Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2015.5.17.49 - Nicolas Coolman (17/05/2015)
~ Lancé par célia (08/07/2015 13:29:22)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17843
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 733WD
Windows License : OK
~ Windows Remaining Initializations Number : 0
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Logiciels de protection du système
Avast Internet Security v10.2.2218
Microsoft Security Client v4.8.0204.0
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
CCleaner v4.06
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 18 NPAPI
Adobe Acrobat Reader DC - Français
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1908 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 58 GB (59%) free of 98 GB
---\\ Mode de connexion au système
~ Computer Name: CÉLIA-PC
~ User Name: célia
~ All Users Names: Lycée 1, célia, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : D:\Utilisateurs\célia\AppData\Roaming\ZHP\
~ %AppData% : D:\Utilisateurs\célia\AppData\Roaming\
~ %Desktop% : D:\Utilisateurs\célia\Desktop\
~ %Favorites% : D:\Utilisateurs\célia\Favorites\
~ %LocalAppData% : D:\Utilisateurs\célia\AppData\Local\
~ %StartMenu% : D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 58 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 134 Go of 181 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 46 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/05/2015 - 18:50:20.) -- C:\Windows\System32\wininet.dll [2426880]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 04s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/6386
~ Mes musiques (My Musics) : 7/597
~ Mes Videos (My Videos) : 1/137
~ Mes Favoris (My Favorites) : 1/13
~ Mes Documents (My Documents) : 2/26
~ Mon Bureau (My Desktop) : 1/14
~ Menu demarrer (Programs) : 1/6
~ Hidden Files: Scanned in 00mn 59s
---\\ Processus lancés
[MD5.8C9D2FFFF653C623369C214E4B83FA7C] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [740688] [PID.1900]
[MD5.9EA7A1CAE39066EDAAC59C7BEE779A6C] - (.Pas de propriétaire - ASP.) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [6733128] [PID.2724] =>PUP.AdvancedSystemProtector
[MD5.A74558989E0624989C5B21E442788ED3] - (.Activeris - Activeris AntiMalware.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [6292472] [PID.2988] =>PUP.Activeris
[MD5.5B522E61A39D2237F21CFB4A9612FF14] - (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752] [PID.4244]
[MD5.775F47E28C96739D0B81DF8A46116EFB] - (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe [532784] [PID.4288] =>PUP.CacaoWeb
[MD5.6BCFCFA512A003A8043CF2F370B0B479] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440] [PID.4724] =>PUP.CrossBrowser
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.4960]
[MD5.2EF0B3C51971F51ED700C01CFBC5B82A] - (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942] [PID.5760]
[MD5.4D1DA8CE5E364D22B4FF00F163194514] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.5808]
[MD5.34084D25BE6F48D072AA54DE630438FD] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896] [PID.4160]
[MD5.31EA4BC4328BDBC50CD5CA4870F09E06] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496] [PID.3656]
[MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.5288]
[MD5.72A7D54EB3626CFCBC8B550385CEF97A] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440] [PID.2052]
[MD5.6AE1CDECEA3B80AAF662959BD924E9CA] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\3\plugin.exe [616160] [PID.5728]
[MD5.CA0639DDD12D63CFD7339A1C50FE1DD0] - (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\WinU\~lsandjv.exe [495616] [PID.6860]
[MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8209408] [PID.3992]
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336] [PID.1608]
[MD5.C569E7F268C43D6C9C4D74EE2F06CCD8] - (.Avast Software s.r.o. - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [107448] [PID.2080]
[MD5.5D6859EF745BD5DF5968413CE1DF8A41] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe [1558096] [PID.2148] =>PUP.CrossRider
[MD5.23C07500D0DBEF75144D1576A22D3FEA] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe [1441872] [PID.2168] =>PUP.CrossRider
[MD5.91C6DAF1DD352AC3E9D88F0A4758568D] - (.Cinema PlusV28.05 - CinemaPlus-3.2cV28.05 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe [1453136] [PID.2352] =>PUP.CrossRider
[MD5.722CC7C491B200E5FD3BF28345AA6026] - (.Cinema PlusV28.05 - CinemaPlus-3.2cV28.05 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe [1602128] [PID.2396] =>PUP.CrossRider
[MD5.929593D76589294BA3F74540298D1B3E] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.2472]
[MD5.9A59DF2CA690019FEA3B265D5A7EB619] - (.Conexant Systems, Inc. - Utility Service.) -- C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184] [PID.3724]
[MD5.D1AFCCBC2BC504F9F0C70B058EBE344B] - (.Infonaut - Infonaut Client Service.) -- C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600] [PID.3852] =>PUP.Infonaut
[MD5.205FD80EF4B9832F9763B9A187957260] - (.Intel Corporation - Intel(R) Rapid Start Technology Service.) -- C:\windows\SysWOW64\irstrtsv.exe [193536] [PID.4020]
[MD5.604A8615BB3D7064197A0563C799B938] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.4044]
[MD5.A9E358550671BB06E4867EAAB6712AA6] - (.VoiceFive, Inc. - PremierOpinion.) -- C:\Program Files (x86)\PremierOpinion\pmservice.exe [213816] [PID.3108] =>Adware.PremierOpinion
[MD5.5C95CEC33FFEFDE2842D01E8E86F4DED] - (...) -- D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp [305664] [PID.2648]
[MD5.7CB6287B26DC3DEBF027431479ABF26D] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536] [PID.3360]
[MD5.545462D0DBE24AF379BA869B7C185CCD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.4892]
[MD5.AB41542FA180CB3317F597ED7E7D5C5D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.6100]
[MD5.8B1E55D70AF701973DE0CD833B2611F4] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe [648416] [PID.7024]
[MD5.182BBA1B43898D5DA0938D2E9A526B31] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.7108]
[MD5.BE71E5DAE76D35B2E58DB9FBB68F232D] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\5\plugin.exe [783072] [PID.5728]
[MD5.2FFF132741408F0F921833C2BEA5350D] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\10\plugin.exe [511712] [PID.5728]
[MD5.8510EE91B62D5784EA7548002CBA56F1] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\2\plugin.exe [1172704] [PID.5728]
[MD5.DBD93F1BC4403541B6FDA2957E6A2030] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\8\plugin.exe [644320] [PID.5728]
[MD5.6D964AC44CBC590CAC5F7CC355D5E141] - (...) -- C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe [572640] [PID.1336]
[MD5.292F0644E4CCB80B4D38F65E5C3E94EF] - (.Boxore OU. - Setup.) -- C:\Program Files (x86)\Software\Update\Install\{8EA45EE8-4913-4878-839F-B9A1D271FF1F}\SoftwareUpdateSetup.exe [570168] [PID.4608] =>Adware.Boxore
~ Processes Running: Scanned in 00mn 17s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\prefs.js
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\user.js
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\amazon.xml
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\conduit.xml
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\dokotoolbar.xml =>Hijacker.Doko
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\mixidj.xml =>Toolbar.MixiDJ
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\mysearchskms.xml =>Adware.MyWebSearch
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\trovi-search.xml =>Hijacker.Trovigo
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\Web Search.xml =>Parasite.Pugi
M2 - MFEP: RegExtension {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} . (...) -- C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi (.not file.) =>PUP.Wajam
M2 - MFEP: RegExtension {a073a988-98af-4f21-86e7-97aee9443951} . (...) -- C:\Program Files (x86)\Pass-Widget\134.xpi =>PUP.PassWidget
M0 - MFSP: prefs.js [célia - ftwxqwcg.default] http://search.gboxapp.com =>Hijacker.GadgetBox
M2 - MFEP: prefs.js [célia - ftwxqwcg.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.34 (..) =>PUP.CacaoWeb
M2 - MFEP: Extension [célia - ftwxqwcg.default] 0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] 16eede48-12e9-4c79-bd54-c82622138533@630d8a34-73af-4e03-9664-9082492eb220.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] 71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] 9d29e4ccd2024f2d8e320@ad524784406d4c8dab290.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] b369ec0b-ca2c-4a80-a1e3-08fd373cdfb5@91e50ee5-448d-41f7-92ed-30eed93f2f2f.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] cacaoweb@cacaoweb.org =>PUP.CacaoWeb
M2 - MFEP: Extension [célia - ftwxqwcg.default] staged
M2 - MFEP: Extension [célia - ftwxqwcg.default] {da7f5ae1-3be3-43c0-8098-c1d183616e97}
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml =>PUP.Istart
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\search-with-eazelbar.xml =>Hijacker.Eazel
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.40416.0.) -- c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.)
~ Firefox Browser: 43 Scanned in 00mn 04s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17840 (winblue_r11.150522-0826)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 24 Scanned in 00mn 01s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Avast Software s.r.o. - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: On Stage [64Bits] - {9771c444-42b0-4e23-a7fb-ff707123ab30} Clé orpheline
~ BHO: 3 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{DA7F5AE1-3BE3-43C0-8098-C1D183616E97} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Activeris AntiMalware.lnk . (.Activeris - Activeris AntiMalware.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris
O4 - GS\Desktop [Public]: Advanced-System Protector.lnk . (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector
O4 - GS\Desktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\Desktop [Public]: Poursuivre l'installation de Reimage Repair.lnk . (.Reimage® - Reimage Downloader.) -- D:\Utilisateurs\célia\Downloads\ReimageRepair (1).exe =>Rogue.ReimageRepair
O4 - GS\Program [Public]: WebAdSystem.lnk . (.KalityWeb - WebAdSystem.) -- C:\Program Files (x86)\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem
~ Global Startup: 5 Scanned in 00mn 18s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Dell Audio] . (.Pas de propriétaire - Dell Audio.) -- C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - DW WLAN Card Wireless Network Tray Applet.) -- C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Tray.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Windesk Winsearch] . (.Windesk Winsearch - Windesk Winsearch.) -- C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe =>PUP.WindeskWinsearch
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Dell Audio] Clé orpheline
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4EF3DBDDB1015AC6FB69F6D4A7FA4E34] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX Media Server Launcher.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_509] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_567] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_571] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_579] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010002] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010005] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010016] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010021] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010022] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_002020023] C:\Program Files (x86)\gmsd_fr_002020023\gmsd_fr_002020023.exe (.not file.) =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_002020021] Clé orpheline =>PUP.CrossRider
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [Dell Audio] Clé orpheline
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [cacaoweb] . (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [GoogleChromeAutoLaunch_4EF3DBDDB1015AC6FB69F6D4A7FA4E34] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe
~ Application: Scanned in 00mn 03s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000010\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 10 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) . (.Avast Software s.r.o. - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: C:\Windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\system32\CxAudMsg64.exe
O23 - Service: CxUtilSvc (CxUtilSvc) . (.Conexant Systems, Inc. - Utility Service.) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Infonaut 1.10.0.14 Client Service (insvc_1.10.0.14) . (.Infonaut - Infonaut Client Service.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) . (.Intel Corporation - Intel(R) Rapid Start Technology Service.) - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: PremierOpinion (PremierOpinion) . (.VoiceFive, Inc. - PremierOpinion.) - C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion
O23 - Service: Standby Data (rikejehy) . (...) - D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp
O23 - Service: Service Mgr OnStage (Service Mgr OnStage) . (...) - C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Mgr OnStage (Update Mgr OnStage) . (...) - C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\Windows\system32\vcsFPService.exe
O23 - Service: DW WLAN Tray Service (wltrysvc) . (.Dell Inc. - DW WLAN Card Wireless Network Service.) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe
O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: 24 Scanned in 00mn 36s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-1] (...) -- C:\Program Files (x86)\winservice86\winservice86-codedownloader.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-11] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-11.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-4] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-5] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-6] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-7] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.CFF9F7EF196B710349A8B1CABE8D7716] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.exe [1524816] =>PUP.CrossRider
[MD5.AA2E845687EDA58EDA1975B6289C7349] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.exe [995408] =>PUP.CrossRider
[MD5.523962AB1100E594372580FF604F5862] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.exe [1418320] =>PUP.CrossRider
[MD5.E1F8AAFC8DC819206AE4A4CE73B91843] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.exe [1150032] =>PUP.CrossRider
[MD5.2C48B03CFEFEB809A27E1676EDBE388A] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.exe [1445968] =>PUP.CrossRider
[MD5.AA2E845687EDA58EDA1975B6289C7349] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.exe [995408] =>PUP.CrossRider
[MD5.91C6DAF1DD352AC3E9D88F0A4758568D] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-1-6] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe [1453136] =>PUP.CrossRider
[MD5.62200123EFE741A7539969AE8CA49F00] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-1-7] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.exe [1100880] =>PUP.CrossRider
[MD5.445BFB337ABCB7BE1D636F60EEEF3091] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-3] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-3.exe [1550928] =>PUP.CrossRider
[MD5.BF9A7831DB0DF0C47AB058278EE53104] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-5] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-5.exe [1287760] =>PUP.CrossRider
[MD5.722CC7C491B200E5FD3BF28345AA6026] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-6] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe [1602128] =>PUP.CrossRider
[MD5.62200123EFE741A7539969AE8CA49F00] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-7] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-7.exe [1100880] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [5280bb8b-3d93-4e80-afaf-a41b391e8248] (...) -- C:\Program Files (x86)\winservice86\5280bb8b-3d93-4e80-afaf-a41b391e8248.exe (.not file.) [0] =>PUP.CrossRider
[MD5.5D6859EF745BD5DF5968413CE1DF8A41] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-1-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe [1558096] =>PUP.CrossRider
[MD5.80477221000298A19C6B5205E0137389] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-1-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.exe [1016912] =>PUP.CrossRider
[MD5.5FD0073C714B2655021639605C6877F6] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-3] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-3.exe [1312848] =>PUP.CrossRider
[MD5.1D8E55F37BFDE9128BD1B568B72AB777] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-5] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-5.exe [1065040] =>PUP.CrossRider
[MD5.23C07500D0DBEF75144D1576A22D3FEA] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe [1441872] =>PUP.CrossRider
[MD5.80477221000298A19C6B5205E0137389] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-7.exe [1016912] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1] (...) -- C:\Program Files (x86)\winservice86\winservice86-codedownloader.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.A74558989E0624989C5B21E442788ED3] [APT] [Activeris AntiMalware_startup] (.Activeris.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [6292472] =>PUP.Activeris
[MD5.AE0E3D037E6148133740EDBC08567F5F] [APT] [Adobe Acrobat Update Task] (...) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998088]
[MD5.1234A12B71DAE034E45C714AE5A54412] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.9EA7A1CAE39066EDAAC59C7BEE779A6C] [APT] [Advanced-System Protector_startup] (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [6733128] =>PUP.AdvancedSystemProtector
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.C50B830CA9BCD63754928CD6C0E2B114] [APT] [avast! Emergency Update] (.Avast Software s.r.o..) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1298688]
[MD5.00000000000000000000000000000000] [APT] [b0639b86-3d9e-441a-9ee9-556716c43ef7-4] (...) -- C:\Program Files (x86)\HQuality-v3V19.10\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [BCJQQMDVZ1] (...) -- C:\ProgramData\NavRight\NavRight.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [bench-sys] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe (.not file.) [0] =>PUP.GiganticSavings
[MD5.00000000000000000000000000000000] [APT] [BoxSoftwareUpdate] (...) -- C:\ProgramData\BoxUpdChk\updchk.exe (.not file.) [0] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [Cassiopesa life] (...) -- C:\ProgramData\{C03F28FC-90BD-F97A-213B-89F8F1B95A76}\1.17.3.1\fiber.js" "433a2f50726f6772616d446174612f7b43303346323846432d393042442d463937412d323133422d3839463846314239354137367d2f312e31372e332e312f6c6966652e646c6c" "687474703a2f2f73616 (.not file.) [0]
[MD5.22621F4BC16C5C47E76E40F251F0CC79] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3905304]
[MD5.00000000000000000000000000000000] [APT] [DigitalSite] (...) -- D:\UTILIS~1\CLIA~1\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Hijacker.DSite
[MD5.00000000000000000000000000000000] [APT] [EPJQFQQ1] (...) -- C:\ProgramData\LolliScan\LolliScan.exe (.not file.) [0] =>Adware.Graftor
[MD5.00000000000000000000000000000000] [APT] [LaunchPreSignup] (...) -- C:\Program Files (x86)\OLBPre\OLBPre.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.00000000000000000000000000000000] [APT] [media enhance-chromeinstaller] (...) -- C:\Program Files (x86)\media enhance\media enhance-chromeinstaller.exe (.not file.) [0] =>PUP.MediaPlayerEnhance
[MD5.00000000000000000000000000000000] [APT] [media enhance-codedownloader] (...) -- C:\Program Files (x86)\media enhance\media enhance-codedownloader.exe (.not file.) [0] =>PUP.MediaPlayerEnhance
[MD5.00000000000000000000000000000000] [APT] [media enhance-firefoxinstaller] (...) -- C:\Program Files (x86)\media enhance\media enhance-firefoxinstaller.exe (.not file.) [0] =>PUP.MediaPlayerEnhance
[MD5.00000000000000000000000000000000] [APT] [media enhance-updater] (...) -- C:\Program Files (x86)\media enhance\media enhance-updater.exe (.not file.) [0] =>PUP.MediaPlayerEnhance
[MD5.E352F97A82E41CCAE582C77C050D4A26] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe [363072]
[MD5.CDB768D99CD9FE3B826D310813A42324] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [1243704]
[MD5.00000000000000000000000000000000] [APT] [SaveSense] (...) -- D:\UTILIS~1\CLIA~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [SaveSenseLiveUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [SaveSenseLiveUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe (.not file.) [0] =>PUP.CrossRider
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [System Speedup] (...) -- C:\Program Files (x86)\System Speedup\SystemSpeedup.exe (.not file.) [0] =>PUP.SystemSpeedup
[MD5.CDB768D99CD9FE3B826D310813A42324] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [1243704]
[MD5.00000000000000000000000000000000] [APT] [ZaygU22Y9XSkCQT] (...) -- D:\Utilisateurs\c‚lia\AppData\Roaming\YcSrbDb\WmnWVFG.exe (.not file.) [0]
[MD5.F96C77CE767DC06F15B3143CCA61B9FF] [APT] [{0300BDEC-9EFF-4ED9-BF0A-CCBFF24A76ED}] (...) -- C:\Program Files (x86)\Smarts8\Uninstall.exe [79360]
[MD5.00000000000000000000000000000000] [APT] [{39F6EE56-C59C-435D-89BF-28CAE17FFC29}] (...) -- D:\Utilisateurs\Administrateur\Desktop\VOSTRO 3360 Win7_64bit Drivers\11-Network_Atheros_W7_A02_Setup-7PM7V_ZPE.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F518CCDA-21C8-481C-9438-A493B865BD80}] (...) -- E:\TEMP\VOSTRO 3360 Win7_64bit Drivers\Network_Atheros_W7_A02_Setup-KRXNR_ZPE.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: - (..) -- C:\Windows\Tasks\0f606e8f-8393-4f75-a33c-52fa23d9dc61.job [1422]
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-1 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1.job [3430] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-1 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1 [3430] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-11 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11.job [5166] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-11 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11 [5166] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-4 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4.job [4140] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-4 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4 [4140] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-5 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5.job [2428] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-5 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5 [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5_user.job [2428] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-6 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6.job [4140] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-6 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6 [4140] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-7 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7.job [3796] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-7 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7 [3796] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.job [3104] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 [3104] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.job [3440] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 [3440] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-10_user.job [2078]
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.job [4460] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 [4460] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.job [2412] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 [2412] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5_user.job [2412] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.job [5828] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 [5828] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.job [5484] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 [5484] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\4oWR9qYkY63.job [1008]
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-6 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.job [3138] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-6 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6 [3138] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-7 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.job [3474] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-7 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7 [3474] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-10_user.job [2112]
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-3 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3.job [4494] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-3 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3 [4494] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-5 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5.job [2446] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-5 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5 [2446] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5_user.job [2446] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-6 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6.job [5862] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-6 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6 [5862] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-7 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7.job [5518] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-7 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7 [5518] =>PUP.CrossRider
O39 - APT: 5280bb8b-3d93-4e80-afaf-a41b391e8248 - (...) -- C:\Windows\Tasks\5280bb8b-3d93-4e80-afaf-a41b391e8248.job [1446]
O39 - APT: 5280bb8b-3d93-4e80-afaf-a41b391e8248 - (...) -- C:\Windows\System32\Tasks\5280bb8b-3d93-4e80-afaf-a41b391e8248 [1446]
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.job [3104] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 [3104] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.job [3440] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 [3440] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-10_user.job [2078]
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-3 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3.job [4460] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-3 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3 [4460] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-5 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5.job [2412] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-5 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5 [2412] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5_user.job [2412] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-6 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6.job [5828] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6 [5828] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-7 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7.job [5484] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7 [5484] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6.job [3120]
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 [3120]
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7.job [3456]
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 [3456]
O39 - APT: - (..) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-10_user.job [2094]
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.job [4140] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 [4140] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.job [2428] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5_user.job [2428] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.job [5844] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 [5844] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.job [5500] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 [5500] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a02caaef-bdb1-48ce-a25a-b7494b0783cb.job [612]
O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-6.job [3120]
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7.job [3456]
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 [3456]
O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-10_user.job [2094]
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.job [4140] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 [4140] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.job [2428] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5_user.job [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-6.job [5500] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.job [5500] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 [5500] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a5fc5ff8-db73-4aeb-b3a8-fd2e231b21ff-4.job [2174] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1.job [2750] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 [2750] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.job [4478] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 [4478] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.job [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.job [2428] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5_user.job [2428] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.job [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.job [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 [3452] =>PUP.CrossRider
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect
O39 - APT: b0639b86-3d9e-441a-9ee9-556716c43ef7-4 - (...) -- C:\Windows\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.job [4830] =>PUP.CrossRider
O39 - APT: b0639b86-3d9e-441a-9ee9-556716c43ef7-4 - (...) -- C:\Windows\System32\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4 [4830] =>PUP.CrossRider
O39 - APT: BCJQQMDVZ1 - (...) -- C:\Windows\Tasks\BCJQQMDVZ1.job [324]
O39 - APT: BCJQQMDVZ1 - (...) -- C:\Windows\System32\Tasks\BCJQQMDVZ1 [324]
O39 - APT: bench-sys - (...) -- C:\Windows\Tasks\bench-sys.job [344] =>PUP.GiganticSavings
O39 - APT: bench-sys - (...) -- C:\Windows\System32\Tasks\bench-sys [344] =>PUP.GiganticSavings
O39 - APT: - (..) -- C:\Windows\Tasks\bench-Updater removing.job [288] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\bench-Updater removing [288] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job [340] =>PUP.BidailySync
O39 - APT: DigitalSite - (...) -- C:\Windows\Tasks\DigitalSite.job [300] =>Hijacker.DSite
O39 - APT: DigitalSite - (...) -- C:\Windows\System32\Tasks\DigitalSite [300] =>Hijacker.DSite
O39 - APT: - (..) -- C:\Windows\Tasks\e4B8MC7fGSvdgS.job [1014]
O39 - APT: EPJQFQQ1 - (...) -- C:\Windows\Tasks\EPJQFQQ1.job [330]
O39 - APT: EPJQFQQ1 - (...) -- C:\Windows\System32\Tasks\EPJQFQQ1 [330]
O39 - APT: - (..) -- C:\Windows\Tasks\f56fe68c-ded6-4656-a272-5100e7b20016.job [612]
O39 - APT: - (..) -- C:\Windows\Tasks\LLXGQWT.job [1698]
O39 - APT: media enhance-chromeinstaller - (...) -- C:\Windows\Tasks\media enhance-chromeinstaller.job [3100] =>PUP.CrossRider
O39 - APT: media enhance-chromeinstaller - (...) -- C:\Windows\System32\Tasks\media enhance-chromeinstaller [3100] =>PUP.CrossRider
O39 - APT: media enhance-codedownloader - (...) -- C:\Windows\Tasks\media enhance-codedownloader.job [1530] =>PUP.CrossRider
O39 - APT: media enhance-codedownloader - (...) -- C:\Windows\System32\Tasks\media enhance-codedownloader [1530] =>PUP.CrossRider
O39 - APT: media enhance-firefoxinstaller - (...) -- C:\Windows\Tasks\media enhance-firefoxinstaller.job [2358] =>PUP.CrossRider
O39 - APT: media enhance-firefoxinstaller - (...) -- C:\Windows\System32\Tasks\media enhance-firefoxinstaller [2358] =>PUP.CrossRider
O39 - APT: media enhance-updater - (...) -- C:\Windows\Tasks\media enhance-updater.job [2396] =>PUP.CrossRider
O39 - APT: media enhance-updater - (...) -- C:\Windows\System32\Tasks\media enhance-updater [2396] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\PassWidget Update.job [392] =>PUP.PassWidget
O39 - APT: PCDoctorBackgroundMonitorTask - (.PC-Doctor, Inc..) -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [564]
O39 - APT: PCDoctorBackgroundMonitorTask - (.PC-Doctor, Inc..) -- C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask [564]
O39 - APT: - (..) -- C:\Windows\Tasks\Periodic Synchronize Task.job [340]
O39 - APT: SaveSense - (...) -- C:\Windows\Tasks\SaveSense.job [300] =>PUP.CrossRider
O39 - APT: SaveSense - (...) -- C:\Windows\System32\Tasks\SaveSense [300] =>PUP.CrossRider
O39 - APT: SaveSenseLiveUpdateTaskMachineCore - (...) -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job [926] =>PUP.CrossRider
O39 - APT: SaveSenseLiveUpdateTaskMachineCore - (...) -- C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore [926] =>PUP.CrossRider
O39 - APT: SaveSenseLiveUpdateTaskMachineUA - (...) -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job [930] =>PUP.CrossRider
O39 - APT: SaveSenseLiveUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA [930] =>PUP.CrossRider
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [912] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [912] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [916] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [916] =>Adware.Boxore
O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\Windows\Tasks\SystemToolsDailyTest.job [506]
O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\Windows\System32\Tasks\SystemToolsDailyTest [506]
~ Scheduled Task: 216 Scanned in 00mn 48s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 02s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswKbd) . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver: (aswRdr) . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.Avast Software s.r.o. - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.Avast Software s.r.o. - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (b786bdb3c67d) . (. - .) - C:\Windows\System32\drivers\b786bdb3c67d.sys (.not file.)
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (innfd_1_10_0_14) . (.Infonaut - Infonaut Driver x64.) - C:\Windows\System32\drivers\innfd_1_10_0_14.sys =>PUP.Infonaut
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwiynzm4ndy1yjz) . (. - .) - C:\Windows\System32\drivers\mwiynzm4ndy1yjz.sys (.not file.)
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (rrgwvwin) . (. - .) - C:\Windows\system32\drivers\rrgwvwin.sys (.not file.)
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: (wpnfd_1_10_0_1) . (.Word Proser - Word Proser Driver x64.) - C:\Windows\System32\drivers\wpnfd_1_10_0_1.sys =>PUP.WordProser
~ Drivers: 90 Scanned in 00mn 04s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: AVG Do Not Track - (."".) [HKLM][64Bits] -- {4E5FE462-1A84-47B4-3411-C72434AAD86C}
O42 - Logiciel: AccelerometerP11 - (.STMicroelectronics.) [HKLM][64Bits] -- {87434D51-51DB-4109-B68F-A829ECDCF380}
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100}
O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA}
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1
O42 - Logiciel: Avast Internet Security - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {CA2B24FD-EE10-42B9-B049-AA80268E7E21} =>Adware.Boxore
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CinemaPlus-3.2cV28.05 - (.Cinema PlusV28.05.) [HKLM][64Bits] -- CinemaPlus-3.2cV28.05 =>PUP.CrossRider
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: Codec Pack Packages - (...) [HKCU][64Bits] -- Codec Pack Packages
O42 - Logiciel: Conexant SmartAudio HD - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM][64Bits] -- DivX Setup
O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.CrossBrowser
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DC-Bass Source 1.3.0 - (...) [HKLM][64Bits] -- DC-Bass Source
O42 - Logiciel: DMUninstaller - (...) [HKLM][64Bits] -- DMUninstaller
O42 - Logiciel: DW WLAN Card Utility - (.Dell Inc..) [HKLM][64Bits] -- DW WLAN Card Utility
O42 - Logiciel: Deeal - (.Kreapixel inc..) [HKLM][64Bits] -- Deeal =>PUP.DeealFr
O42 - Logiciel: Dell Audio - (.Cirrus Logic.) [HKLM][64Bits] -- {3A69FD31-5EE7-42C9-918B-81C07AA21043}
O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM][64Bits] -- {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}
O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM][64Bits] -- Dell Support Center
O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A}
O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central
O42 - Logiciel: DigitalPersona Fingerprint Software 5.20 - (.DigitalPersona, Inc..) [HKLM][64Bits] -- {C0C2D40A-1231-46FA-8F02-B45E6BF2036A}
O42 - Logiciel: Freeplane - (.Open source.) [HKLM][64Bits] -- {D3941722-C4DD-4509-88C4-0E87F675A859}_is1
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}
O42 - Logiciel: GoHD - (.InstallMoon.) [HKLM][64Bits] -- GoHD =>PUP.CrossRider
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HQuality-v3V19.10 - (.HQuality3V19.10.) [HKLM][64Bits] -- HQuality-v3V19.10 =>PUP.CrossRider
O42 - Logiciel: Haali Media Splitter - (...) [HKLM][64Bits] -- HaaliMkx
O42 - Logiciel: Hades - (.Hades.) [HKLM][64Bits] -- Hades
O42 - Logiciel: IePluginService12.27.0.3326 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- IePlugins =>PUP.IePluginService
O42 - Logiciel: Infonaut 1.10.0.14 - (.Infonaut.) [HKLM][64Bits] -- Infonaut_1.10.0.14 =>PUP.Infonaut
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) OpenCL CPU Runtime - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Start Technology - (.Intel Corporation.) [HKLM][64Bits] -- 3D073343-CEEB-4ce7-85AC-A69A7631B5D6
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {538B98C3-773F-4F20-9C66-802D104DCBE2}
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}
O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM][64Bits] -- LAME_is1
O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (...) [HKLM][64Bits] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1
O42 - Logiciel: LibreOffice 4.0.2.2 - (.The Document Foundation.) [HKLM][64Bits] -- {1062AD6C-80F4-4BC6-AB7C-A28892B497B8}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation
O42 - Logiciel: Mp3tag v2.58 - (.Florian Heidenreich.) [HKLM][64Bits] -- Mp3tag
O42 - Logiciel: Muvic - (.ReSoft Ltd..) [HKLM][64Bits] -- {065A5BE9-CE42-475C-BD62-52B229D24AB5} =>Hijacker.SmartBar
O42 - Logiciel: Muvic Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {ab0da7b3-e6dd-492c-951e-44f70b9225b4} =>Hijacker.SmartBar
O42 - Logiciel: MySearchs - (.Pay-By-Ads.) [HKCU][64Bits] -- mysearchs =>PUP.PaybyAds
O42 - Logiciel: NewPlayer - (.SoftForce LLC.) [HKLM][64Bits] -- NewPlayer =>Adware.NewPlayer
O42 - Logiciel: OffersWizard Network System Driver - (...) [HKLM][64Bits] -- inethnfd =>PUP.NetworkSystemDriver
O42 - Logiciel: On Stage - (.On Stage.) [HKLM][64Bits] -- On Stage
O42 - Logiciel: OpenSource Flash Video Splitter 1.0.0.5 - (...) [HKLM][64Bits] -- OpenSource Flash Video Splitter
O42 - Logiciel: PassWidget - (.PassWidget Software.) [HKLM][64Bits] -- {3f700348-270d-469b-b073-4a14e4a79189} =>PUP.PassWidget
O42 - Logiciel: PhotoFiltre - (...) [HKCU][64Bits] -- PhotoFiltre
O42 - Logiciel: Picasa Instant Upload Move Enabler - (."".) [HKLM][64Bits] -- {AE9B04F2-E9E8-162C-829B-52C116B3EFCC}
O42 - Logiciel: PremierOpinion - (.VoiceFive, Inc..) [HKLM][64Bits] -- {eeb86aef-4a5d-4b75-9d74-f16d438fc286} =>Adware.PremierOpinion
O42 - Logiciel: PriCeDoWnloADer - (."".) [HKLM][64Bits] -- {2D471A31-4FA7-95BA-1880-D441113ED736} =>PUP.PriceDownloader
O42 - Logiciel: ST Microelectronics 3 Axis Digital Accelerometer Solution - (.ST Microelectronics.) [HKLM][64Bits] -- {9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}
O42 - Logiciel: SaoftoCeoup - (.SoftCoup.) [HKLM][64Bits] -- {7540FDBD-7FDC-30AE-3778-815CB87DBE46} =>PUP.RandomName
O42 - Logiciel: Smarts8 - (.smart-saverplus.) [HKLM][64Bits] -- Smarts8 =>PUP.CrossRider
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify
O42 - Logiciel: Spotydl 0.9.36.0 - (.spotydl.com.) [HKLM][64Bits] -- Spotydl_is1
O42 - Logiciel: Streak for Gmail - (."".) [HKLM][64Bits] -- {F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}
O42 - Logiciel: SupTab - (...) [HKLM][64Bits] -- SupTab =>PUP.SupTab
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TI USB 3.0 Host Controller Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}
O42 - Logiciel: TI USB3 Host Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- {B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}
O42 - Logiciel: TerminusStable - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{4284830a} =>Adware.Graftor
O42 - Logiciel: TicTaCoupon - (.TicTaCoeuponu.) [HKLM][64Bits] -- {E370F69F-ED3F-925F-31FC-14D1329A713B} =>PUP.TicTaCoupon
O42 - Logiciel: Tny_Cassiopesa - (.Tny_Cassiopesa.) [HKLM][64Bits] -- Tny_Cassiopesa
O42 - Logiciel: TrimModule - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f0e9047b} =>Adware.Graftor
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM][64Bits] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Validity Sensors DDK - (.Validity Sensors, Inc..) [HKLM][64Bits] -- {CF8F802C-0CEA-4591-A353-12EC03794652}
O42 - Logiciel: ValueApps - (.Conduit.) [HKCU][64Bits] -- ValueApps =>Toolbar.Conduit
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {A1439D4F-FD46-47F2-A1D3-FEE097C29A09}
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM][64Bits] -- {4c13db17-a811-442c-9a1b-a92b65dca879} =>Adware.WebAdSystem
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM][64Bits] -- {AF59773E-3245-46A3-B418-DD84AB6C3C50} =>Adware.WebAdSystem
O42 - Logiciel: WindeskWinsearch 1.0 - (.PCSoftware.) [HKLM][64Bits] -- WindeskWinsearch =>PUP.WindeskWinsearch
O42 - Logiciel: Winservices - (.Kreapixel inc..) [HKLM][64Bits] -- WinServices =>Adware.SocialSkinz
O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM][64Bits] -- Xvid Video Codec 1.3.2
O42 - Logiciel: doPDF 7.3 printer - (.Softland.) [HKLM][64Bits] -- doPDF 7 printer_is1
O42 - Logiciel: ffdshow v1.1.4399 [2012-03-22] - (...) [HKLM][64Bits] -- ffdshow_is1
O42 - Logiciel: fix version 1.0.0.0 - (...) [HKLM][64Bits] -- {ACA88935-7188-47AD-B220-B50106DC0D9C}_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {4046F74A-28F8-48C6-A5D3-2AFC472574C1}
O42 - Logiciel: oursurfing uninstall - (.oursurfing.) [HKLM][64Bits] -- oursurfing uninstall =>Hijacker.OurSurfing
O42 - Logiciel: sursenel - (.sidecom.) [HKLM][64Bits] -- {7d0ff442-6ee9-4afb-74ec-015a61fc9fd0}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 94 Scanned in 00mn 05s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5c55da8cbc3ab845]
[HKCU\Software\7-Zip]
[HKCU\Software\Activeris] =>PUP.Activeris
[HKCU\Software\Adobe]
[HKCU\Software\Alexa Internet]
[HKCU\Software\Alps]
[HKCU\Software\AmiExt] =>Adware.FlashEnhancer
