloader.) -- C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Toolbar BHO - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} . (...) -- C:\PROGRA~1\UTILIT~2\bar\1.bin\49bar.dll (.not file.)
O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} . (.Search Results LLC. - Search Results.) -- C:\Windows\System32\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll
O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} . (...) -- C:\Program Files\Minibar\Minibar.dll (.not file.) =>PUP.Optional.Minibar
O2 - BHO: Staging - {C35B7206-62EB-F808-5475-18A6FDE7DD94} . (.Copyright 2013 - .) -- c:\Users\All Users\dl159\159.dll

---\\ Internet Explorer Toolbars (O3) (2) - 1s
O3 - Toolbar: 0x5F7567CF65929C4487CFB945519E073B - [HKCU]{CF67755F-9265-449C-87CF-B945519E073B} . (...) -- C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (.not file.) =>PUP.Optional.MyWebSearch
O3 - Toolbar: (no name) - [HKLM]{cf67755f-9265-449c-87cf-b945519e073b} (Orphean) (.not file.) =>PUP.Optional.MyWebSearch

---\\ Applications lancées au démarrage du sytème (O4) (29) - 2s
O4 - HKLM\..\Run: [Utility Chest Search Scope Monitor] C:\PROGRA~1\UTILIT~2\bar\1.bin\49srchmn.exe (.not file.)
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [ultracopier] C:\Program Files\Supercopier\supercopier.exe (.not file.)
O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKCU\..\Run: [Orbitum] C:\Users\info\AppData\Local\Orbitum\Application\chrome.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\info\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Users\info\AppData\Local\FilesFrog Update Checker\update_checker.exe =>PUP.Optional.MegaSearch
O4 - HKCU\..\Run: [NextLive] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [FLV Player] . (.Copyright 2012 - WebPlayer.) -- C:\Users\info\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [ultracopier] C:\Program Files\Supercopier\supercopier.exe (.not file.)
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [Orbitum] C:\Users\info\AppData\Local\Orbitum\Application\chrome.exe (.not file.)
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\info\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Users\info\AppData\Local\FilesFrog Update Checker\update_checker.exe =>PUP.Optional.MegaSearch
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [NextLive] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [FLV Player] . (.Copyright 2012 - WebPlayer.) -- C:\Users\info\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe

---\\ Raccourcis Global Startup (O4G) (1) - 6s
O4 - GS\Programs [Public]: MediaGet.lnk . (...) C:\Users\info\AppData\Local\MediaGet2\mediaget.exe =>PUP.Optional.MediaGet

---\\ Modification Domaine/Adresses DNS (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Liste des services NT non Microsoft et non désactivés (O23) (19) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files\MiuiTab\ProtectService.exe =>PUP.Optional.AgentODR
O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc. - RealPlayer Cloud Service.) - c:\program files\Real\realplayer\RPDS\Bin\rpdsvc.exe
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Util HulaToo (Util HulaToo) . (...) - C:\Program Files\HulaToo\bin\utilHulaToo.exe (.not file.) =>PUP.Optional.HulaToo
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\System32\vmnetdhcp.exe
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\System32\vmnat.exe
O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Windows SysTool - Windows SysTool.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Optional.Fuyu
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limited. - dsk service.) - C:\Program Files\WinZipper\winzipersvc.exe

---\\ Tâches planifiées en automatique (O39) (49) - 6s
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\AmiUpdXp.job [354] =>PUP.Optional.SoftwareUpdater
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-1.job [1502] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-11.job [3426] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-4.job [2162] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5.job [1384] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5_user.job [1404] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\Dealply.job [286] =>PUP.Optional.Dealply
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3075661393-2257366334-3735391160-1000Core.job [902]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3075661393-2257366334-3735391160-1000UA.job [924]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [920] =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [924] =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6e2326c6bcf4.job [1054]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d090258f1ec03e.job [1054]
O39 - APT: Orphean - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8db45aa13d9a.job [1058]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-SOUKAINA-info [3488]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\AmiUpdXp [3390] =>PUP.Optional.SoftwareUpdater
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\BobyLyrics-1-codedownloader [3222] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\BobyLyrics-1-updater [3318] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-1 [4532] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-11 [5462] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-4 [4198] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5 [3420] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5_user [3434] =>PUP.Optional.CrossRider
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Dealply [3224] =>PUP.Optional.Dealply
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Default2Check [3682]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\DefaultCheck [3680]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\DefaultReg [3680]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3075661393-2257366334-3735391160-1000Core [3530]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3075661393-2257366334-3735391160-1000UA [3898]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [3668] =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [3922] =>PUP.Optional.GlobalUpdate
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6e2326c6bcf4 [3802]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d090258f1ec03e [3802]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8db45aa13d9a [4054]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\JkRL2t8okyt6W [2616]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\LuckyTab [3386] =>PUP.Optional.LuckyTab
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3368]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3212]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3348]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3190]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3326]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{1A7905EF-525B-46D6-A270-9D7C5208FD52} [3146]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{209E3244-2F3F-4175-A02A-B7170F3D4D29} [3230]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{352794CF-90C5-4221-9AF9-517FCF8387FA} [3220]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{4CB0D46F-506A-4640-AD5B-782ACE2ACA19} [3070]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{81D59ACB-668C-46D8-A910-954DD60CAC27} [3128]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{95D72F60-5A40-4223-A250-217A43E8B2D5} [3268]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{AF88D5D3-7B3B-4810-8C2E-AAD071F9EF62} [3152]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{F27A436B-2744-4C3E-9209-D8BB0D18B9F7} [3094]

---\\ Logiciels installés (O42) (98) - 22s
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Creative Cloud
O42 - Logiciel: Adobe Flash Player 12 ActiveX & Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Shockwave Player + Authorware Web Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player + Authorware Web Player
O42 - Logiciel: BB FlashBack Pro 3 - (.Blueberry.) [HKLM] -- BB FlashBack Pro 3
O42 - Logiciel: Bundled software uninstaller - (...) [HKLM] -- bi_uninstaller
O42 - Logiciel: Cisco Networking Academy curriculum 4.0.0.0 - (.Cisco Systems, Inc..) [HKLM] -- Cisco Networking Academy curriculum_is1
O42 - Logiciel: Cisco Packet Tracer 5.3 - (.Cisco Systems, Inc..) [HKLM] -- Cisco Packet Tracer 5.3_is1
O42 - Logiciel: CommentCaMarche 2.0.6 - (.Quidéa/CommentCaMarche.net.) [HKLM] -- CommentCaMarche_is1
O42 - Logiciel: Defaulttab - (.Search Results, LLC.) [HKLM] -- DefaultTab
O42 - Logiciel: FilesFrog Update Checker - (...) [HKLM] -- FilesFrog Update Checker
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: HD-V1.9 - (.InfoHD-V1.8.) [HKLM] -- HD-V1.9
O42 - Logiciel: OffersWizard Network System Driver - (...) [HKLM] -- inethnfd
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: Internet Mobile - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Internet Mobile
O42 - Logiciel: GDR 2218 pour SQL Server 2012 (KB2716442) - (.Microsoft Corporation.) [HKLM] -- KB2716442
O42 - Logiciel: Mozilla Firefox 14.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 14.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: MP3jam 1.1.1.10 - (.MP3jam.) [HKLM] -- MP3jam_is1
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] -- Notepad++
O42 - Logiciel: RealPlayer Cloud - (.RealNetworks.) [HKLM] -- RealPlayer 17.0
O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM] -- RocketDock_is1
O42 - Logiciel: SoftwareUpdater - (...) [HKLM] -- SoftwareUpdater =>PUP.Optional.SoftwareUpdater
O42 - Logiciel: SopCast 3.9.3 - (.www.sopcast.com.) [HKLM] -- SopCast
O42 - Logiciel: The KMPlayer (remove only) - (...) [HKLM] -- The KMPlayer
O42 - Logiciel: TELL ME MORE - (...) [HKLM] -- TMM90
O42 - Logiciel: Utility Chest Firefox Toolbar - (.Mindspark Interactive Network.) [HKLM] -- UtilityChest_49bar Uninstall Firefox =>PUP.Optional.MindSpark
O42 - Logiciel: Utility Chest Internet Explorer Toolbar - (.Mindspark Interactive Network.) [HKLM] -- UtilityChest_49bar Uninstall Internet Explorer =>PUP.Optional.MindSpark
O42 - Logiciel: VLC media player 2.0.3 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM] -- VMware_Workstation
O42 - Logiciel: WinRAR 4.11 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: WinZipper - (.Taiwan Shui Mu Chih Ching Technology Limited..) [HKLM] -- WinZipper
O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {0C0304C3-20BC-4B09-ACE3-495CA6C28F3E}
O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6}
O42 - Logiciel: SQL Server 2012 Common Files - (.Microsoft Corporation.) [HKLM] -- {124D51A1-F3C2-45AE-B812-D3CA71247093}
O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM] -- {197597A7-AD33-4898-9D8E-73066818B464}
O42 - Logiciel: Adobe Touch App Plugins - (.Adobe Systems Incorporated.) [HKLM] -- {1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}
O42 - Logiciel: PDF Settings CC - (.Adobe Systems Incorporated.) [HKLM] -- {1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: Skype™ 7.4 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}
O42 - Logiciel: SQL Server 2012 Documentation Components - (.Microsoft Corporation.) [HKLM] -- {2B126817-FEBA-4ADE-84CF-5C807B797870}
O42 - Logiciel: Adobe Photoshop CC - (.Adobe Systems Incorporated.) [HKLM] -- {2D99B50E-431D-4AA8-85C1-172A6F8BCF09}
O42 - Logiciel: Microsoft VSS Writer for SQL Server 2012 - (.Microsoft Corporation.) [HKLM] -- {2EB88B38-A700-411C-B45E-33A5EB81B936}
O42 - Logiciel: Sql Server Customer Experience Improvement Program - (.Microsoft Corporation.) [HKLM] -- {30CA21F2-901A-44DB-A43F-FC31CD0F2493}
O42 - Logiciel: SQL Server Browser for SQL Server 2012 - (.Microsoft Corporation.) [HKLM] -- {4B9E6EB0-0EED-4E74-9479-F982C3254F71}
O42 - Logiciel: SQL Server 2012 Reporting Services - (.Microsoft Corporation.) [HKLM] -- {4FD1D41E-94FD-42C9-8966-055F187E7B99}
O42 - Logiciel: Evernote v. 5.8.1 - (.Evernote Corp..) [HKLM] -- {4FD2D1C8-8636-11E4-9D21-00163E98E7D6}
O42 - Logiciel: SQL Server 2012 Documentation Components - (.Microsoft Corporation.) [HKLM] -- {4FDCAF14-93FA-4052-BBB5-E8616C48D7AC}
O42 - Logiciel: SQL Server 2012 Full text search - (.Microsoft Corporation.) [HKLM] -- {54E297F1-C05D-4502-B58E-CDCD83BF7E2C}
O42 - Logiciel: SQL Server 2012 Database Engine Shared - (.Microsoft Corporation.) [HKLM] -- {54F84805-0116-467F-8713-899DFC472235}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: 6741 - (.Microsoft.) [HKLM] -- {637DC750-5F8C-4397-89B9-FA4B8DD5D9B8}
O42 - Logiciel: SQL Server 2012 Reporting Services - (.Microsoft Corporation.) [HKLM] -- {6550E263-00D4-4916-B2C5-F254BFE848B9}
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {7722483A-5FB8-4A2E-9422-6DA527A9173F}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Adobe Photoshop CC 2014 (32 Bit) - (.Adobe Systems Incorporated.) [HKLM] -- {7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878}
O42 - Logiciel: SQL Server 2012 Common Files - (.Microsoft Corporation.) [HKLM] -- {7D29ED63-84F9-4EC7-B49F-994A3A3195B2}
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {817750FA-EC6A-485D-9901-0683AE6FFDF1}
O42 - Logiciel: SQL Server 2012 BI Development Studio - (.Microsoft Corporation.) [HKLM] -- {8A9A1840-AE5C-4721-8F18-E629465A92DE}
O42 - Logiciel: Prerequisites for SSDT - (.Microsoft Corporation.) [HKLM] -- {9169C939-ED01-446A-BD0C-29873BAF4E48}
O42 - Logiciel: SQL Server 2012 Documentation Components - (.Microsoft Corporation.) [HKLM] -- {91D5025C-139A-4977-82FD-9E2A8A32269A}
O42 - Logiciel: VmciSockets - (.VMware, Inc..) [HKLM] -- {9757062A-CF62-47C3-B649-C91BBB8CA9DE}
O42 - Logiciel: Software Version Updater - (...) [HKLM] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {9B486871-27EB-49A5-8832-77176E63333C}
O42 - Logiciel: SQL Server 2012 BI Development Studio - (.Microsoft Corporation.) [HKLM] -- {9B646DA5-D671-4767-96D0-70808544E5DE}
O42 - Logiciel: Microsoft Report Viewer 2012 Runtime - (.Microsoft Corporation.) [HKLM] -- {9CCE40CE-A9E6-4916-8729-B008558EEF3F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: SQL Server 2012 SQL Data Quality Common - (.Microsoft Corporation.) [HKLM] -- {A9CA25A2-4171-4289-B9D3-78A012A3A340}
O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}
O42 - Logiciel: Adobe Reader XI (11.0.04) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: SQL Server 2012 Management Studio - (.Microsoft Corporation.) [HKLM] -- {AD15759F-488D-442C-A8B4-C4FEEACFA939}
O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}
O42 - Logiciel: LG Connection Manager - (.LGE.) [HKLM] -- {BBF60130-FB99-4909-B0F3-A511F25E13A9}
O42 - Logiciel: LG Wireless USB Modem Driver - (.LG Electronics.) [HKLM] -- {C4C4642E-B5E3-4044-A3E6-BD997FF6F72E}
O42 - Logiciel: Sql Server Customer Experience Improvement Program - (.Microsoft Corporation.) [HKLM] -- {C965F01C-76EA-4BD7-973E-46236AE312D7}
O42 - Logiciel: SQL Server 2012 Management Studio - (.Microsoft Corporation.) [HKLM] -- {CB1177DD-0316-4C93-A5AE-BBF1E2B7F07E}
O42 - Logiciel: SQL Server 2012 Database Engine Shared - (.Microsoft Corporation.) [HKLM] -- {D0F44C37-A22B-4733-BBA7-86C9F4988725}
O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM] -- {D102611A-6466-4101-A51D-51069303AC65}
O42 - Logiciel: SQL Server 2012 Database Engine Services - (.Microsoft Corporation.) [HKLM] -- {DCE79FAE-6AC4-4718-A5BB-DA41F1740784}
O42 - Logiciel: SQL Server 2012 Database Engine Services - (.Microsoft Corporation.) [HKLM] -- {E0012154-D166-4FDF-96BF-ECFF4AA367B5}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {E14ADE0E-75F3-4A46-87E5-26692DD626EC}
O42 - Logiciel: Microsoft System CLR Types for SQL Server 2012 - (.Microsoft Corporation.) [HKLM] -- {E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}
O42 - Logiciel: UpdateService - (.RealNetworks, Inc..) [HKLM] -- {E3AE96D6-E196-45B4-AF62-2B41998B9E37}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM] -- {FFD9383C-01D5-4897-A954-43AF599AED30}
O42 - Logiciel: AppsHat Mobile Apps - (.Somoto Ltd..) [HKCU] -- AppsHat Mobile Apps =>PUP.Optional.MegaSearch
O42 - Logiciel: CVitaeV4 - (...) [HKCU] -- CVitaeV4
O42 - Logiciel: ESET Smart Security Packages - (...) [HKCU] -- ESET Smart Security Packages
O42 - Logiciel: FLV Player - (.Somoto Ltd..) [HKCU] -- FLV Player =>PUP.Optional.MegaSearch
O42 - Logiciel: jZip - (.Bandoo Media Inc.) [HKCU] -- jZip =>PUP.Optional.Bandoo
O42 - Logiciel: MediaGet - (.Media Get LLC.) [HKCU] -- MediaGet =>PUP.Optional.MediaGet
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent

---\\ HKCU & HKLM Software Keys (187) - 22s
HKLM\SOFTWARE\534d6dbe06eb949
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AMD
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\Auralog
HKLM\SOFTWARE\Blueberry Software
HKLM\SOFTWARE\Bunndle
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Client
HKLM\SOFTWARE\CLSID
HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\cybelsoft
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\DataMngr =>PUP.Optional.Datamngr
HKLM\SOFTWARE\DealPlyLive =>PUP.Optional.Dealply
HKLM\SOFTWARE\Default Tab =>Toolbar.Agent
HKLM\SOFTWARE\DefaultTab
HKLM\SOFTWARE\Delta =>Toolbar.DeltaSearch
HKLM\SOFTWARE\delta-homesSoftware =>PUP.Optional.DeltaHomes
HKLM\SOFTWARE\Disc Soft
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Evernote
HKLM\SOFTWARE\Freemake
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\GoForFiles
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\HD-V1.9
HKLM\SOFTWARE\hdcode
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\IHProtect =>PUP.Optional.AgentODR
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\InstalledThirdPartyPrograms =>PUP.Optional
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JLC's Software
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\LG Electronics
HKLM\SOFTWARE\LGE
HKLM\SOFTWARE\logishrd
HKLM\SOFTWARE\Logitech
HKLM\SOFTWARE\LogSys
HKLM\SOFTWARE\LuckyTab =>PUP.Optional.LuckyTab
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\mcafeeupdater
HKLM\SOFTWARE\Minibar =>PUP.Optional.Minibar
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Naver
HKLM\SOFTWARE\Notepad++
HKLM\SOFTWARE\Nuance
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\OKitSpace =>PUP.Optional.Onekit
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\PicexaSvc =>PUP.Optional.Picexa
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Sensible Vision
HKLM\SOFTWARE\SharingMax
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SoftwareUpdater =>PUP.Optional.SoftwareUpdater
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SopCast
HKLM\SOFTWARE\SRS Labs
HKLM\SOFTWARE\SupDp =>PUP.Optional.SupTab
HKLM\SOFTWARE\supTab =>PUP.Optional.SupTab
HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Optional.Fuyu
HKLM\SOFTWARE\supWPM =>PUP.Optional.WpManager
HKLM\SOFTWARE\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\ThinPrint
HKLM\SOFTWARE\UtilityChest_49
HKLM\SOFTWARE\V9 =>PUP.Optional.V9Software
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Vittalia =>PUP.Optional.Vittalia
HKLM\SOFTWARE\VMware, Inc.
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\WebConnect =>WebConnect
HKLM\SOFTWARE\webssearchesSoftware =>PUP.Optional.WebsSearches
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\winzipersvc
HKLM\SOFTWARE\Xing Technology Corp.
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\AOMEI
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Armand_Morin
HKCU\SOFTWARE\BabSolution =>PUP.Optional.BabSolution
HKCU\SOFTWARE\BI =>PUP.Optional.MegaSearch
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Blueberry Software
HKCU\SOFTWARE\Cisco
HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DataMngr =>PUP.Optional.Datamngr
HKCU\SOFTWARE\DataMngr_Toolbar =>PUP.Optional.Datamngr
HKCU\SOFTWARE\DealPlyLive =>PUP.Optional.Dealply
HKCU\SOFTWARE\Default Tab =>Toolbar.Agent
HKCU\SOFTWARE\DefaultTab
HKCU\SOFTWARE\Delta =>Toolbar.DeltaSearch
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Evernote
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\Freemake
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GoforFiles
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Imagenomic
HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\InstalledThirdPartyPrograms =>PUP.Optional
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\jZip
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\Kiloo Games
HKCU\SOFTWARE\KMPlayer
HKCU\SOFTWARE\LG Connection Manager
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\LogiShrd
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Media Get LLC
HKCU\SOFTWARE\Mediaget =>PUP.Optional.MediaGet
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MP3Jam
HKCU\SOFTWARE\Naver
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PegasusImaging
HKCU\SOFTWARE\PluginAddon =>Trojan.Vonteera
HKCU\SOFTWARE\PySoft
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RocketDock
HKCU\SOFTWARE\SamLab.ws
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\Somoto =>PUP.Optional.MegaSearch
HKCU\SOFTWARE\SubSystems
HKCU\SOFTWARE\Systweak =>PUP.Optional.Systweak
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\TeleCharger_v2
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Ultracopier
HKCU\SOFTWARE\UpdateStar
HKCU\SOFTWARE\UpToDown =>PUP.Optional.UpToDown
HKCU\SOFTWARE\Ut Video Codec Suite
HKCU\SOFTWARE\UtilityChest_49
HKCU\SOFTWARE\V9 =>PUP.Optional.V9Software
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WebPlayer =>PUP.Optional.WebPlayer
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\SOFTWARE
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\DefaultTab
HKCU\SOFTWARE\AppDataLow\Software\HD-V1.9
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\RealNetworks
HKCU\SOFTWARE\AppDataLow\Software\SmartBar =>PUP.Optional.SmartBar
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint
HKCU\SOFTWARE\AppDataLow\Software\UtilityChest_49