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\LyricsMonkey-1] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\Software\LyricsSay-1] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\PassWidget] =>PUP.PassWidget
[HKCU\Software\AppDataLow\Software\Plus-HD-1.6] =>Adware.PlusHD
[HKCU\Software\AppDataLow\Software\Plus-HD-3.5] =>Adware.PlusHD
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\SmartWeb] =>PUP.SmartWeb
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Smarts8]
[HKCU\Software\AppDataLow\Software\WhiteSmoke_New_V6] =>PUP.WhiteSmoke
[HKCU\Software\AppDataLow\Software\free ven] =>PUP.Freeven
[HKCU\Software\AppDataLow\Software\media enhance] =>PUP.MediaPlayerEnhance
[HKCU\Software\AppDataLow\Software\winservice86] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}] =>Adware.Graftor
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\Atheros]
[HKCU\Software\Audacity]
[HKCU\Software\Avast Software]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BatBrowse] =>PUP.BatBrowse
[HKCU\Software\BcmSetup]
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Broadcom]
[HKCU\Software\Browser]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Chromium]
[HKCU\Software\CinemaPlus-3.2cV24.05-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ClkApp]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cores]
[HKCU\Software\Creative Tech]
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser
[HKCU\Software\DSP-worx]
[HKCU\Software\DSiteProducts] =>Hijacker.DSite
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DealPlyLive] =>PUP.DealPly
[HKCU\Software\DigitalPersona]
[HKCU\Software\Distromatic]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Doko-Toolbar] =>Hijacker.Doko
[HKCU\Software\Duuqu] =>PUP.Duuqu
[HKCU\Software\ELIGCHK]
[HKCU\Software\Easy Speed Check]
[HKCU\Software\FLEXnet]
[HKCU\Software\File Type Helper] =>PUP.FileTypeHelper
[HKCU\Software\GNU]
[HKCU\Software\GoHD-nv-ie] =>PUP.CrossRider
[HKCU\Software\GoHD-nv] =>PUP.CrossRider
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hawker]
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\IM Providers]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\InstalledThirdPartyPrograms]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KalityWeb] =>Adware.WebAdSystem
[HKCU\Software\LAV]
[HKCU\Software\Licenses]
[HKCU\Software\LogMeInRescueCallingCard]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nosibay]
[HKCU\Software\Opera Software]
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro
[HKCU\Software\PC-Doctor]
[HKCU\Software\PCPrivacyDockLanguage]
[HKCU\Software\PepperZip] =>PUP.PepperZip
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PowerPack]
[HKCU\Software\QtProject]
[HKCU\Software\RapidMediaConverterApp]
[HKCU\Software\Reg]
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard
[HKCU\Software\Samsung]
[HKCU\Software\SaveSenseLive] =>PUP.CrossRider
[HKCU\Software\SimplyTech] =>PUP.SimplyTech
[HKCU\Software\Skype]
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Software]
[HKCU\Software\Streaming Audio Recorder]
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer
[HKCU\Software\Synaptics]
[HKCU\Software\System Speedup] =>PUP.SystemSpeedup
[HKCU\Software\TNT2] =>Adware.TidyNetwork
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Tutorials] =>PUP.AgenceExclusive
[HKCU\Software\UpToDown] =>PUP.UpToDown
[HKCU\Software\UpdateFiles] =>Adware.Boxore
[HKCU\Software\Visualbee] =>Adware.VisualBeeToolbar
[HKCU\Software\Wajam] =>PUP.Wajam
[HKCU\Software\Waves Audio]
[HKCU\Software\Widcomm]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\astromenda] =>PUP.Astromenda
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\ej-technologies]
[HKCU\Software\gamesdesktop] =>Adware.GamesDesktop
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate
[HKCU\Software\kde.org]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKCU\Software\sidecom]
[HKCU\Software\systweak]
[HKCU\Software\tny_cassiopesa]
[HKCU\Software\tuto4pc] =>PUP.AgenceExclusive
[HKCU\Software\winservice86-nv-ie] =>PUP.CrossRider
[HKCU\Software\winservice86-nv] =>PUP.CrossRider
[HKLM\Software\ATI Technologies]
[HKLM\Software\Alps]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Atheros]
[HKLM\Software\Broadcom]
[HKLM\Software\BubbleSound] =>PUP.BubbleSound
[HKLM\Software\CBSTEST]
[HKLM\Software\Canon]
[HKLM\Software\Cirrus]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Creative Tech]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\Dell]
[HKLM\Software\DigitalPersona]
[HKLM\Software\DivX]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HQuality-v3V19.10-nv] =>PUP.CrossRider
[HKLM\Software\HaaliMkx]
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\InstalledOptions]
[HKLM\Software\InstalledThirdPartyPrograms]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\LolliScan] =>Adware.Graftor
[HKLM\Software\Macromedia]
[HKLM\Software\ManageableUpdatePackage]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\ST Microelectronics]
[HKLM\Software\Softland]
[HKLM\Software\Sonic]
[HKLM\Software\Speedchecker Limited] =>PUP.InternetSpeedChecker
[HKLM\Software\Synaptics]
[HKLM\Software\UIU]
[HKLM\Software\Validity]
[HKLM\Software\WIDCOMM_TEMP]
[HKLM\Software\Waves Audio]
[HKLM\Software\WebBar] =>PUP.WebBar
[HKLM\Software\Widcomm]
[HKLM\Software\Wow6432Node\11f7643f-77e0-4a4a-a192-4b7a9e9fbf2a] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\22fbe0a4-6d53-4d01-9877-31667f148858] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]
[HKLM\Software\Wow6432Node\95b48dc0-8b8d-47f8-ab2e-5f40b4109b11] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\971bbd6c-f848-4ae2-9434-b893b6d0f4f1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AmiExt] =>Adware.FlashEnhancer
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Bench] =>PUP.GiganticSavings
[HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf
[HKLM\Software\Wow6432Node\BetterSurf Plus V1] =>PUP.BetterSurf
[HKLM\Software\Wow6432Node\BetterSurf] =>PUP.BetterSurf
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Client]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Creative Tech]
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Dell Computer Corporation]
[HKLM\Software\Wow6432Node\Dell_Wlan]
[HKLM\Software\Wow6432Node\DigitalPersona]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\DivX]
[HKLM\Software\Wow6432Node\DownloaderAssistant] =>PUP.Salus
[HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\FLEXnet]
[HKLM\Software\Wow6432Node\FastSearch]
[HKLM\Software\Wow6432Node\File Type Helper] =>PUP.FileTypeHelper
[HKLM\Software\Wow6432Node\Florian Heidenreich]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate
[HKLM\Software\Wow6432Node\GoHD-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\GoHD-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HQuality-v3V19.10-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR
[HKLM\Software\Wow6432Node\IePlugin]
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KalityWeb] =>Adware.WebAdSystem
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lame For Audacity]
[HKLM\Software\Wow6432Node\LibreOffice]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Lightspark Team]
[HKLM\Software\Wow6432Node\LogMeInRescueCallingCard]
[HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\ManageableUpdatePackage]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\MediaPlayerV1]
[HKLM\Software\Wow6432Node\MediaPlayerV1alpha3537]
[HKLM\Software\Wow6432Node\MediaViewV1] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\MediaViewV1alpha698] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\MediaViewV1alpha7499] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\MediaWatchV1] =>PUP.MediaWatch
[HKLM\Software\Wow6432Node\MediaWatchV1home857] =>PUP.MediaWatch
[HKLM\Software\Wow6432Node\MovieDea]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OnStage]
[HKLM\Software\Wow6432Node\PicexaSvc]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Registry Helper] =>PUP.RegistryHelper
[HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\RichMediaViewV1release1055] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\ST Microelectronics]
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard
[HKLM\Software\Wow6432Node\SafeGuard] =>PUP.SafeGuard
[HKLM\Software\Wow6432Node\Salus] =>PUP.Salus
[HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SoftThinks]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\SuperClick_1.10.0.16]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\TabNav] =>PUP.Abengine
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\The Document Foundation]
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\Universal]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\Validity]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Visualbee] =>Adware.VisualBeeToolbar
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WhiteSmoke_New_V6] =>PUP.WhiteSmoke
[HKLM\Software\Wow6432Node\WinU]
[HKLM\Software\Wow6432Node\Winservices] =>Trojan.Inject.RRE
[HKLM\Software\Wow6432Node\WordProser_1.10.0.1] =>PUP.WordProser
[HKLM\Software\Wow6432Node\WordShark_1.10.0.19]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\Xvid Team]
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\a558af43-d482-4649-b45f-6e1c09b384c2] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\aa73fe5b-d1f7-411f-8961-8d74e4ee2c2e] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\anset]
[HKLM\Software\Wow6432Node\awesomehpSoftware] =>PUP.Awesomehp
[HKLM\Software\Wow6432Node\b56ba8d1-2bff-4555-a80e-09eae0dad631] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\c968f51d-077d-494f-a31c-82fe202a993e] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\delta-homesSoftware] =>Hijacker.DeltaHomes
[HKLM\Software\Wow6432Node\e3bdb18e-b300-43e4-991c-3eac4da6d490] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\flash-Enhancer] =>Adware.FlashEnhancer
[HKLM\Software\Wow6432Node\free ven] =>PUP.Freeven
[HKLM\Software\Wow6432Node\freefallprotection]
[HKLM\Software\Wow6432Node\hdcode]
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.Istart
[HKLM\Software\Wow6432Node\mamverifier]
[HKLM\Software\Wow6432Node\media enhance] =>PUP.MediaPlayerEnhance
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\oursurfingSoftware] =>Hijacker.OurSurfing
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
[HKLM\Software\Wow6432Node\troll]
[HKLM\Software\Wow6432Node\winservice86-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\winservice86-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\winservice86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node]
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
~ Key Software: 574 Scanned in 00mn 05s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/07/2015 - 20:22:49 - [] ----D C:\Program Files (x86)\0ca45c95134d
O43 - CFD: 07/07/2015 - 20:22:35 - [] ----D C:\Program Files (x86)\34c5cc2e-af4c-4dd1-b4e3-89330a3555b0
O43 - CFD: 07/07/2015 - 20:36:45 - [] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 06/07/2015 - 01:01:37 - [] ----D C:\Program Files (x86)\7075d8f6-5e3a-44b5-9ad6-ab229e7e6b97
O43 - CFD: 07/07/2015 - 20:36:46 - [0] ----D C:\Program Files (x86)\732c5602-885d-4b9d-9083-372cdd2690b0
O43 - CFD: 20/05/2015 - 21:58:14 - [] ----D C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris
O43 - CFD: 25/05/2015 - 17:27:02 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 26/10/2013 - 22:57:44 - [0] ----D C:\Program Files (x86)\Amazon
O43 - CFD: 31/07/2014 - 00:29:23 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 24/05/2015 - 23:07:25 - [0] ----D C:\Program Files (x86)\app_setup
O43 - CFD: 20/05/2015 - 21:58:16 - [] ----D C:\Program Files (x86)\ASP
O43 - CFD: 21/05/2014 - 18:50:27 - [] ----D C:\Program Files (x86)\Audacity
O43 - CFD: 04/07/2015 - 15:42:46 - [] ----D C:\Program Files (x86)\AVG Do Not Track
O43 - CFD: 18/06/2015 - 15:10:45 - [] ----D C:\Program Files (x86)\AVG PrivacyFix
O43 - CFD: 31/07/2014 - 00:28:21 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 20/05/2015 - 21:58:17 - [] ----D C:\Program Files (x86)\Boost
O43 - CFD: 07/07/2015 - 20:22:24 - [0] ----D C:\Program Files (x86)\Casual Games
O43 - CFD: 27/05/2015 - 20:12:07 - [] ----D C:\Program Files (x86)\cefcba80-57ad-4734-bbf8-6280bb051e68
O43 - CFD: 07/07/2015 - 20:39:11 - [] ----D C:\Program Files (x86)\CinemaPlus-3.2cV28.05 =>PUP.CrossRider
O43 - CFD: 27/05/2013 - 21:45:39 - [] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 08/07/2015 - 00:42:06 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 15/05/2012 - 09:59:13 - [] ----D C:\Program Files (x86)\Creative
O43 - CFD: 24/05/2015 - 00:49:08 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 28/05/2015 - 20:41:46 - [] ----D C:\Program Files (x86)\d418cfe8-9402-4dd6-b158-1fce1db4af41
O43 - CFD: 21/05/2015 - 22:04:32 - [] ----D C:\Program Files (x86)\deaal4reala =>PUP.Deal4reaL
O43 - CFD: 05/07/2015 - 14:39:24 - [] ----D C:\Program Files (x86)\DealsFuInndeRProo =>PUP.DealsFinderPro
O43 - CFD: 05/07/2015 - 14:39:26 - [] ----D C:\Program Files (x86)\DeaolsFiNderPro =>PUP.DealsFinderPro
O43 - CFD: 04/07/2015 - 15:40:06 - [] ----D C:\Program Files (x86)\DeeaLsFinDErPro =>PUP.DealsFinderPro
O43 - CFD: 15/05/2012 - 09:58:39 - [] ----D C:\Program Files (x86)\Dell Webcam
O43 - CFD: 28/05/2013 - 12:42:13 - [] ----D C:\Program Files (x86)\Dell Wireless
O43 - CFD: 04/10/2013 - 18:04:46 - [] ----D C:\Program Files (x86)\DigitalPersona
O43 - CFD: 07/07/2015 - 19:05:29 - [] ----D C:\Program Files (x86)\DivX
O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\DSP-worx
O43 - CFD: 07/07/2015 - 20:22:36 - [] ----D C:\Program Files (x86)\Easy Speed Check
O43 - CFD: 28/05/2015 - 21:39:31 - [0] ----D C:\Program Files (x86)\Edu App
O43 - CFD: 06/07/2015 - 03:44:29 - [] ----D C:\Program Files (x86)\FastSearch
O43 - CFD: 04/11/2013 - 22:20:21 - [] ----D C:\Program Files (x86)\ffdshow
O43 - CFD: 20/12/2013 - 22:18:32 - [] ----D C:\Program Files (x86)\Freeplane
O43 - CFD: 24/05/2015 - 23:39:25 - [] ----D C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 07/07/2015 - 20:43:11 - [] ----D C:\Program Files (x86)\gmsd_fr_002020023 =>PUP.CrossRider
O43 - CFD: 07/07/2015 - 20:43:12 - [0] ----D C:\Program Files (x86)\gmsd_fr_005010016 =>PUP.CrossRider
O43 - CFD: 07/07/2015 - 20:43:16 - [] ----D C:\Program Files (x86)\GoHD =>PUP.CrossRider
O43 - CFD: 03/10/2013 - 20:08:50 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 05/07/2015 - 14:39:23 - [] ----D C:\Program Files (x86)\greattsAVieng =>PUP.GreatSaving
O43 - CFD: 04/07/2015 - 19:28:00 - [] ----D C:\Program Files (x86)\GUMD29E.tmp
O43 - CFD: 07/07/2015 - 23:43:55 - [] ----D C:\Program Files (x86)\GUPlayer
O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\Haali
O43 - CFD: 07/07/2015 - 20:22:34 - [0] ----D C:\Program Files (x86)\Hades
O43 - CFD: 07/07/2015 - 20:22:48 - [] ----D C:\Program Files (x86)\Hawker
O43 - CFD: 06/07/2015 - 02:18:36 - [0] ----D C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches
O43 - CFD: 07/07/2015 - 20:41:29 - [] ----D C:\Program Files (x86)\HQuality-v3V19.10 =>PUP.CrossRider
O43 - CFD: 06/07/2015 - 00:49:49 - [] ----D C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut
O43 - CFD: 04/03/2014 - 22:56:19 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 13/09/2012 - 15:40:25 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 05/07/2015 - 12:53:13 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 06/07/2015 - 02:56:25 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 05/07/2015 - 14:21:45 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 04/11/2013 - 22:20:13 - [] ----D C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 06/05/2013 - 23:21:36 - [] ----D C:\Program Files (x86)\LibreOffice 4.0
O43 - CFD: 28/05/2012 - 12:52:20 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 19/05/2015 - 01:58:47 - [] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 19/05/2015 - 02:28:25 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 18/12/2013 - 18:15:56 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 15/05/2012 - 10:23:53 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/02/2012 - 12:49:28 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 19/05/2015 - 19:29:27 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 26/10/2013 - 23:28:38 - [] ----D C:\Program Files (x86)\Mp3tag
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 30/03/2015 - 21:37:34 - [] ----D C:\Program Files (x86)\MTG Finder
O43 - CFD: 21/05/2015 - 21:25:55 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 07/07/2015 - 20:22:20 - [] ----D C:\Program Files (x86)\NewPlayer =>Adware.NewPlayer
O43 - CFD: 05/07/2015 - 22:19:20 - [] ----D C:\Program Files (x86)\On Stage
O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\OpenSource Flash Video Splitter
O43 - CFD: 28/06/2015 - 15:29:12 - [0] ----D C:\Program Files (x86)\Opera
O43 - CFD: 24/07/2014 - 23:00:22 - [] ----D C:\Program Files (x86)\Pass-Widget =>PUP.PassWidget
O43 - CFD: 07/07/2015 - 20:23:34 - [] ----D C:\Program Files (x86)\PCP
O43 - CFD: 17/10/2013 - 20:36:02 - [] ----D C:\Program Files (x86)\PhotoFiltre
O43 - CFD: 21/05/2015 - 22:06:04 - [] ----D C:\Program Files (x86)\Picasa Instant Upload Move Enabler
O43 - CFD: 24/05/2015 - 22:06:53 - [] ----D C:\Program Files (x86)\Picexa
O43 - CFD: 24/05/2015 - 21:32:10 - [0] ----D C:\Program Files (x86)\predm =>Adware.Downware
O43 - CFD: 07/07/2015 - 20:38:40 - [] ----D C:\Program Files (x86)\PremierOpinion =>Adware.PremierOpinion
O43 - CFD: 21/06/2014 - 22:28:09 - [] ----D C:\Program Files (x86)\Premium Software =>Trojan.Tivmonk
O43 - CFD: 07/07/2015 - 20:23:13 - [] ----D C:\Program Files (x86)\PriceDowineloader =>PUP.PriceDownloader
O43 - CFD: 07/07/2015 - 20:23:14 - [] ----D C:\Program Files (x86)\PriCeDoWnloADer =>PUP.PriceDownloader
O43 - CFD: 24/05/2015 - 23:07:40 - [0] ----D C:\Program Files (x86)\Priceless =>PUP.PriceLess
O43 - CFD: 05/07/2015 - 22:10:55 - [0] ----D C:\Program Files (x86)\Probit Software =>PUP.ProbitSoftware
O43 - CFD: 05/07/2015 - 14:38:15 - [] ----D C:\Program Files (x86)\PrriCeDownaloaderr =>PUP.PriceDownloader
O43 - CFD: 04/03/2014 - 22:56:19 - [0] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 23/12/2013 - 13:04:17 - [] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 05/07/2015 - 03:44:46 - [] ----D C:\Program Files (x86)\SaoftoCeoup =>PUP.RandomName
O43 - CFD: 05/07/2015 - 03:44:43 - [] ----D C:\Program Files (x86)\savInshop =>PUP.SavinShop
O43 - CFD: 05/07/2015 - 14:39:26 - [] ----D C:\Program Files (x86)\sHoepndrop =>PUP.ShopDrop
O43 - CFD: 08/07/2015 - 00:42:06 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 07/07/2015 - 20:37:05 - [] ----D C:\Program Files (x86)\Smarts8
O43 - CFD: 07/07/2015 - 20:22:42 - [] ----D C:\Program Files (x86)\Smwyyntm1ndi1zdz
O43 - CFD: 18/06/2015 - 15:09:42 - [] ----D C:\Program Files (x86)\SofftCuoup =>PUP.RandomName
O43 - CFD: 05/07/2015 - 03:44:39 - [] ----D C:\Program Files (x86)\SoftCoupe =>PUP.RandomName
O43 - CFD: 07/10/2013 - 20:32:34 - [] ----D C:\Program Files (x86)\Software
O43 - CFD: 24/05/2015 - 13:14:24 - [] ----D C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser
O43 - CFD: 22/10/2013 - 00:20:52 - [] ----D C:\Program Files (x86)\Spotydl
O43 - CFD: 24/09/2012 - 08:39:13 - [] ----D C:\Program Files (x86)\ST Microelectronics
O43 - CFD: 15/05/2012 - 10:09:29 - [] ----D C:\Program Files (x86)\STMicroelectronics
O43 - CFD: 06/07/2015 - 00:38:05 - [] ----D C:\Program Files (x86)\Streak for Gmail
O43 - CFD: 07/07/2015 - 20:22:36 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 06/07/2015 - 02:18:44 - [0] ----D C:\Program Files (x86)\TerminusStable
O43 - CFD: 15/05/2012 - 10:10:20 - [] ----D C:\Program Files (x86)\Texas Instruments Inc
O43 - CFD: 04/07/2015 - 18:44:50 - [] ----D C:\Program Files (x86)\Tny_Cassiopesa
O43 - CFD: 06/07/2015 - 02:18:46 - [0] ----D C:\Program Files (x86)\TrimModule
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 28/05/2012 - 12:40:00 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 20/05/2015 - 21:58:39 - [] ----D C:\Program Files (x86)\WebAdSystem =>Adware.WebAdSystem
O43 - CFD: 24/05/2015 - 23:57:27 - [] ----D C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch
O43 - CFD: 05/10/2013 - 13:01:40 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 18/12/2013 - 18:18:29 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 05/07/2015 - 12:53:26 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 07/07/2015 - 20:39:05 - [0] ----D C:\Program Files (x86)\winservice86 =>PUP.CrossRider
O43 - CFD: 20/05/2015 - 21:58:41 - [] ----D C:\Program Files (x86)\WordProser_1.10.0.1 =>PUP.WordProser
O43 - CFD: 04/11/2013 - 22:21:06 - [] ----D C:\Program Files (x86)\Xvid
O43 - CFD: 08/07/2015 - 13:26:39 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 08/07/2015 - 12:46:58 - [] ----D C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8
O43 - CFD: 25/05/2015 - 17:27:04 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 17/02/2015 - 02:35:57 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 28/05/2013 - 12:37:12 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 22/06/2014 - 00:10:40 - [] ----D C:\Program Files (x86)\Common Files\Config
O43 - CFD: 07/07/2015 - 19:04:04 - [] ----D C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD: 21/10/2013 - 23:10:49 - [] ----D C:\Program Files (x86)\Common Files\i4j_jres
O43 - CFD: 04/10/2013 - 18:04:59 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 13/09/2012 - 15:26:52 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 13/09/2012 - 15:23:20 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 05/07/2015 - 14:20:19 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 18/12/2013 - 18:17:58 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 15/05/2012 - 10:02:35 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 26/05/2012 - 03:49:06 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 15/05/2012 - 10:22:26 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 24/05/2015 - 03:59:37 - [] ----D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
O43 - CFD: 18/06/2015 - 14:33:37 - [0] ----D C:\ProgramData\2678128400004297
O43 - CFD: 08/07/2015 - 12:45:32 - [] ----D C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8
O43 - CFD: 17/02/2015 - 02:35:57 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 01/03/2015 - 20:35:53 - [0] ----D C:\ProgramData\374311380
O43 - CFD: 06/07/2015 - 00:38:33 - [] ----D C:\ProgramData\5551195122105854317
O43 - CFD: 06/07/2015 - 02:04:51 - [0] ----D C:\ProgramData\6c54da2e97bd4bf69fea341a446a9746
O43 - CFD: 24/05/2015 - 21:30:13 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 14/05/2014 - 20:37:33 - [] ----D C:\ProgramData\Activeris =>PUP.Activeris
O43 - CFD: 25/05/2015 - 17:26:35 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 31/07/2014 - 00:29:08 - [] ----D C:\ProgramData\Apple
O43 - CFD: 31/07/2014 - 00:31:48 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 23/01/2014 - 16:07:56 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 07/12/2014 - 17:05:06 - [] ----D C:\ProgramData\atjs
O43 - CFD: 24/05/2015 - 00:53:37 - [] ----D C:\ProgramData\Atubonop
O43 - CFD: 06/07/2015 - 00:57:20 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 03/10/2013 - 19:58:55 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 24/05/2015 - 13:09:53 - [] ----D C:\ProgramData\Browser
O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 17/10/2013 - 18:23:34 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 22/01/2014 - 15:59:31 - [0] ----D C:\ProgramData\Conduit
O43 - CFD: 15/05/2012 - 10:07:47 - [] ----D C:\ProgramData\Conexant
O43 - CFD: 13/09/2012 - 15:31:39 - [] ----D C:\ProgramData\Creative
O43 - CFD: 06/07/2015 - 02:04:49 - [0] ----D C:\ProgramData\dc9def169e834b19aff83090e5e3337a
O43 - CFD: 27/05/2013 - 21:41:03 - [] ----D C:\ProgramData\Dell
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 07/07/2015 - 19:05:35 - [] ----D C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 15/05/2012 - 10:25:32 - [] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 06/07/2015 - 02:55:17 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 25/05/2015 - 15:17:31 - [] ----D C:\ProgramData\FlashBeat =>PUP.FlashBeat
O43 - CFD: 15/05/2012 - 10:25:39 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 06/07/2015 - 02:18:53 - [] ----D C:\ProgramData\IePluginService =>PUP.IePluginService
O43 - CFD: 07/07/2015 - 20:23:15 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 16/02/2015 - 23:51:42 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
O43 - CFD: 13/09/2012 - 15:07:37 - [] ----D C:\ProgramData\Intel
O43 - CFD: 24/05/2015 - 23:15:14 - [] ----D C:\ProgramData\LolliScan =>Adware.Graftor
O43 - CFD: 15/05/2012 - 10:25:46 - [] ----D C:\ProgramData\Macrovision
O43 - CFD: 21/01/2014 - 20:53:09 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 17/05/2015 - 13:59:35 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 18/12/2013 - 18:15:31 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 06/07/2015 - 22:09:05 - [] ----D C:\ProgramData\MovieDeaConfig
O43 - CFD: 28/05/2012 - 11:01:33 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 07/07/2015 - 20:22:43 - [0] ----D C:\ProgramData\NavRight
O43 - CFD: 05/07/2015 - 14:23:30 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 25/05/2015 - 00:05:48 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 11/06/2013 - 16:20:04 - [] ----D C:\ProgramData\PCDr
O43 - CFD: 18/06/2015 - 14:35:14 - [] ----D C:\ProgramData\Radio
O43 - CFD: 05/07/2015 - 20:22:49 - [] ----D C:\ProgramData\Registry Helper =>PUP.RegistryHelper
O43 - CFD: 15/05/2012 - 10:15:17 - [] ----D C:\ProgramData\Roaming
O43 - CFD: 15/03/2014 - 18:30:42 - [] ----D C:\ProgramData\SaveSenseLive =>PUP.CrossRider
O43 - CFD: 08/07/2015 - 00:41:47 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 07/10/2013 - 21:36:16 - [] ----D C:\ProgramData\Sun
O43 - CFD: 24/03/2015 - 22:42:42 - [] ----D C:\ProgramData\Systweak
O43 - CFD: 14/05/2014 - 20:57:25 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 07/07/2015 - 20:22:52 - [] ----D C:\ProgramData\TicTaCoupon =>PUP.TicTaCoupon
O43 - CFD: 15/05/2012 - 10:14:20 - [0] ----D C:\ProgramData\Validity
O43 - CFD: 06/07/2015 - 02:18:55 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 20/05/2015 - 21:54:57 - [] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 24/05/2015 - 13:32:43 - [] ----D C:\ProgramData\{051ab5be-a844-fc94-051a-ab5bea84d6fa}
O43 - CFD: 06/07/2015 - 03:42:20 - [] ----D C:\ProgramData\{255b74b1-d838-6576-255b-b74b1d83d2c7}
O43 - CFD: 25/05/2015 - 00:39:51 - [] ----D C:\ProgramData\{2a91148f-35ec-ea01-2a91-1148f35e523c}
O43 - CFD: 25/05/2015 - 16:54:33 - [] ----D C:\ProgramData\{34e38cd9-f067-60c3-34e3-38cd9f063367}
O43 - CFD: 24/05/2015 - 14:38:13 - [] ----D C:\ProgramData\{74a1a381-e0b6-0848-74a1-1a381e0b8e07}
O43 - CFD: 20/05/2015 - 23:00:39 - [] ----D C:\ProgramData\{841d1f74-d1cd-67d1-841d-d1f74d1c7dd3}
O43 - CFD: 20/05/2015 - 23:03:00 - [] ----D C:\ProgramData\{8f4535e5-876b-d544-8f45-535e5876d796}
O43 - CFD: 25/05/2015 - 15:06:05 - [] ----D C:\ProgramData\{b6a04965-3967-fcf6-b6a0-049653962594}
O43 - CFD: 04/07/2015 - 18:44:43 - [] ----D C:\ProgramData\{C03F28FC-90BD-F97A-213B-89F8F1B95A76}
O43 - CFD: 05/07/2015 - 00:34:52 - [] ----D C:\ProgramData\{c728c226-cf1c-0642-c728-8c226cf1089b}
O43 - CFD: 25/05/2015 - 15:59:31 - [] ----D C:\ProgramData\{cf4dd275-99dc-2f9d-cf4d-dd27599d49d6}
O43 - CFD: 24/05/2015 - 22:58:27 - [] ----D C:\ProgramData\{da47987d-9949-073b-da47-7987d99461f6}
O43 - CFD: 24/05/2015 - 00:30:32 - [] ----D C:\ProgramData\{dd2265a0-1232-d470-dd22-265a01239680}
O43 - CFD: 07/07/2015 - 19:06:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 03/10/2013 - 19:02:10 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/05/2014 - 20:37:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware =>PUP.Activeris
O43 - CFD: 24/03/2015 - 22:42:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 07/07/2015 - 18:02:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 03/10/2013 - 19:53:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 24/05/2015 - 00:49:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 07/07/2015 - 19:05:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
O43 - CFD: 01/11/2014 - 02:03:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer =>PUP.FastPlayer
O43 - CFD: 04/11/2013 - 22:20:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
O43 - CFD: 14/06/2014 - 15:15:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
O43 - CFD: 20/12/2013 - 22:18:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeplane
O43 - CFD: 04/11/2013 - 22:20:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 24/05/2015 - 23:05:01 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hawker
O43 - CFD: 06/07/2015 - 03:01:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 05/07/2015 - 14:17:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 29/01/2014 - 21:11:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git
O43 - CFD: 24/05/2015 - 19:29:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Bureautique & Internet
O43 - CFD: 06/06/2012 - 08:37:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Outils Divers
O43 - CFD: 26/09/2012 - 07:19:44 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Outils Système
O43 - CFD: 18/05/2015 - 20:23:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 26/10/2013 - 23:28:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
O43 - CFD: 22/10/2014 - 14:51:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer =>Adware.NewPlayer
O43 - CFD: 14/05/2014 - 20:36:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max =>PUP.OptimizerEliteMax
O43 - CFD: 01/11/2014 - 02:00:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip =>PUP.PepperZip
O43 - CFD: 17/10/2013 - 20:36:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
O43 - CFD: 07/07/2015 - 02:40:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion =>Adware.PremierOpinion
O43 - CFD: 14/06/2014 - 15:12:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Software =>Trojan.Tivmonk
O43 - CFD: 24/05/2015 - 19:29:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong
O43 - CFD: 26/05/2015 - 16:38:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeGuard =>PUP.SafeGuard
O43 - CFD: 22/10/2013 - 00:20:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
O43 - CFD: 07/10/2013 - 21:32:19 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/11/2014 - 02:00:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer
O43 - CFD: 14/06/2014 - 14:53:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup
O43 - CFD: 06/07/2015 - 02:36:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 24/05/2015 - 23:57:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch
O43 - CFD: 18/12/2013 - 18:20:08 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 04/11/2013 - 22:20:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
O43 - CFD: 08/07/2015 - 13:26:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 07/12/2014 - 17:05:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\3toU3mm
O43 - CFD: 07/07/2015 - 22:42:33 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931
O43 - CFD: 25/05/2015 - 15:58:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432562322-3110-8046-B2C04F315931
O43 - CFD: 07/07/2015 - 22:42:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7cI7WeQ
O43 - CFD: 01/03/2015 - 21:22:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7fHYHTq
O43 - CFD: 01/03/2015 - 20:47:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7L9GUhc
O43 - CFD: 07/07/2015 - 22:42:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\9hFs6LG
O43 - CFD: 20/05/2015 - 21:58:39 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Activeris =>PUP.Activeris
O43 - CFD: 04/10/2013 - 17:59:14 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Adobe
O43 - CFD: 24/05/2015 - 23:55:43 - [] -SH-D D:\Utilisateurs\célia\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 21/10/2013 - 22:12:32 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Apowersoft
O43 - CFD: 06/07/2015 - 03:08:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Apple Computer
O43 - CFD: 21/01/2015 - 19:43:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ASP
O43 - CFD: 31/07/2014 - 00:16:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Astromenda =>PUP.Astromenda
O43 - CFD: 24/09/2012 - 07:22:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Atheros
O43 - CFD: 21/05/2014 - 18:54:46 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Audacity
O43 - CFD: 06/07/2015 - 02:07:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\AVAST Software
O43 - CFD: 17/12/2014 - 20:23:18 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\BBdX5AJ
O43 - CFD: 07/07/2015 - 22:52:48 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\BlptK9X
O43 - CFD: 07/07/2015 - 22:52:49 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\C94WpYy
O43 - CFD: 29/01/2015 - 22:10:06 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\c9w3S7v
O43 - CFD: 08/07/2015 - 13:21:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 04/11/2013 - 22:20:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\CDXReader
O43 - CFD: 21/01/2015 - 20:45:32 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\CeRbeVX
O43 - CFD: 01/08/2012 - 10:57:24 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Creative
O43 - CFD: 07/10/2013 - 20:35:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 28/09/2012 - 10:34:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Dell
O43 - CFD: 04/10/2013 - 18:13:29 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\DigitalPersona
O43 - CFD: 27/12/2013 - 18:51:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\DivX
O43 - CFD: 05/07/2015 - 20:28:12 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp
O43 - CFD: 28/05/2015 - 20:49:00 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Easy Speed PC
O43 - CFD: 04/10/2013 - 18:04:48 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\FLEXnet
O43 - CFD: 07/07/2015 - 22:52:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\fNyKNDV
O43 - CFD: 02/11/2013 - 15:27:22 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Freeplane
O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\fXA7ZWu
O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\g3dLhln
O43 - CFD: 26/10/2013 - 22:25:42 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Groovedown_Uninstall
O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\gVH9NQO
O43 - CFD: 07/07/2015 - 19:31:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\hljorppg
O43 - CFD: 07/07/2015 - 22:52:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Hztc0st
O43 - CFD: 01/08/2012 - 10:56:51 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Identities
O43 - CFD: 13/09/2012 - 15:06:43 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\InstallShield
O43 - CFD: 13/09/2012 - 14:39:29 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Intel
O43 - CFD: 01/08/2012 - 10:57:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Intel Corporation
O43 - CFD: 18/02/2015 - 22:00:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Intelli-studio
O43 - CFD: 06/07/2015 - 00:26:28 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ironsource
O43 - CFD: 07/07/2015 - 22:53:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\IVYw8x1
O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jhhkt4s
O43 - CFD: 07/07/2015 - 01:05:12 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jkzhqxzt
O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\JWqfJOL
O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jXJptzM
O43 - CFD: 07/07/2015 - 22:53:09 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\k12SmyQ
O43 - CFD: 07/07/2015 - 01:06:21 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy
O43 - CFD: 04/11/2013 - 22:20:09 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\LavFilters
O43 - CFD: 03/10/2013 - 19:49:29 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\LibreOffice
O43 - CFD: 17/12/2014 - 22:40:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\m0Wb767
O43 - CFD: 01/08/2012 - 11:02:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Macromedia
O43 - CFD: 04/10/2013 - 18:04:52 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Macrovision
O43 - CFD: 21/01/2014 - 20:54:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Malwarebytes
O43 - CFD: 07/07/2015 - 22:51:58 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\MbQHHQA
O43 - CFD: 15/05/2012 - 12:46:37 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Media Center Programs
O43 - CFD: 21/10/2013 - 22:29:03 - [] -S--D D:\Utilisateurs\célia\AppData\Roaming\Microsoft
O43 - CFD: 01/08/2012 - 10:59:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Mozilla
O43 - CFD: 25/10/2014 - 01:20:31 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Mp3tag
O43 - CFD: 14/03/2014 - 03:32:50 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 08/10/2013 - 19:11:46 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Nosibay =>PUP.BubbleDock
O43 - CFD: 07/07/2015 - 22:52:33 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ofDcp0Q
O43 - CFD: 25/05/2015 - 16:13:41 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\oursurfing =>Hijacker.OurSurfing
O43 - CFD: 24/05/2015 - 23:46:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PC Privacy Dock
O43 - CFD: 28/09/2012 - 10:34:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PCDr
O43 - CFD: 17/10/2013 - 20:49:43 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PhotoFiltre
O43 - CFD: 07/07/2015 - 22:52:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PqRZsZS
O43 - CFD: 24/05/2015 - 20:06:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Pro PC Cleaner =>PUP.DoctorPC
O43 - CFD: 07/07/2015 - 22:52:38 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PwCNQaH
O43 - CFD: 13/09/2012 - 15:31:39 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Reallusion
O43 - CFD: 07/07/2015 - 22:52:38 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\rhvkZW0
O43 - CFD: 08/07/2015 - 00:41:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Skype
O43 - CFD: 11/06/2013 - 16:16:42 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Softland
O43 - CFD: 07/07/2015 - 16:40:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Spotify
O43 - CFD: 22/10/2013 - 02:42:30 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Spotydl
O43 - CFD: 13/06/2014 - 20:14:27 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 24/05/2015 - 22:58:46 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\sursenel
O43 - CFD: 06/07/2015 - 01:01:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Systweak
O43 - CFD: 04/07/2015 - 18:44:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Tny_cassiopesa
O43 - CFD: 07/07/2015 - 22:53:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\tY32mRt
O43 - CFD: 07/07/2015 - 22:53:03 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vj42M4Q
O43 - CFD: 24/05/2015 - 03:17:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vlc
O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vY4Gjsm
O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\wEh9ste
O43 - CFD: 31/01/2014 - 19:40:46 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Windows Live Writer
O43 - CFD: 06/07/2015 - 00:26:28 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\winservices =>Trojan.Inject.RRE
O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\WUlPkfL
O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\xD5vMQi
O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\xZFgArf
O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\YcSrbDb
O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\YfOoDrC
O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\yMRVGuQ
O43 - CFD: 21/01/2015 - 22:19:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ysLWf5C
O43 - CFD: 08/07/2015 - 13:32:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 17/05/2015 - 14:36:35 - [0] ----D D:\Utilisateurs\célia\AppData\Local\10004
O43 - CFD: 06/07/2015 - 02:18:56 - [] ----D D:\Utilisateurs\célia\AppData\Local\1387
O43 - CFD: 07/07/2015 - 22:22:55 - [] ----D D:\Utilisateurs\célia\AppData\Local\4C4C4544-1432508804-3110-8046-B2C04F315931
O43 - CFD: 28/06/2015 - 15:43:24 - [] ----D D:\Utilisateurs\célia\AppData\Local\A8C4B549-794-4D30-9811-97B4B6BD746C
O43 - CFD: 04/10/2013 - 17:59:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\Adobe
O43 - CFD: 26/05/2015 - 16:39:45 - [] ----D D:\Utilisateurs\célia\AppData\Local\Alerts_LLC =>PUP.AlertsLLC
O43 - CFD: 31/07/2014 - 00:29:36 - [] ----D D:\Utilisateurs\célia\AppData\Local\Apple
O43 - CFD: 31/07/2014 - 00:34:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\Apple Computer
O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Application Data
O43 - CFD: 25/05/2015 - 15:16:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\Astromenda =>PUP.Astromenda
O43 - CFD: 03/10/2013 - 20:48:24 - [] ----D D:\Utilisateurs\célia\AppData\Local\avgchrome
O43 - CFD: 24/09/2012 - 07:25:56 - [] ----D D:\Utilisateurs\célia\AppData\Local\BMExplorer
O43 - CFD: 04/11/2013 - 22:20:52 - [] ----D D:\Utilisateurs\célia\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 19/01/2013 - 09:42:11 - [] ----D D:\Utilisateurs\célia\AppData\Local\Broadcom
O43 - CFD: 29/01/2014 - 21:12:22 - [0] ----D D:\Utilisateurs\célia\AppData\Local\cache
O43 - CFD: 04/07/2015 - 18:49:27 - [] ----D D:\Utilisateurs\célia\AppData\Local\Chromium
O43 - CFD: 14/05/2014 - 20:57:53 - [] ----D D:\Utilisateurs\célia\AppData\Local\com
O43 - CFD: 29/01/2014 - 21:05:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\Conduit
O43 - CFD: 01/08/2012 - 10:57:33 - [] ----D D:\Utilisateurs\célia\AppData\Local\Conexant
O43 - CFD: 07/07/2015 - 18:02:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\CrashDumps
O43 - CFD: 07/10/2013 - 21:40:10 - [] ----D D:\Utilisateurs\célia\AppData\Local\CRE
O43 - CFD: 24/05/2015 - 00:50:06 - [] ----D D:\Utilisateurs\célia\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 07/10/2013 - 20:35:13 - [] ----D D:\Utilisateurs\célia\AppData\Local\DealPlyLive =>PUP.DealPly
O43 - CFD: 24/03/2015 - 22:53:42 - [] ----D D:\Utilisateurs\célia\AppData\Local\Diagnostics
O43 - CFD: 04/10/2013 - 18:13:29 - [] ----D D:\Utilisateurs\célia\AppData\Local\DigitalPersona
O43 - CFD: 13/09/2012 - 15:22:22 - [] ----D D:\Utilisateurs\célia\AppData\Local\Downloaded Installations
O43 - CFD: 07/10/2013 - 21:40:25 - [] ----D D:\Utilisateurs\célia\AppData\Local\Duuqu =>PUP.Duuqu
O43 - CFD: 24/03/2015 - 22:54:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\ElevatedDiagnostics
O43 - CFD: 07/10/2013 - 21:38:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\emaze
O43 - CFD: 05/07/2015 - 14:00:35 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieBrowserModeList
O43 - CFD: 05/07/2015 - 14:00:26 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieSiteList
O43 - CFD: 05/07/2015 - 14:00:32 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieUserList