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) (277) - 21s
O43 - CFD: 2013/09/01 14:26:15 - [] D -- C:\Program Files\Active WebCam
O43 - CFD: 2014/10/07 02:14:25 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2013/10/16 00:39:09 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2013/10/08 21:40:16 - [] D -- C:\Program Files\Auralog
O43 - CFD: 2013/06/12 07:56:40 - [] D -- C:\Program Files\Blueberry Software
O43 - CFD: 2013/06/03 22:20:57 - [] D -- C:\Program Files\Cisco Packet Tracer 5.3
O43 - CFD: 2014/09/08 12:31:32 - [] D -- C:\Program Files\CommentCaMarche
O43 - CFD: 2015/05/10 23:49:02 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2013/07/14 23:16:09 - [] D -- C:\Program Files\CVitaeV4
O43 - CFD: 2013/09/04 16:01:59 - [] D -- C:\Program Files\CyberLink
O43 - CFD: 2013/06/24 21:19:50 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2013/06/01 20:04:07 - [] D -- C:\Program Files\ESET
O43 - CFD: 2015/01/12 23:10:42 - [] D -- C:\Program Files\Evernote
O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\Program Files\Fichiers communs
O43 - CFD: 2015/03/15 10:47:38 - [] D -- C:\Program Files\Freemake
O43 - CFD: 2015/06/04 16:31:10 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/01/06 21:14:07 - [] D -- C:\Program Files\HD-V1.9
O43 - CFD: 2014/01/18 23:29:36 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2013/06/02 10:40:45 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/06/28 16:27:31 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2015/07/15 17:31:01 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2013/06/05 21:25:20 - [] D -- C:\Program Files\Internet Mobile
O43 - CFD: 2013/10/16 00:40:04 - [] D -- C:\Program Files\iPod
O43 - CFD: 2013/10/16 00:40:56 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2013/11/11 12:27:29 - [0] D -- C:\Program Files\JLC's Software
O43 - CFD: 2015/05/18 20:49:13 - [] D -- C:\Program Files\JpegWizard2
O43 - CFD: 2014/01/19 00:12:23 - [] D -- C:\Program Files\KONAMI
O43 - CFD: 2013/06/21 07:26:00 - [] D -- C:\Program Files\LG Connection Manager
O43 - CFD: 2013/06/21 07:27:02 - [] D -- C:\Program Files\LG Electronics
O43 - CFD: 2013/09/01 15:03:45 - [] D -- C:\Program Files\Logitech
O43 - CFD: 2014/12/03 20:09:09 - [] D -- C:\Program Files\LuckyTab =>PUP.Optional.LuckyTab
O43 - CFD: 2013/06/01 19:59:00 - [] D -- C:\Program Files\ma-config.com
O43 - CFD: 2014/02/13 23:43:17 - [] D -- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 2009/07/14 07:49:30 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2014/02/13 22:53:08 - [] D -- C:\Program Files\Microsoft Help Viewer
O43 - CFD: 2013/06/20 16:56:11 - [] D -- C:\Program Files\Microsoft Learning
O43 - CFD: 2014/09/17 11:49:39 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2014/02/13 22:44:25 - [] D -- C:\Program Files\Microsoft SDKs
O43 - CFD: 2014/02/17 00:30:18 - [] D -- C:\Program Files\Microsoft SQL Server
O43 - CFD: 2014/09/14 11:59:47 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 2014/09/14 11:59:47 - [] D -- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 2014/09/14 12:00:34 - [] D -- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 2014/02/13 23:06:00 - [] D -- C:\Program Files\Microsoft Visual Studio 10.0
O43 - CFD: 2014/09/14 11:57:12 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 2014/02/02 20:25:33 - [] D -- C:\Program Files\Microsoft Visual Studio 9.0
O43 - CFD: 2014/09/15 01:55:08 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/07/16 12:02:57 - [] D -- C:\Program Files\MiuiTab =>PUP.Optional.MiuiTab
O43 - CFD: 2015/05/08 23:55:03 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2013/06/01 19:48:59 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2014/12/04 12:39:45 - [] D -- C:\Program Files\MP3jam
O43 - CFD: 2014/09/17 12:10:21 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2013/07/27 20:51:56 - [0] D -- C:\Program Files\Naver
O43 - CFD: 2013/11/15 18:48:45 - [] D -- C:\Program Files\Notepad++
O43 - CFD: 2014/12/04 20:00:42 - [] D -- C:\Program Files\Opera
O43 - CFD: 2013/10/01 23:51:26 - [] D -- C:\Program Files\Photoshop
O43 - CFD: 2014/08/15 10:27:10 - [] D -- C:\Program Files\Real
O43 - CFD: 2014/08/15 10:26:55 - [] D -- C:\Program Files\RealNetworks
O43 - CFD: 2014/07/10 17:55:43 - [] D -- C:\Program Files\Realtek
O43 - CFD: 2009/07/14 04:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2013/06/05 18:27:37 - [] D -- C:\Program Files\RocketDock
O43 - CFD: 2014/07/10 18:02:33 - [] D -- C:\Program Files\SAM CoDeC Pack
O43 - CFD: 2015/06/04 21:43:42 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2014/09/30 15:21:33 - [] D -- C:\Program Files\SopCast
O43 - CFD: 2014/07/09 19:25:39 - [] D -- C:\Program Files\SupTab =>PUP.Optional.SupTab
O43 - CFD: 2013/06/01 19:49:16 - [] D -- C:\Program Files\The KMPlayer
O43 - CFD: 2013/11/17 13:56:00 - [] D -- C:\Program Files\UltraISO
O43 - CFD: 2009/07/14 04:53:23 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2014/07/10 18:02:34 - [0] D -- C:\Program Files\utvideo
O43 - CFD: 2013/06/01 19:49:56 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2013/06/05 20:13:23 - [] D -- C:\Program Files\VMware
O43 - CFD: 2013/07/15 02:48:26 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2015/05/18 22:05:20 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2013/06/24 21:19:51 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/06/17 22:14:33 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2013/06/01 19:31:39 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2013/06/24 21:19:49 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2013/06/24 21:19:49 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2013/06/24 21:19:50 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2013/06/01 19:47:46 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/07/31 08:15:36 - [] D -- C:\Program Files\WinZipper
O43 - CFD: 2013/06/01 19:28:31 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2009/07/14 04:46:36 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/06/12 07:56:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blueberry Software
O43 - CFD: 2013/09/22 21:07:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Networking Academy
O43 - CFD: 2013/06/03 22:20:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer
O43 - CFD: 2015/07/22 07:05:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CommentCaMarche
O43 - CFD: 2013/06/01 20:04:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 2015/01/12 23:11:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
O43 - CFD: 2013/06/01 19:28:32 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/03/15 13:55:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2013/09/21 10:27:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 2013/06/01 19:49:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2013/06/05 21:25:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Mobile
O43 - CFD: 2013/10/16 00:41:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2013/11/11 12:27:29 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JLC's Software
O43 - CFD: 2014/01/18 23:29:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
O43 - CFD: 2013/06/21 07:25:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Connection Manager
O43 - CFD: 2013/06/01 19:58:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com
O43 - CFD: 2009/07/14 04:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2013/06/20 16:56:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Learning
O43 - CFD: 2014/10/09 10:48:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2014/02/13 23:30:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
O43 - CFD: 2014/02/13 23:56:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012
O43 - CFD: 2014/02/15 16:18:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010
O43 - CFD: 2013/11/15 13:03:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2013/09/01 14:26:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PY Software
O43 - CFD: 2014/08/15 10:26:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
O43 - CFD: 2013/06/05 18:27:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
O43 - CFD: 2014/09/17 12:13:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 2015/04/17 12:03:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/09/30 15:21:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
O43 - CFD: 2014/08/15 10:25:20 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2009/07/14 07:48:18 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2013/10/08 21:40:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TELL ME MORE Performance
O43 - CFD: 2015/05/15 22:40:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The JPEG Wizard2
O43 - CFD: 2013/06/01 19:50:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2013/06/05 20:14:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 2013/06/01 19:47:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/16 12:03:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
O43 - CFD: 2013/10/16 00:40:56 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 2014/06/21 01:20:09 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/09/04 15:53:45 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2013/09/04 15:56:40 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2013/06/12 10:30:47 - [] D -- C:\ProgramData\Blueberry
O43 - CFD: 2014/01/19 15:08:06 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 2013/08/08 23:22:14 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2013/10/08 21:38:05 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2015/03/15 10:52:12 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 2013/06/11 08:44:30 - [] D -- C:\ProgramData\DealPlyLive =>PUP.Optional.Dealply
O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2014/11/21 21:21:17 - [] D -- C:\ProgramData\dl159
O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2013/06/01 20:04:07 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/03/15 10:47:47 - [0] D -- C:\ProgramData\Freemake
O43 - CFD: 2013/09/25 14:44:21 - [] D -- C:\ProgramData\Google
O43 - CFD: 2013/06/01 19:49:27 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2014/07/09 19:25:43 - [] D -- C:\ProgramData\IePluginServices =>Trojan.SProtector
O43 - CFD: 2015/05/08 23:53:30 - [] D -- C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR
O43 - CFD: 2014/06/20 19:11:44 - [] D -- C:\ProgramData\InstallMate =>PUP.Optional.Tarma
O43 - CFD: 2013/11/18 02:42:59 - [] D -- C:\ProgramData\IsolatedStorage
O43 - CFD: 2013/09/01 14:33:00 - [] D -- C:\ProgramData\LogiShrd
O43 - CFD: 2013/06/12 07:56:54 - [] D -- C:\ProgramData\LogSys
O43 - CFD: 2013/06/01 19:58:59 - [] D -- C:\ProgramData\ma-config.com
O43 - CFD: 2015/07/19 08:40:23 - [] D -- C:\ProgramData\MailUpdate =>PUP.Optional.MailUpdate
O43 - CFD: 2014/01/15 12:22:51 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 2013/09/01 14:54:49 - [0] D -- C:\ProgramData\Media Get LLC =>PUP.Optional.MediaGet
O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 2015/04/21 11:47:52 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/07/15 17:53:01 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2013/09/18 12:58:12 - [] D -- C:\ProgramData\Modem HDM EC156
O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 2013/06/01 19:48:57 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2014/06/19 13:30:34 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2014/08/06 19:19:07 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/08/15 10:26:00 - [] D -- C:\ProgramData\Real
O43 - CFD: 2014/08/15 10:26:53 - [] D -- C:\ProgramData\RealNetworks
O43 - CFD: 2014/07/08 18:04:17 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2015/07/30 16:59:14 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/12/08 21:33:12 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2013/07/25 17:31:02 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/07/31 08:10:54 - [] D -- C:\ProgramData\VMware
O43 - CFD: 2015/07/16 11:59:05 - [] D -- C:\ProgramData\WindowsMangerProtect =>PUP.Optional.Fuyu
O43 - CFD: 2015/07/01 17:51:16 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2013/10/16 00:40:00 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2013/06/12 07:56:46 - [] D -- C:\Program Files\Common Files\Blueberry Software
O43 - CFD: 2014/06/20 14:52:10 - [] D -- C:\Program Files\Common Files\Config
O43 - CFD: 2014/09/17 12:13:01 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 2014/01/18 23:27:46 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2013/06/02 10:40:46 - [] D -- C:\Program Files\Common Files\Intel
O43 - CFD: 2013/09/01 15:04:30 - [] D -- C:\Program Files\Common Files\LogiShrd
O43 - CFD: 2014/02/13 22:57:40 - [0] D -- C:\Program Files\Common Files\Merge Modules
O43 - CFD: 2014/09/17 12:11:00 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2009/07/14 02:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2015/04/17 12:03:02 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2009/07/14 02:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2013/07/15 02:01:49 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2013/06/05 20:13:18 - [] D -- C:\Program Files\Common Files\VMware
O43 - CFD: 2014/08/15 10:26:05 - [] D -- C:\Program Files\Common Files\xing shared
O43 - CFD: 2013/06/11 08:44:17 - [] D -- C:\Users\info\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C
O43 - CFD: 2014/07/08 18:04:22 - [] D -- C:\Users\info\AppData\Roaming\Adobe
O43 - CFD: 2013/09/20 18:10:41 - [] D -- C:\Users\info\AppData\Roaming\Apple Computer
O43 - CFD: 2013/06/12 10:31:08 - [] D -- C:\Users\info\AppData\Roaming\Blueberry
O43 - CFD: 2015/03/28 20:34:33 - [] D -- C:\Users\info\AppData\Roaming\CVitae
O43 - CFD: 2013/09/04 16:05:30 - [] D -- C:\Users\info\AppData\Roaming\CyberLink
O43 - CFD: 2013/11/17 16:47:05 - [] D -- C:\Users\info\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/07/31 08:04:54 - [] D -- C:\Users\info\AppData\Roaming\DMCache
O43 - CFD: 2013/06/01 20:11:12 - [] D -- C:\Users\info\AppData\Roaming\ESET
O43 - CFD: 2013/06/01 19:32:25 - [] D -- C:\Users\info\AppData\Roaming\Identities
O43 - CFD: 2015/06/26 22:15:11 - [] D -- C:\Users\info\AppData\Roaming\IDM
O43 - CFD: 2013/11/18 02:42:59 - [] D -- C:\Users\info\AppData\Roaming\IsolatedStorage
O43 - CFD: 2013/11/11 12:27:29 - [0] D -- C:\Users\info\AppData\Roaming\JLC's Software
O43 - CFD: 2013/09/01 14:29:57 - [] D -- C:\Users\info\AppData\Roaming\Leadertech
O43 - CFD: 2014/05/09 01:46:07 - [] D -- C:\Users\info\AppData\Roaming\LG Connection Manager
O43 - CFD: 2013/06/12 07:57:57 - [] D -- C:\Users\info\AppData\Roaming\LogSys
O43 - CFD: 2013/06/02 10:47:38 - [] D -- C:\Users\info\AppData\Roaming\Macromedia
O43 - CFD: 2015/07/16 12:00:49 - [] D -- C:\Users\info\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate
O43 - CFD: 2009/07/14 07:48:18 - [0] D -- C:\Users\info\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/02/10 00:12:22 - [] SD -- C:\Users\info\AppData\Roaming\Microsoft
O43 - CFD: 2013/10/28 19:04:06 - [] D -- C:\Users\info\AppData\Roaming\Mozilla
O43 - CFD: 2014/12/04 12:39:54 - [] D -- C:\Users\info\AppData\Roaming\Mp3jam
O43 - CFD: 2013/11/15 13:03:31 - [] D -- C:\Users\info\AppData\Roaming\Notepad++
O43 - CFD: 2014/12/04 20:00:36 - [0] D -- C:\Users\info\AppData\Roaming\Opera Software
O43 - CFD: 2013/11/14 23:53:33 - [] D -- C:\Users\info\AppData\Roaming\PDAppFlex
O43 - CFD: 2014/09/01 01:24:46 - [] D -- C:\Users\info\AppData\Roaming\Real
O43 - CFD: 2014/08/15 10:27:46 - [] D -- C:\Users\info\AppData\Roaming\RealNetworks
O43 - CFD: 2015/07/30 16:59:11 - [] D -- C:\Users\info\AppData\Roaming\Skype
O43 - CFD: 2015/02/12 20:21:10 - [] D -- C:\Users\info\AppData\Roaming\Sphinx
O43 - CFD: 2015/07/31 08:21:13 - [] D -- C:\Users\info\AppData\Roaming\uTorrent
O43 - CFD: 2015/04/01 22:07:08 - [] D -- C:\Users\info\AppData\Roaming\vlc
O43 - CFD: 2014/02/27 22:47:40 - [] D -- C:\Users\info\AppData\Roaming\VMware
O43 - CFD: 2013/06/02 09:36:59 - [] D -- C:\Users\info\AppData\Roaming\WinRAR
O43 - CFD: 2014/12/26 20:31:31 - [0] D -- C:\Users\info\AppData\Roaming\WinZipper
O43 - CFD: 2015/07/31 08:20:38 - [] D -- C:\Users\info\AppData\Roaming\ZHP
O43 - CFD: 2014/07/09 14:11:07 - [] D -- C:\Users\info\AppData\Local\13812
O43 - CFD: 2014/06/20 16:00:14 - [] D -- C:\Users\info\AppData\Local\15601
O43 - CFD: 2014/09/23 18:16:40 - [] D -- C:\Users\info\AppData\Local\9212
O43 - CFD: 2014/07/09 19:22:49 - [] D -- C:\Users\info\AppData\Local\9349
O43 - CFD: 2015/07/31 08:19:51 - [] D -- C:\Users\info\AppData\Local\Adobe
O43 - CFD: 2013/09/19 13:55:00 - [] D -- C:\Users\info\AppData\Local\adslTV
O43 - CFD: 2013/09/04 15:55:38 - [] D -- C:\Users\info\AppData\Local\Apple
O43 - CFD: 2013/09/04 15:59:33 - [] D -- C:\Users\info\AppData\Local\Apple Computer
O43 - CFD: 2013/06/01 19:32:11 - [0] SHD -- C:\Users\info\AppData\Local\Application Data
O43 - CFD: 2013/10/04 00:54:33 - [] D -- C:\Users\info\AppData\Local\avgchrome
O43 - CFD: 2014/01/19 00:35:45 - [] D -- C:\Users\info\AppData\Local\cache
O43 - CFD: 2013/07/25 17:34:07 - [] D -- C:\Users\info\AppData\Local\CyberLink
O43 - CFD: 2015/02/13 17:06:43 - [] D -- C:\Users\info\AppData\Local\Diagnostics
O43 - CFD: 2013/12/09 12:54:26 - [] D -- C:\Users\info\AppData\Local\Eclipse
O43 - CFD: 2014/12/04 01:46:16 - [] SHD -- C:\Users\info\AppData\Local\EmieBrowserModeList
O43 - CFD: 2014/08/22 21:58:00 - [] SHD -- C:\Users\info\AppData\Local\EmieSiteList
O43 - CFD: 2014/08/22 21:58:00 - [] SHD -- C:\Users\info\AppData\Local\EmieUserList
O43 - CFD: 2013/06/01 20:11:12 - [] D -- C:\Users\info\AppData\Local\ESET
O43 - CFD: 2015/01/12 23:12:23 - [] D -- C:\Users\info\AppData\Local\Evernote
O43 - CFD: 2013/07/27 21:57:29 - [] D -- C:\Users\info\AppData\Local\Facebook
O43 - CFD: 2015/07/16 11:59:26 - [] D -- C:\Users\info\AppData\Local\FilesFrog Update Checker =>PUP.Optional.MegaSearch
O43 - CFD: 2015/03/15 13:55:35 - [] D -- C:\Users\info\AppData\Local\Google
O43 - CFD: 2015/06/02 05:27:38 - [] D -- C:\Users\info\AppData\Local\GWX
O43 - CFD: 2013/06/01 19:32:11 - [0] SHD -- C:\Users\info\AppData\Local\Historique
O43 - CFD: 2013/09/01 14:43:06 - [] D -- C:\Users\info\AppData\Local\Logitech® Webcam Software
O43 - CFD: 2013/06/02 10:47:38 - [] D -- C:\Users\info\AppData\Local\Macromedia
O43 - CFD: 2013/06/05 19:43:43 - [] D -- C:\Users\info\AppData\Local\Media Get LLC =>PUP.Optional.MediaGet
O43 - CFD: 2014/02/23 22:54:46 - [] D -- C:\Users\info\AppData\Local\Microsoft
O43 - CFD: 2014/02/02 23:54:26 - [] D -- C:\Users\info\AppData\Local\Microsoft Games
O43 - CFD: 2014/09/17 12:51:16 - [] D -- C:\Users\info\AppData\Local\Microsoft Help
O43 - CFD: 2014/02/01 20:31:58 - [] D -- C:\Users\info\AppData\Local\Microsoft_Corporation
O43 - CFD: 2013/06/01 19:49:34 - [] D -- C:\Users\info\AppData\Local\Mozilla
O43 - CFD: 2014/12/04 20:00:36 - [0] D -- C:\Users\info\AppData\Local\Opera Software
O43 - CFD: 2013/11/18 02:41:13 - [] D -- C:\Users\info\AppData\Local\Programs
O43 - CFD: 2013/06/05 19:17:42 - [] D -- C:\Users\info\AppData\Local\Real
O43 - CFD: 2014/06/09 21:21:06 - [] D -- C:\Users\info\AppData\Local\Skype
O43 - CFD: 2015/07/31 08:20:55 - [] D -- C:\Users\info\AppData\Local\Temp
O43 - CFD: 2013/06/01 19:32:11 - [0] SHD -- C:\Users\info\AppData\Local\Temporary Internet Files
O43 - CFD: 2013/07/18 02:59:35 - [] D -- C:\Users\info\AppData\Local\TrafficSpaceLLC
O43 - CFD: 2013/08/09 01:19:58 - [] D -- C:\Users\info\AppData\Local\VirtualStore
O43 - CFD: 2014/02/27 22:47:39 - [] D -- C:\Users\info\AppData\Local\VMware
O43 - CFD: 2015/07/16 12:00:02 - [] D -- C:\Users\info\AppData\Local\WebPlayer
O43 - CFD: 2009/07/14 04:42:04 - [] RD -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/10 21:48:16 - [] RD -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/07/14 23:16:14 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CVitaeV4
O43 - CFD: 2013/09/04 16:02:02 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
O43 - CFD: 2013/10/07 10:51:31 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker =>PUP.Optional.MegaSearch
O43 - CFD: 2015/06/04 09:57:00 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
O43 - CFD: 2013/06/01 19:49:26 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2013/11/11 12:27:29 - [0] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JLC's Software
O43 - CFD: 2009/07/14 04:37:42 - [] RD -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2013/06/05 19:45:21 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2 =>PUP.Optional.MediaGet
O43 - CFD: 2013/11/15 13:03:14 - [0] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 2013/09/01 14:26:17 - [0] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PY Software
O43 - CFD: 2014/09/30 15:21:22 - [0] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
O43 - CFD: 2015/03/10 21:48:16 - [] RD -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2013/06/01 19:49:16 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
O43 - CFD: 2013/06/01 19:47:46 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (4) - 11s
O45 - LFCP:[MD5.7F722B558018338CB79C8717D632E8AB] 2015/03/15 10:31:28 A -- C:\Windows\Prefetch\HULATOO.BROWSERADAPTER.EXE-9402D691.pf =>PUP.Optional.HulaToo
O45 - LFCP:[MD5.29F7343FB2F430010EB35B6590E62AD5] 2015/03/15 10:31:16 A -- C:\Windows\Prefetch\HULATOO.PURBROWSE.EXE-A5CA1715.pf =>PUP.Optional.HulaToo
O45 - LFCP:[MD5.98DBF577BB2FE31F032D7B35379BD888] 2015/03/15 10:49:39 A -- C:\Windows\Prefetch\UPDATEHULATOO.EXE-26DCAB08.pf =>PUP.Optional.HulaToo
O45 - LFCP:[MD5.185991622049A8BD880C9E27B22C4DD1] 2015/03/15 10:49:24 A -- C:\Windows\Prefetch\UTILHULATOO.EXE-851A7670.pf =>PUP.Optional.HulaToo