O43 - CFD: 29/01/2014 - 21:09:47 - [0] ----D D:\Utilisateurs\célia\AppData\Local\genienext =>PUP.NextLive
O43 - CFD: 14/05/2014 - 20:36:17 - [] ----D D:\Utilisateurs\célia\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 07/07/2015 - 20:12:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_002020023 =>PUP.CrossRider
O43 - CFD: 28/06/2015 - 15:17:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010016 =>PUP.CrossRider
O43 - CFD: 07/07/2015 - 19:51:28 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010022 =>PUP.CrossRider
O43 - CFD: 03/10/2013 - 20:13:58 - [] ----D D:\Utilisateurs\célia\AppData\Local\Google
O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Historique
O43 - CFD: 22/10/2013 - 00:34:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\JDownloader 2.0
O43 - CFD: 29/01/2014 - 21:08:41 - [] ----D D:\Utilisateurs\célia\AppData\Local\KalityWeb =>Adware.WebAdSystem
O43 - CFD: 26/09/2012 - 07:14:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\Macromedia
O43 - CFD: 06/07/2015 - 22:28:29 - [] ----D D:\Utilisateurs\célia\AppData\Local\Microsoft
O43 - CFD: 04/03/2014 - 23:04:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\Mobogenie =>PUP.Mobogenie
O43 - CFD: 05/10/2013 - 13:07:32 - [] ----D D:\Utilisateurs\célia\AppData\Local\Mozilla
O43 - CFD: 01/11/2014 - 01:59:18 - [] ----D D:\Utilisateurs\célia\AppData\Local\MySearchs =>Adware.MyWebSearch
O43 - CFD: 14/05/2014 - 20:39:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\newplayer =>Adware.NewPlayer
O43 - CFD: 12/06/2014 - 10:05:21 - [] ----D D:\Utilisateurs\célia\AppData\Local\Packages
O43 - CFD: 24/05/2015 - 23:07:17 - [] ----D D:\Utilisateurs\célia\AppData\Local\PC_Privacy_Dock
O43 - CFD: 07/10/2013 - 20:32:34 - [] ----D D:\Utilisateurs\célia\AppData\Local\Programs
O43 - CFD: 27/05/2015 - 13:58:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\SafeGuard =>PUP.SafeGuard
O43 - CFD: 15/03/2014 - 18:30:42 - [] ----D D:\Utilisateurs\célia\AppData\Local\SaveSenseLive =>PUP.CrossRider
O43 - CFD: 14/06/2014 - 14:51:34 - [] ----D D:\Utilisateurs\célia\AppData\Local\SearchProtect =>PUP.SearchProtect
O43 - CFD: 04/07/2015 - 18:41:22 - [] ----D D:\Utilisateurs\célia\AppData\Local\Setup12209574
O43 - CFD: 19/05/2015 - 22:33:04 - [] ----D D:\Utilisateurs\célia\AppData\Local\Skype
O43 - CFD: 07/10/2013 - 20:37:31 - [] ----D D:\Utilisateurs\célia\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 07/07/2015 - 22:32:43 - [] ----D D:\Utilisateurs\célia\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 08/10/2013 - 19:08:16 - [] ----D D:\Utilisateurs\célia\AppData\Local\SoftThinks
O43 - CFD: 24/05/2015 - 13:22:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\speed browser =>PUP.SpeedBrowser
O43 - CFD: 07/07/2015 - 14:55:51 - [] ----D D:\Utilisateurs\célia\AppData\Local\Spotify
O43 - CFD: 29/01/2014 - 21:04:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 08/07/2015 - 13:32:51 - [] ----D D:\Utilisateurs\célia\AppData\Local\Temp
O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Temporary Internet Files
O43 - CFD: 24/05/2015 - 19:32:37 - [] ----D D:\Utilisateurs\célia\AppData\Local\WebBar =>PUP.WebBar
O43 - CFD: 24/05/2015 - 23:57:55 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch
O43 - CFD: 24/05/2015 - 01:25:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windows Live
O43 - CFD: 31/01/2014 - 19:41:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windows Live Writer
O43 - CFD: 07/07/2015 - 23:29:57 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 08/07/2015 - 12:40:12 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
O43 - CFD: 07/07/2015 - 23:29:57 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 429 Scanned in 00mn 08s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A29BAFC1543F9D2234AFFFEA9BCE76C8] - 04/07/2015 - 15:31:35 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [24917504]
O44 - LFC:[MD5.06A8CE6C3AE6B7916F026B0EFDDCAAA5] - 04/07/2015 - 15:31:43 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [199680]
O44 - LFC:[MD5.2BC2D3A41BB755487FD55C09938F00BC] - 04/07/2015 - 15:31:44 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [417792]
O44 - LFC:[MD5.16091938F6CDBCCCBA1CBE24600121BC] - 04/07/2015 - 15:31:44 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [88064]
O44 - LFC:[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - 04/07/2015 - 15:31:45 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2426880]
O44 - LFC:[MD5.CFA52E2FE8E623042A1EEF96EB1B9481] - 04/07/2015 - 15:31:46 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [6026240]
O44 - LFC:[MD5.3854BFE1C0F14872C94501421CC40813] - 04/07/2015 - 15:31:46 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [814080]
O44 - LFC:[MD5.4A5A84B457C72E79A64AE4036EC6BB0E] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1359360]
O44 - LFC:[MD5.83781DF625A4448B39410D7FA2BDC48D] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [816640]
O44 - LFC:[MD5.ACD6FE6C82B93813F023FC01A51CB940] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160]
O44 - LFC:[MD5.AE5A2843B4A2E1E558B9EE13EF62CCE5] - 04/07/2015 - 15:31:48 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [14404096]
O44 - LFC:[MD5.35622F5A652C4E16774234DCA0026E74] - 04/07/2015 - 15:31:49 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [633856]
O44 - LFC:[MD5.AFF5C12099B87FA645F8867701729894] - 04/07/2015 - 15:31:51 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [54784]
O44 - LFC:[MD5.0EDA3219FA027A486AA11269355AB279] - 04/07/2015 - 15:31:51 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [144384]
O44 - LFC:[MD5.33B5F1A727FACDEA7CDA0E35FFAADDCF] - 04/07/2015 - 15:31:52 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [584192]
O44 - LFC:[MD5.FF84182188CA8F0DC28CFED06C9B7816] - 04/07/2015 - 15:31:53 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2125824]
O44 - LFC:[MD5.6E295C7364DAEB151CC0E98434B6AC92] - 04/07/2015 - 15:31:53 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2885632]
O44 - LFC:[MD5.7F8F9AE03D1BA4354671E05F07A40F1A] - 04/07/2015 - 15:31:54 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768]
O44 - LFC:[MD5.5F8EE9311ECF078CD9426874FFAD660C] - 04/07/2015 - 15:31:55 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [66560]
O44 - LFC:[MD5.083BCA14FCE290D682D8DAC9372CBF23] - 04/07/2015 - 15:31:56 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [801280]
O44 - LFC:[MD5.57DFACB53ED16190EF732E2430B39741] - 04/07/2015 - 15:31:57 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [968704]
O44 - LFC:[MD5.36F3718E67F442F54AB4A39DCDD8FD19] - 04/07/2015 - 15:31:58 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.6ABFC5736EC920C4436F32111F5CBCEE] - 04/07/2015 - 15:31:59 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1545728]
O44 - LFC:[MD5.D202078FBA3A77B85D39669EE4110DE2] - 04/07/2015 - 15:31:59 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [389840]
O44 - LFC:[MD5.3C3E159F284F51D55DB59C3D0B843979] - 04/07/2015 - 15:32:00 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.4BD747AAF01C480901B3E777EC48826B] - 04/07/2015 - 15:32:02 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [77824]
O44 - LFC:[MD5.9E2B8C0601E3D460F78F0233B509CE4F] - 04/07/2015 - 15:32:03 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [34304]
O44 - LFC:[MD5.70D24021ED327CE7FFA9DEE327BB4C6B] - 04/07/2015 - 15:32:04 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [720384]
O44 - LFC:[MD5.9DB8E01D5A546FAFCACE95489E351186] - 04/07/2015 - 15:32:05 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640]
O44 - LFC:[MD5.73509D13542A90E260F45D1D6D4100A8] - 04/07/2015 - 15:32:06 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [114688]
O44 - LFC:[MD5.36E0DDD19038C92B7C7709BFA03F813F] - 04/07/2015 - 15:32:19 ---A- . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\Drivers\stream.sys [69888]
O44 - LFC:[MD5.8A4EB32C7C948F70EAC6F85063596A39] - 04/07/2015 - 15:45:19 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\UtcResources.dll [36864]
O44 - LFC:[MD5.837BBE4170D5A75F293BD6F294A8FE34] - 04/07/2015 - 15:45:19 ---A- . (.Microsoft Corporation - Nom d’audit des objets système.) -- C:\Windows\System32\msobjs.dll [60416]
O44 - LFC:[MD5.6E882D7CA34073890107559B5A515A24] - 04/07/2015 - 15:45:20 ---A- . (.Microsoft Corporation - DLL des événements d’audit de la sécurité.) -- C:\Windows\System32\msaudite.dll [146432]
O44 - LFC:[MD5.6ACFCC28E4D60B5A931D8749332A14E2] - 04/07/2015 - 15:45:21 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [686080]
O44 - LFC:[MD5.81B68AEDFF64F9312E3A4091DC3B4350] - 04/07/2015 - 15:45:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [3072]
O44 - LFC:[MD5.D7BE1B4E54F5BF66B2F64F14FF089213] - 04/07/2015 - 15:45:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [4096]
O44 - LFC:[MD5.AF557D115972A73964FC8F209300948A] - 04/07/2015 - 15:45:23 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\System32\apisetschema.dll [6656]
O44 - LFC:[MD5.7374BE3C94F721974EB7CEE6CAC080A1] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [3072]
O44 - LFC:[MD5.461C11B3B0CD6EFD74F282CA160BB3E5] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [3072]
O44 - LFC:[MD5.217AF5666CD1D01BDA05957A3BA4ED56] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [6144]
O44 - LFC:[MD5.D0C051A23DD90BDD11DE6B220F865CB2] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [3072]
O44 - LFC:[MD5.762405262030AB9270FC0FB58443331D] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [3072]
O44 - LFC:[MD5.CF1EBDF8579610BC08B5AF54D153DF5E] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [3072]
O44 - LFC:[MD5.F4D2A9604AC45AA1ECD774A4A43D5507] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [5120]
O44 - LFC:[MD5.129C00E47C8B1235B360E8AA021C172F] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [3072]
O44 - LFC:[MD5.A61BA1D836FAD2B758B4272F46B9E6B7] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [3584]
O44 - LFC:[MD5.1F8369639C3868BEF7DC793C88F58802] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [3072]
O44 - LFC:[MD5.6A130893D14B0A3052888829A50CDC82] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [3072]
O44 - LFC:[MD5.37BCFB564EC2A718EC5232F848CB10CC] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [3072]
O44 - LFC:[MD5.69EEE5C0512DB117631DFE0EEB389E2C] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [3584]
O44 - LFC:[MD5.8853BF5D5B9F71E845254645D65B3B44] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [4096]
O44 - LFC:[MD5.B7961B430491D17B0D29C5A6D0AB83CB] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [3584]
O44 - LFC:[MD5.C52469860312C68D513FBA2311DC3E86] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [3584]
O44 - LFC:[MD5.4DCCC113E1C4DF0C11A812F1C1E4647A] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [3584]
O44 - LFC:[MD5.ACC2BFDE75FC405C5274E799296BA164] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [3584]
O44 - LFC:[MD5.234884F84DF4660FAF16A0513A6AC391] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [4608]
O44 - LFC:[MD5.64325654E2CE9CCAFEEBCB41CB3B9289] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [3072]
O44 - LFC:[MD5.DE65205699C893FCE741F3B7EFB84B05] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [3584]
O44 - LFC:[MD5.01432C6FF4C172490A50B824AFA51714] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [3072]
O44 - LFC:[MD5.062001070BC49D7D17A480FC2DFEFCD0] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [4096]
O44 - LFC:[MD5.766461F29A75E0CD208E220BC122F28F] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [4096]
O44 - LFC:[MD5.150E7CF40A92220624BA38B4F14E7490] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [4608]
O44 - LFC:[MD5.7CA867AB1775550C9370F57463DE3BF4] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [3072]
O44 - LFC:[MD5.20BD408AC3F8576997D6A47F48A1C5B2] - 04/07/2015 - 15:45:28 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\Windows\System32\wow64cpu.dll [13312]
O44 - LFC:[MD5.289D99B0879C6ED5C6D1B3A856CA6DA3] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [22016]
O44 - LFC:[MD5.6ACD3C75BE449F039E1A4E43424D5B6F] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [28160]
O44 - LFC:[MD5.5A17FF38EDE95B2313E428BF444126D7] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Wow64 Console and Win32 API Logging.) -- C:\Windows\System32\wow64win.dll [362496]
O44 - LFC:[MD5.5EC57AC6DC16CB8A058CA019AA2C188D] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [29184]
O44 - LFC:[MD5.13DE715D959DD502CFD52DC920408B33] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Processus d'exécution client-serveur.) -- C:\Windows\System32\csrsrv.dll [43520]
O44 - LFC:[MD5.1B93381366141875D8EE7EC1085236B9] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Utilitaire de configuration des performance.) -- C:\Windows\System32\diskperf.exe [19456]
O44 - LFC:[MD5.D68690450978D127E030FB14E9B2023B] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Émulation 16 bits sur NT64.) -- C:\Windows\System32\ntvdm64.dll [16384]
O44 - LFC:[MD5.11D5815F0DC571CE3C72213B375860B1] - 04/07/2015 - 15:45:31 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll [50176]
O44 - LFC:[MD5.17A6A9AAD04CCC6EE53290585BFC43AF] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [31232]
O44 - LFC:[MD5.E20BF3FA89DE67B00ED713B5254C0BF0] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Moniteur de performance de la ligne de comm.) -- C:\Windows\System32\typeperf.exe [47104]
O44 - LFC:[MD5.03BA5D20751137F3A705B389C52DB8D6] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Programme de stratégie d’audit.) -- C:\Windows\System32\auditpol.exe [64000]
O44 - LFC:[MD5.858F04B3C39239972959E9EE97CACAE4] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Utilitaire de réenregistrement de Performan.) -- C:\Windows\System32\relog.exe [43008]
O44 - LFC:[MD5.9BBEA639884C0338DD78654277BD188A] - 04/07/2015 - 15:45:33 ---A- . (.Microsoft Corporation - Gestionnaire de sessions Windows.) -- C:\Windows\System32\smss.exe [112640]
O44 - LFC:[MD5.A5F57F4866C2DC7F8215058D7D56BD21] - 04/07/2015 - 15:45:33 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [86528]
O44 - LFC:[MD5.7C5E375F20F639607376351A8BCC0647] - 04/07/2015 - 15:45:34 ---A- . (.Microsoft Corporation - Bibliothèque de chiffrement Windows.) -- C:\Windows\System32\ncrypt.dll [309760]
O44 - LFC:[MD5.A929B9ABA1083AF35ECE7BD63AF3E42F] - 04/07/2015 - 15:45:34 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [136192]
O44 - LFC:[MD5.66DF73B202105406602941778792FE3D] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Bibliothèque de l’application auxiliaire de.) -- C:\Windows\System32\tdh.dll [879104]
O44 - LFC:[MD5.4F90A7A0FCBC0ED18E573917860062FF] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\Windows\System32\sechost.dll [113664]
O44 - LFC:[MD5.AD54856A16B635720B0BE5FAF44526FC] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [210944]
O44 - LFC:[MD5.210E7D1EA34369194BE09493784E27BE] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Utilitaire d’enregistrement des Performance.) -- C:\Windows\System32\logman.exe [104448]
O44 - LFC:[MD5.BF69D973523D539A35807946C6DA7E16] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [95680]
O44 - LFC:[MD5.996EE6571ADB880A60846DD02C8D5869] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [314880]
O44 - LFC:[MD5.37DFCC91E419952772E02F2B3BBB2E2B] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [342016]
O44 - LFC:[MD5.2313AF8D5A9CEB4A55400A01DD311A95] - 04/07/2015 - 15:45:37 ---A- . (.Microsoft Corporation - DLL serveur de Windows multi-utilisateurs.) -- C:\Windows\System32\winsrv.dll [215040]
O44 - LFC:[MD5.16154A6682B1552DEAB953BFA4B8E955] - 04/07/2015 - 15:45:37 ---A- . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe [296960]
O44 - LFC:[MD5.CCB352B939B77B38983DD878C547451F] - 04/07/2015 - 15:45:38 ---A- . (.Microsoft Corporation - Bibliothèque principale de Restauration du.) -- C:\Windows\System32\srcore.dll [503808]
O44 - LFC:[MD5.6703266C1E56157B5965F9AC868A20AC] - 04/07/2015 - 15:45:38 ---A- . (.Microsoft Corporation - Outil de rapport de suivi d’événements.) -- C:\Windows\System32\tracerpt.exe [404992]
O44 - LFC:[MD5.48C30C54194142910FB6B86D308220ED] - 04/07/2015 - 15:45:39 ---A- . (.Microsoft Corporation - Hôte de la fenêtre de la console.) -- C:\Windows\System32\conhost.exe [338432]
O44 - LFC:[MD5.FF9BBFAE899091C1FF0D1A3F2C587911] - 04/07/2015 - 15:45:39 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [243712]
O44 - LFC:[MD5.53042708C242959B3924242FBBE297B1] - 04/07/2015 - 15:45:40 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1728960]
O44 - LFC:[MD5.272C27711C8AA6E7815EE33F8ACA9C66] - 04/07/2015 - 15:45:40 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [155584]
O44 - LFC:[MD5.9E2A2028228645DD57EF45A02CAC0CCE] - 04/07/2015 - 15:45:41 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [5569984]
O44 - LFC:[MD5.4FFD08A01047EF6B58F6EB4E6D001A8D] - 04/07/2015 - 15:45:42 ---A- . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\System32\advapi32.dll [879104]
O44 - LFC:[MD5.93A05407F8E53BC731C42AAD56163F80] - 04/07/2015 - 15:45:43 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1461760]
O44 - LFC:[MD5.6FDF03A3B110C5264F52F979335AE301] - 04/07/2015 - 15:45:44 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\kernel32.dll [1162752]
O44 - LFC:[MD5.8DCA1C70AF170C3FBCE47A4F49BFC887] - 04/07/2015 - 15:45:45 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\KernelBase.dll [424960]
O44 - LFC:[MD5.AA5319FA8602676B5D3A2B4A1355896D] - 04/07/2015 - 15:45:46 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\diagtrack.dll [1255424]
O44 - LFC:[MD5.6ECD6D92F43C2DC55099F892978D5BE7] - 04/07/2015 - 15:45:46 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [728576]
O44 - LFC:[MD5.587BBA3B3959144334700EC48232712F] - 04/07/2015 - 15:46:10 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [227328]
O44 - LFC:[MD5.E87D4371B24BC9E5BAE95AEA60FFD959] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [193536]
O44 - LFC:[MD5.6E2EB5A36C3CCD917F7FF9BED7C1390E] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll [45568]
O44 - LFC:[MD5.6F07FC190DBCB42C8A5319235F72F906] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [423424]
O44 - LFC:[MD5.CFF429F2234C1D1A5993E80F46C37CFB] - 04/07/2015 - 15:46:12 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1119232]
O44 - LFC:[MD5.B23AB4C401E2DE02C47B7497D41E2318] - 04/07/2015 - 15:46:12 ---A- . (.Microsoft Corporation - Inventory Agent.) -- C:\Windows\System32\invagent.dll [757248]
O44 - LFC:[MD5.2DCA988113A02EB9BCB98A5DC2D34E57] - 04/07/2015 - 15:46:13 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [700416]
O44 - LFC:[MD5.52DEF4C743C2EABD6BD3EDC790A0E778] - 04/07/2015 - 15:46:14 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [1021440]
O44 - LFC:[MD5.51ECEE70F33601310DDEF3EEE39550D3] - 04/07/2015 - 15:46:21 ---A- . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.DLL [12625920]
O44 - LFC:[MD5.1A8C5D4BE449E4A9D8667A341E535E22] - 04/07/2015 - 15:46:25 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\dxmasf.dll [5120]
O44 - LFC:[MD5.1A8C5D4BE449E4A9D8667A341E535E22] - 04/07/2015 - 15:46:25 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\msdxm.ocx [5120]
O44 - LFC:[MD5.834FD7C31EA16D59CC3B2DC60F2F2620] - 04/07/2015 - 15:46:26 ---A- . (.Microsoft Corporation - Windows Media Player System Preparation DLL.) -- C:\Windows\System32\spwmp.dll [9728]
O44 - LFC:[MD5.9D80A82B0BB77AC3EF6A87FA0C534E20] - 04/07/2015 - 15:46:31 ---A- . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\System32\wmp.dll [14635008]
O44 - LFC:[MD5.51F89CE2D0FEC66070354504E6C4C3E4] - 04/07/2015 - 15:46:44 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\System32\comctl32.dll [633856]
O44 - LFC:[MD5.1EE2DBA5AD2E5EB618C7FB187C2CFDF4] - 04/07/2015 - 15:46:46 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3206144]
O44 - LFC:[MD5.AD6BE9946C8E44097EAECFAA4DED663F] - 05/07/2015 - 01:58:28 ---A- . (.VoiceFive, Inc. - PremierOpinion.) -- C:\Windows\System32\pmls64.dll [974648] =>Adware.PremierOpinion
O44 - LFC:[MD5.8E8E66D376776BC541E3179D2F5EAF76] - 05/07/2015 - 02:56:26 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [140135120]
O44 - LFC:[MD5.DF7C79C1FFFBBE3D4BEC2BA7FF8A8AB1] - 05/07/2015 - 11:08:23 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [300704]
O44 - LFC:[MD5.A6D70C86EB0D4EB7AD0CED21D50B5CB8] - 05/07/2015 - 11:55:39 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [326080]
O44 - LFC:[MD5.23B58DEF11B45727D3351702515F86AF] - 05/07/2015 - 23:24:09 ---A- . (...) -- C:\END [2]
O44 - LFC:[MD5.3B4AC2DBFC86F7247C1FF1FAF2860530] - 06/07/2015 - 00:13:41 ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1047320]
O44 - LFC:[MD5.2169B4B1EFAA3453A4DA732F1F94C1E1] - 06/07/2015 - 00:14:08 ---A- . (.Avast Software s.r.o. - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43112]
O44 - LFC:[MD5.6D37D8DB30D086739507C5F6E542656A] - 06/07/2015 - 00:14:20 ---A- . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93528]
O44 - LFC:[MD5.B5B4C90E9F52DA8586F1E5461AD90A5D] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29168]
O44 - LFC:[MD5.07E32DFCA422A2920482D762D01957EC] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65736]
O44 - LFC:[MD5.91782404718C6352C26B3242BAC3F0F1] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [272248]
O44 - LFC:[MD5.300CB8E510855189CAD0B72FFB5590CB] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [89944]
O44 - LFC:[MD5.B1368BE5F6BA529E0886F4DA2361BD2D] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [442264]
O44 - LFC:[MD5.9CA2FDD44F7C1F8AC1652F6C2638CFED] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [364472]
O44 - LFC:[MD5.6E53278ECCFFBC2ACC2A5006745ED4BB] - 06/07/2015 - 00:14:22 ---A- . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [137288]
O44 - LFC:[MD5.16C8C539480B87F7B688CCBB9E5A2D2B] - 06/07/2015 - 21:47:11 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1669584]
O44 - LFC:[MD5.051349D4AE8AA7143C2A4D19A978B29A] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122336]
O44 - LFC:[MD5.439B5F14EA1AA2F047247FE5D5FA44F5] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150386]
O44 - LFC:[MD5.301CED7D149ACAB51F7C864F1EB93A78] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654464]
O44 - LFC:[MD5.EB65F0E8375F2E6444542A52A3F04199] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747894]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/07/2015 - 15:42:06 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.81A2A421E6D7B43AA9E87A5FCB5730C3] - 07/07/2015 - 16:56:48 ---A- . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [449896]
O44 - LFC:[MD5.2EF62E6F46345480A2946AA7D7EB28F5] - 07/07/2015 - 16:58:02 ---A- . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28144]
O44 - LFC:[MD5.50A4B0C0690E8CB925745FE353CF1E1A] - 07/07/2015 - 23:28:59 ---A- . (...) -- C:\Windows\Reimage.ini [99] =>Rogue.ReimageRepair
O44 - LFC:[MD5.1511A529C9637026C6AFD549743AC216] - 08/07/2015 - 11:37:55 ---A- . (...) -- C:\Windows\PFRO.log [36218]
O44 - LFC:[MD5.973F4621458C4E96473809100C2194FF] - 08/07/2015 - 11:38:12 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.E570239983AA75E89B105CE43F92F21F] - 08/07/2015 - 11:38:30 ---A- . (...) -- C:\Windows\setupact.log [448]
O44 - LFC:[MD5.A90FD9C575D9E676D4F701EA25382643] - 08/07/2015 - 12:19:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1644065]
~ Files: 148 Scanned in 02mn 42s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.4F864E3BD271C369118FC357A20092E4] - 17/10/2013 - 19:36:21 ---A- - C:\Windows\Prefetch\BABMAINT.EXE-E1567F24.pf =>Hijacker.BabSolution
O45 - LFCP:[MD5.B17D780DD273E696F5A11938DD139422] - 03/10/2013 - 18:59:03 ---A- - C:\Windows\Prefetch\SEARCHGOL.EXE-D910FB8B.pf =>Hijacker.SearchGol
O45 - LFCP:[MD5.093790E61C9BFEB6B482A5040D090BD6] - 19/01/2014 - 16:42:15 ---A- - C:\Windows\Prefetch\WAJAMUPDATER.EXE-D7CB9704.pf =>PUP.Wajam
O45 - LFCP:[MD5.EC8234AFE812DB604113CD1F901D4D79] - 03/10/2013 - 18:58:59 ---A- - C:\Windows\Prefetch\WAJAM_DOWNLOAD.EXE-3FCF235A.pf =>PUP.Wajam
O45 - LFCP:[MD5.5DE2A757F851EE8E4EDAE900FE13F360] - 03/10/2013 - 18:59:13 ---A- - C:\Windows\Prefetch\WAJAM_INSTALL.EXE-E50D6A22.pf =>PUP.Wajam
O45 - LFCP:[MD5.C797E7C97BEB506248C4271F692E03DF] - 03/10/2013 - 18:58:05 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-D6F47989.pf =>PUP.Wajam
~ Prefetcher: 6 Scanned in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.DigitalPersona, Inc. - Password Filter.) -- C:\Windows\System32\DPPassFilter.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Notification Packages . (.Broadcom Corporation. - BtwProximityCP DLL.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 11 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
~ CSB: 15 Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{250014d2-6bbd-11e3-9e54-9c2a70d1f532}\AutoRun\command. (...) -- E:\iStudio.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\System32\xvidvfw.dll
~ TDSD: 6 Scanned in 00mn 01s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\CrashMon [Key] . (...) -- C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe (.not file.) =>PUP.Salus
O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O53 - SMSR:HKLM\...\startupreg\gmsd_fr_002020021 [Key] . (...) -- C:\Program Files (x86)\gmsd_fr_002020021\gmsd_fr_002020021.exe (.not file.) =>PUP.CrossRider
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O53 - SMSR:HKLM\...\startupreg\Salus CrashMon [Key] . (...) -- C:\Program Files (x86)\f552dd4c52e3\a7d12b5975b4.exe (.not file.) =>PUP.Salus
O53 - SMSR:HKLM\...\startupreg\shopperz [Key] . (...) -- C:\Program Files\shopperz\Suarez.exe (.not file.) =>PUP.Shopperz
O53 - SMSR:HKLM\...\startupreg\shopperz64 [Key] . (...) -- C:\Program Files\shopperz\Suarez64.exe (.not file.) =>PUP.Shopperz
~ SMSR Keys: 7 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 17 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 4 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13/12/2010 - 15:34:14 ---A- . (.ST Microelectronics - Accelerometer Port I/O.) -- C:\Windows\System32\Drivers\Accelern.sys [27760]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:12/12/2011 - 09:33:36 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [195072]
O58 - SDL:24/01/2012 - 14:01:40 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys [416592]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29168] =>.ALWIL Software
O58 - SDL:07/07/2015 - 16:58:02 ---A- . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28144]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [89944]
O58 - SDL:07/07/2015 - 16:56:48 ---A- . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [449896]
O58 - SDL:06/07/2015 - 00:14:20 ---A- . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93528]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65736] =>.ALWIL Software
O58 - SDL:06/07/2015 - 00:13:41 ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1047320]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [442264]
O58 - SDL:06/07/2015 - 00:14:22 ---A- . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [137288]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [272248] =>.ALWIL Software
O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\AthDfu.sys [52352]
O58 - SDL:24/10/2012 - 17:31:18 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [3802112]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:27/04/2012 - 11:08:32 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\Drivers\bcbtums.sys [138280]
O58 - SDL:27/05/2013 - 20:42:43 ---A- . (.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Proxy Protocol Driver.) -- C:\Windows\System32\Drivers\bcm42rly.sys [22632]
O58 - SDL:27/04/2012 - 11:09:30 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Virtual Wireless Driver.) -- C:\Windows\System32\Drivers\bcmvwl64.sys [21568]
O58 - SDL:27/04/2012 - 11:09:34 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS [5443648]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [341120]
O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Atheros - Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\Drivers\btath_avdt.sys [111232]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [30848]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [36480]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [168064]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [68736]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [281728]
O58 - SDL:16/10/2012 - 10:19:58 ---A- . (.Atheros - BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [551040]
O58 - SDL:15/11/2011 - 00:13:00 ---A- . (.Intel Corporation - Bluetooth HighSpeed Filter Driver.) -- C:\Windows\System32\Drivers\btmhsf.sys [327168]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\System32\Drivers\btwampfl.sys [615464]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\Drivers\btwaudio.sys [184872]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\Drivers\btwavdt.sys [210984]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\Drivers\btwl2cap.sys [39976]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\Drivers\btwrchid.sys [21544]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:10/06/2011 - 20:04:38 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys [1591936]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:05/04/2012 - 12:34:42 ---A- . (.Cirrus Logic - Hdaudio.sys Customization Filter.) -- C:\Windows\System32\Drivers\CSLFDx64.sys [35328]
O58 - SDL:05/04/2012 - 12:34:42 ---A- . (.Cirrus Logic - Hdaudio.sys Customization Filter.) -- C:\Windows\System32\Drivers\CSUFDx64.sys [8704]
O58 - SDL:28/05/2009 - 16:49:00 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\Windows\System32\Drivers\CtAudDrv.sys [224768]
O58 - SDL:20/01/2011 - 17:20:46 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\Windows\System32\Drivers\CtClsFlt.sys [176096]
O58 - SDL:11/11/2010 - 13:14:52 ---A- . (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) -- C:\Windows\System32\Drivers\diskperf64.sys [17512]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:03/10/2012 - 16:14:56 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:10/11/2011 - 00:04:14 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [60184]
O58 - SDL:21/11/2010 - 04:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:01/02/2012 - 15:16:40 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys [568600]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:09/12/2011 - 18:45:00 ---A- . (.Intel Corporation - Intel(R) Centrino(R) Wireless (Bluetooth Adapter) Driver.) -- C:\Windows\System32\Drivers\iBtFltCoex.sys [60416]
O58 - SDL:26/03/2012 - 18:09:54 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [14748416]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:10/04/2015 - 20:56:56 ---A- . (.Infonaut - Infonaut Driver x64.) -- C:\Windows\System32\Drivers\innfd_1_10_0_14.sys [58224] =>PUP.Infonaut
O58 - SDL:06/12/2011 - 03:23:08 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [331264]
O58 - SDL:28/03/2012 - 09:21:26 ---A- . (.Intel Corporation - Intel(R) Rapid Start Technology Driver.) -- C:\Windows\System32\Drivers\irstrtdv.sys [26504]
O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) -- C:\Windows\System32\Drivers\iusb3hcs.sys [16152]
O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\Drivers\iusb3hub.sys [356120]
O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) -- C:\Windows\System32\Drivers\iusb3xhc.sys [788760]
O58 - SDL:23/12/2011 - 16:53:10 ---A- . (.Atheros Communications, Inc. - Atheros Ar81xx series PCI-E Gigabit Ethernet Controller.) -- C:\Windows\System32\Drivers\L1C62x64.sys [104048]
O58 - SDL:16/10/2012 - 10:19:44 ---A- . (.Atheros - Bluetooth Low Engergy Hid Driver.) -- C:\Windows\System32\Drivers\leath_hid.sys [36608]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:12/12/2011 - 14:19:16 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwNs64.sys [8616448]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:27/05/2013 - 20:42:43 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:10/06/2011 - 05:34:52 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [539240]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:12/04/2012 - 16:37:08 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [24848]
O58 - SDL:12/04/2012 - 16:37:10 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [24848]
O58 - SDL:15/07/2011 - 20:31:22 ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\Windows\System32\Drivers\stdcfltn.sys [22128]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:03/01/2012 - 15:04:52 ---A- . (.STMicroelectronics - STM Accelerometer Device Driver.) -- C:\Windows\System32\Drivers\ST_ACCEL.sys [67184]
O58 - SDL:12/04/2012 - 16:37:12 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [425232]
O58 - SDL:20/07/2011 - 23:21:50 ---A- . (.Texas Instruments Incorporated - TI USB3 Hub Driver.) -- C:\Windows\System32\Drivers\tihub3.sys [136000]
O58 - SDL:20/07/2011 - 23:21:50 ---A- . (.Texas Instruments Incorporated - TI XHCI Host Controller Driver.) -- C:\Windows\System32\Drivers\tixhci.sys [406336]
O58 - SDL:10/06/2015 - 22:08:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:14/10/2014 - 22:46:46 ---A- . (.Word Proser - Word Proser Driver x64.) -- C:\Windows\System32\Drivers\wpnfd_1_10_0_1.sys [58240] =>PUP.WordProser
O58 - SDL:24/10/2012 - 17:31:18 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [3802112]
~ Drivers: 106 Scanned in 00mn 10s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 04/07/2015 - 13:37:02 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Chromium\Application\45.0.2441.0\Installer\uninstall.exe [902144]
O61 - LFC: 04/07/2015 - 13:37:02 ---A- . (.The Chromium Authors.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\Application\45.0.2441.0\Installer\setup.exe [934912]
O61 - LFC: 04/07/2015 - 13:37:04 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ChromeApproveTBPlugin.dll [117024]
O61 - LFC: 04/07/2015 - 13:37:04 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ChromeAutoApproveTB.dll [155936]
O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\TBVerifier.dll [287008] =>Toolbar.Conduit
O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ConduitChromeApiPlugin.dll [858400]
O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\np-cwmp.dll [68896]
O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\np-mswmp.dll [163256]
O61 - LFC: 04/07/2015 - 13:37:06 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\Search\plugins\npConduitNewTabPlugin.dll [62240] =>Toolbar.Conduit
O61 - LFC: 04/07/2015 - 13:38:49 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Setup12209574\Sqlite3.dll [599419]
O61 - LFC: 04/07/2015 - 13:39:23 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\itdownload.dll [205312]
O61 - LFC: 04/07/2015 - 13:41:32 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\g3dLhln\LibDownloadManagement.dll [5120] =>Adware.Pirrit
O61 - LFC: 05/07/2015 - 13:37:09 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 05/07/2015 - 13:41:26 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\C94WpYy\LibDownloadManagement.dll [5120] =>Adware.Pirrit
O61 - LFC: 05/07/2015 - 13:41:28 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp\encecal.dll [140800]
O61 - LFC: 05/07/2015 - 13:41:28 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp\ticyver.dll [168960]
O61 - LFC: 05/07/2015 - 13:42:07 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\yMRVGuQ\LibDownloadManagement.dll [5120] =>Adware.Pirrit
O61 - LFC: 05/07/2015 - 13:42:13 ---A- . (.Avast Software s.r.o..) -- D:\Utilisateurs\célia\Downloads\avast_free_antivirus_setup_online_01net.exe [5481336]
O61 - LFC: 05/07/2015 - 13:44:15 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetupFull.exe [40430720]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ChromeApproveTBPlugin.dll [117024]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ChromeAutoApproveTB.dll [155936]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ConduitChromeApiPlugin.dll [858400]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\np-cwmp.dll [68896]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\np-mswmp.dll [163256]
O61 - LFC: 07/07/2015 - 13:37:39 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\Search\plugins\npConduitNewTabPlugin.dll [62240] =>Toolbar.Conduit
O61 - LFC: 07/07/2015 - 13:37:39 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\TBVerifier.dll [287008] =>Toolbar.Conduit
O61 - LFC: 07/07/2015 - 13:37:43 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 07/07/2015 - 13:37:52 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe [1068696]
O61 - LFC: 07/07/2015 - 13:37:53 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BSvcUpdater.exe [169104]
O61 - LFC: 07/07/2015 - 13:37:54 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\DefaultSetup\sqlite3.dll [362029]
O61 - LFC: 07/07/2015 - 13:37:54 ---A- . (.© 2013 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe [2649752]
O61 - LFC: 07/07/2015 - 13:37:55 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0]
O61 - LFC: 07/07/2015 - 13:39:22 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\BSvcProcessor.exe [1068696]
O61 - LFC: 07/07/2015 - 13:39:22 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\BSvcUpdater.exe [169104]
O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\Outbrowse_Bundle.exe [0]
O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-BNC5E.tmp\cmd.bat [85]
O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\_isetup\_shfoldr.dll [23312]
O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-BNC5E.tmp\_isetup\_shfoldr.dll [23312]
O61 - LFC: 07/07/2015 - 13:39:31 ---A- . (.M-GPlayer.) -- D:\Utilisateurs\célia\AppData\Local\Temp\n9586\gusetup_pub.exe [7097528]
O61 - LFC: 07/07/2015 - 13:39:47 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr25.bin [24]
O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\hljorppg\encecal.dll [140800]
O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\hljorppg\ticyver.dll [168960]
O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\jkzhqxzt\encecal.dll [140800]
O61 - LFC: 07/07/2015 - 13:41:34 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy\encecal.dll [140800]
O61 - LFC: 07/07/2015 - 13:41:34 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy\ticyver.dll [168960]
O61 - LFC: 07/07/2015 - 13:42:29 ---A- . (.Google Inc..) -- D:\Utilisateurs\célia\Downloads\ChromeSetup.exe [931408]
O61 - LFC: 07/07/2015 - 13:43:17 ---A- . (.Reimage®.) -- D:\Utilisateurs\célia\Downloads\ReimageRepair (1).exe [772016] =>Rogue.ReimageRepair
O61 - LFC: 07/07/2015 - 13:43:28 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetup (1).exe [1384576]
O61 - LFC: 07/07/2015 - 13:43:30 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetup.exe [1384576]
O61 - LFC: 08/07/2015 - 13:37:29 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Crossbrowse\Crossbrowse\User Data\nacl_validation_cache.bin [128] =>PUP.CrossBrowser
O61 - LFC: 08/07/2015 - 13:42:10 ---A- . (...) -- D:\Utilisateurs\célia\Desktop\cacaoweb.exe [532784] =>PUP.CacaoWeb
~ 75 Fichiers temporaires (Temporary files)
~ 322 Fichiers cookies (Cookies files)
~ Files: 51 Scanned in 07mn 42s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 07/07/2015 - C:\Windows\System32\DRIVERS\aswNdisFlt.sys (aswNdisFlt) .(.Avast Software s.r.o. - avast! Filtering NDIS driver.) - LEGACY_ASWNDISFLT
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.Avast Software s.r.o. - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 06/07/2015 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.Avast Software s.r.o. - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.Avast Software s.r.o. - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.Avast Software s.r.o. - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 06/07/2015 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 27/05/2013 - C:\Windows\System32\drivers\BCM42RLY.sys (BCM42RLY) .(.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Pr.) - LEGACY_BCM42RLY
O64 - Services: CurCS - 10/04/2015 - C:\Windows\System32\drivers\innfd_1_10_0_14.sys (innfd_1_10_0_14) .(.Infonaut - Infonaut Driver x64.) - LEGACY_INNFD_1_10_0_14 =>PUP.Infonaut
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/10/2014 - C:\Windows\System32\drivers\wpnfd_1_10_0_1.sys (wpnfd_1_10_0_1) .(.Word Proser - Word Proser Driver x64.) - LEGACY_WPNFD_1_10_0_1 =>PUP.WordProser
~ Legacy: 88 Scanned in 00mn 03s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("CT3241952.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3241952&SearchSource=2&q=");
O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.delta_i.babTrack", "affID=120700&tsp=5029");
O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.crossrider.bic", "1419918217a0c77c1984d7fa9bb7f732"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Astromenda) - http://www.oursurfing.com =>PUP.Astromenda
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {24611EB1-2B5E-4065-8B0F-3A499898EF7A} - (WhiteSmoke New V6 Customized Web Search) - http://www.oursurfing.com =>PUP.WhiteSmoke
O69 - SBI: SearchScopes [HKCU] {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} - () - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Cassiopesa) - http://www.cassiopessa.com
O69 - SBI: SearchScopes [HKCU] {483830EE-A4CD-4b71-B0A3-3D82E62A6909} - () - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {5B9843CD-BEC6-05E7-8AB2-3891FF74046C} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {9143e921-7c9a-4d27-ac43-eaccc78cc55a} - (istartsurf) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} - (Amazon) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.oursurfing.com =>Hijacker.OurSurfing
~ Keys: Scanned in 00mn 00s
---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2553856]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 03s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.AF82D7FAD38E49DDA65ECE4F87B2C95B] [SPRF][28/07/2014] (...) -- C:\ProgramData\uninstall_Deeal.exe [431104] =>PUP.DeealFr
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\4oWR9qYkY63.exe [1579520]
[MD5.767B13F54357A9BF53EAA2392C664665] [SPRF][07/07/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr25.bin [24]
[MD5.4BE82EB7925A65C354655F35845528C5] [SPRF][17/05/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr3.bin [20]
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\e4B8MC7fGSvdgS.exe [1579520]
[MD5.775F47E28C96739D0B81DF8A46116EFB] [SPRF][08/07/2015] (...) -- D:\Utilisateurs\célia\Desktop\cacaoweb.exe [532784] =>PUP.CacaoWeb
~ Files: 6 Scanned in 00mn 06s
---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 24/05/2015 - 03:59:37 - [] ----D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
O43 - CFD: 06/07/2015 - 02:04:51 - [0] ----D C:\ProgramData\6c54da2e97bd4bf69fea341a446a9746
O43 - CFD: 24/05/2015 - 21:30:13 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 06/07/2015 - 02:04:49 - [0] ----D C:\ProgramData\dc9def169e834b19aff83090e5e3337a