---\\ Enumération des clés de registre StartupReg (SMSR) (O53) (10) - 1s
O53 - SMSR:HKLM\...\startupreg\Adobe Creative Cloud [Key] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\MediaGet2 [Key] . (...) -- C:\Users\info\AppData\Local\MediaGet2\mediaget.exe (.not file.) =>PUP.Optional.MediaGet
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Optional.Mobogenie
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\Utility Chest Search Scope Monitor [Key] . (...) -- C:\PROGRA~1\UTILIT~2\bar\1.bin\49srchmn.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\UtilityChest_49 Browser Plugin Loader [Key] . (...) -- C:\PROGRA~1\UTILIT~2\bar\1.bin\49brmon.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe

---\\ Liste des pilotes du système (SDL) (O58) (97) - 11s
O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976]
O58 - SDL:2009/07/14 01:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552]
O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512]
O58 - SDL:2009/07/14 01:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400]
O58 - SDL:2011/03/11 05:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256]
O58 - SDL:2009/07/14 01:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312]
O58 - SDL:2011/03/11 05:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400]
O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368]
O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608]
O58 - SDL:2009/07/13 22:02:49 A . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gi.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888]
O58 - SDL:2013/06/12 07:57:19 A . (.Windows (R) Codename Longhorn DDK provider - Mirror Miniport Driver.) -- C:\Windows\System32\drivers\bbcap.sys [4096]
O58 - SDL:2009/07/13 22:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568]
O58 - SDL:2009/07/13 22:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248]
O58 - SDL:2009/07/14 00:57:25 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128]
O58 - SDL:2009/07/13 22:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336]
O58 - SDL:2009/07/13 22:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:2009/07/13 22:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904]
O58 - SDL:2009/07/13 22:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080]
O58 - SDL:2009/07/14 01:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952]
O58 - SDL:2009/07/14 01:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720]
O58 - SDL:2013/02/14 10:21:04 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [171680]
O58 - SDL:2013/01/10 07:25:20 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [122240]
O58 - SDL:2009/07/14 01:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712]
O58 - SDL:2013/01/10 07:25:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [150080]
O58 - SDL:2013/01/10 07:25:20 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [46056]
O58 - SDL:2013/02/14 10:21:04 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [47568]
O58 - SDL:2009/07/13 22:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160]
O58 - SDL:2012/08/21 13:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26840]
O58 - SDL:2011/08/29 20:11:00 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [32496]
O58 - SDL:2009/07/13 22:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624]
O58 - SDL:2013/02/19 08:59:36 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECI.sys [49272]
O58 - SDL:2009/07/14 01:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152]
O58 - SDL:2013/12/18 11:27:40 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\drivers\iaStorA.sys [490344]
O58 - SDL:2013/12/18 11:27:40 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [24424]
O58 - SDL:2011/03/11 05:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160]
O58 - SDL:2015/05/20 12:55:54 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [123968]
O58 - SDL:2013/02/19 11:43:42 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [10861056]
O58 - SDL:2009/07/14 01:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040]
O58 - SDL:2010/02/26 13:31:24 A . (.Intel Corporation - Intel(R) Turbo Boost Technology Driver.) -- C:\Windows\System32\drivers\Impcd.sys [132480]
O58 - SDL:2011/08/23 03:11:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [270336]
O58 - SDL:2009/09/23 00:31:44 A . (.LG Electronics Inc - LG Wireless USB Multi function Driver.) -- C:\Windows\System32\drivers\lgwusbbus.sys [13696]
O58 - SDL:2009/09/23 00:31:44 A . (.LG Electronics Inc - LG Wireless USB Modem Driver.) -- C:\Windows\System32\drivers\lgwusbmodem.sys [25216]
O58 - SDL:2009/09/23 00:31:46 A . (.LG Electronics Inc - LG Wireless USB Serial1 Driver.) -- C:\Windows\System32\drivers\lgwusbser01.sys [21248]
O58 - SDL:2009/09/23 00:31:48 A . (.LG Electronics Inc - LG Wireless USB Serial2 Driver.) -- C:\Windows\System32\drivers\lgwusbser02.sys [21248]
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824]
O58 - SDL:2009/07/14 01:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168]
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864]
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848]
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800]
O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584]
O58 - SDL:2014/03/07 15:43:58 A . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28.sys [2144456]
O58 - SDL:2009/07/14 01:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624]
O58 - SDL:2011/03/11 05:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120]
O58 - SDL:2011/03/11 05:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744]
O58 - SDL:2009/07/14 01:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488]
O58 - SDL:2009/07/14 01:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064]
O58 - SDL:2014/01/08 16:23:46 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys [693464]
O58 - SDL:2014/03/13 06:02:52 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [3032664]
O58 - SDL:2014/01/03 09:33:52 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [214232]
O58 - SDL:2009/07/13 20:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480]
O58 - SDL:2009/07/14 01:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016]
O58 - SDL:2009/07/14 01:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888]
O58 - SDL:2009/07/14 01:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072]
O58 - SDL:2012/12/13 12:50:38 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056]
O58 - SDL:2009/07/14 01:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976]
O58 - SDL:2011/08/08 12:58:56 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [98928]
O58 - SDL:2012/01/18 11:06:02 A . (.VMware, Inc. - VMware virtual network driver (32-bit).) -- C:\Windows\System32\drivers\vmnet.sys [19568]
O58 - SDL:2012/01/18 11:06:02 A . (.VMware, Inc. - VMware virtual network adapter driver (32-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [16624]
O58 - SDL:2012/01/18 11:06:02 A . (.VMware, Inc. - VMware bridge driver (32-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [36464]
O58 - SDL:2012/01/18 13:46:16 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [25712]
O58 - SDL:2011/08/29 20:01:10 A . (.VMware, Inc. - VMware USB driver.) -- C:\Windows\System32\drivers\vmusb.sys [31280]
O58 - SDL:2012/01/18 13:47:36 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [55664]
O58 - SDL:2009/07/14 01:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904]
O58 - SDL:2011/07/08 13:32:56 A . (.VMware, Inc. - VMware Virtual Storage Volume Driver.) -- C:\Windows\System32\drivers\vstor2-mntapi10-shared.sys [22768]
O58 - SDL:2014/11/27 06:46:00 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{033a6f56-e958-4ed8-a315-2fedc919d2dc}w.sys [43192] =>PUP.Optional.LinkiDoo
O58 - SDL:2014/07/08 17:42:04 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw.sys [52920] =>PUP.Optional.LinkiDoo
O58 - SDL:2014/08/29 17:15:30 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}w.sys [52408] =>PUP.Optional.LinkiDoo
O58 - SDL:2014/11/28 08:46:30 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{b00f276a-69b7-4e9b-b1d3-dc3c7bb35170}w.sys [43192] =>PUP.Optional.LinkiDoo
O58 - SDL:2014/11/29 23:47:06 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{c933aa85-a419-42da-9957-2f32a4c0601a}w.sys [43192] =>PUP.Optional.LinkiDoo
O58 - SDL:2013/05/07 13:27:10 A . (...) -- C:\Windows\System32\ambakdrv.sys [26424]
O58 - SDL:2013/05/07 13:27:10 A . (...) -- C:\Windows\System32\ammntdrv.sys [129720]
O58 - SDL:2013/02/06 14:52:48 A . (...) -- C:\Windows\System32\amwrtdrv.sys [14392]
O58 - SDL:2009/07/13 21:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/13 21:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2009/07/13 21:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 21:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 21:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 21:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 21:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 21:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 21:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 21:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 21:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 21:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 21:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 21:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 21:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (2) - 41s
O61 - LFC: 2015/07/31 08:12:37 A . (..) -- C:\Users\info\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 2015/07/31 08:19:21 A . (..) -- C:\Users\info\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [236]

---\\ Associations Shell Spawning (O67) (1) - 1s
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe

---\\ Menu de démarrage Internet (SMI) (O68) (12) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- c:\program files\mozilla firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe

---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (365) - 38s
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_TMP_city", "MOHAMMEDIA"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_TMP_country", "MA"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_country", "MOROCCO"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_locId", "MOXX0006"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_location", "Mohammedia, 08, Morocco"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_region", "OT"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.FirstTime", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.FirstTimeFF3", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.RestartDialogFirstTime", "false"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.RestartDialogShouldDisplay", "false"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.SearchAppState.enc", "Mg=="); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.SearchAppTracking.enc", "MQ=="); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://trovi.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN2961344506296[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.UserID", "UN29613445062962223"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.appOptions", "{}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.browser.search.defaultthis.engineName", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.countryCode", "MA"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.dum", "2"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.firstTimeDialogOpened", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.fullUserID", "UN29613445062962223.IN.20131006005520"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installDate", "06/10/2013 00:55:25"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installSessionId", "-1"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installSp", "FALSE"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installType", "Unknown"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installUsage", "2015-02-10T02:57:06.8796403+03:00"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installUsageEarly", "2015-02-10T02:56:58.9857873+03:00"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installerVersion", "1.7.0.9"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.isCheckedStartAsHidden", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.keyword", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://www.trovi.com/?gd=&ctid=CT2851639&octid=CT28[...] =>PUP.Optional.Trovigo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.lastVersion", "10.35.0.503"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "VFJVRQ=="); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"F136368553@taalim.ma\",\"EB_MAIN_FRAME_URL\":\"https%3A%2F%2Fm[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.originalHomepage", "http://rts.dsrlte.com?affID=na"); =>PUP.Optional.PaybyAds
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.originalSearchAddressUrl", "http://rts.dsrlte.com/?q="); =>PUP.Optional.PaybyAds
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.originalSearchEngine", "Yahoo! Search"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.originalSearchEngineName", "Yahoo! Search"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.performedDomainChangesMigration", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.search.searchAppId", "129351529700743801"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.search.searchCount", "0"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchRevert", "FALSE"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchSuggestEnabledByUser", "True"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchUninstallUserMode", "8"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchUserMode", "8"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR [...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1435254888824"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1435254885542"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1435254886850"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1435254885224"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1423526219129"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1423526227673"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_login_10.35.0.503_lastUpdate", "1435277402267"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1435254885372"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1435254887984"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1435254886827"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1423526219821"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1435254885121"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1435277402617"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1435254884977"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.settingsINI", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.showToolbarPermission", "false"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.smartbar.homepage", true); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.toolbarBornServerTime", "10-2-2015"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.toolbarCurrentServerTime", "26-6-2015"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.toolbarInstallDate", "09-02-2015 23:56:59"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.toolbarLoginClientTime", "Mon Feb 09 2015 23:57:07 GMT+0000 (Maroc)"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.versionFromInstaller", "10.20.0.13"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.xpeMode", "0"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1435277389028,\"isWithState\"[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://rts.dsrlte.com/?q="); =>PUP.Optional.PaybyAds
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.TBHomepagesList", "http://trovi.com/?ctid=CT2851639&SearchSource=13&CUI=UN29613445062962223"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.TBSearchEngineList", ""); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.TBSearchUrlList", ""); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.keywordURLSelectedCTID", "CT2851639"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("browser.newtab.url", "http://www.delta-homes.com/newtab/?type=nt&ts=1437047963&z=17c1027f7fb805ad6aeb162gaz4c8mceaz8m1t[...] =>PUP.Optional.Qvo6
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.asul", "1426083196957"); =>PUP.Optional.HulaToo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.aul", "1426083158953"); =>PUP.Optional.HulaToo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.irl", true); =>PUP.Optional.HulaToo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.is", "amp18lmma"); =>PUP.Optional.HulaToo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.ug", "AEE042CA-FE46-425B-B9C0-5D1410405E88"); =>PUP.Optional.HulaToo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.OKitSpace.installed_version", "1.0.3"); =>PUP.Optional.Onekit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.WebConnect.aul", "1382711517435"); =>PUP.Optional.WebConnect
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.WebConnect.irl", true); =>PUP.Optional.WebConnect
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.WebConnect.is", "isgiwkFR"); =>PUP.Optional.WebConnect
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.WebConnect.ug", "D143769E-7DF4-4DF7-9B68-56CFF1CC81BA"); =>PUP.Optional.WebConnect
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealpl[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledWithHash.value", "null"); =>PUP.Optional.Monetization
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri [...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D"); =>PUP.Optional.Monetization
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_regBundledWithSoftware.expiration[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_regBundledWithSoftware.value", "%[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.name", "Plus-HD-V1.8c"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.af80af4ec42b9429d99b04078ec7cf86444882d2088654b13b79eae8470d9a955com59568.59568.name", "Plus-HD-V1.8"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.crossrider.bic", "1471baa08718ad10df48225cf0dd42e2"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.admin", false); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.aflt", "babsst"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.autoRvrt", "false"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.dfltLng", "fr"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.excTlbr", false); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.ffxUnstlRst", true); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.id", "8282dbe8000000000000889ffa00d37e"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.instlDay", "15982"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.instlRef", "sst"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.newTab", false); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.prdct", "delta"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.prtnrId", "delta"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.rvrt", "false"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.smplGrp", "none"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.tlbrId", "base"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.tlbrSrchUrl", ""); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.vrsn", "1.8.24.6"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.vrsnTs", "1.8.24.60:54:10"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.vrsni", "1.8.24.6"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta_i.babExt", ""); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta_i.babTrack", "affID=124798&tsp=5025"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta_i.srcExt", "ss"); =>Toolbar.DeltaSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.mywebsearch.prevDefaultEngine", "Google"); =>PUP.Optional.MyWebSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.mywebsearch.prevKwdEnabled", true); =>PUP.Optional.MyWebSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.mywebsearch.prevKwdURL", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="); =>PUP.Optional.MyWebSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.mywebsearch.prevSelectedEngine", "Google"); =>PUP.Optional.MyWebSearch
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.quick_start.enable_search1", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.BUTTON_STRUCTURE", "[{\"b\":224546983,\"c\":\"mindspark.magnify\",\"p\":\"L.0\[...] =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.browser.version.last", "14.0"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.firstKnownVersion", "5.71.2.59707"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.homepage", "http://home.tb.ask.com/index.jhtml?ptb=3A6249CE-89AE-456D-93A2-264[...] =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.hp.enabled", false); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.hp.lastGuardTime", -2089350704); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.hp.numGuards", 1); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.initialized", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.contextKey", ""); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.installDate", "2013090417"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerId", "^ZO^xdm091^YYA^ma"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerSubId", "GA_UT_INTL_MOR_122"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.success", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.toolbarId", "3A6249CE-89AE-456D-93A2-2646C11079B6"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.isCompliantUninstallImplementation", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.lastActivePing", "1435277393349"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.lastKnownVersion", "7.13.6.48727"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.options.defaultSearch", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.options.homePageEnabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.options.keywordEnabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.options.tabEnabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.searchHistory", "http://puu.sh/7jKu4.jpg"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.toolbarCollapsed", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.weather.location", "10001"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "http://home.tb.ask.com/index.jhtml?ptb=4529806D-09F0-4915-9DE8-E67[...] =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", ""); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013071810"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YYA^ma"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "right"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "4529806D-09F0-4915-9DE8-E67023F5C233"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1374940503196"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark.hp.enabled", false); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark.hp.enabled.guid", ""); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark.lastInstalled", "utilitychest@mindspark.com"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("keyword.URL", "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=3A6249CE-89AE-456D-93A2-2646C11079B6&n=77fd5271&[...] =>Toolbar.Ask
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.addressBarOwnerCTID", "CT2851639"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.conduitHomepageList", "http://trovi.com/?ctid=CT2851639&SearchSource=13&CUI=UN29613445062962223"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://trovi.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN2961344506[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.defaultSearchOwnerCTID", "CT2851639"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.homePageOwnerCTID", "CT2851639"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.homepageList", "http://trovi.com/?ctid=CT2851639&SearchSource=13&CUI=UN29613445062962223"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.machineId", "AFB02JTZXNQXI0BOMYN1IIF9RSFAKRR2ZLQL9XYJVAZXPKTQOD7WEQCPC30+A+HRHRGEPKFFY6GV7W6R5LS1OA"); =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.searchAddressUrlList", "http://trovi.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN29613445062962223[...] =>PUP.Optional.SmartBar
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E+x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E+x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E,x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E,x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E-x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E-x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E.:2z527", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E.:2z527.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E.x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E.x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E/x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E/x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E06CG5EL8:", "6E6C6F6F6E726F747376"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E06CG5EL8:.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E06CG5EL;8I:K", "247E2D2F226A747275757478757A797C242F4B49474F42357D5D5C3D"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E06CG5EL;8I:K.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E0x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E0x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E1x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E1x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E2x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E2x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E3x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E3x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E4x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E4x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E5x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E5x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E6x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E6x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E7x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E7x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E8x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E8x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E9x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E9x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E:x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E:x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E;x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E;x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EPUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EPUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E=x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E=x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E>x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E>x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E?x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E?x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E@x305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E@x305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EAx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EAx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EBE3G=;D9N9=D.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EBx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EBx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7ECx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7ECx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EDx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EDx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7Etx305", "2423"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7Etx305.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3G>D", "663F3F3C727174737A787146732075484D7C2522227D262A56262A25232757262C28292D"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3G>D.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3G@6:5;", ""); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3G@6:5;.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3GFA7EF", "2B2E2C3D"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3GFA7EF.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A2329282A31323334353A45[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-3=3ECCJA=F>.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B/>01=9A6K6PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B/>01=9A6K6PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B3=>@44I48?.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B5BA==9CJAG", "66686C696C4271447A704479747B7C4B4E20507B20"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B5BA==9CJAG.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B6B11G4C56B>F;P;ANR@P", "6E6C6E6D716F716E6E7371787A"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B9643G3/9E", "6A"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B9643G3/9E.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B;45>:BI9I7IE", "2B2E2C3D"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B;45>:BI9I7IE.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B<:222H64<", "393F352F3E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B<:222H64<.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B<:222H64PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B<:222H64PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B=+03EH8H8J?:", "4443"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B=+03EH8H8J?:.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B?+E2A52D8.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B?B0D:8AJ62PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B?B0D:8AJ62PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9BA@0<0BI6A7GN:6@L?", "6C"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9BA@0<0BI6A7GN:6@L?.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.PG_ENABLE", "74727565"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.PG_ENABLE.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_JUST_INSTALLED", "46414C5345"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_JUST_INSTALLED.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_STATUS", "454E41424C4544"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_STATUS.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_USER_ID", "6369645F39323230313532333537323539383433353034"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_USER_ID.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.cb_user_id_000", "43423438373333393036303238325F313432333532363234373133335F46697265666F78"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.cb_user_id_000.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.cbfirsttime", "4D6F6E2046656220303920323031352032333A35373A323720474D542B3030303020284D61726F6329")[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.cbfirsttime.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appStateReportTime", "31343335323737343039303832"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appStateReportTime.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_CouponBuddy", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_CouponBuddy.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_Easytobook", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_Easytobook.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_Easytobook_targeted", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_Easytobook_targeted.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_PriceGong", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_PriceGong.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_WindowShopper", "6F6E"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_WindowShopper.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appsConfig.storedInFile", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appsDefaultEnabled", "6E756C6C"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appsDefaultEnabled.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_calledSetupService", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_calledSetupService.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_currentVersion", "312E31332E302E3137"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_currentVersion.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_existingUsersRecoveryDone", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_existingUsersRecoveryDone.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_first_time", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_first_time.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_lastLoginTime", "31343335323737343039343630"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_lastLoginTime.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_localization.storedInFile", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_mamEnabled", "74727565"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_mamEnabled.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_migrated_from_ls", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_migrated_from_ls.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_new_welcome_experience", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_new_welcome_experience.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_settings1.13.0.17.storedInFile", true); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_showWelcomeGadget", "66616C7365"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_showWelcomeGadget.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_stamp", "38345F30"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_stamp.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_userBornDate", "4E2F41"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_userBornDate.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_userId", "36303931346431622D656637382D343332372D623130372D363766306235343734353363"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_userId.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_user_approval_interacted", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_user_approval_interacted.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_welcomeDialogMode", "31"); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_welcomeDialogMode.storedInFile", false); =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A[...] =>PUP.Optional.Conduit
O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.url_history0001.storedInFile", true); =>PUP.Optional.Conduit
O69 - SBI: SearchScopes [HKCU] 007A2B3CE91E4C89B3C33C79668EEFEC - (Delta Search) - http://do-search.com/ =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://do-search.com/ =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bing) - http://do-search.com/ =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://do-search.com/ =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (delta-homes) - http://do-search.com/ =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} - (Ask Web Search) - http://do-search.com/ =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://do-search.com/ =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {ED5A4F3C-C90A-4C07-AA9E-3AED531F154B} - (Yahoo! Search) - http://do-search.com/ =>PUP.Optional.DoSearches
O69 - SBI: SearchScopes [HKCU] {F4E3BE78-F4F5-4200-804A-CA890D141367} - (Search Here) - http://do-search.com/ =>PUP.Optional.DoSearches