~ Files: Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{690310D7-EA92-4A80-B01C-B855168501D7}" | In - None - P17 - TRUE | .(.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
~ Firewall: 1 Scanned in 00mn 15s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "DF42B2AC01EE9B240B94AA0862E8E712" . (.Boxore Client.) -- C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico =>Adware.Boxore
~ Update Products: 1 Scanned in 00mn 00s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb"
[HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\5c55da8cbc3ab845]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\5c55da8cbc3ab845]:showagain="p/2lTJU4olIuro52tJurFmjRNz33u7Fj1NwGCbkzNke6o3V1OPj3+TJ2Nrg="
[HKCU\Software\5c55da8cbc3ab845]:usrcheckbox="1"
[HKCU\Software\5c55da8cbc3ab845]:version="2.6.1694.246"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:showagain="p/2lTJU4olIuro52tJurFmjRNz33u7Fj1NwGCbkzNke6o3V1OPj3+TJ2Nrg="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:usrcheckbox="1"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:version="2.6.1694.246"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:060df2cd="GlAu/YP/c/Au/YZ/GxAp/YZ/GP/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:1c311243="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:51d2f2ea="K/Au/YZ/aPAp/X2/cPAg/WV/c/Ay/XZ/a/Au////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:65114b36="VP/l////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c24899a6="VP/g/CV/Vl/2/Cx////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:d94388d2="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:fe94ce1e="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:060df2cd="GlAu/YP/c/Au/YZ/GxAp/YZ/GP/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:1c311243="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:51d2f2ea="K/Af/Xt/aPAM/X6/G/A+/Xl/GP////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:65114b36="VP/l////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c24899a6="Vl/3/CJ/MP/g/CZ////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:d94388d2="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:fe94ce1e="V/////%%"
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.77C2FD47FBD0F2284B64AB6E40397BFA] [WIS][12/11/2013] (.KalityWeb - WebAdSystem.) -- C:\Windows\Installer\572f60.msi [1126400] =>Adware.WebAdSystem
~ WIS: 1 Scanned in 00mn 07s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASAPI32 =>PUP.SafeGuard
HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASMANCS =>PUP.SafeGuard
HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASAPI32 =>Hijacker.Eazel
HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASMANCS =>Hijacker.Eazel
HKLM\SOFTWARE\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus
HKLM\SOFTWARE\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32 =>PUP.Activeris
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS =>PUP.Activeris
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>Hijacker.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>Hijacker.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASAPI32 =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASMANCS =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBatBrowse_RASAPI32 =>PUP.BatBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBatBrowse_RASMANCS =>PUP.BatBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASAPI32 =>PUP.LinkSwift
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASMANCS =>PUP.LinkSwift
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASAPI32 =>PUP.BatBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASMANCS =>PUP.BatBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz16_RASAPI32 =>PUP.Duuqu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz16_RASMANCS =>PUP.Duuqu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_2506-8ea7fd25_RASAPI32 =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_2506-8ea7fd25_RASMANCS =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_download_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_download_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASMANCS =>PUP.Wajam
~ BTK: 249 Scanned in 00mn 01s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{22222222-2222-2222-2222-220422892226}] (CrossriderApp0048926.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}] (Value Apps plugin) =>Toolbar.Conduit
[HKCR\CLSID\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}] (WordProser) =>PUP.WordProser
~ BCK: 4503 Scanned in 00mn 25s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 07/07/2015 268976 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 04/04/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 06/03/2015 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 29/05/2015 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/10/2012 219776 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 06/07/2015 343336 | (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 07/07/2015 107448 | (avast! Firewall) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 05/03/2012 952608 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 09/08/2011 200832 | (CxAudMsg) . (.Conexant Systems Inc..) - C:\Windows\system32\CxAudMsg64.exe
SR - | Auto 12/10/2011 109184 | (CxUtilSvc) . (.Conexant Systems, Inc..) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
SR - | Auto 29/12/2010 440144 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
SR - | Auto 01/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 10/04/2015 278600 | (insvc_1.10.0.14) . (.Infonaut.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
SR - | Auto 10/01/2012 627936 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 29/06/2015 644904 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 27/03/2012 193536 | (irstrtsv) . (.Intel Corporation.) - C:\windows\SysWOW64\irstrtsv.exe
SR - | Auto 20/01/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 20/01/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 04/03/2015 213816 | (PremierOpinion) . (.VoiceFive, Inc..) - C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion
SR - | Auto 24/05/2015 305664 | (rikejehy) . (...) - D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp
SR - | Auto 08/07/2015 648416 | (Service Mgr OnStage) . (...) - C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe
SR - | Auto 20/01/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 08/07/2015 572640 | (Update Mgr OnStage) . (...) - C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe
SR - | Auto 23/08/2011 3175728 | (vcsFPService) . (.Validity Sensors, Inc..) - C:\Windows\system32\vcsFPService.exe
SR - | Auto 27/05/2013 48128 | (wltrysvc) . (.Dell Inc..) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/10/2012 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: Scanned in 00mn 35s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by célia at 08/07/2015 13:48:15
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/05/2015)
Clés trouvées (Keys found) : 294
Valeurs trouvées (Values found) : 7
Dossiers trouvés (Folders found) : 108
Fichiers trouvés (Files found) : 288
[HKLM\SYSTEM\CurrentControlSet\Services\insvc_1.10.0.14] =>PUP.Infonaut^
[HKLM\SYSTEM\CurrentControlSet\Services\PremierOpinion] =>Adware.PremierOpinion^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV28.05] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Deeal] =>PUP.DeealFr^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoHD] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HQuality-v3V19.10] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins] =>PUP.IePluginService^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Infonaut_1.10.0.14] =>PUP.Infonaut^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{065A5BE9-CE42-475C-BD62-52B229D24AB5}] =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ab0da7b3-e6dd-492c-951e-44f70b9225b4}] =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchs] =>PUP.PaybyAds^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer] =>Adware.NewPlayer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd] =>PUP.NetworkSystemDriver^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3f700348-270d-469b-b073-4a14e4a79189}] =>PUP.PassWidget^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}] =>Adware.PremierOpinion^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}] =>PUP.PriceDownloader^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7540FDBD-7FDC-30AE-3778-815CB87DBE46}] =>PUP.RandomName^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smarts8] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SupTab] =>PUP.SupTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{4284830a}] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E370F69F-ED3F-925F-31FC-14D1329A713B}] =>PUP.TicTaCoupon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f0e9047b}] =>Adware.Graftor^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4c13db17-a811-442c-9a1b-a92b65dca879}] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF59773E-3245-46A3-B418-DD84AB6C3C50}] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindeskWinsearch] =>PUP.WindeskWinsearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinServices] =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall] =>Hijacker.OurSurfing^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\CrashMon] =>PUP.Salus^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_fr_002020021] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] =>PUP.Mobogenie^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Salus CrashMon] =>PUP.Salus^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\shopperz] =>PUP.Shopperz^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\shopperz64] =>PUP.Shopperz^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep
[HKLM\Software\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep
[HKLM\Software\Wow6432Node\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep
[HKLM\Software\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru
[HKLM\Software\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru
[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>PUP.Wajam
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>PUP.Conduit
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\KalityWeb] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\KalityWeb] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>PUP.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>PUP.Conduit
[HKCU\Software\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Classes\ScriptHost.Tool.1] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHost.Tool] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\AddonsFramework.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ButtonSite.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ScriptHost.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SoftwareUpdater] =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater] =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\delta-homesSoftware] =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\CrossriderApp0044150.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0044150.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0044150.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0044150.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422892226}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151146}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151152}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422892226}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Windesk Winsearch =>PUP.WindeskWinsearch^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^
C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05 =>PUP.CrossRider^
C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser^
C:\Program Files (x86)\deaal4reala =>PUP.Deal4reaL^
C:\Program Files (x86)\DealsFuInndeRProo =>PUP.DealsFinderPro^
C:\Program Files (x86)\DeaolsFiNderPro =>PUP.DealsFinderPro^
C:\Program Files (x86)\DeeaLsFinDErPro =>PUP.DealsFinderPro^
C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate^
C:\Program Files (x86)\gmsd_fr_002020023 =>PUP.CrossRider^
C:\Program Files (x86)\gmsd_fr_005010016 =>PUP.CrossRider^
C:\Program Files (x86)\GoHD =>PUP.CrossRider^
C:\Program Files (x86)\greattsAVieng =>PUP.GreatSaving^
C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches^
C:\Program Files (x86)\HQuality-v3V19.10 =>PUP.CrossRider^
C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\NewPlayer =>Adware.NewPlayer^
C:\Program Files (x86)\Pass-Widget =>PUP.PassWidget^
C:\Program Files (x86)\predm =>Adware.Downware^
C:\Program Files (x86)\PremierOpinion =>Adware.PremierOpinion^
C:\Program Files (x86)\Premium Software =>Trojan.Tivmonk^
C:\Program Files (x86)\PriceDowineloader =>PUP.PriceDownloader^
C:\Program Files (x86)\PriCeDoWnloADer =>PUP.PriceDownloader^
C:\Program Files (x86)\Priceless =>PUP.PriceLess^
C:\Program Files (x86)\Probit Software =>PUP.ProbitSoftware^
C:\Program Files (x86)\PrriCeDownaloaderr =>PUP.PriceDownloader^
C:\Program Files (x86)\SaoftoCeoup =>PUP.RandomName^
C:\Program Files (x86)\savInshop =>PUP.SavinShop^
C:\Program Files (x86)\sHoepndrop =>PUP.ShopDrop^
C:\Program Files (x86)\SofftCuoup =>PUP.RandomName^
C:\Program Files (x86)\SoftCoupe =>PUP.RandomName^
C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\Program Files (x86)\WebAdSystem =>Adware.WebAdSystem^
C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch^
C:\Program Files (x86)\winservice86 =>PUP.CrossRider^
C:\Program Files (x86)\WordProser_1.10.0.1 =>PUP.WordProser^
C:\ProgramData\Activeris =>PUP.Activeris^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\FlashBeat =>PUP.FlashBeat^
C:\ProgramData\IePluginService =>PUP.IePluginService^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\IHProtectUpDate =>Adware.AgentODR^
C:\ProgramData\LolliScan =>Adware.Graftor^
C:\ProgramData\Registry Helper =>PUP.RegistryHelper^
C:\ProgramData\SaveSenseLive =>PUP.CrossRider^
C:\ProgramData\TicTaCoupon =>PUP.TicTaCoupon^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\WPM =>PUP.WpManager^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware =>PUP.Activeris^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector =>PUP.AdvancedSystemProtector^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer =>PUP.FastPlayer^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer =>Adware.NewPlayer^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max =>PUP.OptimizerEliteMax^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip =>PUP.PepperZip^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion =>Adware.PremierOpinion^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Software =>Trojan.Tivmonk^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeGuard =>PUP.SafeGuard^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch^
D:\Utilisateurs\célia\AppData\Roaming\Activeris =>PUP.Activeris^
D:\Utilisateurs\célia\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^
D:\Utilisateurs\célia\AppData\Roaming\Astromenda =>PUP.Astromenda^
D:\Utilisateurs\célia\AppData\Roaming\cacaoweb =>PUP.CacaoWeb^
D:\Utilisateurs\célia\AppData\Roaming\Dealply =>PUP.DealPly^
D:\Utilisateurs\célia\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
D:\Utilisateurs\célia\AppData\Roaming\Nosibay =>PUP.BubbleDock^
D:\Utilisateurs\célia\AppData\Roaming\oursurfing =>Hijacker.OurSurfing^
D:\Utilisateurs\célia\AppData\Roaming\Pro PC Cleaner =>PUP.DoctorPC^
D:\Utilisateurs\célia\AppData\Roaming\SupTab =>PUP.SupTab^
D:\Utilisateurs\célia\AppData\Roaming\winservices =>Trojan.Inject.RRE^
D:\Utilisateurs\célia\AppData\Local\Alerts_LLC =>PUP.AlertsLLC^
D:\Utilisateurs\célia\AppData\Local\Astromenda =>PUP.Astromenda^
D:\Utilisateurs\célia\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals^
D:\Utilisateurs\célia\AppData\Local\Crossbrowse =>PUP.CrossBrowser^
D:\Utilisateurs\célia\AppData\Local\DealPlyLive =>PUP.DealPly^
D:\Utilisateurs\célia\AppData\Local\Duuqu =>PUP.Duuqu^
D:\Utilisateurs\célia\AppData\Local\genienext =>PUP.NextLive^
D:\Utilisateurs\célia\AppData\Local\globalUpdate =>PUP.GlobalUpdate^
D:\Utilisateurs\célia\AppData\Local\gmsd_fr_002020023 =>PUP.CrossRider^
D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010016 =>PUP.CrossRider^
D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010022 =>PUP.CrossRider^
D:\Utilisateurs\célia\AppData\Local\KalityWeb =>Adware.WebAdSystem^
D:\Utilisateurs\célia\AppData\Local\Mobogenie =>PUP.Mobogenie^
D:\Utilisateurs\célia\AppData\Local\MySearchs =>Adware.MyWebSearch^
D:\Utilisateurs\célia\AppData\Local\newplayer =>Adware.NewPlayer^
D:\Utilisateurs\célia\AppData\Local\SafeGuard =>PUP.SafeGuard^
D:\Utilisateurs\célia\AppData\Local\SaveSenseLive =>PUP.CrossRider^
D:\Utilisateurs\célia\AppData\Local\SearchProtect =>PUP.SearchProtect^
D:\Utilisateurs\célia\AppData\Local\Smartbar =>Hijacker.SmartBar^
D:\Utilisateurs\célia\AppData\Local\SmartWeb =>PUP.SmartWeb^
D:\Utilisateurs\célia\AppData\Local\speed browser =>PUP.SpeedBrowser^
D:\Utilisateurs\célia\AppData\Local\SwvUpdater =>PUP.Software.Updater^
D:\Utilisateurs\célia\AppData\Local\WebBar =>PUP.WebBar^
D:\Utilisateurs\célia\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\ProgramData\Conduit =>PUP.Conduit
D:\Utilisateurs\célia\AppData\Local\Conduit =>PUP.Conduit
D:\Utilisateurs\célia\AppData\LocalLow\Conduit =>PUP.Conduit
D:\Utilisateurs\célia\AppData\LocalLow\PriceGong =>Adware.PriceGong
D:\Utilisateurs\célia\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
D:\Utilisateurs\célia\AppData\LocalLow\mixidj =>Adware.SmileyBar
D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle =>Adware.RelevantKnowledge
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\Smartbar =>Hijacker.SmartBar
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\bprotector_extensions.sqlite =>PUP.BProtector
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\bprotector_prefs.js =>PUP.BProtector
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\SearchPlugins\conduit.xml =>PUP.Conduit
C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector^
C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris^
D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut^
C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion^
C:\Program Files (x86)\Software\Update\Install\{8EA45EE8-4913-4878-839F-B9A1D271FF1F}\SoftwareUpdateSetup.exe =>Adware.Boxore^
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\Extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7 =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-6.job =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 =>PUP.CrossRider^
C:\Windows\Tasks\a5fc5ff8-db73-4aeb-b3a8-fd2e231b21ff-4.job =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4 =>PUP.CrossRider^
C:\Windows\Tasks\bench-sys.job =>PUP.GiganticSavings^
C:\Windows\System32\Tasks\bench-sys =>PUP.GiganticSavings^
C:\Windows\Tasks\bench-Updater removing.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\bench-Updater removing =>PUP.CrossRider^
C:\Windows\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^
C:\Windows\Tasks\DigitalSite.job =>Hijacker.DSite^
C:\Windows\System32\Tasks\DigitalSite =>Hijacker.DSite^
C:\Windows\Tasks\media enhance-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\media enhance-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\media enhance-codedownloader.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\media enhance-codedownloader =>PUP.CrossRider^
C:\Windows\Tasks\media enhance-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\media enhance-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\media enhance-updater.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\media enhance-updater =>PUP.CrossRider^
C:\Windows\Tasks\PassWidget Update.job =>PUP.PassWidget^
C:\Windows\Tasks\SaveSense.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\SaveSense =>PUP.CrossRider^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore =>PUP.CrossRider^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA =>PUP.CrossRider^
C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^
[HKCU\Software\Activeris] =>PUP.Activeris^
[HKCU\Software\AmiExt] =>Adware.FlashEnhancer^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE^
[HKCU\Software\AppDataLow\Software\LyricsMonkey-1] =>Adware.AddLyrics^
[HKCU\Software\AppDataLow\Software\LyricsSay-1] =>PUP.CrossRider^
[HKCU\Software\AppDataLow\Software\PassWidget] =>PUP.PassWidget^
[HKCU\Software\AppDataLow\Software\Plus-HD-1.6] =>Adware.PlusHD^
[HKCU\Software\AppDataLow\Software\Plus-HD-3.5] =>Adware.PlusHD^
[HKCU\Software\AppDataLow\Software\SmartWeb] =>PUP.SmartWeb^
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\AppDataLow\Software\WhiteSmoke_New_V6] =>PUP.WhiteSmoke^
[HKCU\Software\AppDataLow\Software\free ven] =>PUP.Freeven^
[HKCU\Software\AppDataLow\Software\media enhance] =>PUP.MediaPlayerEnhance^
[HKCU\Software\AppDataLow\Software\winservice86] =>PUP.CrossRider^
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}] =>Adware.Graftor^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\BatBrowse] =>PUP.BatBrowse^
[HKCU\Software\CinemaPlus-3.2cV24.05-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser^
[HKCU\Software\DSiteProducts] =>Hijacker.DSite^
[HKCU\Software\DealPlyLive] =>PUP.DealPly^
[HKCU\Software\Doko-Toolbar] =>Hijacker.Doko^
[HKCU\Software\Duuqu] =>PUP.Duuqu^
[HKCU\Software\File Type Helper] =>PUP.FileTypeHelper^
[HKCU\Software\GoHD-nv-ie] =>PUP.CrossRider^
[HKCU\Software\GoHD-nv] =>PUP.CrossRider^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax^
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^
[HKCU\Software\PepperZip] =>PUP.PepperZip^
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard^
[HKCU\Software\SaveSenseLive] =>PUP.CrossRider^
[HKCU\Software\SimplyTech] =>PUP.SimplyTech^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^
[HKCU\Software\System Speedup] =>PUP.SystemSpeedup^
[HKCU\Software\TNT2] =>Adware.TidyNetwork^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\UpToDown] =>PUP.UpToDown^
[HKCU\Software\UpdateFiles] =>Adware.Boxore^
[HKCU\Software\Visualbee] =>Adware.VisualBeeToolbar^
[HKCU\Software\Wajam] =>PUP.Wajam^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKCU\Software\astromenda] =>PUP.Astromenda^
[HKCU\Software\gamesdesktop] =>Adware.GamesDesktop^
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch^
[HKCU\Software\tuto4pc] =>PUP.AgenceExclusive^
[HKCU\Software\winservice86-nv-ie] =>PUP.CrossRider^
[HKCU\Software\winservice86-nv] =>PUP.CrossRider^
[HKLM\Software\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\BubbleSound] =>PUP.BubbleSound^
[HKLM\Software\HQuality-v3V19.10-nv] =>PUP.CrossRider^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\LolliScan] =>Adware.Graftor^
[HKLM\Software\Speedchecker Limited] =>PUP.InternetSpeedChecker^
[HKLM\Software\WebBar] =>PUP.WebBar^
[HKLM\Software\Wow6432Node\11f7643f-77e0-4a4a-a192-4b7a9e9fbf2a] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\22fbe0a4-6d53-4d01-9877-31667f148858] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\95b48dc0-8b8d-47f8-ab2e-5f40b4109b11] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\971bbd6c-f848-4ae2-9434-b893b6d0f4f1] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris^
[HKLM\Software\Wow6432Node\AmiExt] =>Adware.FlashEnhancer^
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Bench] =>PUP.GiganticSavings^
[HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf^
[HKLM\Software\Wow6432Node\BetterSurf Plus V1] =>PUP.BetterSurf^
[HKLM\Software\Wow6432Node\BetterSurf] =>PUP.BetterSurf^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\DownloaderAssistant] =>PUP.Salus^
[HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu^
[HKLM\Software\Wow6432Node\File Type Helper] =>PUP.FileTypeHelper^
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\Wow6432Node\GoHD-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\GoHD-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\HQuality-v3V19.10-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR^
[HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor^
[HKLM\Software\Wow6432Node\MediaViewV1] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\MediaViewV1alpha698] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\MediaViewV1alpha7499] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\MediaWatchV1] =>PUP.MediaWatch^
[HKLM\Software\Wow6432Node\MediaWatchV1home857] =>PUP.MediaWatch^
[HKLM\Software\Wow6432Node\Registry Helper] =>PUP.RegistryHelper^
[HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\RichMediaViewV1release1055] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard^
[HKLM\Software\Wow6432Node\SafeGuard] =>PUP.SafeGuard^
[HKLM\Software\Wow6432Node\Salus] =>PUP.Salus^
[HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect^
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup^
[HKLM\Software\Wow6432Node\TabNav] =>PUP.Abengine^
[HKLM\Software\Wow6432Node\Visualbee] =>Adware.VisualBeeToolbar^
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\WhiteSmoke_New_V6] =>PUP.WhiteSmoke^
[HKLM\Software\Wow6432Node\Winservices] =>Trojan.Inject.RRE^
[HKLM\Software\Wow6432Node\WordProser_1.10.0.1] =>PUP.WordProser^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\a558af43-d482-4649-b45f-6e1c09b384c2] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\aa73fe5b-d1f7-411f-8961-8d74e4ee2c2e] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\awesomehpSoftware] =>PUP.Awesomehp^
[HKLM\Software\Wow6432Node\b56ba8d1-2bff-4555-a80e-09eae0dad631] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\c968f51d-077d-494f-a31c-82fe202a993e] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\e3bdb18e-b300-43e4-991c-3eac4da6d490] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\flash-Enhancer] =>Adware.FlashEnhancer^
[HKLM\Software\Wow6432Node\free ven] =>PUP.Freeven^
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.Istart^
[HKLM\Software\Wow6432Node\media enhance] =>PUP.MediaPlayerEnhance^
[HKLM\Software\Wow6432Node\oursurfingSoftware] =>Hijacker.OurSurfing^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Wow6432Node\winservice86-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\winservice86-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\winservice86] =>PUP.CrossRider^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
C:\ProgramData\uninstall_Deeal.exe =>PUP.DeealFr^
D:\Utilisateurs\célia\Desktop\cacaoweb.exe =>PUP.CacaoWeb^
[HKCU\Software\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
C:\Windows\Installer\572f60.msi =>Adware.WebAdSystem^
[HKCR\CLSID\{22222222-2222-2222-2222-220422892226}] (CrossriderApp0048926.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}] (Value Apps plugin) =>Toolbar.Conduit^
[HKCR\CLSID\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}] (WordProser) =>PUP.WordProser^
D:\Utilisateurs\célia\Downloads\cacaoweb.exe =>PUP.CacaoWeb
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
D:\Utilisateurs\célia\AppData\Local\Temp\{3C2D27EF-E2C2-46F8-A808-5C26F3B22E29}-Boxore_5.9.0.0.msi =>Adware.Boxore
~ Additionnel Scan: 308476 Items scanned in 05mn 08s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Scanned in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
http://nicolascoolman.fr/pup-activeris =>PUP.Activeris
http://nicolascoolman.fr/pup-cacaoweb =>PUP.CacaoWeb
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://nicolascoolman.fr/adware-premieropinion =>Adware.PremierOpinion
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/34208035-hijacker-doko =>Hijacker.Doko
http://www.nicolascoolman.fr/blog/ =>Toolbar.MixiDJ
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.fr/hijacker-trovigo =>Hijacker.Trovigo
http://nicolascoolman.fr/parasite-pugi =>Parasite.Pugi
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://nicolascoolman.fr/pup-passwidget =>PUP.PassWidget
http://nicolascoolman.fr/hijacker-gadgetbox =>Hijacker.GadgetBox
http://www.nicolascoolman.fr/blog/ =>PUP.Istart
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://www.nicolascoolman.fr/blog/ =>Hijacker.OurSurfing
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://nicolascoolman.fr/adware-webadsystem =>Adware.WebAdSystem
http://www.nicolascoolman.fr/blog/ =>PUP.WindeskWinsearch
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/pup-giganticsavings =>PUP.GiganticSavings
http://nicolascoolman.fr/hijacker-dsite =>Hijacker.DSite
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://www.nicolascoolman.fr/blog/ =>PUP.MediaPlayerEnhance
http://nicolascoolman.fr/pup-systemspeedup =>PUP.SystemSpeedup
http://www.nicolascoolman.fr/blog/ =>PUP.BidailySync
http://www.nicolascoolman.fr/blog/ =>PUP.WordProser
http://www.nicolascoolman.fr/blog/ =>PUP.DeealFr
http://www.nicolascoolman.fr/blog/ =>PUP.IePluginService
http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds
http://www.nicolascoolman.fr/blog/ =>Adware.NewPlayer
http://www.nicolascoolman.fr/blog/ =>PUP.NetworkSystemDriver
http://www.nicolascoolman.fr/blog/ =>PUP.PriceDownloader
http://www.nicolascoolman.fr/blog/ =>PUP.RandomName
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://www.nicolascoolman.fr/blog/ =>PUP.TicTaCoupon
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.fr/adware-flashenhancer =>Adware.FlashEnhancer
http://www.nicolascoolman.fr/blog/ =>PUP.DynConIE
http://nicolascoolman.fr/adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.fr/adware-plushd =>Adware.PlusHD
http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://nicolascoolman.fr/pup-whitesmoke =>PUP.WhiteSmoke
http://www.nicolascoolman.fr/blog/ =>PUP.Freeven
http://nicolascoolman.fr/hijacker-babsolution =>Hijacker.BabSolution
http://nicolascoolman.fr/pup-batbrowse =>PUP.BatBrowse
http://nicolascoolman.fr/pup-datamngr =>PUP.Datamngr
http://nicolascoolman.fr/pup-dealply =>PUP.DealPly
http://nicolascoolman.fr/pup-duuqu =>PUP.Duuqu
http://www.nicolascoolman.fr/blog/ =>PUP.FileTypeHelper
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/pup-optimizerelitemax =>PUP.OptimizerEliteMax
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://www.nicolascoolman.fr/blog/ =>PUP.PepperZip
http://www.nicolascoolman.fr/blog/ =>PUP.SafeGuard
http://www.nicolascoolman.fr/blog/ =>PUP.SimplyTech
http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer
http://nicolascoolman.fr/adware-tidynetwork =>Adware.TidyNetwork
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>PUP.UpToDown
http://nicolascoolman.fr/adware-visualbeetoolbar =>Adware.VisualBeeToolbar
http://nicolascoolman.fr/pup-astromenda =>PUP.Astromenda
http://www.nicolascoolman.fr/blog/ =>Adware.GamesDesktop
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://nicolascoolman.fr/adware-lollipop =>Adware.Lollipop
http://www.nicolascoolman.fr/blog/ =>PUP.BubbleSound
http://nicolascoolman.fr/pup-internetspeedchecker =>PUP.InternetSpeedChecker
http://www.nicolascoolman.fr/blog/ =>PUP.WebBar
http://nicolascoolman.fr/pup-bettersurf =>PUP.BetterSurf
http://www.nicolascoolman.fr/blog/ =>PUP.Salus
http://www.nicolascoolman.fr/blog/ =>Adware.AgentODR
http://www.nicolascoolman.fr/blog/ =>PUP.MediaViewer
http://www.nicolascoolman.fr/blog/ =>PUP.MediaWatch
http://nicolascoolman.fr/pup-offerbox =>PUP.OfferBox
http://www.nicolascoolman.fr/blog/ =>PUP.RegistryHelper
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.Abengine
http://nicolascoolman.fr/pup-vittalia =>PUP.Vittalia
http://www.nicolascoolman.fr/blog/ =>Trojan.Inject.RRE
http://nicolascoolman.fr/pup-awesomehp =>PUP.Awesomehp
http://www.nicolascoolman.fr/blog/ =>Hijacker.DeltaHomes
http://nicolascoolman.fr/pup-esafesecurity =>PUP.eSafeSecurity
http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog/ =>PUP.Deal4reaL
http://www.nicolascoolman.fr/blog/ =>PUP.DealsFinderPro
http://www.nicolascoolman.fr/blog/ =>PUP.GreatSaving
http://www.nicolascoolman.fr/blog/ =>PUP.HighlightSearches
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://nicolascoolman.fr/trojan-tivmonk =>Trojan.Tivmonk
http://www.nicolascoolman.fr/blog/ =>PUP.PriceLess
http://nicolascoolman.fr/pup-probitsoftware =>PUP.ProbitSoftware
http://nicolascoolman.fr/pup-savinshop =>PUP.SavinShop
http://www.nicolascoolman.fr/blog/ =>PUP.ShopDrop
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://www.nicolascoolman.fr/blog/ =>PUP.FlashBeat
http://www.nicolascoolman.fr/blog/ =>PUP.FastPlayer
http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock
http://www.nicolascoolman.fr/blog/ =>PUP.DoctorPC
http://www.nicolascoolman.fr/blog/ =>PUP.AlertsLLC
http://nicolascoolman.fr/adware-bonanzadeals =>Adware.BonanzaDeals
http://nicolascoolman.fr/pup-nextlive =>PUP.NextLive
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/pup-software-updater =>PUP.Software.Updater
http://nicolascoolman.fr/hijacker-searchgol =>Hijacker.SearchGol
http://www.nicolascoolman.fr/blog/ =>PUP.Shopperz
http://www.nicolascoolman.fr/blog/ =>Adware.Pirrit
http://nicolascoolman.fr/pup-bitguard =>PUP.BitGuard
http://nicolascoolman.fr/pup-glindorus =>PUP.Glindorus
http://nicolascoolman.fr/pup-linkswift =>PUP.LinkSwift
http://nicolascoolman.fr/pup-rewardsarcade =>PUP.RewardsArcade
http://www.nicolascoolman.fr/blog/ =>Adware.PricePeep
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://www.nicolascoolman.fr/blog/ =>Adware.Adkubru
http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://nicolascoolman.fr/pup-eorezo =>PUP.Eorezo
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://nicolascoolman.fr/pup-tarma =>PUP.Tarma
http://www.nicolascoolman.fr/blog/ =>Toolbar.Freecorder
http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods
http://nicolascoolman.fr/adware-smileybar =>Adware.SmileyBar
http://nicolascoolman.fr/adware-relevantknowledge =>Adware.RelevantKnowledge
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
~ MSI: 139 link(s) detected in 00mn 01s
End of the scan (3716 lines in 24mn 34s)(0.11)
~ Lancé par célia (08/07/2015 13:29:22)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Nouvelle version disponible
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17843
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 733WD
Windows License : OK
~ Windows Remaining Initializations Number : 0
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
---\\ Logiciels de protection du système
Avast Internet Security v10.2.2218
Microsoft Security Client v4.8.0204.0
Windows Defender W7 (Activate)
---\\ Logiciels d'optimisation du système
CCleaner v4.06
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 18 NPAPI
Adobe Acrobat Reader DC - Français
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1908 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 58 GB (59%) free of 98 GB
---\\ Mode de connexion au système
~ Computer Name: CÉLIA-PC
~ User Name: célia
~ All Users Names: Lycée 1, célia, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : D:\Utilisateurs\célia\AppData\Roaming\ZHP\
~ %AppData% : D:\Utilisateurs\célia\AppData\Roaming\
~ %Desktop% : D:\Utilisateurs\célia\Desktop\
~ %Favorites% : D:\Utilisateurs\célia\Favorites\
~ %LocalAppData% : D:\Utilisateurs\célia\AppData\Local\
~ %StartMenu% : D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 58 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 134 Go of 181 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 46 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/05/2015 - 18:50:20.) -- C:\Windows\System32\wininet.dll [2426880]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 04s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/6386
~ Mes musiques (My Musics) : 7/597
~ Mes Videos (My Videos) : 1/137
~ Mes Favoris (My Favorites) : 1/13
~ Mes Documents (My Documents) : 2/26
~ Mon Bureau (My Desktop) : 1/14
~ Menu demarrer (Programs) : 1/6
~ Hidden Files: Scanned in 00mn 59s
---\\ Processus lancés
[MD5.8C9D2FFFF653C623369C214E4B83FA7C] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [740688] [PID.1900]
[MD5.9EA7A1CAE39066EDAAC59C7BEE779A6C] - (.Pas de propriétaire - ASP.) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [6733128] [PID.2724] =>PUP.AdvancedSystemProtector
[MD5.A74558989E0624989C5B21E442788ED3] - (.Activeris - Activeris AntiMalware.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [6292472] [PID.2988] =>PUP.Activeris
[MD5.5B522E61A39D2237F21CFB4A9612FF14] - (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752] [PID.4244]
[MD5.775F47E28C96739D0B81DF8A46116EFB] - (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe [532784] [PID.4288] =>PUP.CacaoWeb
[MD5.6BCFCFA512A003A8043CF2F370B0B479] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440] [PID.4724] =>PUP.CrossBrowser
[MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.4960]
[MD5.2EF0B3C51971F51ED700C01CFBC5B82A] - (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942] [PID.5760]
[MD5.4D1DA8CE5E364D22B4FF00F163194514] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.5808]
[MD5.34084D25BE6F48D072AA54DE630438FD] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896] [PID.4160]
[MD5.31EA4BC4328BDBC50CD5CA4870F09E06] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496] [PID.3656]
[MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.5288]
[MD5.72A7D54EB3626CFCBC8B550385CEF97A] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440] [PID.2052]
[MD5.6AE1CDECEA3B80AAF662959BD924E9CA] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\3\plugin.exe [616160] [PID.5728]
[MD5.CA0639DDD12D63CFD7339A1C50FE1DD0] - (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\WinU\~lsandjv.exe [495616] [PID.6860]
[MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8209408] [PID.3992]
[MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336] [PID.1608]
[MD5.C569E7F268C43D6C9C4D74EE2F06CCD8] - (.Avast Software s.r.o. - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [107448] [PID.2080]
[MD5.5D6859EF745BD5DF5968413CE1DF8A41] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe [1558096] [PID.2148] =>PUP.CrossRider
[MD5.23C07500D0DBEF75144D1576A22D3FEA] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe [1441872] [PID.2168] =>PUP.CrossRider
[MD5.91C6DAF1DD352AC3E9D88F0A4758568D] - (.Cinema PlusV28.05 - CinemaPlus-3.2cV28.05 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe [1453136] [PID.2352] =>PUP.CrossRider
[MD5.722CC7C491B200E5FD3BF28345AA6026] - (.Cinema PlusV28.05 - CinemaPlus-3.2cV28.05 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe [1602128] [PID.2396] =>PUP.CrossRider
[MD5.929593D76589294BA3F74540298D1B3E] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.2472]
[MD5.9A59DF2CA690019FEA3B265D5A7EB619] - (.Conexant Systems, Inc. - Utility Service.) -- C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184] [PID.3724]
[MD5.D1AFCCBC2BC504F9F0C70B058EBE344B] - (.Infonaut - Infonaut Client Service.) -- C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600] [PID.3852] =>PUP.Infonaut
[MD5.205FD80EF4B9832F9763B9A187957260] - (.Intel Corporation - Intel(R) Rapid Start Technology Service.) -- C:\windows\SysWOW64\irstrtsv.exe [193536] [PID.4020]
[MD5.604A8615BB3D7064197A0563C799B938] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.4044]
[MD5.A9E358550671BB06E4867EAAB6712AA6] - (.VoiceFive, Inc. - PremierOpinion.) -- C:\Program Files (x86)\PremierOpinion\pmservice.exe [213816] [PID.3108] =>Adware.PremierOpinion
[MD5.5C95CEC33FFEFDE2842D01E8E86F4DED] - (...) -- D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp [305664] [PID.2648]
[MD5.7CB6287B26DC3DEBF027431479ABF26D] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536] [PID.3360]
[MD5.545462D0DBE24AF379BA869B7C185CCD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.4892]
[MD5.AB41542FA180CB3317F597ED7E7D5C5D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.6100]
[MD5.8B1E55D70AF701973DE0CD833B2611F4] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe [648416] [PID.7024]
[MD5.182BBA1B43898D5DA0938D2E9A526B31] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.7108]
[MD5.BE71E5DAE76D35B2E58DB9FBB68F232D] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\5\plugin.exe [783072] [PID.5728]
[MD5.2FFF132741408F0F921833C2BEA5350D] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\10\plugin.exe [511712] [PID.5728]
[MD5.8510EE91B62D5784EA7548002CBA56F1] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\2\plugin.exe [1172704] [PID.5728]
[MD5.DBD93F1BC4403541B6FDA2957E6A2030] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\8\plugin.exe [644320] [PID.5728]
[MD5.6D964AC44CBC590CAC5F7CC355D5E141] - (...) -- C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe [572640] [PID.1336]
[MD5.292F0644E4CCB80B4D38F65E5C3E94EF] - (.Boxore OU. - Setup.) -- C:\Program Files (x86)\Software\Update\Install\{8EA45EE8-4913-4878-839F-B9A1D271FF1F}\SoftwareUpdateSetup.exe [570168] [PID.4608] =>Adware.Boxore
~ Processes Running: Scanned in 00mn 17s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\prefs.js
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\user.js
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\amazon.xml
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\conduit.xml
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\dokotoolbar.xml =>Hijacker.Doko
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\mixidj.xml =>Toolbar.MixiDJ
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\mysearchskms.xml =>Adware.MyWebSearch
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\trovi-search.xml =>Hijacker.Trovigo
M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\Web Search.xml =>Parasite.Pugi
M2 - MFEP: RegExtension {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} . (...) -- C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi (.not file.) =>PUP.Wajam
M2 - MFEP: RegExtension {a073a988-98af-4f21-86e7-97aee9443951} . (...) -- C:\Program Files (x86)\Pass-Widget\134.xpi =>PUP.PassWidget
M0 - MFSP: prefs.js [célia - ftwxqwcg.default] http://search.gboxapp.com =>Hijacker.GadgetBox
M2 - MFEP: prefs.js [célia - ftwxqwcg.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.34 (..) =>PUP.CacaoWeb
M2 - MFEP: Extension [célia - ftwxqwcg.default] 0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] 16eede48-12e9-4c79-bd54-c82622138533@630d8a34-73af-4e03-9664-9082492eb220.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] 71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] 9d29e4ccd2024f2d8e320@ad524784406d4c8dab290.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] b369ec0b-ca2c-4a80-a1e3-08fd373cdfb5@91e50ee5-448d-41f7-92ed-30eed93f2f2f.com
M2 - MFEP: Extension [célia - ftwxqwcg.default] cacaoweb@cacaoweb.org =>PUP.CacaoWeb
M2 - MFEP: Extension [célia - ftwxqwcg.default] staged
M2 - MFEP: Extension [célia - ftwxqwcg.default] {da7f5ae1-3be3-43c0-8098-c1d183616e97}
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml =>PUP.Istart
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\search-with-eazelbar.xml =>Hijacker.Eazel
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll
P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.40416.0.) -- c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.)