---\\ Enumère les services démarrés par Svchost (SSS) (O83) (32) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2057216]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]

---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (29) - 3s
O87 - FAEL: "NetPres-In-TCP-NoScope" [In-None-P6-FALSE] .(...) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP-NoScope" [Out-None-P6-FALSE] .(...) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-In-UDP" [In-None-P17-FALSE] .(...) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-WSD-Out-UDP" [Out-None-P17-FALSE] .(...) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-In-TCP" [In-None-P6-FALSE] .(...) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "NetPres-Out-TCP" [Out-None-P6-FALSE] .(...) -- C:\Windows\system32\netproj.exe
O87 - FAEL: "{DEE5FED4-6A7A-4D72-A689-BF52CCEA172D}" [In-None-P6-TRUE] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
O87 - FAEL: "{83929A26-9DE7-4425-8FC3-8101EF1F0A93}" [In-None-P17-TRUE] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe
O87 - FAEL: "{4308EFFB-241C-4124-AA2A-E42C872FD63E}" [In-None-P6-TRUE] .(...) -- C:\Users\info\AppData\Local\MediaGet2\mediaget.exe =>PUP.Optional.MediaGet
O87 - FAEL: "{F95E0D64-256F-48FA-B0C9-C990DBF352BD}" [In-None-P17-TRUE] .(...) -- C:\Users\info\AppData\Local\MediaGet2\mediaget.exe =>PUP.Optional.MediaGet
O87 - FAEL: "{0669A0B3-B790-4EF3-A1CB-6A2DC90DD72B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
O87 - FAEL: "{F13F1FEB-C7C0-4D81-A1FC-646AAFF60F80}" [In-None-P17-TRUE] .(...) -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe
O87 - FAEL: "{643252EB-539C-4393-B1DC-2EE8F86B92BE}" [In-None-P6-FALSE] .(...) -- C:\Program Files\Naver\LINE\Line.exe
O87 - FAEL: "{12F09248-9633-4736-B299-7DCB5ADEC54C}" [In-None-P17-FALSE] .(...) -- C:\Program Files\Naver\LINE\Line.exe
O87 - FAEL: "{F30964AE-5874-459E-BA0B-790574CCA1E7}" [In-None-P6-TRUE] .(...) -- C:\Program Files\adslTV\adsltv.exe
O87 - FAEL: "{503CE00B-1B65-4887-A9E8-247237BC801F}" [In-None-P17-TRUE] .(...) -- C:\Program Files\adslTV\adsltv.exe
O87 - FAEL: "{12FF5837-0C3E-4544-86A1-AD6086FDB65D}" [In-None-P6-TRUE] .(...) -- C:\Program Files\adslTV\VLC\vlc.exe
O87 - FAEL: "{5705D1CF-206A-4245-9778-DF164D262500}" [In-None-P17-TRUE] .(...) -- C:\Program Files\adslTV\VLC\vlc.exe
O87 - FAEL: "{D35B2819-4DCD-496E-BBC6-AFE50069EE6C}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{EDD82BB9-1533-47D2-9B69-0C42B0890298}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{46D9DE4C-D657-4BAD-9A86-F459F457AC9B}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Tango\Tango.exe
O87 - FAEL: "{3A356776-6208-4F1B-AA79-38739EA59BD5}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Tango\Tango.exe
O87 - FAEL: "{DED12320-3842-44A6-A5CD-7CA11DD9E5A7}" [In-None-P6-TRUE] .(.RealNetworks, Inc. - RealPlayer Cloud Service.) -- c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe
O87 - FAEL: "TCP Query User{7E270FA1-534A-4744-8874-03731F15F001}C:\program files\sopcast\sopcast.exe" [In-None-P6-TRUE] .(.www.sopcast.com - SopCast Main Application.) -- C:\program files\sopcast\sopcast.exe
O87 - FAEL: "UDP Query User{5C5D1DCD-093A-4978-B6B0-B4CC72F03A48}C:\program files\sopcast\sopcast.exe" [In-None-P17-TRUE] .(.www.sopcast.com - SopCast Main Application.) -- C:\program files\sopcast\sopcast.exe
O87 - FAEL: "{9F0DBB15-1AC9-42DA-96D6-D9D4CC6FC187}" [In-None-P6-TRUE] .(...) -- C:\Program Files\GoForFiles\GoforFiles.exe
O87 - FAEL: "{C2FBF330-5575-4ED9-AB04-BA617CBEB5AC}" [In-None-P17-TRUE] .(...) -- C:\Program Files\GoForFiles\GoforFiles.exe
O87 - FAEL: "TCP Query User{80B62F00-6C5F-4F48-B090-BF83FCE6FAB5}C:\program files\goforfiles\goforfilesdl.exe" [In-None-P6-TRUE] .(...) -- C:\program files\goforfiles\goforfilesdl.exe
O87 - FAEL: "UDP Query User{16C8CC7B-6993-40C8-AD99-31A5BC38A9DA}C:\program files\goforfiles\goforfilesdl.exe" [In-None-P17-TRUE] .(...) -- C:\program files\goforfiles\goforfilesdl.exe

---\\ Recherche de clés de registre Tracing (O100) (18) - 5s
HKLM\SOFTWARE\Microsoft\Tracing\HulaTooUntemp_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\HulaTooUntemp_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\HulaToo_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\HulaToo_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id4466666ids2s_RASAPI32 =>PUP.Optional.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id4466666ids2s_RASMANCS =>PUP.Optional.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_webcammax_RASAPI32 =>PUP.Optional.Softonic
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_webcammax_RASMANCS =>PUP.Optional.Softonic
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_yawcam_RASAPI32 =>PUP.Optional.Softonic
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_yawcam_RASMANCS =>PUP.Optional.Softonic
HKLM\SOFTWARE\Microsoft\Tracing\updateHulaToo_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateHulaToo_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASAPI32 =>PUP.Optional.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASMANCS =>PUP.Optional.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\utilHulaToo_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\utilHulaToo_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\utilWebConnect_RASAPI32 =>PUP.Optional.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\utilWebConnect_RASMANCS =>PUP.Optional.WebConnect