~ Firefox Browser: 43 Scanned in 00mn 04s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.snapdo.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17840 (winblue_r11.150522-0826)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 24 Scanned in 00mn 01s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Avast Software s.r.o. - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: On Stage [64Bits] - {9771c444-42b0-4e23-a7fb-ff707123ab30} Clé orpheline
~ BHO: 3 Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{DA7F5AE1-3BE3-43C0-8098-C1D183616E97} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Activeris AntiMalware.lnk . (.Activeris - Activeris AntiMalware.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris
O4 - GS\Desktop [Public]: Advanced-System Protector.lnk . (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector
O4 - GS\Desktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\Desktop [Public]: Poursuivre l'installation de Reimage Repair.lnk . (.Reimage® - Reimage Downloader.) -- D:\Utilisateurs\célia\Downloads\ReimageRepair (1).exe =>Rogue.ReimageRepair
O4 - GS\Program [Public]: WebAdSystem.lnk . (.KalityWeb - WebAdSystem.) -- C:\Program Files (x86)\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem
~ Global Startup: 5 Scanned in 00mn 18s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [Dell Audio] . (.Pas de propriétaire - Dell Audio.) -- C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - DW WLAN Card Wireless Network Tray Applet.) -- C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Tray.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Windesk Winsearch] . (.Windesk Winsearch - Windesk Winsearch.) -- C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe =>PUP.WindeskWinsearch
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [Dell Audio] Clé orpheline
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4EF3DBDDB1015AC6FB69F6D4A7FA4E34] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX Media Server Launcher.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_509] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_567] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_571] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_579] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010002] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010005] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010016] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010021] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010022] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_002020023] C:\Program Files (x86)\gmsd_fr_002020023\gmsd_fr_002020023.exe (.not file.) =>PUP.CrossRider
O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_002020021] Clé orpheline =>PUP.CrossRider
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [Dell Audio] Clé orpheline
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [cacaoweb] . (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [GoogleChromeAutoLaunch_4EF3DBDDB1015AC6FB69F6D4A7FA4E34] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe
~ Application: Scanned in 00mn 03s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000010\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 10 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) . (.Avast Software s.r.o. - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: C:\Windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\system32\CxAudMsg64.exe
O23 - Service: CxUtilSvc (CxUtilSvc) . (.Conexant Systems, Inc. - Utility Service.) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Infonaut 1.10.0.14 Client Service (insvc_1.10.0.14) . (.Infonaut - Infonaut Client Service.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) . (.Intel Corporation - Intel(R) Rapid Start Technology Service.) - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: PremierOpinion (PremierOpinion) . (.VoiceFive, Inc. - PremierOpinion.) - C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion
O23 - Service: Standby Data (rikejehy) . (...) - D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp
O23 - Service: Service Mgr OnStage (Service Mgr OnStage) . (...) - C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Mgr OnStage (Update Mgr OnStage) . (...) - C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\Windows\system32\vcsFPService.exe
O23 - Service: DW WLAN Tray Service (wltrysvc) . (.Dell Inc. - DW WLAN Card Wireless Network Service.) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe
O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: 24 Scanned in 00mn 36s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-1] (...) -- C:\Program Files (x86)\winservice86\winservice86-codedownloader.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-11] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-11.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-4] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-5] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-6] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-7] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.CFF9F7EF196B710349A8B1CABE8D7716] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.exe [1524816] =>PUP.CrossRider
[MD5.AA2E845687EDA58EDA1975B6289C7349] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.exe [995408] =>PUP.CrossRider
[MD5.523962AB1100E594372580FF604F5862] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.exe [1418320] =>PUP.CrossRider
[MD5.E1F8AAFC8DC819206AE4A4CE73B91843] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.exe [1150032] =>PUP.CrossRider
[MD5.2C48B03CFEFEB809A27E1676EDBE388A] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.exe [1445968] =>PUP.CrossRider
[MD5.AA2E845687EDA58EDA1975B6289C7349] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.exe [995408] =>PUP.CrossRider
[MD5.91C6DAF1DD352AC3E9D88F0A4758568D] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-1-6] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe [1453136] =>PUP.CrossRider
[MD5.62200123EFE741A7539969AE8CA49F00] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-1-7] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.exe [1100880] =>PUP.CrossRider
[MD5.445BFB337ABCB7BE1D636F60EEEF3091] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-3] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-3.exe [1550928] =>PUP.CrossRider
[MD5.BF9A7831DB0DF0C47AB058278EE53104] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-5] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-5.exe [1287760] =>PUP.CrossRider
[MD5.722CC7C491B200E5FD3BF28345AA6026] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-6] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe [1602128] =>PUP.CrossRider
[MD5.62200123EFE741A7539969AE8CA49F00] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-7] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-7.exe [1100880] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [5280bb8b-3d93-4e80-afaf-a41b391e8248] (...) -- C:\Program Files (x86)\winservice86\5280bb8b-3d93-4e80-afaf-a41b391e8248.exe (.not file.) [0] =>PUP.CrossRider
[MD5.5D6859EF745BD5DF5968413CE1DF8A41] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-1-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe [1558096] =>PUP.CrossRider
[MD5.80477221000298A19C6B5205E0137389] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-1-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.exe [1016912] =>PUP.CrossRider
[MD5.5FD0073C714B2655021639605C6877F6] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-3] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-3.exe [1312848] =>PUP.CrossRider
[MD5.1D8E55F37BFDE9128BD1B568B72AB777] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-5] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-5.exe [1065040] =>PUP.CrossRider
[MD5.23C07500D0DBEF75144D1576A22D3FEA] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe [1441872] =>PUP.CrossRider
[MD5.80477221000298A19C6B5205E0137389] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-7.exe [1016912] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1] (...) -- C:\Program Files (x86)\winservice86\winservice86-codedownloader.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.A74558989E0624989C5B21E442788ED3] [APT] [Activeris AntiMalware_startup] (.Activeris.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [6292472] =>PUP.Activeris
[MD5.AE0E3D037E6148133740EDBC08567F5F] [APT] [Adobe Acrobat Update Task] (...) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998088]
[MD5.1234A12B71DAE034E45C714AE5A54412] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976]
[MD5.9EA7A1CAE39066EDAAC59C7BEE779A6C] [APT] [Advanced-System Protector_startup] (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [6733128] =>PUP.AdvancedSystemProtector
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.C50B830CA9BCD63754928CD6C0E2B114] [APT] [avast! Emergency Update] (.Avast Software s.r.o..) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1298688]
[MD5.00000000000000000000000000000000] [APT] [b0639b86-3d9e-441a-9ee9-556716c43ef7-4] (...) -- C:\Program Files (x86)\HQuality-v3V19.10\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [BCJQQMDVZ1] (...) -- C:\ProgramData\NavRight\NavRight.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [bench-sys] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe (.not file.) [0] =>PUP.GiganticSavings
[MD5.00000000000000000000000000000000] [APT] [BoxSoftwareUpdate] (...) -- C:\ProgramData\BoxUpdChk\updchk.exe (.not file.) [0] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [Cassiopesa life] (...) -- C:\ProgramData\{C03F28FC-90BD-F97A-213B-89F8F1B95A76}\1.17.3.1\fiber.js" "433a2f50726f6772616d446174612f7b43303346323846432d393042442d463937412d323133422d3839463846314239354137367d2f312e31372e332e312f6c6966652e646c6c" "687474703a2f2f73616 (.not file.) [0]
[MD5.22621F4BC16C5C47E76E40F251F0CC79] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3905304]
[MD5.00000000000000000000000000000000] [APT] [DigitalSite] (...) -- D:\UTILIS~1\CLIA~1\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Hijacker.DSite
[MD5.00000000000000000000000000000000] [APT] [EPJQFQQ1] (...) -- C:\ProgramData\LolliScan\LolliScan.exe (.not file.) [0] =>Adware.Graftor
[MD5.00000000000000000000000000000000] [APT] [LaunchPreSignup] (...) -- C:\Program Files (x86)\OLBPre\OLBPre.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.00000000000000000000000000000000] [APT] [media enhance-chromeinstaller] (...) -- C:\Program Files (x86)\media enhance\media enhance-chromeinstaller.exe (.not file.) [0] =>PUP.MediaPlayerEnhance
[MD5.00000000000000000000000000000000] [APT] [media enhance-codedownloader] (...) -- C:\Program Files (x86)\media enhance\media enhance-codedownloader.exe (.not file.) [0] =>PUP.MediaPlayerEnhance
[MD5.00000000000000000000000000000000] [APT] [media enhance-firefoxinstaller] (...) -- C:\Program Files (x86)\media enhance\media enhance-firefoxinstaller.exe (.not file.) [0] =>PUP.MediaPlayerEnhance
[MD5.00000000000000000000000000000000] [APT] [media enhance-updater] (...) -- C:\Program Files (x86)\media enhance\media enhance-updater.exe (.not file.) [0] =>PUP.MediaPlayerEnhance
[MD5.E352F97A82E41CCAE582C77C050D4A26] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe [363072]
[MD5.CDB768D99CD9FE3B826D310813A42324] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [1243704]
[MD5.00000000000000000000000000000000] [APT] [SaveSense] (...) -- D:\UTILIS~1\CLIA~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [SaveSenseLiveUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [SaveSenseLiveUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe (.not file.) [0] =>PUP.CrossRider
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [System Speedup] (...) -- C:\Program Files (x86)\System Speedup\SystemSpeedup.exe (.not file.) [0] =>PUP.SystemSpeedup
[MD5.CDB768D99CD9FE3B826D310813A42324] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [1243704]
[MD5.00000000000000000000000000000000] [APT] [ZaygU22Y9XSkCQT] (...) -- D:\Utilisateurs\c‚lia\AppData\Roaming\YcSrbDb\WmnWVFG.exe (.not file.) [0]
[MD5.F96C77CE767DC06F15B3143CCA61B9FF] [APT] [{0300BDEC-9EFF-4ED9-BF0A-CCBFF24A76ED}] (...) -- C:\Program Files (x86)\Smarts8\Uninstall.exe [79360]
[MD5.00000000000000000000000000000000] [APT] [{39F6EE56-C59C-435D-89BF-28CAE17FFC29}] (...) -- D:\Utilisateurs\Administrateur\Desktop\VOSTRO 3360 Win7_64bit Drivers\11-Network_Atheros_W7_A02_Setup-7PM7V_ZPE.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F518CCDA-21C8-481C-9438-A493B865BD80}] (...) -- E:\TEMP\VOSTRO 3360 Win7_64bit Drivers\Network_Atheros_W7_A02_Setup-KRXNR_ZPE.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
O39 - APT: - (..) -- C:\Windows\Tasks\0f606e8f-8393-4f75-a33c-52fa23d9dc61.job [1422]
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-1 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1.job [3430] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-1 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1 [3430] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-11 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11.job [5166] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-11 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11 [5166] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-4 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4.job [4140] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-4 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4 [4140] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-5 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5.job [2428] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-5 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5 [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5_user.job [2428] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-6 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6.job [4140] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-6 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6 [4140] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-7 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7.job [3796] =>PUP.CrossRider
O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-7 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7 [3796] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.job [3104] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 [3104] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.job [3440] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 [3440] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-10_user.job [2078]
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.job [4460] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 [4460] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.job [2412] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 [2412] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5_user.job [2412] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.job [5828] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 [5828] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.job [5484] =>PUP.CrossRider
O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 [5484] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\4oWR9qYkY63.job [1008]
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-6 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.job [3138] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-6 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6 [3138] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-7 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.job [3474] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-7 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7 [3474] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-10_user.job [2112]
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-3 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3.job [4494] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-3 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3 [4494] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-5 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5.job [2446] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-5 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5 [2446] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5_user.job [2446] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-6 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6.job [5862] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-6 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6 [5862] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-7 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7.job [5518] =>PUP.CrossRider
O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-7 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7 [5518] =>PUP.CrossRider
O39 - APT: 5280bb8b-3d93-4e80-afaf-a41b391e8248 - (...) -- C:\Windows\Tasks\5280bb8b-3d93-4e80-afaf-a41b391e8248.job [1446]
O39 - APT: 5280bb8b-3d93-4e80-afaf-a41b391e8248 - (...) -- C:\Windows\System32\Tasks\5280bb8b-3d93-4e80-afaf-a41b391e8248 [1446]
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.job [3104] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 [3104] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.job [3440] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 [3440] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-10_user.job [2078]
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-3 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3.job [4460] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-3 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3 [4460] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-5 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5.job [2412] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-5 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5 [2412] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5_user.job [2412] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-6 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6.job [5828] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6 [5828] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-7 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7.job [5484] =>PUP.CrossRider
O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7 [5484] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6.job [3120]
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 [3120]
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7.job [3456]
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 [3456]
O39 - APT: - (..) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-10_user.job [2094]
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.job [4140] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 [4140] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.job [2428] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5_user.job [2428] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.job [5844] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 [5844] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.job [5500] =>PUP.CrossRider
O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 [5500] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a02caaef-bdb1-48ce-a25a-b7494b0783cb.job [612]
O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-6.job [3120]
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7.job [3456]
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 [3456]
O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-10_user.job [2094]
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.job [4140] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 [4140] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.job [2428] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5_user.job [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-6.job [5500] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.job [5500] =>PUP.CrossRider
O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 [5500] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a5fc5ff8-db73-4aeb-b3a8-fd2e231b21ff-4.job [2174] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1.job [2750] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 [2750] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.job [4478] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 [4478] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.job [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.job [2428] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 [2428] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5_user.job [2428] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.job [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.job [3452] =>PUP.CrossRider
O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 [3452] =>PUP.CrossRider
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect
O39 - APT: b0639b86-3d9e-441a-9ee9-556716c43ef7-4 - (...) -- C:\Windows\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.job [4830] =>PUP.CrossRider
O39 - APT: b0639b86-3d9e-441a-9ee9-556716c43ef7-4 - (...) -- C:\Windows\System32\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4 [4830] =>PUP.CrossRider
O39 - APT: BCJQQMDVZ1 - (...) -- C:\Windows\Tasks\BCJQQMDVZ1.job [324]
O39 - APT: BCJQQMDVZ1 - (...) -- C:\Windows\System32\Tasks\BCJQQMDVZ1 [324]
O39 - APT: bench-sys - (...) -- C:\Windows\Tasks\bench-sys.job [344] =>PUP.GiganticSavings
O39 - APT: bench-sys - (...) -- C:\Windows\System32\Tasks\bench-sys [344] =>PUP.GiganticSavings
O39 - APT: - (..) -- C:\Windows\Tasks\bench-Updater removing.job [288] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\bench-Updater removing [288] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job [340] =>PUP.BidailySync
O39 - APT: DigitalSite - (...) -- C:\Windows\Tasks\DigitalSite.job [300] =>Hijacker.DSite
O39 - APT: DigitalSite - (...) -- C:\Windows\System32\Tasks\DigitalSite [300] =>Hijacker.DSite
O39 - APT: - (..) -- C:\Windows\Tasks\e4B8MC7fGSvdgS.job [1014]
O39 - APT: EPJQFQQ1 - (...) -- C:\Windows\Tasks\EPJQFQQ1.job [330]
O39 - APT: EPJQFQQ1 - (...) -- C:\Windows\System32\Tasks\EPJQFQQ1 [330]
O39 - APT: - (..) -- C:\Windows\Tasks\f56fe68c-ded6-4656-a272-5100e7b20016.job [612]
O39 - APT: - (..) -- C:\Windows\Tasks\LLXGQWT.job [1698]
O39 - APT: media enhance-chromeinstaller - (...) -- C:\Windows\Tasks\media enhance-chromeinstaller.job [3100] =>PUP.CrossRider
O39 - APT: media enhance-chromeinstaller - (...) -- C:\Windows\System32\Tasks\media enhance-chromeinstaller [3100] =>PUP.CrossRider
O39 - APT: media enhance-codedownloader - (...) -- C:\Windows\Tasks\media enhance-codedownloader.job [1530] =>PUP.CrossRider
O39 - APT: media enhance-codedownloader - (...) -- C:\Windows\System32\Tasks\media enhance-codedownloader [1530] =>PUP.CrossRider
O39 - APT: media enhance-firefoxinstaller - (...) -- C:\Windows\Tasks\media enhance-firefoxinstaller.job [2358] =>PUP.CrossRider
O39 - APT: media enhance-firefoxinstaller - (...) -- C:\Windows\System32\Tasks\media enhance-firefoxinstaller [2358] =>PUP.CrossRider
O39 - APT: media enhance-updater - (...) -- C:\Windows\Tasks\media enhance-updater.job [2396] =>PUP.CrossRider
O39 - APT: media enhance-updater - (...) -- C:\Windows\System32\Tasks\media enhance-updater [2396] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\PassWidget Update.job [392] =>PUP.PassWidget
O39 - APT: PCDoctorBackgroundMonitorTask - (.PC-Doctor, Inc..) -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [564]
O39 - APT: PCDoctorBackgroundMonitorTask - (.PC-Doctor, Inc..) -- C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask [564]
O39 - APT: - (..) -- C:\Windows\Tasks\Periodic Synchronize Task.job [340]
O39 - APT: SaveSense - (...) -- C:\Windows\Tasks\SaveSense.job [300] =>PUP.CrossRider
O39 - APT: SaveSense - (...) -- C:\Windows\System32\Tasks\SaveSense [300] =>PUP.CrossRider
O39 - APT: SaveSenseLiveUpdateTaskMachineCore - (...) -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job [926] =>PUP.CrossRider
O39 - APT: SaveSenseLiveUpdateTaskMachineCore - (...) -- C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore [926] =>PUP.CrossRider
O39 - APT: SaveSenseLiveUpdateTaskMachineUA - (...) -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job [930] =>PUP.CrossRider
O39 - APT: SaveSenseLiveUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA [930] =>PUP.CrossRider
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [912] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [912] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [916] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [916] =>Adware.Boxore
O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\Windows\Tasks\SystemToolsDailyTest.job [506]
O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\Windows\System32\Tasks\SystemToolsDailyTest [506]
~ Scheduled Task: 216 Scanned in 00mn 48s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 02s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswKbd) . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys
O41 - Driver: (aswRdr) . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.Avast Software s.r.o. - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.Avast Software s.r.o. - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (b786bdb3c67d) . (. - .) - C:\Windows\System32\drivers\b786bdb3c67d.sys (.not file.)
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (innfd_1_10_0_14) . (.Infonaut - Infonaut Driver x64.) - C:\Windows\System32\drivers\innfd_1_10_0_14.sys =>PUP.Infonaut
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwiynzm4ndy1yjz) . (. - .) - C:\Windows\System32\drivers\mwiynzm4ndy1yjz.sys (.not file.)
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (rrgwvwin) . (. - .) - C:\Windows\system32\drivers\rrgwvwin.sys (.not file.)
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: (wpnfd_1_10_0_1) . (.Word Proser - Word Proser Driver x64.) - C:\Windows\System32\drivers\wpnfd_1_10_0_1.sys =>PUP.WordProser
~ Drivers: 90 Scanned in 00mn 04s
---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: AVG Do Not Track - (."".) [HKLM][64Bits] -- {4E5FE462-1A84-47B4-3411-C72434AAD86C}
O42 - Logiciel: AccelerometerP11 - (.STMicroelectronics.) [HKLM][64Bits] -- {87434D51-51DB-4109-B68F-A829ECDCF380}
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100}
O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA}
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1
O42 - Logiciel: Avast Internet Security - (.AVAST Software.) [HKLM][64Bits] -- Avast
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {CA2B24FD-EE10-42B9-B049-AA80268E7E21} =>Adware.Boxore
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CinemaPlus-3.2cV28.05 - (.Cinema PlusV28.05.) [HKLM][64Bits] -- CinemaPlus-3.2cV28.05 =>PUP.CrossRider
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: Codec Pack Packages - (...) [HKCU][64Bits] -- Codec Pack Packages
O42 - Logiciel: Conexant SmartAudio HD - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM][64Bits] -- DivX Setup
O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.CrossBrowser
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DC-Bass Source 1.3.0 - (...) [HKLM][64Bits] -- DC-Bass Source
O42 - Logiciel: DMUninstaller - (...) [HKLM][64Bits] -- DMUninstaller
O42 - Logiciel: DW WLAN Card Utility - (.Dell Inc..) [HKLM][64Bits] -- DW WLAN Card Utility
O42 - Logiciel: Deeal - (.Kreapixel inc..) [HKLM][64Bits] -- Deeal =>PUP.DeealFr
O42 - Logiciel: Dell Audio - (.Cirrus Logic.) [HKLM][64Bits] -- {3A69FD31-5EE7-42C9-918B-81C07AA21043}
O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM][64Bits] -- {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}
O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM][64Bits] -- Dell Support Center
O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A}
O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}
O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central
O42 - Logiciel: DigitalPersona Fingerprint Software 5.20 - (.DigitalPersona, Inc..) [HKLM][64Bits] -- {C0C2D40A-1231-46FA-8F02-B45E6BF2036A}
O42 - Logiciel: Freeplane - (.Open source.) [HKLM][64Bits] -- {D3941722-C4DD-4509-88C4-0E87F675A859}_is1
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}
O42 - Logiciel: GoHD - (.InstallMoon.) [HKLM][64Bits] -- GoHD =>PUP.CrossRider
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HQuality-v3V19.10 - (.HQuality3V19.10.) [HKLM][64Bits] -- HQuality-v3V19.10 =>PUP.CrossRider
O42 - Logiciel: Haali Media Splitter - (...) [HKLM][64Bits] -- HaaliMkx
O42 - Logiciel: Hades - (.Hades.) [HKLM][64Bits] -- Hades
O42 - Logiciel: IePluginService12.27.0.3326 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- IePlugins =>PUP.IePluginService
O42 - Logiciel: Infonaut 1.10.0.14 - (.Infonaut.) [HKLM][64Bits] -- Infonaut_1.10.0.14 =>PUP.Infonaut
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) OpenCL CPU Runtime - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Start Technology - (.Intel Corporation.) [HKLM][64Bits] -- 3D073343-CEEB-4ce7-85AC-A69A7631B5D6
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {538B98C3-773F-4F20-9C66-802D104DCBE2}
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}
O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM][64Bits] -- LAME_is1
O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (...) [HKLM][64Bits] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1
O42 - Logiciel: LibreOffice 4.0.2.2 - (.The Document Foundation.) [HKLM][64Bits] -- {1062AD6C-80F4-4BC6-AB7C-A28892B497B8}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation
O42 - Logiciel: Mp3tag v2.58 - (.Florian Heidenreich.) [HKLM][64Bits] -- Mp3tag
O42 - Logiciel: Muvic - (.ReSoft Ltd..) [HKLM][64Bits] -- {065A5BE9-CE42-475C-BD62-52B229D24AB5} =>Hijacker.SmartBar
O42 - Logiciel: Muvic Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {ab0da7b3-e6dd-492c-951e-44f70b9225b4} =>Hijacker.SmartBar
O42 - Logiciel: MySearchs - (.Pay-By-Ads.) [HKCU][64Bits] -- mysearchs =>PUP.PaybyAds
O42 - Logiciel: NewPlayer - (.SoftForce LLC.) [HKLM][64Bits] -- NewPlayer =>Adware.NewPlayer
O42 - Logiciel: OffersWizard Network System Driver - (...) [HKLM][64Bits] -- inethnfd =>PUP.NetworkSystemDriver
O42 - Logiciel: On Stage - (.On Stage.) [HKLM][64Bits] -- On Stage
O42 - Logiciel: OpenSource Flash Video Splitter 1.0.0.5 - (...) [HKLM][64Bits] -- OpenSource Flash Video Splitter
O42 - Logiciel: PassWidget - (.PassWidget Software.) [HKLM][64Bits] -- {3f700348-270d-469b-b073-4a14e4a79189} =>PUP.PassWidget
O42 - Logiciel: PhotoFiltre - (...) [HKCU][64Bits] -- PhotoFiltre
O42 - Logiciel: Picasa Instant Upload Move Enabler - (."".) [HKLM][64Bits] -- {AE9B04F2-E9E8-162C-829B-52C116B3EFCC}
O42 - Logiciel: PremierOpinion - (.VoiceFive, Inc..) [HKLM][64Bits] -- {eeb86aef-4a5d-4b75-9d74-f16d438fc286} =>Adware.PremierOpinion
O42 - Logiciel: PriCeDoWnloADer - (."".) [HKLM][64Bits] -- {2D471A31-4FA7-95BA-1880-D441113ED736} =>PUP.PriceDownloader
O42 - Logiciel: ST Microelectronics 3 Axis Digital Accelerometer Solution - (.ST Microelectronics.) [HKLM][64Bits] -- {9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}
O42 - Logiciel: SaoftoCeoup - (.SoftCoup.) [HKLM][64Bits] -- {7540FDBD-7FDC-30AE-3778-815CB87DBE46} =>PUP.RandomName
O42 - Logiciel: Smarts8 - (.smart-saverplus.) [HKLM][64Bits] -- Smarts8 =>PUP.CrossRider
O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify
O42 - Logiciel: Spotydl 0.9.36.0 - (.spotydl.com.) [HKLM][64Bits] -- Spotydl_is1
O42 - Logiciel: Streak for Gmail - (."".) [HKLM][64Bits] -- {F6423EE4-93D8-FA04-D09D-A8598F6EFDFD}
O42 - Logiciel: SupTab - (...) [HKLM][64Bits] -- SupTab =>PUP.SupTab
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TI USB 3.0 Host Controller Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}
O42 - Logiciel: TI USB3 Host Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- {B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}
O42 - Logiciel: TerminusStable - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{4284830a} =>Adware.Graftor
O42 - Logiciel: TicTaCoupon - (.TicTaCoeuponu.) [HKLM][64Bits] -- {E370F69F-ED3F-925F-31FC-14D1329A713B} =>PUP.TicTaCoupon
O42 - Logiciel: Tny_Cassiopesa - (.Tny_Cassiopesa.) [HKLM][64Bits] -- Tny_Cassiopesa
O42 - Logiciel: TrimModule - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f0e9047b} =>Adware.Graftor
O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM][64Bits] -- {933B4015-4618-4716-A828-5289FC03165F}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Validity Sensors DDK - (.Validity Sensors, Inc..) [HKLM][64Bits] -- {CF8F802C-0CEA-4591-A353-12EC03794652}
O42 - Logiciel: ValueApps - (.Conduit.) [HKCU][64Bits] -- ValueApps =>Toolbar.Conduit
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {A1439D4F-FD46-47F2-A1D3-FEE097C29A09}
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM][64Bits] -- {4c13db17-a811-442c-9a1b-a92b65dca879} =>Adware.WebAdSystem
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM][64Bits] -- {AF59773E-3245-46A3-B418-DD84AB6C3C50} =>Adware.WebAdSystem
O42 - Logiciel: WindeskWinsearch 1.0 - (.PCSoftware.) [HKLM][64Bits] -- WindeskWinsearch =>PUP.WindeskWinsearch
O42 - Logiciel: Winservices - (.Kreapixel inc..) [HKLM][64Bits] -- WinServices =>Adware.SocialSkinz
O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM][64Bits] -- Xvid Video Codec 1.3.2
O42 - Logiciel: doPDF 7.3 printer - (.Softland.) [HKLM][64Bits] -- doPDF 7 printer_is1
O42 - Logiciel: ffdshow v1.1.4399 [2012-03-22] - (...) [HKLM][64Bits] -- ffdshow_is1
O42 - Logiciel: fix version 1.0.0.0 - (...) [HKLM][64Bits] -- {ACA88935-7188-47AD-B220-B50106DC0D9C}_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {4046F74A-28F8-48C6-A5D3-2AFC472574C1}
O42 - Logiciel: oursurfing uninstall - (.oursurfing.) [HKLM][64Bits] -- oursurfing uninstall =>Hijacker.OurSurfing
O42 - Logiciel: sursenel - (.sidecom.) [HKLM][64Bits] -- {7d0ff442-6ee9-4afb-74ec-015a61fc9fd0}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 94 Scanned in 00mn 05s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5c55da8cbc3ab845]
[HKCU\Software\7-Zip]
[HKCU\Software\Activeris] =>PUP.Activeris
[HKCU\Software\Adobe]
[HKCU\Software\Alexa Internet]
[HKCU\Software\Alps]
[HKCU\Software\AmiExt] =>Adware.FlashEnhancer
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\LyricsMonkey-1] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\Software\LyricsSay-1] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\PassWidget] =>PUP.PassWidget
[HKCU\Software\AppDataLow\Software\Plus-HD-1.6] =>Adware.PlusHD
[HKCU\Software\AppDataLow\Software\Plus-HD-3.5] =>Adware.PlusHD
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\SmartWeb] =>PUP.SmartWeb
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Smarts8]
[HKCU\Software\AppDataLow\Software\WhiteSmoke_New_V6] =>PUP.WhiteSmoke
[HKCU\Software\AppDataLow\Software\free ven] =>PUP.Freeven
[HKCU\Software\AppDataLow\Software\media enhance] =>PUP.MediaPlayerEnhance
[HKCU\Software\AppDataLow\Software\winservice86] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}] =>Adware.Graftor
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\Atheros]
[HKCU\Software\Audacity]
[HKCU\Software\Avast Software]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BatBrowse] =>PUP.BatBrowse
[HKCU\Software\BcmSetup]
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Broadcom]
[HKCU\Software\Browser]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Chromium]
[HKCU\Software\CinemaPlus-3.2cV24.05-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ClkApp]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cores]
[HKCU\Software\Creative Tech]
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser
[HKCU\Software\DSP-worx]
[HKCU\Software\DSiteProducts] =>Hijacker.DSite
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DealPlyLive] =>PUP.DealPly
[HKCU\Software\DigitalPersona]
[HKCU\Software\Distromatic]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Doko-Toolbar] =>Hijacker.Doko
[HKCU\Software\Duuqu] =>PUP.Duuqu
[HKCU\Software\ELIGCHK]
[HKCU\Software\Easy Speed Check]
[HKCU\Software\FLEXnet]
[HKCU\Software\File Type Helper] =>PUP.FileTypeHelper
[HKCU\Software\GNU]
[HKCU\Software\GoHD-nv-ie] =>PUP.CrossRider
[HKCU\Software\GoHD-nv] =>PUP.CrossRider
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hawker]
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\IM Providers]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\InstalledThirdPartyPrograms]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\KalityWeb] =>Adware.WebAdSystem
[HKCU\Software\LAV]
[HKCU\Software\Licenses]
[HKCU\Software\LogMeInRescueCallingCard]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Nosibay]
[HKCU\Software\Opera Software]
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro
[HKCU\Software\PC-Doctor]
[HKCU\Software\PCPrivacyDockLanguage]
[HKCU\Software\PepperZip] =>PUP.PepperZip
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PowerPack]
[HKCU\Software\QtProject]
[HKCU\Software\RapidMediaConverterApp]
[HKCU\Software\Reg]
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard
[HKCU\Software\Samsung]
[HKCU\Software\SaveSenseLive] =>PUP.CrossRider
[HKCU\Software\SimplyTech] =>PUP.SimplyTech
[HKCU\Software\Skype]
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Software]
[HKCU\Software\Streaming Audio Recorder]
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer
[HKCU\Software\Synaptics]
[HKCU\Software\System Speedup] =>PUP.SystemSpeedup
[HKCU\Software\TNT2] =>Adware.TidyNetwork
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Tutorials] =>PUP.AgenceExclusive
[HKCU\Software\UpToDown] =>PUP.UpToDown
[HKCU\Software\UpdateFiles] =>Adware.Boxore
[HKCU\Software\Visualbee] =>Adware.VisualBeeToolbar
[HKCU\Software\Wajam] =>PUP.Wajam
[HKCU\Software\Waves Audio]
[HKCU\Software\Widcomm]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\astromenda] =>PUP.Astromenda
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\ej-technologies]
[HKCU\Software\gamesdesktop] =>Adware.GamesDesktop
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate
[HKCU\Software\kde.org]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKCU\Software\sidecom]
[HKCU\Software\systweak]
[HKCU\Software\tny_cassiopesa]
[HKCU\Software\tuto4pc] =>PUP.AgenceExclusive
[HKCU\Software\winservice86-nv-ie] =>PUP.CrossRider
[HKCU\Software\winservice86-nv] =>PUP.CrossRider
[HKLM\Software\ATI Technologies]
[HKLM\Software\Alps]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Atheros]
[HKLM\Software\Broadcom]
[HKLM\Software\BubbleSound] =>PUP.BubbleSound
[HKLM\Software\CBSTEST]
[HKLM\Software\Canon]
[HKLM\Software\Cirrus]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Creative Tech]
[HKLM\Software\Dell Computer Corporation]
[HKLM\Software\Dell]
[HKLM\Software\DigitalPersona]
[HKLM\Software\DivX]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\HQuality-v3V19.10-nv] =>PUP.CrossRider
[HKLM\Software\HaaliMkx]
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\InstalledOptions]
[HKLM\Software\InstalledThirdPartyPrograms]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\Khronos]
[HKLM\Software\LolliScan] =>Adware.Graftor
[HKLM\Software\Macromedia]
[HKLM\Software\ManageableUpdatePackage]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\ST Microelectronics]
[HKLM\Software\Softland]
[HKLM\Software\Sonic]
[HKLM\Software\Speedchecker Limited] =>PUP.InternetSpeedChecker
[HKLM\Software\Synaptics]
[HKLM\Software\UIU]
[HKLM\Software\Validity]
[HKLM\Software\WIDCOMM_TEMP]
[HKLM\Software\Waves Audio]
[HKLM\Software\WebBar] =>PUP.WebBar
[HKLM\Software\Widcomm]
[HKLM\Software\Wow6432Node\11f7643f-77e0-4a4a-a192-4b7a9e9fbf2a] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\22fbe0a4-6d53-4d01-9877-31667f148858] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]
[HKLM\Software\Wow6432Node\95b48dc0-8b8d-47f8-ab2e-5f40b4109b11] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\971bbd6c-f848-4ae2-9434-b893b6d0f4f1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AVAST Software]
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AmiExt] =>Adware.FlashEnhancer
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Atheros]
[HKLM\Software\Wow6432Node\Bench] =>PUP.GiganticSavings
[HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf
[HKLM\Software\Wow6432Node\BetterSurf Plus V1] =>PUP.BetterSurf
[HKLM\Software\Wow6432Node\BetterSurf] =>PUP.BetterSurf
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Client]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Creative Tech]
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Dell Computer Corporation]
[HKLM\Software\Wow6432Node\Dell_Wlan]
[HKLM\Software\Wow6432Node\DigitalPersona]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\DivX]
[HKLM\Software\Wow6432Node\DownloaderAssistant] =>PUP.Salus
[HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\FLEXnet]
[HKLM\Software\Wow6432Node\FastSearch]
[HKLM\Software\Wow6432Node\File Type Helper] =>PUP.FileTypeHelper
[HKLM\Software\Wow6432Node\Florian Heidenreich]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate
[HKLM\Software\Wow6432Node\GoHD-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\GoHD-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HQuality-v3V19.10-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR
[HKLM\Software\Wow6432Node\IePlugin]
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KalityWeb] =>Adware.WebAdSystem
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lame For Audacity]
[HKLM\Software\Wow6432Node\LibreOffice]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Lightspark Team]
[HKLM\Software\Wow6432Node\LogMeInRescueCallingCard]
[HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\ManageableUpdatePackage]
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\MediaPlayerV1]
[HKLM\Software\Wow6432Node\MediaPlayerV1alpha3537]
[HKLM\Software\Wow6432Node\MediaViewV1] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\MediaViewV1alpha698] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\MediaViewV1alpha7499] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\MediaWatchV1] =>PUP.MediaWatch
[HKLM\Software\Wow6432Node\MediaWatchV1home857] =>PUP.MediaWatch
[HKLM\Software\Wow6432Node\MovieDea]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OnStage]
[HKLM\Software\Wow6432Node\PicexaSvc]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Registry Helper] =>PUP.RegistryHelper
[HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\RichMediaViewV1release1055] =>PUP.MediaViewer
[HKLM\Software\Wow6432Node\ST Microelectronics]
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard
[HKLM\Software\Wow6432Node\SafeGuard] =>PUP.SafeGuard
[HKLM\Software\Wow6432Node\Salus] =>PUP.Salus
[HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\SoftThinks]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab
[HKLM\Software\Wow6432Node\SuperClick_1.10.0.16]
[HKLM\Software\Wow6432Node\SuppHelpDir]
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\TabNav] =>PUP.Abengine
[HKLM\Software\Wow6432Node\Taronja]
[HKLM\Software\Wow6432Node\The Document Foundation]
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\Universal]
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\Validity]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Visualbee] =>Adware.VisualBeeToolbar
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WhiteSmoke_New_V6] =>PUP.WhiteSmoke
[HKLM\Software\Wow6432Node\WinU]
[HKLM\Software\Wow6432Node\Winservices] =>Trojan.Inject.RRE
[HKLM\Software\Wow6432Node\WordProser_1.10.0.1] =>PUP.WordProser
[HKLM\Software\Wow6432Node\WordShark_1.10.0.19]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\Xvid Team]
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\a558af43-d482-4649-b45f-6e1c09b384c2] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\aa73fe5b-d1f7-411f-8961-8d74e4ee2c2e] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\anset]
[HKLM\Software\Wow6432Node\awesomehpSoftware] =>PUP.Awesomehp
[HKLM\Software\Wow6432Node\b56ba8d1-2bff-4555-a80e-09eae0dad631] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\c968f51d-077d-494f-a31c-82fe202a993e] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\delta-homesSoftware] =>Hijacker.DeltaHomes
[HKLM\Software\Wow6432Node\e3bdb18e-b300-43e4-991c-3eac4da6d490] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\flash-Enhancer] =>Adware.FlashEnhancer
[HKLM\Software\Wow6432Node\free ven] =>PUP.Freeven
[HKLM\Software\Wow6432Node\freefallprotection]
[HKLM\Software\Wow6432Node\hdcode]
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.Istart
[HKLM\Software\Wow6432Node\mamverifier]
[HKLM\Software\Wow6432Node\media enhance] =>PUP.MediaPlayerEnhance
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\oursurfingSoftware] =>Hijacker.OurSurfing
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu
[HKLM\Software\Wow6432Node\troll]
[HKLM\Software\Wow6432Node\winservice86-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\winservice86-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\winservice86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node]
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
~ Key Software: 574 Scanned in 00mn 05s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 07/07/2015 - 20:22:49 - [] ----D C:\Program Files (x86)\0ca45c95134d
O43 - CFD: 07/07/2015 - 20:22:35 - [] ----D C:\Program Files (x86)\34c5cc2e-af4c-4dd1-b4e3-89330a3555b0
O43 - CFD: 07/07/2015 - 20:36:45 - [] ----D C:\Program Files (x86)\7-Zip
O43 - CFD: 06/07/2015 - 01:01:37 - [] ----D C:\Program Files (x86)\7075d8f6-5e3a-44b5-9ad6-ab229e7e6b97
O43 - CFD: 07/07/2015 - 20:36:46 - [0] ----D C:\Program Files (x86)\732c5602-885d-4b9d-9083-372cdd2690b0
O43 - CFD: 20/05/2015 - 21:58:14 - [] ----D C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris
O43 - CFD: 25/05/2015 - 17:27:02 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 26/10/2013 - 22:57:44 - [0] ----D C:\Program Files (x86)\Amazon
O43 - CFD: 31/07/2014 - 00:29:23 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 24/05/2015 - 23:07:25 - [0] ----D C:\Program Files (x86)\app_setup
O43 - CFD: 20/05/2015 - 21:58:16 - [] ----D C:\Program Files (x86)\ASP
O43 - CFD: 21/05/2014 - 18:50:27 - [] ----D C:\Program Files (x86)\Audacity
O43 - CFD: 04/07/2015 - 15:42:46 - [] ----D C:\Program Files (x86)\AVG Do Not Track
O43 - CFD: 18/06/2015 - 15:10:45 - [] ----D C:\Program Files (x86)\AVG PrivacyFix
O43 - CFD: 31/07/2014 - 00:28:21 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 20/05/2015 - 21:58:17 - [] ----D C:\Program Files (x86)\Boost
O43 - CFD: 07/07/2015 - 20:22:24 - [0] ----D C:\Program Files (x86)\Casual Games
O43 - CFD: 27/05/2015 - 20:12:07 - [] ----D C:\Program Files (x86)\cefcba80-57ad-4734-bbf8-6280bb051e68
O43 - CFD: 07/07/2015 - 20:39:11 - [] ----D C:\Program Files (x86)\CinemaPlus-3.2cV28.05 =>PUP.CrossRider
O43 - CFD: 27/05/2013 - 21:45:39 - [] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 08/07/2015 - 00:42:06 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 15/05/2012 - 09:59:13 - [] ----D C:\Program Files (x86)\Creative
O43 - CFD: 24/05/2015 - 00:49:08 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 28/05/2015 - 20:41:46 - [] ----D C:\Program Files (x86)\d418cfe8-9402-4dd6-b158-1fce1db4af41
O43 - CFD: 21/05/2015 - 22:04:32 - [] ----D C:\Program Files (x86)\deaal4reala =>PUP.Deal4reaL
O43 - CFD: 05/07/2015 - 14:39:24 - [] ----D C:\Program Files (x86)\DealsFuInndeRProo =>PUP.DealsFinderPro
O43 - CFD: 05/07/2015 - 14:39:26 - [] ----D C:\Program Files (x86)\DeaolsFiNderPro =>PUP.DealsFinderPro
O43 - CFD: 04/07/2015 - 15:40:06 - [] ----D C:\Program Files (x86)\DeeaLsFinDErPro =>PUP.DealsFinderPro
O43 - CFD: 15/05/2012 - 09:58:39 - [] ----D C:\Program Files (x86)\Dell Webcam
O43 - CFD: 28/05/2013 - 12:42:13 - [] ----D C:\Program Files (x86)\Dell Wireless
O43 - CFD: 04/10/2013 - 18:04:46 - [] ----D C:\Program Files (x86)\DigitalPersona
O43 - CFD: 07/07/2015 - 19:05:29 - [] ----D C:\Program Files (x86)\DivX
O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\DSP-worx
O43 - CFD: 07/07/2015 - 20:22:36 - [] ----D C:\Program Files (x86)\Easy Speed Check
O43 - CFD: 28/05/2015 - 21:39:31 - [0] ----D C:\Program Files (x86)\Edu App
O43 - CFD: 06/07/2015 - 03:44:29 - [] ----D C:\Program Files (x86)\FastSearch
O43 - CFD: 04/11/2013 - 22:20:21 - [] ----D C:\Program Files (x86)\ffdshow
O43 - CFD: 20/12/2013 - 22:18:32 - [] ----D C:\Program Files (x86)\Freeplane
O43 - CFD: 24/05/2015 - 23:39:25 - [] ----D C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 07/07/2015 - 20:43:11 - [] ----D C:\Program Files (x86)\gmsd_fr_002020023 =>PUP.CrossRider
O43 - CFD: 07/07/2015 - 20:43:12 - [0] ----D C:\Program Files (x86)\gmsd_fr_005010016 =>PUP.CrossRider
O43 - CFD: 07/07/2015 - 20:43:16 - [] ----D C:\Program Files (x86)\GoHD =>PUP.CrossRider
O43 - CFD: 03/10/2013 - 20:08:50 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 05/07/2015 - 14:39:23 - [] ----D C:\Program Files (x86)\greattsAVieng =>PUP.GreatSaving
O43 - CFD: 04/07/2015 - 19:28:00 - [] ----D C:\Program Files (x86)\GUMD29E.tmp
O43 - CFD: 07/07/2015 - 23:43:55 - [] ----D C:\Program Files (x86)\GUPlayer
O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\Haali
O43 - CFD: 07/07/2015 - 20:22:34 - [0] ----D C:\Program Files (x86)\Hades
O43 - CFD: 07/07/2015 - 20:22:48 - [] ----D C:\Program Files (x86)\Hawker
O43 - CFD: 06/07/2015 - 02:18:36 - [0] ----D C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches
O43 - CFD: 07/07/2015 - 20:41:29 - [] ----D C:\Program Files (x86)\HQuality-v3V19.10 =>PUP.CrossRider
O43 - CFD: 06/07/2015 - 00:49:49 - [] ----D C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut
O43 - CFD: 04/03/2014 - 22:56:19 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 13/09/2012 - 15:40:25 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 05/07/2015 - 12:53:13 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 06/07/2015 - 02:56:25 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 05/07/2015 - 14:21:45 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 04/11/2013 - 22:20:13 - [] ----D C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 06/05/2013 - 23:21:36 - [] ----D C:\Program Files (x86)\LibreOffice 4.0
O43 - CFD: 28/05/2012 - 12:52:20 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 19/05/2015 - 01:58:47 - [] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 19/05/2015 - 02:28:25 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 18/12/2013 - 18:15:56 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 15/05/2012 - 10:23:53 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/02/2012 - 12:49:28 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 19/05/2015 - 19:29:27 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 26/10/2013 - 23:28:38 - [] ----D C:\Program Files (x86)\Mp3tag
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 30/03/2015 - 21:37:34 - [] ----D C:\Program Files (x86)\MTG Finder
O43 - CFD: 21/05/2015 - 21:25:55 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 07/07/2015 - 20:22:20 - [] ----D C:\Program Files (x86)\NewPlayer =>Adware.NewPlayer
O43 - CFD: 05/07/2015 - 22:19:20 - [] ----D C:\Program Files (x86)\On Stage
O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\OpenSource Flash Video Splitter
O43 - CFD: 28/06/2015 - 15:29:12 - [0] ----D C:\Program Files (x86)\Opera
O43 - CFD: 24/07/2014 - 23:00:22 - [] ----D C:\Program Files (x86)\Pass-Widget =>PUP.PassWidget
O43 - CFD: 07/07/2015 - 20:23:34 - [] ----D C:\Program Files (x86)\PCP
O43 - CFD: 17/10/2013 - 20:36:02 - [] ----D C:\Program Files (x86)\PhotoFiltre
O43 - CFD: 21/05/2015 - 22:06:04 - [] ----D C:\Program Files (x86)\Picasa Instant Upload Move Enabler
O43 - CFD: 24/05/2015 - 22:06:53 - [] ----D C:\Program Files (x86)\Picexa
O43 - CFD: 24/05/2015 - 21:32:10 - [0] ----D C:\Program Files (x86)\predm =>Adware.Downware
O43 - CFD: 07/07/2015 - 20:38:40 - [] ----D C:\Program Files (x86)\PremierOpinion =>Adware.PremierOpinion
O43 - CFD: 21/06/2014 - 22:28:09 - [] ----D C:\Program Files (x86)\Premium Software =>Trojan.Tivmonk
O43 - CFD: 07/07/2015 - 20:23:13 - [] ----D C:\Program Files (x86)\PriceDowineloader =>PUP.PriceDownloader
O43 - CFD: 07/07/2015 - 20:23:14 - [] ----D C:\Program Files (x86)\PriCeDoWnloADer =>PUP.PriceDownloader
O43 - CFD: 24/05/2015 - 23:07:40 - [0] ----D C:\Program Files (x86)\Priceless =>PUP.PriceLess
O43 - CFD: 05/07/2015 - 22:10:55 - [0] ----D C:\Program Files (x86)\Probit Software =>PUP.ProbitSoftware
O43 - CFD: 05/07/2015 - 14:38:15 - [] ----D C:\Program Files (x86)\PrriCeDownaloaderr =>PUP.PriceDownloader
O43 - CFD: 04/03/2014 - 22:56:19 - [0] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 23/12/2013 - 13:04:17 - [] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 05/07/2015 - 03:44:46 - [] ----D C:\Program Files (x86)\SaoftoCeoup =>PUP.RandomName
O43 - CFD: 05/07/2015 - 03:44:43 - [] ----D C:\Program Files (x86)\savInshop =>PUP.SavinShop
O43 - CFD: 05/07/2015 - 14:39:26 - [] ----D C:\Program Files (x86)\sHoepndrop =>PUP.ShopDrop
O43 - CFD: 08/07/2015 - 00:42:06 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 07/07/2015 - 20:37:05 - [] ----D C:\Program Files (x86)\Smarts8
O43 - CFD: 07/07/2015 - 20:22:42 - [] ----D C:\Program Files (x86)\Smwyyntm1ndi1zdz
O43 - CFD: 18/06/2015 - 15:09:42 - [] ----D C:\Program Files (x86)\SofftCuoup =>PUP.RandomName
O43 - CFD: 05/07/2015 - 03:44:39 - [] ----D C:\Program Files (x86)\SoftCoupe =>PUP.RandomName
O43 - CFD: 07/10/2013 - 20:32:34 - [] ----D C:\Program Files (x86)\Software
O43 - CFD: 24/05/2015 - 13:14:24 - [] ----D C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser
O43 - CFD: 22/10/2013 - 00:20:52 - [] ----D C:\Program Files (x86)\Spotydl
O43 - CFD: 24/09/2012 - 08:39:13 - [] ----D C:\Program Files (x86)\ST Microelectronics
O43 - CFD: 15/05/2012 - 10:09:29 - [] ----D C:\Program Files (x86)\STMicroelectronics
O43 - CFD: 06/07/2015 - 00:38:05 - [] ----D C:\Program Files (x86)\Streak for Gmail
O43 - CFD: 07/07/2015 - 20:22:36 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab
O43 - CFD: 06/07/2015 - 02:18:44 - [0] ----D C:\Program Files (x86)\TerminusStable
O43 - CFD: 15/05/2012 - 10:10:20 - [] ----D C:\Program Files (x86)\Texas Instruments Inc
O43 - CFD: 04/07/2015 - 18:44:50 - [] ----D C:\Program Files (x86)\Tny_Cassiopesa
O43 - CFD: 06/07/2015 - 02:18:46 - [0] ----D C:\Program Files (x86)\TrimModule
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 28/05/2012 - 12:40:00 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 20/05/2015 - 21:58:39 - [] ----D C:\Program Files (x86)\WebAdSystem =>Adware.WebAdSystem
O43 - CFD: 24/05/2015 - 23:57:27 - [] ----D C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch
O43 - CFD: 05/10/2013 - 13:01:40 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 18/12/2013 - 18:18:29 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 05/07/2015 - 12:53:26 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 07/07/2015 - 20:39:05 - [0] ----D C:\Program Files (x86)\winservice86 =>PUP.CrossRider
O43 - CFD: 20/05/2015 - 21:58:41 - [] ----D C:\Program Files (x86)\WordProser_1.10.0.1 =>PUP.WordProser
O43 - CFD: 04/11/2013 - 22:21:06 - [] ----D C:\Program Files (x86)\Xvid
O43 - CFD: 08/07/2015 - 13:26:39 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 08/07/2015 - 12:46:58 - [] ----D C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8
O43 - CFD: 25/05/2015 - 17:27:04 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 17/02/2015 - 02:35:57 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 28/05/2013 - 12:37:12 - [] ----D C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 22/06/2014 - 00:10:40 - [] ----D C:\Program Files (x86)\Common Files\Config
O43 - CFD: 07/07/2015 - 19:04:04 - [] ----D C:\Program Files (x86)\Common Files\DivX Shared
O43 - CFD: 21/10/2013 - 23:10:49 - [] ----D C:\Program Files (x86)\Common Files\i4j_jres
O43 - CFD: 04/10/2013 - 18:04:59 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 13/09/2012 - 15:26:52 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 13/09/2012 - 15:23:20 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 05/07/2015 - 14:20:19 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 18/12/2013 - 18:17:58 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 15/05/2012 - 10:02:35 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 26/05/2012 - 03:49:06 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 15/05/2012 - 10:22:26 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 24/05/2015 - 03:59:37 - [] ----D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
O43 - CFD: 18/06/2015 - 14:33:37 - [0] ----D C:\ProgramData\2678128400004297
O43 - CFD: 08/07/2015 - 12:45:32 - [] ----D C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8
O43 - CFD: 17/02/2015 - 02:35:57 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 01/03/2015 - 20:35:53 - [0] ----D C:\ProgramData\374311380
O43 - CFD: 06/07/2015 - 00:38:33 - [] ----D C:\ProgramData\5551195122105854317
O43 - CFD: 06/07/2015 - 02:04:51 - [0] ----D C:\ProgramData\6c54da2e97bd4bf69fea341a446a9746
O43 - CFD: 24/05/2015 - 21:30:13 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 14/05/2014 - 20:37:33 - [] ----D C:\ProgramData\Activeris =>PUP.Activeris
O43 - CFD: 25/05/2015 - 17:26:35 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 31/07/2014 - 00:29:08 - [] ----D C:\ProgramData\Apple
O43 - CFD: 31/07/2014 - 00:31:48 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 23/01/2014 - 16:07:56 - [] ----D C:\ProgramData\Atheros
O43 - CFD: 07/12/2014 - 17:05:06 - [] ----D C:\ProgramData\atjs
O43 - CFD: 24/05/2015 - 00:53:37 - [] ----D C:\ProgramData\Atubonop
O43 - CFD: 06/07/2015 - 00:57:20 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 03/10/2013 - 19:58:55 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 24/05/2015 - 13:09:53 - [] ----D C:\ProgramData\Browser
O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 17/10/2013 - 18:23:34 - [] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 22/01/2014 - 15:59:31 - [0] ----D C:\ProgramData\Conduit
O43 - CFD: 15/05/2012 - 10:07:47 - [] ----D C:\ProgramData\Conexant
O43 - CFD: 13/09/2012 - 15:31:39 - [] ----D C:\ProgramData\Creative
O43 - CFD: 06/07/2015 - 02:04:49 - [0] ----D C:\ProgramData\dc9def169e834b19aff83090e5e3337a
O43 - CFD: 27/05/2013 - 21:41:03 - [] ----D C:\ProgramData\Dell
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 07/07/2015 - 19:05:35 - [] ----D C:\ProgramData\DivX
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 15/05/2012 - 10:25:32 - [] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 06/07/2015 - 02:55:17 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 25/05/2015 - 15:17:31 - [] ----D C:\ProgramData\FlashBeat =>PUP.FlashBeat
O43 - CFD: 15/05/2012 - 10:25:39 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 06/07/2015 - 02:18:53 - [] ----D C:\ProgramData\IePluginService =>PUP.IePluginService
O43 - CFD: 07/07/2015 - 20:23:15 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService
O43 - CFD: 16/02/2015 - 23:51:42 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR
O43 - CFD: 13/09/2012 - 15:07:37 - [] ----D C:\ProgramData\Intel
O43 - CFD: 24/05/2015 - 23:15:14 - [] ----D C:\ProgramData\LolliScan =>Adware.Graftor
O43 - CFD: 15/05/2012 - 10:25:46 - [] ----D C:\ProgramData\Macrovision
O43 - CFD: 21/01/2014 - 20:53:09 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 17/05/2015 - 13:59:35 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 18/12/2013 - 18:15:31 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 06/07/2015 - 22:09:05 - [] ----D C:\ProgramData\MovieDeaConfig
O43 - CFD: 28/05/2012 - 11:01:33 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 07/07/2015 - 20:22:43 - [0] ----D C:\ProgramData\NavRight
O43 - CFD: 05/07/2015 - 14:23:30 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 25/05/2015 - 00:05:48 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 11/06/2013 - 16:20:04 - [] ----D C:\ProgramData\PCDr
O43 - CFD: 18/06/2015 - 14:35:14 - [] ----D C:\ProgramData\Radio
O43 - CFD: 05/07/2015 - 20:22:49 - [] ----D C:\ProgramData\Registry Helper =>PUP.RegistryHelper
O43 - CFD: 15/05/2012 - 10:15:17 - [] ----D C:\ProgramData\Roaming
O43 - CFD: 15/03/2014 - 18:30:42 - [] ----D C:\ProgramData\SaveSenseLive =>PUP.CrossRider
O43 - CFD: 08/07/2015 - 00:41:47 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 07/10/2013 - 21:36:16 - [] ----D C:\ProgramData\Sun
O43 - CFD: 24/03/2015 - 22:42:42 - [] ----D C:\ProgramData\Systweak
O43 - CFD: 14/05/2014 - 20:57:25 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 07/07/2015 - 20:22:52 - [] ----D C:\ProgramData\TicTaCoupon =>PUP.TicTaCoupon
O43 - CFD: 15/05/2012 - 10:14:20 - [0] ----D C:\ProgramData\Validity
O43 - CFD: 06/07/2015 - 02:18:55 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 20/05/2015 - 21:54:57 - [] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 24/05/2015 - 13:32:43 - [] ----D C:\ProgramData\{051ab5be-a844-fc94-051a-ab5bea84d6fa}
O43 - CFD: 06/07/2015 - 03:42:20 - [] ----D C:\ProgramData\{255b74b1-d838-6576-255b-b74b1d83d2c7}
O43 - CFD: 25/05/2015 - 00:39:51 - [] ----D C:\ProgramData\{2a91148f-35ec-ea01-2a91-1148f35e523c}
O43 - CFD: 25/05/2015 - 16:54:33 - [] ----D C:\ProgramData\{34e38cd9-f067-60c3-34e3-38cd9f063367}
O43 - CFD: 24/05/2015 - 14:38:13 - [] ----D C:\ProgramData\{74a1a381-e0b6-0848-74a1-1a381e0b8e07}
O43 - CFD: 20/05/2015 - 23:00:39 - [] ----D C:\ProgramData\{841d1f74-d1cd-67d1-841d-d1f74d1c7dd3}
O43 - CFD: 20/05/2015 - 23:03:00 - [] ----D C:\ProgramData\{8f4535e5-876b-d544-8f45-535e5876d796}
O43 - CFD: 25/05/2015 - 15:06:05 - [] ----D C:\ProgramData\{b6a04965-3967-fcf6-b6a0-049653962594}
O43 - CFD: 04/07/2015 - 18:44:43 - [] ----D C:\ProgramData\{C03F28FC-90BD-F97A-213B-89F8F1B95A76}
O43 - CFD: 05/07/2015 - 00:34:52 - [] ----D C:\ProgramData\{c728c226-cf1c-0642-c728-8c226cf1089b}
O43 - CFD: 25/05/2015 - 15:59:31 - [] ----D C:\ProgramData\{cf4dd275-99dc-2f9d-cf4d-dd27599d49d6}
O43 - CFD: 24/05/2015 - 22:58:27 - [] ----D C:\ProgramData\{da47987d-9949-073b-da47-7987d99461f6}
O43 - CFD: 24/05/2015 - 00:30:32 - [] ----D C:\ProgramData\{dd2265a0-1232-d470-dd22-265a01239680}
O43 - CFD: 07/07/2015 - 19:06:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 03/10/2013 - 19:02:10 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14/05/2014 - 20:37:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware =>PUP.Activeris
O43 - CFD: 24/03/2015 - 22:42:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 07/07/2015 - 18:02:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 03/10/2013 - 19:53:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 24/05/2015 - 00:49:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 07/07/2015 - 19:05:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
O43 - CFD: 01/11/2014 - 02:03:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer =>PUP.FastPlayer
O43 - CFD: 04/11/2013 - 22:20:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
O43 - CFD: 14/06/2014 - 15:15:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro
O43 - CFD: 20/12/2013 - 22:18:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeplane
O43 - CFD: 04/11/2013 - 22:20:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 24/05/2015 - 23:05:01 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hawker
O43 - CFD: 06/07/2015 - 03:01:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 05/07/2015 - 14:17:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 29/01/2014 - 21:11:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git
O43 - CFD: 24/05/2015 - 19:29:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Bureautique & Internet
O43 - CFD: 06/06/2012 - 08:37:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Outils Divers
O43 - CFD: 26/09/2012 - 07:19:44 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Outils Système
O43 - CFD: 18/05/2015 - 20:23:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 26/10/2013 - 23:28:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
O43 - CFD: 22/10/2014 - 14:51:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer =>Adware.NewPlayer
O43 - CFD: 14/05/2014 - 20:36:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max =>PUP.OptimizerEliteMax
O43 - CFD: 01/11/2014 - 02:00:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip =>PUP.PepperZip
O43 - CFD: 17/10/2013 - 20:36:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
O43 - CFD: 07/07/2015 - 02:40:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion =>Adware.PremierOpinion
O43 - CFD: 14/06/2014 - 15:12:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Software =>Trojan.Tivmonk
O43 - CFD: 24/05/2015 - 19:29:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong
O43 - CFD: 26/05/2015 - 16:38:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeGuard =>PUP.SafeGuard
O43 - CFD: 22/10/2013 - 00:20:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl
O43 - CFD: 07/10/2013 - 21:32:19 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/11/2014 - 02:00:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer
O43 - CFD: 14/06/2014 - 14:53:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup
O43 - CFD: 06/07/2015 - 02:36:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 24/05/2015 - 23:57:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch
O43 - CFD: 18/12/2013 - 18:20:08 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 04/11/2013 - 22:20:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
O43 - CFD: 08/07/2015 - 13:26:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 07/12/2014 - 17:05:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\3toU3mm
O43 - CFD: 07/07/2015 - 22:42:33 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931
O43 - CFD: 25/05/2015 - 15:58:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432562322-3110-8046-B2C04F315931
O43 - CFD: 07/07/2015 - 22:42:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7cI7WeQ
O43 - CFD: 01/03/2015 - 21:22:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7fHYHTq
O43 - CFD: 01/03/2015 - 20:47:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7L9GUhc
O43 - CFD: 07/07/2015 - 22:42:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\9hFs6LG
O43 - CFD: 20/05/2015 - 21:58:39 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Activeris =>PUP.Activeris
O43 - CFD: 04/10/2013 - 17:59:14 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Adobe
O43 - CFD: 24/05/2015 - 23:55:43 - [] -SH-D D:\Utilisateurs\célia\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 21/10/2013 - 22:12:32 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Apowersoft
O43 - CFD: 06/07/2015 - 03:08:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Apple Computer
O43 - CFD: 21/01/2015 - 19:43:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ASP
O43 - CFD: 31/07/2014 - 00:16:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Astromenda =>PUP.Astromenda
O43 - CFD: 24/09/2012 - 07:22:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Atheros
O43 - CFD: 21/05/2014 - 18:54:46 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Audacity
O43 - CFD: 06/07/2015 - 02:07:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\AVAST Software
O43 - CFD: 17/12/2014 - 20:23:18 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\BBdX5AJ
O43 - CFD: 07/07/2015 - 22:52:48 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\BlptK9X
O43 - CFD: 07/07/2015 - 22:52:49 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\C94WpYy
O43 - CFD: 29/01/2015 - 22:10:06 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\c9w3S7v
O43 - CFD: 08/07/2015 - 13:21:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 04/11/2013 - 22:20:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\CDXReader
O43 - CFD: 21/01/2015 - 20:45:32 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\CeRbeVX
O43 - CFD: 01/08/2012 - 10:57:24 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Creative
O43 - CFD: 07/10/2013 - 20:35:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Dealply =>PUP.DealPly
O43 - CFD: 28/09/2012 - 10:34:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Dell
O43 - CFD: 04/10/2013 - 18:13:29 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\DigitalPersona
O43 - CFD: 27/12/2013 - 18:51:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\DivX
O43 - CFD: 05/07/2015 - 20:28:12 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp
O43 - CFD: 28/05/2015 - 20:49:00 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Easy Speed PC
O43 - CFD: 04/10/2013 - 18:04:48 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\FLEXnet
O43 - CFD: 07/07/2015 - 22:52:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\fNyKNDV
O43 - CFD: 02/11/2013 - 15:27:22 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Freeplane
O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\fXA7ZWu
O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\g3dLhln
O43 - CFD: 26/10/2013 - 22:25:42 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Groovedown_Uninstall
O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\gVH9NQO
O43 - CFD: 07/07/2015 - 19:31:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\hljorppg
O43 - CFD: 07/07/2015 - 22:52:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Hztc0st
O43 - CFD: 01/08/2012 - 10:56:51 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Identities
O43 - CFD: 13/09/2012 - 15:06:43 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\InstallShield
O43 - CFD: 13/09/2012 - 14:39:29 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Intel
O43 - CFD: 01/08/2012 - 10:57:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Intel Corporation
O43 - CFD: 18/02/2015 - 22:00:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Intelli-studio
O43 - CFD: 06/07/2015 - 00:26:28 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ironsource
O43 - CFD: 07/07/2015 - 22:53:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\IVYw8x1
O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jhhkt4s
O43 - CFD: 07/07/2015 - 01:05:12 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jkzhqxzt
O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\JWqfJOL
O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jXJptzM
O43 - CFD: 07/07/2015 - 22:53:09 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\k12SmyQ
O43 - CFD: 07/07/2015 - 01:06:21 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy
O43 - CFD: 04/11/2013 - 22:20:09 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\LavFilters
O43 - CFD: 03/10/2013 - 19:49:29 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\LibreOffice
O43 - CFD: 17/12/2014 - 22:40:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\m0Wb767
O43 - CFD: 01/08/2012 - 11:02:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Macromedia
O43 - CFD: 04/10/2013 - 18:04:52 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Macrovision
O43 - CFD: 21/01/2014 - 20:54:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Malwarebytes
O43 - CFD: 07/07/2015 - 22:51:58 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\MbQHHQA
O43 - CFD: 15/05/2012 - 12:46:37 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Media Center Programs
O43 - CFD: 21/10/2013 - 22:29:03 - [] -S--D D:\Utilisateurs\célia\AppData\Roaming\Microsoft
O43 - CFD: 01/08/2012 - 10:59:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Mozilla
O43 - CFD: 25/10/2014 - 01:20:31 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Mp3tag
O43 - CFD: 14/03/2014 - 03:32:50 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 08/10/2013 - 19:11:46 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Nosibay =>PUP.BubbleDock
O43 - CFD: 07/07/2015 - 22:52:33 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ofDcp0Q
O43 - CFD: 25/05/2015 - 16:13:41 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\oursurfing =>Hijacker.OurSurfing
O43 - CFD: 24/05/2015 - 23:46:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PC Privacy Dock
O43 - CFD: 28/09/2012 - 10:34:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PCDr
O43 - CFD: 17/10/2013 - 20:49:43 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PhotoFiltre
O43 - CFD: 07/07/2015 - 22:52:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PqRZsZS
O43 - CFD: 24/05/2015 - 20:06:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Pro PC Cleaner =>PUP.DoctorPC
O43 - CFD: 07/07/2015 - 22:52:38 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PwCNQaH
O43 - CFD: 13/09/2012 - 15:31:39 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Reallusion
O43 - CFD: 07/07/2015 - 22:52:38 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\rhvkZW0
O43 - CFD: 08/07/2015 - 00:41:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Skype
O43 - CFD: 11/06/2013 - 16:16:42 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Softland
O43 - CFD: 07/07/2015 - 16:40:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Spotify
O43 - CFD: 22/10/2013 - 02:42:30 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Spotydl
O43 - CFD: 13/06/2014 - 20:14:27 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 24/05/2015 - 22:58:46 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\sursenel
O43 - CFD: 06/07/2015 - 01:01:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Systweak
O43 - CFD: 04/07/2015 - 18:44:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Tny_cassiopesa
O43 - CFD: 07/07/2015 - 22:53:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\tY32mRt
O43 - CFD: 07/07/2015 - 22:53:03 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vj42M4Q
O43 - CFD: 24/05/2015 - 03:17:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vlc
O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vY4Gjsm
O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\wEh9ste
O43 - CFD: 31/01/2014 - 19:40:46 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Windows Live Writer
O43 - CFD: 06/07/2015 - 00:26:28 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\winservices =>Trojan.Inject.RRE
O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\WUlPkfL
O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\xD5vMQi
O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\xZFgArf
O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\YcSrbDb
O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\YfOoDrC
O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\yMRVGuQ
O43 - CFD: 21/01/2015 - 22:19:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ysLWf5C
O43 - CFD: 08/07/2015 - 13:32:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 17/05/2015 - 14:36:35 - [0] ----D D:\Utilisateurs\célia\AppData\Local\10004
O43 - CFD: 06/07/2015 - 02:18:56 - [] ----D D:\Utilisateurs\célia\AppData\Local\1387
O43 - CFD: 07/07/2015 - 22:22:55 - [] ----D D:\Utilisateurs\célia\AppData\Local\4C4C4544-1432508804-3110-8046-B2C04F315931
O43 - CFD: 28/06/2015 - 15:43:24 - [] ----D D:\Utilisateurs\célia\AppData\Local\A8C4B549-794-4D30-9811-97B4B6BD746C
O43 - CFD: 04/10/2013 - 17:59:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\Adobe
O43 - CFD: 26/05/2015 - 16:39:45 - [] ----D D:\Utilisateurs\célia\AppData\Local\Alerts_LLC =>PUP.AlertsLLC
O43 - CFD: 31/07/2014 - 00:29:36 - [] ----D D:\Utilisateurs\célia\AppData\Local\Apple
O43 - CFD: 31/07/2014 - 00:34:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\Apple Computer
O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Application Data
O43 - CFD: 25/05/2015 - 15:16:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\Astromenda =>PUP.Astromenda
O43 - CFD: 03/10/2013 - 20:48:24 - [] ----D D:\Utilisateurs\célia\AppData\Local\avgchrome
O43 - CFD: 24/09/2012 - 07:25:56 - [] ----D D:\Utilisateurs\célia\AppData\Local\BMExplorer
O43 - CFD: 04/11/2013 - 22:20:52 - [] ----D D:\Utilisateurs\célia\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 19/01/2013 - 09:42:11 - [] ----D D:\Utilisateurs\célia\AppData\Local\Broadcom
O43 - CFD: 29/01/2014 - 21:12:22 - [0] ----D D:\Utilisateurs\célia\AppData\Local\cache
O43 - CFD: 04/07/2015 - 18:49:27 - [] ----D D:\Utilisateurs\célia\AppData\Local\Chromium
O43 - CFD: 14/05/2014 - 20:57:53 - [] ----D D:\Utilisateurs\célia\AppData\Local\com
O43 - CFD: 29/01/2014 - 21:05:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\Conduit
O43 - CFD: 01/08/2012 - 10:57:33 - [] ----D D:\Utilisateurs\célia\AppData\Local\Conexant
O43 - CFD: 07/07/2015 - 18:02:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\CrashDumps
O43 - CFD: 07/10/2013 - 21:40:10 - [] ----D D:\Utilisateurs\célia\AppData\Local\CRE
O43 - CFD: 24/05/2015 - 00:50:06 - [] ----D D:\Utilisateurs\célia\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 07/10/2013 - 20:35:13 - [] ----D D:\Utilisateurs\célia\AppData\Local\DealPlyLive =>PUP.DealPly
O43 - CFD: 24/03/2015 - 22:53:42 - [] ----D D:\Utilisateurs\célia\AppData\Local\Diagnostics
O43 - CFD: 04/10/2013 - 18:13:29 - [] ----D D:\Utilisateurs\célia\AppData\Local\DigitalPersona
O43 - CFD: 13/09/2012 - 15:22:22 - [] ----D D:\Utilisateurs\célia\AppData\Local\Downloaded Installations
O43 - CFD: 07/10/2013 - 21:40:25 - [] ----D D:\Utilisateurs\célia\AppData\Local\Duuqu =>PUP.Duuqu
O43 - CFD: 24/03/2015 - 22:54:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\ElevatedDiagnostics
O43 - CFD: 07/10/2013 - 21:38:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\emaze
O43 - CFD: 05/07/2015 - 14:00:35 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieBrowserModeList
O43 - CFD: 05/07/2015 - 14:00:26 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieSiteList
O43 - CFD: 05/07/2015 - 14:00:32 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieUserList
O43 - CFD: 29/01/2014 - 21:09:47 - [0] ----D D:\Utilisateurs\célia\AppData\Local\genienext =>PUP.NextLive
O43 - CFD: 14/05/2014 - 20:36:17 - [] ----D D:\Utilisateurs\célia\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 07/07/2015 - 20:12:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_002020023 =>PUP.CrossRider
O43 - CFD: 28/06/2015 - 15:17:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010016 =>PUP.CrossRider
O43 - CFD: 07/07/2015 - 19:51:28 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010022 =>PUP.CrossRider
O43 - CFD: 03/10/2013 - 20:13:58 - [] ----D D:\Utilisateurs\célia\AppData\Local\Google
O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Historique
O43 - CFD: 22/10/2013 - 00:34:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\JDownloader 2.0
O43 - CFD: 29/01/2014 - 21:08:41 - [] ----D D:\Utilisateurs\célia\AppData\Local\KalityWeb =>Adware.WebAdSystem
O43 - CFD: 26/09/2012 - 07:14:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\Macromedia
O43 - CFD: 06/07/2015 - 22:28:29 - [] ----D D:\Utilisateurs\célia\AppData\Local\Microsoft
O43 - CFD: 04/03/2014 - 23:04:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\Mobogenie =>PUP.Mobogenie
O43 - CFD: 05/10/2013 - 13:07:32 - [] ----D D:\Utilisateurs\célia\AppData\Local\Mozilla