---\\ Scan Additionnel (O88) (132) - 0s
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Optional.Fuyu
C:\Program Files\MiuiTab\ProtectService.exe =>PUP.Optional.MiuiTab
C:\Program Files\LuckyTab\LuckyTab.exe =>PUP.Optional.LuckyTab
C:\Users\info\AppData\Local\FilesFrog Update Checker\update_checker.exe =>PUP.Optional.MegaSearch
C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\babylon.xml =>PUP.Optional.Babylon
C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\utorrentbarfr-customized-web-search.xml =>PUP.Optional.uTorrentBar
C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\49ffxtbr@www.utilitychest.com =>PUP.Optional.MyWebSearch
C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\default_newtabff@gmail.com =>PUP.Optional.LightningNewTab
C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\faststartff@gmail.com =>PUP.Optional.FastStart
C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\quick_searchff@gmail.com =>PUP.Optional.QuickSearch
C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} =>PUP.Optional.ClientConnect
C:\Program Files\HD-V1.9\HD-V1.9-bho.dll =>PUP.Optional.CrossRider
C:\Program Files\MiuiTab\SupTab.dll =>PUP.Optional.MiuiTab
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419} =>PUP.Optional.MiuiTab
HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service =>PUP.Optional.AgentODR
C:\Program Files\MiuiTab\ProtectService.exe =>PUP.Optional.AgentODR
HKLM\SYSTEM\CurrentControlSet\Services\Util HulaToo =>PUP.Optional.HulaToo
HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect =>PUP.Optional.Fuyu
C:\Windows\Tasks\AmiUpdXp.job =>PUP.Optional.SoftwareUpdater
C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-1.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-11.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-4.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5_user.job =>PUP.Optional.CrossRider
C:\Windows\Tasks\Dealply.job =>PUP.Optional.Dealply
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate
C:\Windows\System32\Tasks\AmiUpdXp =>PUP.Optional.SoftwareUpdater
C:\Windows\System32\Tasks\BobyLyrics-1-codedownloader =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\BobyLyrics-1-updater =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-1 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-11 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-4 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5 =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5_user =>PUP.Optional.CrossRider
C:\Windows\System32\Tasks\Dealply =>PUP.Optional.Dealply
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.Optional.GlobalUpdate
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.Optional.GlobalUpdate
C:\Windows\System32\Tasks\LuckyTab =>PUP.Optional.LuckyTab
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater =>PUP.Optional.SoftwareUpdater
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UtilityChest_49bar Uninstall Firefox =>PUP.Optional.MindSpark
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UtilityChest_49bar Uninstall Internet Explorer =>PUP.Optional.MindSpark
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps =>PUP.Optional.MegaSearch
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player =>PUP.Optional.MegaSearch
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip =>PUP.Optional.Bandoo
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaGet =>PUP.Optional.MediaGet
HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKLM\SOFTWARE\DataMngr =>PUP.Optional.Datamngr
HKLM\SOFTWARE\DealPlyLive =>PUP.Optional.Dealply
HKLM\SOFTWARE\Default Tab =>Toolbar.Agent
HKLM\SOFTWARE\Delta =>Toolbar.DeltaSearch
HKLM\SOFTWARE\delta-homesSoftware =>PUP.Optional.DeltaHomes
HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate
HKLM\SOFTWARE\IHProtect =>PUP.Optional.AgentODR
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\InstalledThirdPartyPrograms =>PUP.Optional
HKLM\SOFTWARE\LuckyTab =>PUP.Optional.LuckyTab
HKLM\SOFTWARE\OKitSpace =>PUP.Optional.Onekit
HKLM\SOFTWARE\PicexaSvc =>PUP.Optional.Picexa
HKLM\SOFTWARE\SoftwareUpdater =>PUP.Optional.SoftwareUpdater
HKLM\SOFTWARE\SupDp =>PUP.Optional.SupTab
HKLM\SOFTWARE\supTab =>PUP.Optional.SupTab
HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Optional.Fuyu
HKLM\SOFTWARE\supWPM =>PUP.Optional.WpManager
HKLM\SOFTWARE\Systweak =>PUP.Optional.Systweak
HKLM\SOFTWARE\V9 =>PUP.Optional.V9Software
HKLM\SOFTWARE\Vittalia =>PUP.Optional.Vittalia
HKLM\SOFTWARE\WebConnect =>WebConnect
HKLM\SOFTWARE\webssearchesSoftware =>PUP.Optional.WebsSearches
HKCU\SOFTWARE\BabSolution =>PUP.Optional.BabSolution
HKCU\SOFTWARE\BI =>PUP.Optional.MegaSearch
HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit
HKCU\SOFTWARE\DataMngr =>PUP.Optional.Datamngr
HKCU\SOFTWARE\DataMngr_Toolbar =>PUP.Optional.Datamngr
HKCU\SOFTWARE\DealPlyLive =>PUP.Optional.Dealply
HKCU\SOFTWARE\Default Tab =>Toolbar.Agent
HKCU\SOFTWARE\Delta =>Toolbar.DeltaSearch
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\InstalledThirdPartyPrograms =>PUP.Optional
HKCU\SOFTWARE\PluginAddon =>Trojan.Vonteera
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\Somoto =>PUP.Optional.MegaSearch
HKCU\SOFTWARE\Systweak =>PUP.Optional.Systweak
HKCU\SOFTWARE\UpToDown =>PUP.Optional.UpToDown
HKCU\SOFTWARE\V9 =>PUP.Optional.V9Software
HKCU\SOFTWARE\WebPlayer =>PUP.Optional.WebPlayer
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\SmartBar =>PUP.Optional.SmartBar =>PUP.Optional.SmartBar
C:\Program Files\LuckyTab =>PUP.Optional.LuckyTab
C:\Program Files\MiuiTab =>PUP.Optional.MiuiTab
C:\Program Files\SupTab =>PUP.Optional.SupTab
C:\ProgramData\DealPlyLive =>PUP.Optional.Dealply
C:\ProgramData\IePluginServices =>Trojan.SProtector
C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR
C:\ProgramData\InstallMate =>PUP.Optional.Tarma
C:\ProgramData\MailUpdate =>PUP.Optional.MailUpdate
C:\ProgramData\Media Get LLC =>PUP.Optional.MediaGet
C:\ProgramData\WindowsMangerProtect =>PUP.Optional.Fuyu
C:\Users\info\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate
C:\Users\info\AppData\Local\FilesFrog Update Checker =>PUP.Optional.MegaSearch
C:\Users\info\AppData\Local\Media Get LLC =>PUP.Optional.MediaGet
C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker =>PUP.Optional.MegaSearch
C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2 =>PUP.Optional.MediaGet
C:\Windows\Prefetch\HULATOO.BROWSERADAPTER.EXE-9402D691.pf =>PUP.Optional.HulaToo
C:\Windows\Prefetch\HULATOO.PURBROWSE.EXE-A5CA1715.pf =>PUP.Optional.HulaToo
C:\Windows\Prefetch\UPDATEHULATOO.EXE-26DCAB08.pf =>PUP.Optional.HulaToo
C:\Windows\Prefetch\UTILHULATOO.EXE-851A7670.pf =>PUP.Optional.HulaToo
C:\Windows\System32\drivers\{033a6f56-e958-4ed8-a315-2fedc919d2dc}w.sys =>PUP.Optional.LinkiDoo
C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw.sys =>PUP.Optional.LinkiDoo
C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}w.sys =>PUP.Optional.LinkiDoo
C:\Windows\System32\drivers\{b00f276a-69b7-4e9b-b1d3-dc3c7bb35170}w.sys =>PUP.Optional.LinkiDoo
C:\Windows\System32\drivers\{c933aa85-a419-42da-9957-2f32a4c0601a}w.sys =>PUP.Optional.LinkiDoo
HKLM\SOFTWARE\Microsoft\Tracing\HulaTooUntemp_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\HulaTooUntemp_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\HulaToo_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\HulaToo_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id4466666ids2s_RASAPI32 =>PUP.Optional.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id4466666ids2s_RASMANCS =>PUP.Optional.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_webcammax_RASAPI32 =>PUP.Optional.Softonic
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_webcammax_RASMANCS =>PUP.Optional.Softonic
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_yawcam_RASAPI32 =>PUP.Optional.Softonic
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_yawcam_RASMANCS =>PUP.Optional.Softonic
HKLM\SOFTWARE\Microsoft\Tracing\updateHulaToo_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateHulaToo_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASAPI32 =>PUP.Optional.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASMANCS =>PUP.Optional.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\utilHulaToo_RASAPI32 =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\utilHulaToo_RASMANCS =>PUP.Optional.Sambreel
HKLM\SOFTWARE\Microsoft\Tracing\utilWebConnect_RASAPI32 =>PUP.Optional.WebConnect
HKLM\SOFTWARE\Microsoft\Tracing\utilWebConnect_RASMANCS =>PUP.Optional.WebConnect

---\\ Récapitulatif des éléments trouvées sur votre station (60) - 0s
http://www.nicolascoolman.fr/trojan-fuyu/ =>PUP.Optional.Fuyu
http://www.nicolascoolman.fr/blog =>PUP.Optional.MiuiTab
http://www.nicolascoolman.fr/blog =>PUP.Optional.LuckyTab
http://www.nicolascoolman.fr/adware-megasearch/ =>PUP.Optional.MegaSearch
http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Optional.Babylon
http://www.nicolascoolman.fr/blog =>PUP.Optional.uTorrentBar
http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.LightningNewTab
http://www.nicolascoolman.fr/blog =>PUP.Optional.FastStart
http://www.nicolascoolman.fr/blog =>PUP.Optional.QuickSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.ClientConnect
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/hijacker-qvo6/ =>PUP.Optional.Qvo6
http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>RecordPage
http://www.nicolascoolman.fr/pup-minibar/ =>PUP.Optional.Minibar
http://www.nicolascoolman.fr/pup-mediaget/ =>PUP.Optional.MediaGet
http://www.nicolascoolman.fr/blog =>PUP.Optional.AgentODR
http://www.nicolascoolman.fr/pup-hulatoo/ =>PUP.Optional.HulaToo
http://www.nicolascoolman.fr/pup-software-updater/ =>PUP.Optional.SoftwareUpdater
http://www.nicolascoolman.fr/pup-dealply/ =>PUP.Optional.Dealply
http://www.nicolascoolman.fr/pup-mindspark/ =>PUP.Optional.MindSpark
http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/pup-datamngr/ =>PUP.Optional.Datamngr
http://www.nicolascoolman.fr/blog =>Toolbar.Agent
http://www.nicolascoolman.fr/toolbar-deltasearch/ =>Toolbar.DeltaSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.DeltaHomes
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/blog =>PUP.Optional
http://www.nicolascoolman.fr/pup-onekit/ =>PUP.Optional.Onekit
http://www.nicolascoolman.fr/blog =>PUP.Optional.Picexa
http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab
http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager
http://www.nicolascoolman.fr/pup-systweak/ =>PUP.Optional.Systweak
http://www.nicolascoolman.fr/pup-v9software/ =>PUP.Optional.V9Software
http://www.nicolascoolman.fr/pup-vittalia/ =>PUP.Optional.Vittalia
http://www.nicolascoolman.fr/blog =>WebConnect
http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches
http://www.nicolascoolman.fr/hijacker-babsolution/ =>PUP.Optional.BabSolution
http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore
http://www.nicolascoolman.fr/trojan-vonteera/ =>Trojan.Vonteera
http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/blog =>PUP.Optional.UpToDown
http://www.nicolascoolman.fr/blog =>PUP.Optional.WebPlayer
http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/trojan-sprotector/ =>Trojan.SProtector
http://www.nicolascoolman.fr/pup-tarma/ =>PUP.Optional.Tarma
http://www.nicolascoolman.fr/blog =>PUP.Optional.MailUpdate
http://www.nicolascoolman.fr/pup-mobogenie/ =>PUP.Optional.Mobogenie
http://www.nicolascoolman.fr/pup-linkidoo/ =>PUP.Optional.LinkiDoo
http://www.nicolascoolman.fr/hijacker-trovigo/ =>PUP.Optional.Trovigo
http://www.nicolascoolman.fr/pup-paybyads/ =>PUP.Optional.PaybyAds
http://www.nicolascoolman.fr/pup-webconnect/ =>PUP.Optional.WebConnect
http://www.nicolascoolman.fr/blog =>PUP.Optional.Monetization
http://www.nicolascoolman.fr/pup-quickstart/ =>PUP.Optional.QuickStart
http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask
http://www.nicolascoolman.fr/pup-dosearches/ =>PUP.Optional.DoSearches
http://www.nicolascoolman.fr/blog =>PUP.Optional.Sambreel

~ End of the scan, 44007 items in 265 seconds (1620)(0)()