O43 - CFD: 01/11/2014 - 01:59:18 - [] ----D D:\Utilisateurs\célia\AppData\Local\MySearchs =>Adware.MyWebSearch
O43 - CFD: 14/05/2014 - 20:39:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\newplayer =>Adware.NewPlayer
O43 - CFD: 12/06/2014 - 10:05:21 - [] ----D D:\Utilisateurs\célia\AppData\Local\Packages
O43 - CFD: 24/05/2015 - 23:07:17 - [] ----D D:\Utilisateurs\célia\AppData\Local\PC_Privacy_Dock
O43 - CFD: 07/10/2013 - 20:32:34 - [] ----D D:\Utilisateurs\célia\AppData\Local\Programs
O43 - CFD: 27/05/2015 - 13:58:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\SafeGuard =>PUP.SafeGuard
O43 - CFD: 15/03/2014 - 18:30:42 - [] ----D D:\Utilisateurs\célia\AppData\Local\SaveSenseLive =>PUP.CrossRider
O43 - CFD: 14/06/2014 - 14:51:34 - [] ----D D:\Utilisateurs\célia\AppData\Local\SearchProtect =>PUP.SearchProtect
O43 - CFD: 04/07/2015 - 18:41:22 - [] ----D D:\Utilisateurs\célia\AppData\Local\Setup12209574
O43 - CFD: 19/05/2015 - 22:33:04 - [] ----D D:\Utilisateurs\célia\AppData\Local\Skype
O43 - CFD: 07/10/2013 - 20:37:31 - [] ----D D:\Utilisateurs\célia\AppData\Local\Smartbar =>Hijacker.SmartBar
O43 - CFD: 07/07/2015 - 22:32:43 - [] ----D D:\Utilisateurs\célia\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 08/10/2013 - 19:08:16 - [] ----D D:\Utilisateurs\célia\AppData\Local\SoftThinks
O43 - CFD: 24/05/2015 - 13:22:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\speed browser =>PUP.SpeedBrowser
O43 - CFD: 07/07/2015 - 14:55:51 - [] ----D D:\Utilisateurs\célia\AppData\Local\Spotify
O43 - CFD: 29/01/2014 - 21:04:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\SwvUpdater =>PUP.Software.Updater
O43 - CFD: 08/07/2015 - 13:32:51 - [] ----D D:\Utilisateurs\célia\AppData\Local\Temp
O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Temporary Internet Files
O43 - CFD: 24/05/2015 - 19:32:37 - [] ----D D:\Utilisateurs\célia\AppData\Local\WebBar =>PUP.WebBar
O43 - CFD: 24/05/2015 - 23:57:55 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch
O43 - CFD: 24/05/2015 - 01:25:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windows Live
O43 - CFD: 31/01/2014 - 19:41:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windows Live Writer
O43 - CFD: 07/07/2015 - 23:29:57 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 08/07/2015 - 12:40:12 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
O43 - CFD: 07/07/2015 - 23:29:57 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 429 Scanned in 00mn 08s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A29BAFC1543F9D2234AFFFEA9BCE76C8] - 04/07/2015 - 15:31:35 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [24917504]
O44 - LFC:[MD5.06A8CE6C3AE6B7916F026B0EFDDCAAA5] - 04/07/2015 - 15:31:43 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [199680]
O44 - LFC:[MD5.2BC2D3A41BB755487FD55C09938F00BC] - 04/07/2015 - 15:31:44 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [417792]
O44 - LFC:[MD5.16091938F6CDBCCCBA1CBE24600121BC] - 04/07/2015 - 15:31:44 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [88064]
O44 - LFC:[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - 04/07/2015 - 15:31:45 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2426880]
O44 - LFC:[MD5.CFA52E2FE8E623042A1EEF96EB1B9481] - 04/07/2015 - 15:31:46 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [6026240]
O44 - LFC:[MD5.3854BFE1C0F14872C94501421CC40813] - 04/07/2015 - 15:31:46 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [814080]
O44 - LFC:[MD5.4A5A84B457C72E79A64AE4036EC6BB0E] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1359360]
O44 - LFC:[MD5.83781DF625A4448B39410D7FA2BDC48D] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [816640]
O44 - LFC:[MD5.ACD6FE6C82B93813F023FC01A51CB940] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160]
O44 - LFC:[MD5.AE5A2843B4A2E1E558B9EE13EF62CCE5] - 04/07/2015 - 15:31:48 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [14404096]
O44 - LFC:[MD5.35622F5A652C4E16774234DCA0026E74] - 04/07/2015 - 15:31:49 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [633856]
O44 - LFC:[MD5.AFF5C12099B87FA645F8867701729894] - 04/07/2015 - 15:31:51 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [54784]
O44 - LFC:[MD5.0EDA3219FA027A486AA11269355AB279] - 04/07/2015 - 15:31:51 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [144384]
O44 - LFC:[MD5.33B5F1A727FACDEA7CDA0E35FFAADDCF] - 04/07/2015 - 15:31:52 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [584192]
O44 - LFC:[MD5.FF84182188CA8F0DC28CFED06C9B7816] - 04/07/2015 - 15:31:53 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2125824]
O44 - LFC:[MD5.6E295C7364DAEB151CC0E98434B6AC92] - 04/07/2015 - 15:31:53 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2885632]
O44 - LFC:[MD5.7F8F9AE03D1BA4354671E05F07A40F1A] - 04/07/2015 - 15:31:54 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768]
O44 - LFC:[MD5.5F8EE9311ECF078CD9426874FFAD660C] - 04/07/2015 - 15:31:55 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [66560]
O44 - LFC:[MD5.083BCA14FCE290D682D8DAC9372CBF23] - 04/07/2015 - 15:31:56 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [801280]
O44 - LFC:[MD5.57DFACB53ED16190EF732E2430B39741] - 04/07/2015 - 15:31:57 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [968704]
O44 - LFC:[MD5.36F3718E67F442F54AB4A39DCDD8FD19] - 04/07/2015 - 15:31:58 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096]
O44 - LFC:[MD5.6ABFC5736EC920C4436F32111F5CBCEE] - 04/07/2015 - 15:31:59 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1545728]
O44 - LFC:[MD5.D202078FBA3A77B85D39669EE4110DE2] - 04/07/2015 - 15:31:59 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [389840]
O44 - LFC:[MD5.3C3E159F284F51D55DB59C3D0B843979] - 04/07/2015 - 15:32:00 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864]
O44 - LFC:[MD5.4BD747AAF01C480901B3E777EC48826B] - 04/07/2015 - 15:32:02 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [77824]
O44 - LFC:[MD5.9E2B8C0601E3D460F78F0233B509CE4F] - 04/07/2015 - 15:32:03 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [34304]
O44 - LFC:[MD5.70D24021ED327CE7FFA9DEE327BB4C6B] - 04/07/2015 - 15:32:04 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [720384]
O44 - LFC:[MD5.9DB8E01D5A546FAFCACE95489E351186] - 04/07/2015 - 15:32:05 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640]
O44 - LFC:[MD5.73509D13542A90E260F45D1D6D4100A8] - 04/07/2015 - 15:32:06 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [114688]
O44 - LFC:[MD5.36E0DDD19038C92B7C7709BFA03F813F] - 04/07/2015 - 15:32:19 ---A- . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\Drivers\stream.sys [69888]
O44 - LFC:[MD5.8A4EB32C7C948F70EAC6F85063596A39] - 04/07/2015 - 15:45:19 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\UtcResources.dll [36864]
O44 - LFC:[MD5.837BBE4170D5A75F293BD6F294A8FE34] - 04/07/2015 - 15:45:19 ---A- . (.Microsoft Corporation - Nom d’audit des objets système.) -- C:\Windows\System32\msobjs.dll [60416]
O44 - LFC:[MD5.6E882D7CA34073890107559B5A515A24] - 04/07/2015 - 15:45:20 ---A- . (.Microsoft Corporation - DLL des événements d’audit de la sécurité.) -- C:\Windows\System32\msaudite.dll [146432]
O44 - LFC:[MD5.6ACFCC28E4D60B5A931D8749332A14E2] - 04/07/2015 - 15:45:21 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [686080]
O44 - LFC:[MD5.81B68AEDFF64F9312E3A4091DC3B4350] - 04/07/2015 - 15:45:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [3072]
O44 - LFC:[MD5.D7BE1B4E54F5BF66B2F64F14FF089213] - 04/07/2015 - 15:45:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [4096]
O44 - LFC:[MD5.AF557D115972A73964FC8F209300948A] - 04/07/2015 - 15:45:23 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\System32\apisetschema.dll [6656]
O44 - LFC:[MD5.7374BE3C94F721974EB7CEE6CAC080A1] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [3072]
O44 - LFC:[MD5.461C11B3B0CD6EFD74F282CA160BB3E5] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [3072]
O44 - LFC:[MD5.217AF5666CD1D01BDA05957A3BA4ED56] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [6144]
O44 - LFC:[MD5.D0C051A23DD90BDD11DE6B220F865CB2] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [3072]
O44 - LFC:[MD5.762405262030AB9270FC0FB58443331D] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [3072]
O44 - LFC:[MD5.CF1EBDF8579610BC08B5AF54D153DF5E] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [3072]
O44 - LFC:[MD5.F4D2A9604AC45AA1ECD774A4A43D5507] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [5120]
O44 - LFC:[MD5.129C00E47C8B1235B360E8AA021C172F] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [3072]
O44 - LFC:[MD5.A61BA1D836FAD2B758B4272F46B9E6B7] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [3584]
O44 - LFC:[MD5.1F8369639C3868BEF7DC793C88F58802] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [3072]
O44 - LFC:[MD5.6A130893D14B0A3052888829A50CDC82] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [3072]
O44 - LFC:[MD5.37BCFB564EC2A718EC5232F848CB10CC] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [3072]
O44 - LFC:[MD5.69EEE5C0512DB117631DFE0EEB389E2C] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [3584]
O44 - LFC:[MD5.8853BF5D5B9F71E845254645D65B3B44] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [4096]
O44 - LFC:[MD5.B7961B430491D17B0D29C5A6D0AB83CB] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [3584]
O44 - LFC:[MD5.C52469860312C68D513FBA2311DC3E86] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [3584]
O44 - LFC:[MD5.4DCCC113E1C4DF0C11A812F1C1E4647A] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [3584]
O44 - LFC:[MD5.ACC2BFDE75FC405C5274E799296BA164] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [3584]
O44 - LFC:[MD5.234884F84DF4660FAF16A0513A6AC391] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [4608]
O44 - LFC:[MD5.64325654E2CE9CCAFEEBCB41CB3B9289] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [3072]
O44 - LFC:[MD5.DE65205699C893FCE741F3B7EFB84B05] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [3584]
O44 - LFC:[MD5.01432C6FF4C172490A50B824AFA51714] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [3072]
O44 - LFC:[MD5.062001070BC49D7D17A480FC2DFEFCD0] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [4096]
O44 - LFC:[MD5.766461F29A75E0CD208E220BC122F28F] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [4096]
O44 - LFC:[MD5.150E7CF40A92220624BA38B4F14E7490] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [4608]
O44 - LFC:[MD5.7CA867AB1775550C9370F57463DE3BF4] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [3072]
O44 - LFC:[MD5.20BD408AC3F8576997D6A47F48A1C5B2] - 04/07/2015 - 15:45:28 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\Windows\System32\wow64cpu.dll [13312]
O44 - LFC:[MD5.289D99B0879C6ED5C6D1B3A856CA6DA3] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [22016]
O44 - LFC:[MD5.6ACD3C75BE449F039E1A4E43424D5B6F] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [28160]
O44 - LFC:[MD5.5A17FF38EDE95B2313E428BF444126D7] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Wow64 Console and Win32 API Logging.) -- C:\Windows\System32\wow64win.dll [362496]
O44 - LFC:[MD5.5EC57AC6DC16CB8A058CA019AA2C188D] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [29184]
O44 - LFC:[MD5.13DE715D959DD502CFD52DC920408B33] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Processus d'exécution client-serveur.) -- C:\Windows\System32\csrsrv.dll [43520]
O44 - LFC:[MD5.1B93381366141875D8EE7EC1085236B9] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Utilitaire de configuration des performance.) -- C:\Windows\System32\diskperf.exe [19456]
O44 - LFC:[MD5.D68690450978D127E030FB14E9B2023B] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Émulation 16 bits sur NT64.) -- C:\Windows\System32\ntvdm64.dll [16384]
O44 - LFC:[MD5.11D5815F0DC571CE3C72213B375860B1] - 04/07/2015 - 15:45:31 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll [50176]
O44 - LFC:[MD5.17A6A9AAD04CCC6EE53290585BFC43AF] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [31232]
O44 - LFC:[MD5.E20BF3FA89DE67B00ED713B5254C0BF0] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Moniteur de performance de la ligne de comm.) -- C:\Windows\System32\typeperf.exe [47104]
O44 - LFC:[MD5.03BA5D20751137F3A705B389C52DB8D6] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Programme de stratégie d’audit.) -- C:\Windows\System32\auditpol.exe [64000]
O44 - LFC:[MD5.858F04B3C39239972959E9EE97CACAE4] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Utilitaire de réenregistrement de Performan.) -- C:\Windows\System32\relog.exe [43008]
O44 - LFC:[MD5.9BBEA639884C0338DD78654277BD188A] - 04/07/2015 - 15:45:33 ---A- . (.Microsoft Corporation - Gestionnaire de sessions Windows.) -- C:\Windows\System32\smss.exe [112640]
O44 - LFC:[MD5.A5F57F4866C2DC7F8215058D7D56BD21] - 04/07/2015 - 15:45:33 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [86528]
O44 - LFC:[MD5.7C5E375F20F639607376351A8BCC0647] - 04/07/2015 - 15:45:34 ---A- . (.Microsoft Corporation - Bibliothèque de chiffrement Windows.) -- C:\Windows\System32\ncrypt.dll [309760]
O44 - LFC:[MD5.A929B9ABA1083AF35ECE7BD63AF3E42F] - 04/07/2015 - 15:45:34 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [136192]
O44 - LFC:[MD5.66DF73B202105406602941778792FE3D] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Bibliothèque de l’application auxiliaire de.) -- C:\Windows\System32\tdh.dll [879104]
O44 - LFC:[MD5.4F90A7A0FCBC0ED18E573917860062FF] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\Windows\System32\sechost.dll [113664]
O44 - LFC:[MD5.AD54856A16B635720B0BE5FAF44526FC] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [210944]
O44 - LFC:[MD5.210E7D1EA34369194BE09493784E27BE] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Utilitaire d’enregistrement des Performance.) -- C:\Windows\System32\logman.exe [104448]
O44 - LFC:[MD5.BF69D973523D539A35807946C6DA7E16] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [95680]
O44 - LFC:[MD5.996EE6571ADB880A60846DD02C8D5869] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [314880]
O44 - LFC:[MD5.37DFCC91E419952772E02F2B3BBB2E2B] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [342016]
O44 - LFC:[MD5.2313AF8D5A9CEB4A55400A01DD311A95] - 04/07/2015 - 15:45:37 ---A- . (.Microsoft Corporation - DLL serveur de Windows multi-utilisateurs.) -- C:\Windows\System32\winsrv.dll [215040]
O44 - LFC:[MD5.16154A6682B1552DEAB953BFA4B8E955] - 04/07/2015 - 15:45:37 ---A- . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe [296960]
O44 - LFC:[MD5.CCB352B939B77B38983DD878C547451F] - 04/07/2015 - 15:45:38 ---A- . (.Microsoft Corporation - Bibliothèque principale de Restauration du.) -- C:\Windows\System32\srcore.dll [503808]
O44 - LFC:[MD5.6703266C1E56157B5965F9AC868A20AC] - 04/07/2015 - 15:45:38 ---A- . (.Microsoft Corporation - Outil de rapport de suivi d’événements.) -- C:\Windows\System32\tracerpt.exe [404992]
O44 - LFC:[MD5.48C30C54194142910FB6B86D308220ED] - 04/07/2015 - 15:45:39 ---A- . (.Microsoft Corporation - Hôte de la fenêtre de la console.) -- C:\Windows\System32\conhost.exe [338432]
O44 - LFC:[MD5.FF9BBFAE899091C1FF0D1A3F2C587911] - 04/07/2015 - 15:45:39 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [243712]
O44 - LFC:[MD5.53042708C242959B3924242FBBE297B1] - 04/07/2015 - 15:45:40 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1728960]
O44 - LFC:[MD5.272C27711C8AA6E7815EE33F8ACA9C66] - 04/07/2015 - 15:45:40 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [155584]
O44 - LFC:[MD5.9E2A2028228645DD57EF45A02CAC0CCE] - 04/07/2015 - 15:45:41 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [5569984]
O44 - LFC:[MD5.4FFD08A01047EF6B58F6EB4E6D001A8D] - 04/07/2015 - 15:45:42 ---A- . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\System32\advapi32.dll [879104]
O44 - LFC:[MD5.93A05407F8E53BC731C42AAD56163F80] - 04/07/2015 - 15:45:43 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1461760]
O44 - LFC:[MD5.6FDF03A3B110C5264F52F979335AE301] - 04/07/2015 - 15:45:44 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\kernel32.dll [1162752]
O44 - LFC:[MD5.8DCA1C70AF170C3FBCE47A4F49BFC887] - 04/07/2015 - 15:45:45 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\KernelBase.dll [424960]
O44 - LFC:[MD5.AA5319FA8602676B5D3A2B4A1355896D] - 04/07/2015 - 15:45:46 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\diagtrack.dll [1255424]
O44 - LFC:[MD5.6ECD6D92F43C2DC55099F892978D5BE7] - 04/07/2015 - 15:45:46 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [728576]
O44 - LFC:[MD5.587BBA3B3959144334700EC48232712F] - 04/07/2015 - 15:46:10 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [227328]
O44 - LFC:[MD5.E87D4371B24BC9E5BAE95AEA60FFD959] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [193536]
O44 - LFC:[MD5.6E2EB5A36C3CCD917F7FF9BED7C1390E] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll [45568]
O44 - LFC:[MD5.6F07FC190DBCB42C8A5319235F72F906] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [423424]
O44 - LFC:[MD5.CFF429F2234C1D1A5993E80F46C37CFB] - 04/07/2015 - 15:46:12 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1119232]
O44 - LFC:[MD5.B23AB4C401E2DE02C47B7497D41E2318] - 04/07/2015 - 15:46:12 ---A- . (.Microsoft Corporation - Inventory Agent.) -- C:\Windows\System32\invagent.dll [757248]
O44 - LFC:[MD5.2DCA988113A02EB9BCB98A5DC2D34E57] - 04/07/2015 - 15:46:13 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [700416]
O44 - LFC:[MD5.52DEF4C743C2EABD6BD3EDC790A0E778] - 04/07/2015 - 15:46:14 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [1021440]
O44 - LFC:[MD5.51ECEE70F33601310DDEF3EEE39550D3] - 04/07/2015 - 15:46:21 ---A- . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.DLL [12625920]
O44 - LFC:[MD5.1A8C5D4BE449E4A9D8667A341E535E22] - 04/07/2015 - 15:46:25 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\dxmasf.dll [5120]
O44 - LFC:[MD5.1A8C5D4BE449E4A9D8667A341E535E22] - 04/07/2015 - 15:46:25 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\msdxm.ocx [5120]
O44 - LFC:[MD5.834FD7C31EA16D59CC3B2DC60F2F2620] - 04/07/2015 - 15:46:26 ---A- . (.Microsoft Corporation - Windows Media Player System Preparation DLL.) -- C:\Windows\System32\spwmp.dll [9728]
O44 - LFC:[MD5.9D80A82B0BB77AC3EF6A87FA0C534E20] - 04/07/2015 - 15:46:31 ---A- . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\System32\wmp.dll [14635008]
O44 - LFC:[MD5.51F89CE2D0FEC66070354504E6C4C3E4] - 04/07/2015 - 15:46:44 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\System32\comctl32.dll [633856]
O44 - LFC:[MD5.1EE2DBA5AD2E5EB618C7FB187C2CFDF4] - 04/07/2015 - 15:46:46 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3206144]
O44 - LFC:[MD5.AD6BE9946C8E44097EAECFAA4DED663F] - 05/07/2015 - 01:58:28 ---A- . (.VoiceFive, Inc. - PremierOpinion.) -- C:\Windows\System32\pmls64.dll [974648] =>Adware.PremierOpinion
O44 - LFC:[MD5.8E8E66D376776BC541E3179D2F5EAF76] - 05/07/2015 - 02:56:26 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [140135120]
O44 - LFC:[MD5.DF7C79C1FFFBBE3D4BEC2BA7FF8A8AB1] - 05/07/2015 - 11:08:23 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [300704]
O44 - LFC:[MD5.A6D70C86EB0D4EB7AD0CED21D50B5CB8] - 05/07/2015 - 11:55:39 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [326080]
O44 - LFC:[MD5.23B58DEF11B45727D3351702515F86AF] - 05/07/2015 - 23:24:09 ---A- . (...) -- C:\END [2]
O44 - LFC:[MD5.3B4AC2DBFC86F7247C1FF1FAF2860530] - 06/07/2015 - 00:13:41 ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1047320]
O44 - LFC:[MD5.2169B4B1EFAA3453A4DA732F1F94C1E1] - 06/07/2015 - 00:14:08 ---A- . (.Avast Software s.r.o. - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43112]
O44 - LFC:[MD5.6D37D8DB30D086739507C5F6E542656A] - 06/07/2015 - 00:14:20 ---A- . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93528]
O44 - LFC:[MD5.B5B4C90E9F52DA8586F1E5461AD90A5D] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29168]
O44 - LFC:[MD5.07E32DFCA422A2920482D762D01957EC] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65736]
O44 - LFC:[MD5.91782404718C6352C26B3242BAC3F0F1] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [272248]
O44 - LFC:[MD5.300CB8E510855189CAD0B72FFB5590CB] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [89944]
O44 - LFC:[MD5.B1368BE5F6BA529E0886F4DA2361BD2D] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [442264]
O44 - LFC:[MD5.9CA2FDD44F7C1F8AC1652F6C2638CFED] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [364472]
O44 - LFC:[MD5.6E53278ECCFFBC2ACC2A5006745ED4BB] - 06/07/2015 - 00:14:22 ---A- . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [137288]
O44 - LFC:[MD5.16C8C539480B87F7B688CCBB9E5A2D2B] - 06/07/2015 - 21:47:11 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1669584]
O44 - LFC:[MD5.051349D4AE8AA7143C2A4D19A978B29A] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122336]
O44 - LFC:[MD5.439B5F14EA1AA2F047247FE5D5FA44F5] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150386]
O44 - LFC:[MD5.301CED7D149ACAB51F7C864F1EB93A78] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654464]
O44 - LFC:[MD5.EB65F0E8375F2E6444542A52A3F04199] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747894]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/07/2015 - 15:42:06 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.81A2A421E6D7B43AA9E87A5FCB5730C3] - 07/07/2015 - 16:56:48 ---A- . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [449896]
O44 - LFC:[MD5.2EF62E6F46345480A2946AA7D7EB28F5] - 07/07/2015 - 16:58:02 ---A- . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28144]
O44 - LFC:[MD5.50A4B0C0690E8CB925745FE353CF1E1A] - 07/07/2015 - 23:28:59 ---A- . (...) -- C:\Windows\Reimage.ini [99] =>Rogue.ReimageRepair
O44 - LFC:[MD5.1511A529C9637026C6AFD549743AC216] - 08/07/2015 - 11:37:55 ---A- . (...) -- C:\Windows\PFRO.log [36218]
O44 - LFC:[MD5.973F4621458C4E96473809100C2194FF] - 08/07/2015 - 11:38:12 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.E570239983AA75E89B105CE43F92F21F] - 08/07/2015 - 11:38:30 ---A- . (...) -- C:\Windows\setupact.log [448]
O44 - LFC:[MD5.A90FD9C575D9E676D4F701EA25382643] - 08/07/2015 - 12:19:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1644065]
~ Files: 148 Scanned in 02mn 42s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.4F864E3BD271C369118FC357A20092E4] - 17/10/2013 - 19:36:21 ---A- - C:\Windows\Prefetch\BABMAINT.EXE-E1567F24.pf =>Hijacker.BabSolution
O45 - LFCP:[MD5.B17D780DD273E696F5A11938DD139422] - 03/10/2013 - 18:59:03 ---A- - C:\Windows\Prefetch\SEARCHGOL.EXE-D910FB8B.pf =>Hijacker.SearchGol
O45 - LFCP:[MD5.093790E61C9BFEB6B482A5040D090BD6] - 19/01/2014 - 16:42:15 ---A- - C:\Windows\Prefetch\WAJAMUPDATER.EXE-D7CB9704.pf =>PUP.Wajam
O45 - LFCP:[MD5.EC8234AFE812DB604113CD1F901D4D79] - 03/10/2013 - 18:58:59 ---A- - C:\Windows\Prefetch\WAJAM_DOWNLOAD.EXE-3FCF235A.pf =>PUP.Wajam
O45 - LFCP:[MD5.5DE2A757F851EE8E4EDAE900FE13F360] - 03/10/2013 - 18:59:13 ---A- - C:\Windows\Prefetch\WAJAM_INSTALL.EXE-E50D6A22.pf =>PUP.Wajam
O45 - LFCP:[MD5.C797E7C97BEB506248C4271F692E03DF] - 03/10/2013 - 18:58:05 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-D6F47989.pf =>PUP.Wajam
~ Prefetcher: 6 Scanned in 00mn 00s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.DigitalPersona, Inc. - Password Filter.) -- C:\Windows\System32\DPPassFilter.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Notification Packages . (.Broadcom Corporation. - BtwProximityCP DLL.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 11 Scanned in 00mn 00s
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys
~ CSB: 15 Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{250014d2-6bbd-11e3-9e54-9c2a70d1f532}\AutoRun\command. (...) -- E:\iStudio.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\System32\xvidvfw.dll
~ TDSD: 6 Scanned in 00mn 01s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\CrashMon [Key] . (...) -- C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe (.not file.) =>PUP.Salus
O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O53 - SMSR:HKLM\...\startupreg\gmsd_fr_002020021 [Key] . (...) -- C:\Program Files (x86)\gmsd_fr_002020021\gmsd_fr_002020021.exe (.not file.) =>PUP.CrossRider
O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O53 - SMSR:HKLM\...\startupreg\Salus CrashMon [Key] . (...) -- C:\Program Files (x86)\f552dd4c52e3\a7d12b5975b4.exe (.not file.) =>PUP.Salus
O53 - SMSR:HKLM\...\startupreg\shopperz [Key] . (...) -- C:\Program Files\shopperz\Suarez.exe (.not file.) =>PUP.Shopperz
O53 - SMSR:HKLM\...\startupreg\shopperz64 [Key] . (...) -- C:\Program Files\shopperz\Suarez64.exe (.not file.) =>PUP.Shopperz
~ SMSR Keys: 7 Scanned in 00mn 00s
---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 17 Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
~ MWPE Keys: 4 Scanned in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13/12/2010 - 15:34:14 ---A- . (.ST Microelectronics - Accelerometer Port I/O.) -- C:\Windows\System32\Drivers\Accelern.sys [27760]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904]
O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128]
O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008]
O58 - SDL:12/12/2011 - 09:33:36 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [195072]
O58 - SDL:24/01/2012 - 14:01:40 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys [416592]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632]
O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29168] =>.ALWIL Software
O58 - SDL:07/07/2015 - 16:58:02 ---A- . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28144]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [89944]
O58 - SDL:07/07/2015 - 16:56:48 ---A- . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [449896]
O58 - SDL:06/07/2015 - 00:14:20 ---A- . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93528]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65736] =>.ALWIL Software
O58 - SDL:06/07/2015 - 00:13:41 ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1047320]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [442264]
O58 - SDL:06/07/2015 - 00:14:22 ---A- . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [137288]
O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [272248] =>.ALWIL Software
O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\AthDfu.sys [52352]
O58 - SDL:24/10/2012 - 17:31:18 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [3802112]
O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848]
O58 - SDL:27/04/2012 - 11:08:32 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\Drivers\bcbtums.sys [138280]
O58 - SDL:27/05/2013 - 20:42:43 ---A- . (.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Proxy Protocol Driver.) -- C:\Windows\System32\Drivers\bcm42rly.sys [22632]
O58 - SDL:27/04/2012 - 11:09:30 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Virtual Wireless Driver.) -- C:\Windows\System32\Drivers\bcmvwl64.sys [21568]
O58 - SDL:27/04/2012 - 11:09:34 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS [5443648]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432]
O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704]
O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [341120]
O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Atheros - Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\Drivers\btath_avdt.sys [111232]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [30848]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [36480]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [168064]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [68736]
O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [281728]
O58 - SDL:16/10/2012 - 10:19:58 ---A- . (.Atheros - BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [551040]
O58 - SDL:15/11/2011 - 00:13:00 ---A- . (.Intel Corporation - Bluetooth HighSpeed Filter Driver.) -- C:\Windows\System32\Drivers\btmhsf.sys [327168]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\System32\Drivers\btwampfl.sys [615464]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\Drivers\btwaudio.sys [184872]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\Drivers\btwavdt.sys [210984]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\Drivers\btwl2cap.sys [39976]
O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\Drivers\btwrchid.sys [21544]
O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480]
O58 - SDL:10/06/2011 - 20:04:38 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys [1591936]
O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488]
O58 - SDL:05/04/2012 - 12:34:42 ---A- . (.Cirrus Logic - Hdaudio.sys Customization Filter.) -- C:\Windows\System32\Drivers\CSLFDx64.sys [35328]
O58 - SDL:05/04/2012 - 12:34:42 ---A- . (.Cirrus Logic - Hdaudio.sys Customization Filter.) -- C:\Windows\System32\Drivers\CSUFDx64.sys [8704]
O58 - SDL:28/05/2009 - 16:49:00 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\Windows\System32\Drivers\CtAudDrv.sys [224768]
O58 - SDL:20/01/2011 - 17:20:46 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\Windows\System32\Drivers\CtClsFlt.sys [176096]
O58 - SDL:11/11/2010 - 13:14:52 ---A- . (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) -- C:\Windows\System32\Drivers\diskperf64.sys [17512]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016]
O58 - SDL:03/10/2012 - 16:14:56 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:10/11/2011 - 00:04:14 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [60184]
O58 - SDL:21/11/2010 - 04:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720]
O58 - SDL:01/02/2012 - 15:16:40 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys [568600]
O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496]
O58 - SDL:09/12/2011 - 18:45:00 ---A- . (.Intel Corporation - Intel(R) Centrino(R) Wireless (Bluetooth Adapter) Driver.) -- C:\Windows\System32\Drivers\iBtFltCoex.sys [60416]
O58 - SDL:26/03/2012 - 18:09:54 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [14748416]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112]
O58 - SDL:10/04/2015 - 20:56:56 ---A- . (.Infonaut - Infonaut Driver x64.) -- C:\Windows\System32\Drivers\innfd_1_10_0_14.sys [58224] =>PUP.Infonaut
O58 - SDL:06/12/2011 - 03:23:08 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [331264]
O58 - SDL:28/03/2012 - 09:21:26 ---A- . (.Intel Corporation - Intel(R) Rapid Start Technology Driver.) -- C:\Windows\System32\Drivers\irstrtdv.sys [26504]
O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) -- C:\Windows\System32\Drivers\iusb3hcs.sys [16152]
O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\Drivers\iusb3hub.sys [356120]
O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) -- C:\Windows\System32\Drivers\iusb3xhc.sys [788760]
O58 - SDL:23/12/2011 - 16:53:10 ---A- . (.Atheros Communications, Inc. - Atheros Ar81xx series PCI-E Gigabit Ethernet Controller.) -- C:\Windows\System32\Drivers\L1C62x64.sys [104048]
O58 - SDL:16/10/2012 - 10:19:44 ---A- . (.Atheros - Bluetooth Low Engergy Hid Driver.) -- C:\Windows\System32\Drivers\leath_hid.sys [36608]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392]
O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736]
O58 - SDL:12/12/2011 - 14:19:16 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwNs64.sys [8616448]
O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264]
O58 - SDL:27/05/2013 - 20:42:43 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352]
O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592]
O58 - SDL:10/06/2011 - 05:34:52 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [539240]
O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584]
O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464]
O58 - SDL:12/04/2012 - 16:37:08 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [24848]
O58 - SDL:12/04/2012 - 16:37:10 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [24848]
O58 - SDL:15/07/2011 - 20:31:22 ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\Windows\System32\Drivers\stdcfltn.sys [22128]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:03/01/2012 - 15:04:52 ---A- . (.STMicroelectronics - STM Accelerometer Device Driver.) -- C:\Windows\System32\Drivers\ST_ACCEL.sys [67184]
O58 - SDL:12/04/2012 - 16:37:12 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [425232]
O58 - SDL:20/07/2011 - 23:21:50 ---A- . (.Texas Instruments Incorporated - TI USB3 Hub Driver.) -- C:\Windows\System32\Drivers\tihub3.sys [136000]
O58 - SDL:20/07/2011 - 23:21:50 ---A- . (.Texas Instruments Incorporated - TI XHCI Host Controller Driver.) -- C:\Windows\System32\Drivers\tixhci.sys [406336]
O58 - SDL:10/06/2015 - 22:08:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872]
O58 - SDL:14/10/2014 - 22:46:46 ---A- . (.Word Proser - Word Proser Driver x64.) -- C:\Windows\System32\Drivers\wpnfd_1_10_0_1.sys [58240] =>PUP.WordProser
O58 - SDL:24/10/2012 - 17:31:18 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [3802112]
~ Drivers: 106 Scanned in 00mn 10s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 04/07/2015 - 13:37:02 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Chromium\Application\45.0.2441.0\Installer\uninstall.exe [902144]
O61 - LFC: 04/07/2015 - 13:37:02 ---A- . (.The Chromium Authors.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\Application\45.0.2441.0\Installer\setup.exe [934912]
O61 - LFC: 04/07/2015 - 13:37:04 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ChromeApproveTBPlugin.dll [117024]
O61 - LFC: 04/07/2015 - 13:37:04 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ChromeAutoApproveTB.dll [155936]
O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\TBVerifier.dll [287008] =>Toolbar.Conduit
O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ConduitChromeApiPlugin.dll [858400]
O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\np-cwmp.dll [68896]
O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\np-mswmp.dll [163256]
O61 - LFC: 04/07/2015 - 13:37:06 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\Search\plugins\npConduitNewTabPlugin.dll [62240] =>Toolbar.Conduit
O61 - LFC: 04/07/2015 - 13:38:49 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Setup12209574\Sqlite3.dll [599419]
O61 - LFC: 04/07/2015 - 13:39:23 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\itdownload.dll [205312]
O61 - LFC: 04/07/2015 - 13:41:32 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\g3dLhln\LibDownloadManagement.dll [5120] =>Adware.Pirrit
O61 - LFC: 05/07/2015 - 13:37:09 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 05/07/2015 - 13:41:26 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\C94WpYy\LibDownloadManagement.dll [5120] =>Adware.Pirrit
O61 - LFC: 05/07/2015 - 13:41:28 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp\encecal.dll [140800]
O61 - LFC: 05/07/2015 - 13:41:28 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp\ticyver.dll [168960]
O61 - LFC: 05/07/2015 - 13:42:07 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\yMRVGuQ\LibDownloadManagement.dll [5120] =>Adware.Pirrit
O61 - LFC: 05/07/2015 - 13:42:13 ---A- . (.Avast Software s.r.o..) -- D:\Utilisateurs\célia\Downloads\avast_free_antivirus_setup_online_01net.exe [5481336]
O61 - LFC: 05/07/2015 - 13:44:15 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetupFull.exe [40430720]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ChromeApproveTBPlugin.dll [117024]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ChromeAutoApproveTB.dll [155936]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ConduitChromeApiPlugin.dll [858400]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\np-cwmp.dll [68896]
O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\np-mswmp.dll [163256]
O61 - LFC: 07/07/2015 - 13:37:39 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\Search\plugins\npConduitNewTabPlugin.dll [62240] =>Toolbar.Conduit
O61 - LFC: 07/07/2015 - 13:37:39 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\TBVerifier.dll [287008] =>Toolbar.Conduit
O61 - LFC: 07/07/2015 - 13:37:43 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 07/07/2015 - 13:37:52 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe [1068696]
O61 - LFC: 07/07/2015 - 13:37:53 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BSvcUpdater.exe [169104]
O61 - LFC: 07/07/2015 - 13:37:54 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\DefaultSetup\sqlite3.dll [362029]
O61 - LFC: 07/07/2015 - 13:37:54 ---A- . (.© 2013 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe [2649752]
O61 - LFC: 07/07/2015 - 13:37:55 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0]
O61 - LFC: 07/07/2015 - 13:39:22 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\BSvcProcessor.exe [1068696]
O61 - LFC: 07/07/2015 - 13:39:22 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\BSvcUpdater.exe [169104]
O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\Outbrowse_Bundle.exe [0]
O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-BNC5E.tmp\cmd.bat [85]
O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\_isetup\_shfoldr.dll [23312]
O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-BNC5E.tmp\_isetup\_shfoldr.dll [23312]
O61 - LFC: 07/07/2015 - 13:39:31 ---A- . (.M-GPlayer.) -- D:\Utilisateurs\célia\AppData\Local\Temp\n9586\gusetup_pub.exe [7097528]
O61 - LFC: 07/07/2015 - 13:39:47 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr25.bin [24]
O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\hljorppg\encecal.dll [140800]
O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\hljorppg\ticyver.dll [168960]
O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\jkzhqxzt\encecal.dll [140800]
O61 - LFC: 07/07/2015 - 13:41:34 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy\encecal.dll [140800]
O61 - LFC: 07/07/2015 - 13:41:34 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy\ticyver.dll [168960]
O61 - LFC: 07/07/2015 - 13:42:29 ---A- . (.Google Inc..) -- D:\Utilisateurs\célia\Downloads\ChromeSetup.exe [931408]
O61 - LFC: 07/07/2015 - 13:43:17 ---A- . (.Reimage®.) -- D:\Utilisateurs\célia\Downloads\ReimageRepair (1).exe [772016] =>Rogue.ReimageRepair
O61 - LFC: 07/07/2015 - 13:43:28 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetup (1).exe [1384576]
O61 - LFC: 07/07/2015 - 13:43:30 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetup.exe [1384576]
O61 - LFC: 08/07/2015 - 13:37:29 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Crossbrowse\Crossbrowse\User Data\nacl_validation_cache.bin [128] =>PUP.CrossBrowser
O61 - LFC: 08/07/2015 - 13:42:10 ---A- . (...) -- D:\Utilisateurs\célia\Desktop\cacaoweb.exe [532784] =>PUP.CacaoWeb
~ 75 Fichiers temporaires (Temporary files)
~ 322 Fichiers cookies (Cookies files)
~ Files: 51 Scanned in 07mn 42s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 07/07/2015 - C:\Windows\System32\DRIVERS\aswNdisFlt.sys (aswNdisFlt) .(.Avast Software s.r.o. - avast! Filtering NDIS driver.) - LEGACY_ASWNDISFLT
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.Avast Software s.r.o. - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 06/07/2015 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.Avast Software s.r.o. - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.Avast Software s.r.o. - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.Avast Software s.r.o. - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 06/07/2015 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 27/05/2013 - C:\Windows\System32\drivers\BCM42RLY.sys (BCM42RLY) .(.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Pr.) - LEGACY_BCM42RLY
O64 - Services: CurCS - 10/04/2015 - C:\Windows\System32\drivers\innfd_1_10_0_14.sys (innfd_1_10_0_14) .(.Infonaut - Infonaut Driver x64.) - LEGACY_INNFD_1_10_0_14 =>PUP.Infonaut
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/10/2014 - C:\Windows\System32\drivers\wpnfd_1_10_0_1.sys (wpnfd_1_10_0_1) .(.Word Proser - Word Proser Driver x64.) - LEGACY_WPNFD_1_10_0_1 =>PUP.WordProser
~ Legacy: 88 Scanned in 00mn 03s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
~ FASS Keys: 11 Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("CT3241952.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3241952&SearchSource=2&q=");
O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.delta_i.babTrack", "affID=120700&tsp=5029");
O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.crossrider.bic", "1419918217a0c77c1984d7fa9bb7f732"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Astromenda) - http://www.oursurfing.com =>PUP.Astromenda
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {24611EB1-2B5E-4065-8B0F-3A499898EF7A} - (WhiteSmoke New V6 Customized Web Search) - http://www.oursurfing.com =>PUP.WhiteSmoke
O69 - SBI: SearchScopes [HKCU] {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} - () - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Cassiopesa) - http://www.cassiopessa.com
O69 - SBI: SearchScopes [HKCU] {483830EE-A4CD-4b71-B0A3-3D82E62A6909} - () - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {5B9843CD-BEC6-05E7-8AB2-3891FF74046C} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {9143e921-7c9a-4d27-ac43-eaccc78cc55a} - (istartsurf) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} - (Amazon) - http://www.oursurfing.com =>Hijacker.OurSurfing
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.oursurfing.com =>Hijacker.OurSurfing
~ Keys: Scanned in 00mn 00s
---\\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [683520]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2553856]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536]
~ Services: 33 Scanned in 00mn 03s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.AF82D7FAD38E49DDA65ECE4F87B2C95B] [SPRF][28/07/2014] (...) -- C:\ProgramData\uninstall_Deeal.exe [431104] =>PUP.DeealFr
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\4oWR9qYkY63.exe [1579520]
[MD5.767B13F54357A9BF53EAA2392C664665] [SPRF][07/07/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr25.bin [24]
[MD5.4BE82EB7925A65C354655F35845528C5] [SPRF][17/05/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr3.bin [20]
[MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\e4B8MC7fGSvdgS.exe [1579520]
[MD5.775F47E28C96739D0B81DF8A46116EFB] [SPRF][08/07/2015] (...) -- D:\Utilisateurs\célia\Desktop\cacaoweb.exe [532784] =>PUP.CacaoWeb
~ Files: 6 Scanned in 00mn 06s
---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 24/05/2015 - 03:59:37 - [] ----D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf
O43 - CFD: 06/07/2015 - 02:04:51 - [0] ----D C:\ProgramData\6c54da2e97bd4bf69fea341a446a9746
O43 - CFD: 24/05/2015 - 21:30:13 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 06/07/2015 - 02:04:49 - [0] ----D C:\ProgramData\dc9def169e834b19aff83090e5e3337a
~ Files: Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{690310D7-EA92-4A80-B01C-B855168501D7}" | In - None - P17 - TRUE | .(.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
~ Firewall: 1 Scanned in 00mn 15s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "DF42B2AC01EE9B240B94AA0862E8E712" . (.Boxore Client.) -- C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico =>Adware.Boxore
~ Update Products: 1 Scanned in 00mn 00s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb"
[HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard
[HKCU\Software\5c55da8cbc3ab845]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKCU\Software\5c55da8cbc3ab845]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKCU\Software\5c55da8cbc3ab845]:showagain="p/2lTJU4olIuro52tJurFmjRNz33u7Fj1NwGCbkzNke6o3V1OPj3+TJ2Nrg="
[HKCU\Software\5c55da8cbc3ab845]:usrcheckbox="1"
[HKCU\Software\5c55da8cbc3ab845]:version="2.6.1694.246"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA=="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SERVICE_NAME="BitGuard" =>PUP.BitGuard
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:showagain="p/2lTJU4olIuro52tJurFmjRNz33u7Fj1NwGCbkzNke6o3V1OPj3+TJ2Nrg="
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:usrcheckbox="1"
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:version="2.6.1694.246"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:060df2cd="GlAu/YP/c/Au/YZ/GxAp/YZ/GP/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:1c311243="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:51d2f2ea="K/Au/YZ/aPAp/X2/cPAg/WV/c/Ay/XZ/a/Au////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:65114b36="VP/l////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c24899a6="VP/g/CV/Vl/2/Cx////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:d94388d2="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:fe94ce1e="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:060df2cd="GlAu/YP/c/Au/YZ/GxAp/YZ/GP/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0c230bcb="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:1c311243="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:2e22d94e="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:3c09c42b="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:414bc593="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:48bd1aff="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:51d2f2ea="K/Af/Xt/aPAM/X6/G/A+/Xl/GP////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:6185d035="Vx/2/Cx/V//l////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:65114b36="VP/l////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:72758a5d="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:7367429f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a2e3b941="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:bbf88800="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c24899a6="Vl/3/CJ/MP/g/CZ////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:d94388d2="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:e46c271e="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f6ad6fa6="V/////%%"
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:fe94ce1e="V/////%%"
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.77C2FD47FBD0F2284B64AB6E40397BFA] [WIS][12/11/2013] (.KalityWeb - WebAdSystem.) -- C:\Windows\Installer\572f60.msi [1126400] =>Adware.WebAdSystem
~ WIS: 1 Scanned in 00mn 07s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASAPI32 =>PUP.SafeGuard
HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASMANCS =>PUP.SafeGuard
HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASAPI32 =>Hijacker.Eazel
HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASMANCS =>Hijacker.Eazel
HKLM\SOFTWARE\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus
HKLM\SOFTWARE\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32 =>PUP.Activeris
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS =>PUP.Activeris
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.AdvancedSystemProtector
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>Hijacker.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>Hijacker.BabSolution
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS =>Adware.IMBooster
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASAPI32 =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASMANCS =>Hijacker.SmartBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASAPI32 =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASMANCS =>Adware.NewPlayer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBatBrowse_RASAPI32 =>PUP.BatBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBatBrowse_RASMANCS =>PUP.BatBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASAPI32 =>PUP.LinkSwift
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASMANCS =>PUP.LinkSwift
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASAPI32 =>PUP.BatBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASMANCS =>PUP.BatBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz16_RASAPI32 =>PUP.Duuqu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz16_RASMANCS =>PUP.Duuqu
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_2506-8ea7fd25_RASAPI32 =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_2506-8ea7fd25_RASMANCS =>Adware.VisualBeeToolbar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_download_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_download_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASMANCS =>PUP.Wajam
~ BTK: 249 Scanned in 00mn 01s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{22222222-2222-2222-2222-220422892226}] (CrossriderApp0048926.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}] (Value Apps plugin) =>Toolbar.Conduit
[HKCR\CLSID\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}] (WordProser) =>PUP.WordProser
~ BCK: 4503 Scanned in 00mn 25s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 07/07/2015 268976 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 04/04/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SR - | Auto 06/03/2015 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 29/05/2015 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/10/2012 219776 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
SR - | Auto 06/07/2015 343336 | (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 07/07/2015 107448 | (avast! Firewall) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\afwServ.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 05/03/2012 952608 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 09/08/2011 200832 | (CxAudMsg) . (.Conexant Systems Inc..) - C:\Windows\system32\CxAudMsg64.exe
SR - | Auto 12/10/2011 109184 | (CxUtilSvc) . (.Conexant Systems, Inc..) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
SR - | Auto 29/12/2010 440144 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
SR - | Auto 01/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 10/04/2015 278600 | (insvc_1.10.0.14) . (.Infonaut.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut
SR - | Auto 10/01/2012 627936 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 29/06/2015 644904 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 27/03/2012 193536 | (irstrtsv) . (.Intel Corporation.) - C:\windows\SysWOW64\irstrtsv.exe
SR - | Auto 20/01/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 20/01/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 04/03/2015 213816 | (PremierOpinion) . (.VoiceFive, Inc..) - C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion
SR - | Auto 24/05/2015 305664 | (rikejehy) . (...) - D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp
SR - | Auto 08/07/2015 648416 | (Service Mgr OnStage) . (...) - C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe
SR - | Auto 20/01/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 08/07/2015 572640 | (Update Mgr OnStage) . (...) - C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe
SR - | Auto 23/08/2011 3175728 | (vcsFPService) . (.Validity Sensors, Inc..) - C:\Windows\system32\vcsFPService.exe
SR - | Auto 27/05/2013 48128 | (wltrysvc) . (.Dell Inc..) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/10/2012 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
~ Services: Scanned in 00mn 35s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by célia at 08/07/2015 13:48:15
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/05/2015)
Clés trouvées (Keys found) : 294
Valeurs trouvées (Values found) : 7
Dossiers trouvés (Folders found) : 108
Fichiers trouvés (Files found) : 288
[HKLM\SYSTEM\CurrentControlSet\Services\insvc_1.10.0.14] =>PUP.Infonaut^
[HKLM\SYSTEM\CurrentControlSet\Services\PremierOpinion] =>Adware.PremierOpinion^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV28.05] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Deeal] =>PUP.DeealFr^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoHD] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HQuality-v3V19.10] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins] =>PUP.IePluginService^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Infonaut_1.10.0.14] =>PUP.Infonaut^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{065A5BE9-CE42-475C-BD62-52B229D24AB5}] =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ab0da7b3-e6dd-492c-951e-44f70b9225b4}] =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchs] =>PUP.PaybyAds^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer] =>Adware.NewPlayer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd] =>PUP.NetworkSystemDriver^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3f700348-270d-469b-b073-4a14e4a79189}] =>PUP.PassWidget^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}] =>Adware.PremierOpinion^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}] =>PUP.PriceDownloader^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7540FDBD-7FDC-30AE-3778-815CB87DBE46}] =>PUP.RandomName^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smarts8] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SupTab] =>PUP.SupTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{4284830a}] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E370F69F-ED3F-925F-31FC-14D1329A713B}] =>PUP.TicTaCoupon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f0e9047b}] =>Adware.Graftor^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4c13db17-a811-442c-9a1b-a92b65dca879}] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF59773E-3245-46A3-B418-DD84AB6C3C50}] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindeskWinsearch] =>PUP.WindeskWinsearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinServices] =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall] =>Hijacker.OurSurfing^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\CrashMon] =>PUP.Salus^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_fr_002020021] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] =>PUP.Mobogenie^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Salus CrashMon] =>PUP.Salus^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\shopperz] =>PUP.Shopperz^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\shopperz64] =>PUP.Shopperz^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep
[HKLM\Software\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep
[HKLM\Software\Wow6432Node\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep
[HKLM\Software\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru
[HKLM\Software\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru
[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>PUP.Wajam
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>PUP.Conduit
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\KalityWeb] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\KalityWeb] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>PUP.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>PUP.Conduit
[HKCU\Software\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\VBMZ] =>PUP.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Classes\ScriptHost.Tool.1] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHost.Tool] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\AddonsFramework.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ButtonSite.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\ScriptHost.DLL] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder
[HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SoftwareUpdater] =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater] =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\delta-homesSoftware] =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\CrossriderApp0044150.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0044150.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0044150.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0044150.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048926.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422892226}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151146}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151152}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422892226}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Windesk Winsearch =>PUP.WindeskWinsearch^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^
C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05 =>PUP.CrossRider^
C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser^
C:\Program Files (x86)\deaal4reala =>PUP.Deal4reaL^
C:\Program Files (x86)\DealsFuInndeRProo =>PUP.DealsFinderPro^
C:\Program Files (x86)\DeaolsFiNderPro =>PUP.DealsFinderPro^
C:\Program Files (x86)\DeeaLsFinDErPro =>PUP.DealsFinderPro^
C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate^
C:\Program Files (x86)\gmsd_fr_002020023 =>PUP.CrossRider^
C:\Program Files (x86)\gmsd_fr_005010016 =>PUP.CrossRider^
C:\Program Files (x86)\GoHD =>PUP.CrossRider^
C:\Program Files (x86)\greattsAVieng =>PUP.GreatSaving^
C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches^
C:\Program Files (x86)\HQuality-v3V19.10 =>PUP.CrossRider^
C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\NewPlayer =>Adware.NewPlayer^
C:\Program Files (x86)\Pass-Widget =>PUP.PassWidget^
C:\Program Files (x86)\predm =>Adware.Downware^
C:\Program Files (x86)\PremierOpinion =>Adware.PremierOpinion^
C:\Program Files (x86)\Premium Software =>Trojan.Tivmonk^
C:\Program Files (x86)\PriceDowineloader =>PUP.PriceDownloader^
C:\Program Files (x86)\PriCeDoWnloADer =>PUP.PriceDownloader^
C:\Program Files (x86)\Priceless =>PUP.PriceLess^
C:\Program Files (x86)\Probit Software =>PUP.ProbitSoftware^
C:\Program Files (x86)\PrriCeDownaloaderr =>PUP.PriceDownloader^
C:\Program Files (x86)\SaoftoCeoup =>PUP.RandomName^
C:\Program Files (x86)\savInshop =>PUP.SavinShop^
C:\Program Files (x86)\sHoepndrop =>PUP.ShopDrop^
C:\Program Files (x86)\SofftCuoup =>PUP.RandomName^
C:\Program Files (x86)\SoftCoupe =>PUP.RandomName^
C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser^
C:\Program Files (x86)\SupTab =>PUP.SupTab^
C:\Program Files (x86)\WebAdSystem =>Adware.WebAdSystem^
C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch^
C:\Program Files (x86)\winservice86 =>PUP.CrossRider^
C:\Program Files (x86)\WordProser_1.10.0.1 =>PUP.WordProser^
C:\ProgramData\Activeris =>PUP.Activeris^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\FlashBeat =>PUP.FlashBeat^
C:\ProgramData\IePluginService =>PUP.IePluginService^
C:\ProgramData\IePluginServices =>PUP.IePluginService^
C:\ProgramData\IHProtectUpDate =>Adware.AgentODR^
C:\ProgramData\LolliScan =>Adware.Graftor^
C:\ProgramData\Registry Helper =>PUP.RegistryHelper^
C:\ProgramData\SaveSenseLive =>PUP.CrossRider^
C:\ProgramData\TicTaCoupon =>PUP.TicTaCoupon^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\WPM =>PUP.WpManager^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware =>PUP.Activeris^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector =>PUP.AdvancedSystemProtector^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer =>PUP.FastPlayer^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer =>Adware.NewPlayer^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max =>PUP.OptimizerEliteMax^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip =>PUP.PepperZip^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion =>Adware.PremierOpinion^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Software =>Trojan.Tivmonk^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeGuard =>PUP.SafeGuard^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch^
D:\Utilisateurs\célia\AppData\Roaming\Activeris =>PUP.Activeris^
D:\Utilisateurs\célia\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^
D:\Utilisateurs\célia\AppData\Roaming\Astromenda =>PUP.Astromenda^
D:\Utilisateurs\célia\AppData\Roaming\cacaoweb =>PUP.CacaoWeb^
D:\Utilisateurs\célia\AppData\Roaming\Dealply =>PUP.DealPly^
D:\Utilisateurs\célia\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
D:\Utilisateurs\célia\AppData\Roaming\Nosibay =>PUP.BubbleDock^
D:\Utilisateurs\célia\AppData\Roaming\oursurfing =>Hijacker.OurSurfing^
D:\Utilisateurs\célia\AppData\Roaming\Pro PC Cleaner =>PUP.DoctorPC^
D:\Utilisateurs\célia\AppData\Roaming\SupTab =>PUP.SupTab^
D:\Utilisateurs\célia\AppData\Roaming\winservices =>Trojan.Inject.RRE^
D:\Utilisateurs\célia\AppData\Local\Alerts_LLC =>PUP.AlertsLLC^
D:\Utilisateurs\célia\AppData\Local\Astromenda =>PUP.Astromenda^
D:\Utilisateurs\célia\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals^
D:\Utilisateurs\célia\AppData\Local\Crossbrowse =>PUP.CrossBrowser^
D:\Utilisateurs\célia\AppData\Local\DealPlyLive =>PUP.DealPly^
D:\Utilisateurs\célia\AppData\Local\Duuqu =>PUP.Duuqu^
D:\Utilisateurs\célia\AppData\Local\genienext =>PUP.NextLive^
D:\Utilisateurs\célia\AppData\Local\globalUpdate =>PUP.GlobalUpdate^
D:\Utilisateurs\célia\AppData\Local\gmsd_fr_002020023 =>PUP.CrossRider^
D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010016 =>PUP.CrossRider^
D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010022 =>PUP.CrossRider^
D:\Utilisateurs\célia\AppData\Local\KalityWeb =>Adware.WebAdSystem^
D:\Utilisateurs\célia\AppData\Local\Mobogenie =>PUP.Mobogenie^
D:\Utilisateurs\célia\AppData\Local\MySearchs =>Adware.MyWebSearch^
D:\Utilisateurs\célia\AppData\Local\newplayer =>Adware.NewPlayer^
D:\Utilisateurs\célia\AppData\Local\SafeGuard =>PUP.SafeGuard^
D:\Utilisateurs\célia\AppData\Local\SaveSenseLive =>PUP.CrossRider^
D:\Utilisateurs\célia\AppData\Local\SearchProtect =>PUP.SearchProtect^
D:\Utilisateurs\célia\AppData\Local\Smartbar =>Hijacker.SmartBar^
D:\Utilisateurs\célia\AppData\Local\SmartWeb =>PUP.SmartWeb^
D:\Utilisateurs\célia\AppData\Local\speed browser =>PUP.SpeedBrowser^
D:\Utilisateurs\célia\AppData\Local\SwvUpdater =>PUP.Software.Updater^
D:\Utilisateurs\célia\AppData\Local\WebBar =>PUP.WebBar^
D:\Utilisateurs\célia\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\ProgramData\Conduit =>PUP.Conduit
D:\Utilisateurs\célia\AppData\Local\Conduit =>PUP.Conduit
D:\Utilisateurs\célia\AppData\LocalLow\Conduit =>PUP.Conduit
D:\Utilisateurs\célia\AppData\LocalLow\PriceGong =>Adware.PriceGong
D:\Utilisateurs\célia\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
D:\Utilisateurs\célia\AppData\LocalLow\mixidj =>Adware.SmileyBar
D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle =>Adware.RelevantKnowledge
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\Smartbar =>Hijacker.SmartBar
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\bprotector_extensions.sqlite =>PUP.BProtector
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\bprotector_prefs.js =>PUP.BProtector
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\SearchPlugins\conduit.xml =>PUP.Conduit
C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector^
C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris^
D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut^
C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion^
C:\Program Files (x86)\Software\Update\Install\{8EA45EE8-4913-4878-839F-B9A1D271FF1F}\SoftwareUpdateSetup.exe =>Adware.Boxore^
D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\Extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6 =>PUP.CrossRider^
C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 =>PUP.CrossRider^
C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6 =>PUP.CrossRider^
C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6 =>PUP.CrossRider^
C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7 =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 =>PUP.CrossRider^
C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-6.job =>PUP.CrossRider^
C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 =>PUP.CrossRider^
C:\Windows\Tasks\a5fc5ff8-db73-4aeb-b3a8-fd2e231b21ff-4.job =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5_user.job =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 =>PUP.CrossRider^
C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4 =>PUP.CrossRider^
C:\Windows\Tasks\bench-sys.job =>PUP.GiganticSavings^
C:\Windows\System32\Tasks\bench-sys =>PUP.GiganticSavings^
C:\Windows\Tasks\bench-Updater removing.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\bench-Updater removing =>PUP.CrossRider^
C:\Windows\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^
C:\Windows\Tasks\DigitalSite.job =>Hijacker.DSite^
C:\Windows\System32\Tasks\DigitalSite =>Hijacker.DSite^
C:\Windows\Tasks\media enhance-chromeinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\media enhance-chromeinstaller =>PUP.CrossRider^
C:\Windows\Tasks\media enhance-codedownloader.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\media enhance-codedownloader =>PUP.CrossRider^
C:\Windows\Tasks\media enhance-firefoxinstaller.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\media enhance-firefoxinstaller =>PUP.CrossRider^
C:\Windows\Tasks\media enhance-updater.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\media enhance-updater =>PUP.CrossRider^
C:\Windows\Tasks\PassWidget Update.job =>PUP.PassWidget^
C:\Windows\Tasks\SaveSense.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\SaveSense =>PUP.CrossRider^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore =>PUP.CrossRider^
C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA =>PUP.CrossRider^
C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^
[HKCU\Software\Activeris] =>PUP.Activeris^
[HKCU\Software\AmiExt] =>Adware.FlashEnhancer^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE^
[HKCU\Software\AppDataLow\Software\LyricsMonkey-1] =>Adware.AddLyrics^
[HKCU\Software\AppDataLow\Software\LyricsSay-1] =>PUP.CrossRider^
[HKCU\Software\AppDataLow\Software\PassWidget] =>PUP.PassWidget^
[HKCU\Software\AppDataLow\Software\Plus-HD-1.6] =>Adware.PlusHD^
[HKCU\Software\AppDataLow\Software\Plus-HD-3.5] =>Adware.PlusHD^
[HKCU\Software\AppDataLow\Software\SmartWeb] =>PUP.SmartWeb^
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\AppDataLow\Software\WhiteSmoke_New_V6] =>PUP.WhiteSmoke^
[HKCU\Software\AppDataLow\Software\free ven] =>PUP.Freeven^
[HKCU\Software\AppDataLow\Software\media enhance] =>PUP.MediaPlayerEnhance^
[HKCU\Software\AppDataLow\Software\winservice86] =>PUP.CrossRider^
[HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}] =>Adware.Graftor^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\BatBrowse] =>PUP.BatBrowse^
[HKCU\Software\CinemaPlus-3.2cV24.05-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser^
[HKCU\Software\DSiteProducts] =>Hijacker.DSite^
[HKCU\Software\DealPlyLive] =>PUP.DealPly^
[HKCU\Software\Doko-Toolbar] =>Hijacker.Doko^
[HKCU\Software\Duuqu] =>PUP.Duuqu^
[HKCU\Software\File Type Helper] =>PUP.FileTypeHelper^
[HKCU\Software\GoHD-nv-ie] =>PUP.CrossRider^
[HKCU\Software\GoHD-nv] =>PUP.CrossRider^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax^
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^
[HKCU\Software\PepperZip] =>PUP.PepperZip^
[HKCU\Software\SafeGuardApp] =>PUP.SafeGuard^
[HKCU\Software\SaveSenseLive] =>PUP.CrossRider^
[HKCU\Software\SimplyTech] =>PUP.SimplyTech^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^
[HKCU\Software\System Speedup] =>PUP.SystemSpeedup^
[HKCU\Software\TNT2] =>Adware.TidyNetwork^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\UpToDown] =>PUP.UpToDown^
[HKCU\Software\UpdateFiles] =>Adware.Boxore^
[HKCU\Software\Visualbee] =>Adware.VisualBeeToolbar^
[HKCU\Software\Wajam] =>PUP.Wajam^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKCU\Software\astromenda] =>PUP.Astromenda^
[HKCU\Software\gamesdesktop] =>Adware.GamesDesktop^
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch^
[HKCU\Software\tuto4pc] =>PUP.AgenceExclusive^
[HKCU\Software\winservice86-nv-ie] =>PUP.CrossRider^
[HKCU\Software\winservice86-nv] =>PUP.CrossRider^
[HKLM\Software\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\BubbleSound] =>PUP.BubbleSound^
[HKLM\Software\HQuality-v3V19.10-nv] =>PUP.CrossRider^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\LolliScan] =>Adware.Graftor^
[HKLM\Software\Speedchecker Limited] =>PUP.InternetSpeedChecker^
[HKLM\Software\WebBar] =>PUP.WebBar^
[HKLM\Software\Wow6432Node\11f7643f-77e0-4a4a-a192-4b7a9e9fbf2a] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\22fbe0a4-6d53-4d01-9877-31667f148858] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\95b48dc0-8b8d-47f8-ab2e-5f40b4109b11] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\971bbd6c-f848-4ae2-9434-b893b6d0f4f1] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris^
[HKLM\Software\Wow6432Node\AmiExt] =>Adware.FlashEnhancer^
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Bench] =>PUP.GiganticSavings^
[HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf^
[HKLM\Software\Wow6432Node\BetterSurf Plus V1] =>PUP.BetterSurf^
[HKLM\Software\Wow6432Node\BetterSurf] =>PUP.BetterSurf^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\DownloaderAssistant] =>PUP.Salus^
[HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu^
[HKLM\Software\Wow6432Node\File Type Helper] =>PUP.FileTypeHelper^
[HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\Wow6432Node\GoHD-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\GoHD-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\HQuality-v3V19.10-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR^
[HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor^
[HKLM\Software\Wow6432Node\MediaViewV1] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\MediaViewV1alpha698] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\MediaViewV1alpha7499] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\MediaWatchV1] =>PUP.MediaWatch^
[HKLM\Software\Wow6432Node\MediaWatchV1home857] =>PUP.MediaWatch^
[HKLM\Software\Wow6432Node\Registry Helper] =>PUP.RegistryHelper^
[HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\RichMediaViewV1release1055] =>PUP.MediaViewer^
[HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard^
[HKLM\Software\Wow6432Node\SafeGuard] =>PUP.SafeGuard^
[HKLM\Software\Wow6432Node\Salus] =>PUP.Salus^
[HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect^
[HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser^
[HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup^
[HKLM\Software\Wow6432Node\TabNav] =>PUP.Abengine^
[HKLM\Software\Wow6432Node\Visualbee] =>Adware.VisualBeeToolbar^
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\WhiteSmoke_New_V6] =>PUP.WhiteSmoke^
[HKLM\Software\Wow6432Node\Winservices] =>Trojan.Inject.RRE^
[HKLM\Software\Wow6432Node\WordProser_1.10.0.1] =>PUP.WordProser^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\a558af43-d482-4649-b45f-6e1c09b384c2] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\aa73fe5b-d1f7-411f-8961-8d74e4ee2c2e] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\awesomehpSoftware] =>PUP.Awesomehp^
[HKLM\Software\Wow6432Node\b56ba8d1-2bff-4555-a80e-09eae0dad631] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\c968f51d-077d-494f-a31c-82fe202a993e] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\e3bdb18e-b300-43e4-991c-3eac4da6d490] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\flash-Enhancer] =>Adware.FlashEnhancer^
[HKLM\Software\Wow6432Node\free ven] =>PUP.Freeven^
[HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.Istart^
[HKLM\Software\Wow6432Node\media enhance] =>PUP.MediaPlayerEnhance^
[HKLM\Software\Wow6432Node\oursurfingSoftware] =>Hijacker.OurSurfing^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^
[HKLM\Software\Wow6432Node\winservice86-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\winservice86-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\winservice86] =>PUP.CrossRider^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
C:\ProgramData\uninstall_Deeal.exe =>PUP.DeealFr^
D:\Utilisateurs\célia\Desktop\cacaoweb.exe =>PUP.CacaoWeb^
[HKCU\Software\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
C:\Windows\Installer\572f60.msi =>Adware.WebAdSystem^
[HKCR\CLSID\{22222222-2222-2222-2222-220422892226}] (CrossriderApp0048926.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}] (Value Apps plugin) =>Toolbar.Conduit^
[HKCR\CLSID\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}] (WordProser) =>PUP.WordProser^
D:\Utilisateurs\célia\Downloads\cacaoweb.exe =>PUP.CacaoWeb
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
D:\Utilisateurs\célia\AppData\Local\Temp\{3C2D27EF-E2C2-46F8-A808-5C26F3B22E29}-Boxore_5.9.0.0.msi =>Adware.Boxore
~ Additionnel Scan: 308476 Items scanned in 05mn 08s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Scanned in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
http://nicolascoolman.fr/pup-activeris =>PUP.Activeris
http://nicolascoolman.fr/pup-cacaoweb =>PUP.CacaoWeb
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://nicolascoolman.fr/adware-premieropinion =>Adware.PremierOpinion
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/34208035-hijacker-doko =>Hijacker.Doko
http://www.nicolascoolman.fr/blog/ =>Toolbar.MixiDJ
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.fr/hijacker-trovigo =>Hijacker.Trovigo
http://nicolascoolman.fr/parasite-pugi =>Parasite.Pugi
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://nicolascoolman.fr/pup-passwidget =>PUP.PassWidget
http://nicolascoolman.fr/hijacker-gadgetbox =>Hijacker.GadgetBox
http://www.nicolascoolman.fr/blog/ =>PUP.Istart
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://www.nicolascoolman.fr/blog/ =>Hijacker.OurSurfing
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://nicolascoolman.fr/adware-webadsystem =>Adware.WebAdSystem
http://www.nicolascoolman.fr/blog/ =>PUP.WindeskWinsearch
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/pup-giganticsavings =>PUP.GiganticSavings
http://nicolascoolman.fr/hijacker-dsite =>Hijacker.DSite
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://www.nicolascoolman.fr/blog/ =>PUP.MediaPlayerEnhance
http://nicolascoolman.fr/pup-systemspeedup =>PUP.SystemSpeedup
http://www.nicolascoolman.fr/blog/ =>PUP.BidailySync
http://www.nicolascoolman.fr/blog/ =>PUP.WordProser
http://www.nicolascoolman.fr/blog/ =>PUP.DeealFr
http://www.nicolascoolman.fr/blog/ =>PUP.IePluginService
http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds
http://www.nicolascoolman.fr/blog/ =>Adware.NewPlayer
http://www.nicolascoolman.fr/blog/ =>PUP.NetworkSystemDriver
http://www.nicolascoolman.fr/blog/ =>PUP.PriceDownloader
http://www.nicolascoolman.fr/blog/ =>PUP.RandomName
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://www.nicolascoolman.fr/blog/ =>PUP.TicTaCoupon
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.fr/adware-flashenhancer =>Adware.FlashEnhancer
http://www.nicolascoolman.fr/blog/ =>PUP.DynConIE
http://nicolascoolman.fr/adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.fr/adware-plushd =>Adware.PlusHD
http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://nicolascoolman.fr/pup-whitesmoke =>PUP.WhiteSmoke
http://www.nicolascoolman.fr/blog/ =>PUP.Freeven
http://nicolascoolman.fr/hijacker-babsolution =>Hijacker.BabSolution
http://nicolascoolman.fr/pup-batbrowse =>PUP.BatBrowse
http://nicolascoolman.fr/pup-datamngr =>PUP.Datamngr
http://nicolascoolman.fr/pup-dealply =>PUP.DealPly
http://nicolascoolman.fr/pup-duuqu =>PUP.Duuqu
http://www.nicolascoolman.fr/blog/ =>PUP.FileTypeHelper
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/pup-optimizerelitemax =>PUP.OptimizerEliteMax
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://www.nicolascoolman.fr/blog/ =>PUP.PepperZip
http://www.nicolascoolman.fr/blog/ =>PUP.SafeGuard
http://www.nicolascoolman.fr/blog/ =>PUP.SimplyTech
http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer
http://nicolascoolman.fr/adware-tidynetwork =>Adware.TidyNetwork
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>PUP.UpToDown
http://nicolascoolman.fr/adware-visualbeetoolbar =>Adware.VisualBeeToolbar
http://nicolascoolman.fr/pup-astromenda =>PUP.Astromenda
http://www.nicolascoolman.fr/blog/ =>Adware.GamesDesktop
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://nicolascoolman.fr/adware-lollipop =>Adware.Lollipop
http://www.nicolascoolman.fr/blog/ =>PUP.BubbleSound
http://nicolascoolman.fr/pup-internetspeedchecker =>PUP.InternetSpeedChecker
http://www.nicolascoolman.fr/blog/ =>PUP.WebBar
http://nicolascoolman.fr/pup-bettersurf =>PUP.BetterSurf
http://www.nicolascoolman.fr/blog/ =>PUP.Salus
http://www.nicolascoolman.fr/blog/ =>Adware.AgentODR
http://www.nicolascoolman.fr/blog/ =>PUP.MediaViewer
http://www.nicolascoolman.fr/blog/ =>PUP.MediaWatch
http://nicolascoolman.fr/pup-offerbox =>PUP.OfferBox
http://www.nicolascoolman.fr/blog/ =>PUP.RegistryHelper
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.Abengine
http://nicolascoolman.fr/pup-vittalia =>PUP.Vittalia
http://www.nicolascoolman.fr/blog/ =>Trojan.Inject.RRE
http://nicolascoolman.fr/pup-awesomehp =>PUP.Awesomehp
http://www.nicolascoolman.fr/blog/ =>Hijacker.DeltaHomes
http://nicolascoolman.fr/pup-esafesecurity =>PUP.eSafeSecurity
http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog/ =>PUP.Deal4reaL
http://www.nicolascoolman.fr/blog/ =>PUP.DealsFinderPro
http://www.nicolascoolman.fr/blog/ =>PUP.GreatSaving
http://www.nicolascoolman.fr/blog/ =>PUP.HighlightSearches
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://nicolascoolman.fr/trojan-tivmonk =>Trojan.Tivmonk
http://www.nicolascoolman.fr/blog/ =>PUP.PriceLess
http://nicolascoolman.fr/pup-probitsoftware =>PUP.ProbitSoftware
http://nicolascoolman.fr/pup-savinshop =>PUP.SavinShop
http://www.nicolascoolman.fr/blog/ =>PUP.ShopDrop
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://www.nicolascoolman.fr/blog/ =>PUP.FlashBeat
http://www.nicolascoolman.fr/blog/ =>PUP.FastPlayer
http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock
http://www.nicolascoolman.fr/blog/ =>PUP.DoctorPC
http://www.nicolascoolman.fr/blog/ =>PUP.AlertsLLC
http://nicolascoolman.fr/adware-bonanzadeals =>Adware.BonanzaDeals
http://nicolascoolman.fr/pup-nextlive =>PUP.NextLive
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/pup-software-updater =>PUP.Software.Updater
http://nicolascoolman.fr/hijacker-searchgol =>Hijacker.SearchGol
http://www.nicolascoolman.fr/blog/ =>PUP.Shopperz
http://www.nicolascoolman.fr/blog/ =>Adware.Pirrit
http://nicolascoolman.fr/pup-bitguard =>PUP.BitGuard
http://nicolascoolman.fr/pup-glindorus =>PUP.Glindorus
http://nicolascoolman.fr/pup-linkswift =>PUP.LinkSwift
http://nicolascoolman.fr/pup-rewardsarcade =>PUP.RewardsArcade
http://www.nicolascoolman.fr/blog/ =>Adware.PricePeep
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://www.nicolascoolman.fr/blog/ =>Adware.Adkubru
http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://nicolascoolman.fr/pup-eorezo =>PUP.Eorezo
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://nicolascoolman.fr/pup-tarma =>PUP.Tarma
http://www.nicolascoolman.fr/blog/ =>Toolbar.Freecorder
http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods
http://nicolascoolman.fr/adware-smileybar =>Adware.SmileyBar
http://nicolascoolman.fr/adware-relevantknowledge =>Adware.RelevantKnowledge
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
~ MSI: 139 link(s) detected in 00mn 01s
End of the scan (3716 lines in 24mn 34s)(0.11)