~ ZHPDiag v2015.7.29.105 Par Nicolas Coolman (2015/07/29) ~ Démarré par info (Administrator) (2015/07/31 08:20:02) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ Etat de la version: Version OK ~ Mode: Scanner ~ Rapport: C:\Users\info\Desktop\ZHPDiag.txt ~ Rapport: C:\Users\info\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ Démarrage du système: Normal (Normal boot) ~ Windows 7, 32-bit Service Pack 1 (Build 7601) ---\\ Navigateurs Internet (3) - 0s GCIE: Google Chrome v44.0.2403.125 MFIE: Mozilla Firefox 14.0.1 (x86 fr) v14.0.1 MSIE: Internet Explorer v11.0.9600.17914 ---\\ Informations sur les produits Windows (10) - 2s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 7QJB7 Windows License : OK ~ Windows Remaining Initializations Number : 4 Windows Automatic Updates : OK (Auto) Windows Activation Technologies : OK ---\\ Surveillance de Logiciels (2) - 4s Adobe Flash Player 12 ActiveX & Plugin Adobe Reader XI ---\\ Informations sur le système (6) - 0s ~ Operating System: x86 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 3069.808 MB (40% free) ~ System Restore: Activé (Enable) ~ System drive C: has 125 GB free of 199 GB ---\\ Mode de connexion au système (3) - 0s ~ Computer Name: SOUKAINA ~ User Name: info ~ Logged in as Administrator ---\\ Enumération des unités disques (3) - 0s ~ Drive C: has 125 GB free of 199 GB (System) ~ Drive D: has 144 GB free of 249 GB ~ Drive E: has 265 GB free of 265 GB ---\\ Etat du Centre de Sécurité Windows (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Recherche particulière de fichiers génériques (23) - 2s [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) () -- C:\Windows\Explorer.exe [2616320] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) () -- C:\Windows\System32\Wininit.exe [96256] [MD5.63B01F72FD727D5736DBEF54174D8F93] - (.Microsoft Corporation - Extensions Internet pour Win32.) () -- C:\Windows\System32\wininet.dll [1951232] [MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Application d’ouverture de session Windows.) () -- C:\Windows\System32\Winlogon.exe [304128] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) () -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] [MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888] [MD5.01C5B803F6E1FDF8F16F0763DA9B997D] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [124416] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904] [MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) () -- C:\Windows\System32\drivers\ntfs.sys [1212352] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) () -- C:\Windows\System32\drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168] [MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) () -- C:\Windows\System32\drivers\volsnap.sys [245632] ---\\ Processus lancés (18) - 7s [MD5.FA25836EE747B6057FB137373F8AAB02] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [251096] [PID.1208] [MD5.C73CA0CFDC55865F17706C6AE91DC195] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1011416] [PID.1232] [MD5.911F179646EBF2FAEE370C1C55D3D307] - (.Windows SysTool - Windows SysTool.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [545280] [PID.1472] =>PUP.Optional.Fuyu [MD5.DC4801AA07678ECAEB0AA2BE3F69CF86] - (.Taiwan Shui Mu Chih Ching Technology Limited. - dsk service.) -- C:\Program Files\WinZipper\winzipersvc.exe [337040] [PID.1496] [MD5.A6CE73469591554279DA63BE715DBC93] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe [87968] [PID.1784] [MD5.7FE34FD5652C54BDA8D2DF8AC92E833A] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1341664] [PID.1892] [MD5.59B5A12463E9C8F967051D1FCDF8C525] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files\MiuiTab\ProtectService.exe [125112] [PID.1932] =>PUP.Optional.MiuiTab [MD5.B88A592C93319B477A36FC9D4D2B1FB2] - (.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe [755536] [PID.2032] [MD5.D834F199FBAF404EB763002C443C21C7] - (.http://lucky-tab.com/ - http://lucky-tab.com/.) -- C:\Program Files\LuckyTab\LuckyTab.exe [1394112] [PID.2360] =>PUP.Optional.LuckyTab [MD5.5DDAB1319ACA5F9DAED11F27D8B615BB] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568] [PID.2604] [MD5.79D99CA9DBD21DBE9CA0C4ACB4BAD419] - (.RealNetworks, Inc. - RealPlayer Cloud Service.) -- c:\program files\Real\realplayer\RPDS\Bin\rpdsvc.exe [1141848] [PID.2684] [MD5.A1AC400C87A5B819285899645FE12DAE] - (...) -- C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552] [PID.2732] [MD5.FF513BC3B9A0B0FCF321DEA523E9546F] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3565432] [PID.3316] [MD5.7DFCCC67990B6DE7F30F553A4E4612A4] - (...) -- C:\Program Files\RocketDock\RocketDock.exe [495616] [PID.3324] [MD5.FF786A74F62361A71AECDB8F8AC95D6F] - (.Somoto - FilesFrog.com Update Checker.) -- C:\Users\info\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808] [PID.3392] =>PUP.Optional.MegaSearch [MD5.432F4E8794A2EA8A64E4C75EA80B790E] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe [1694560] [PID.3628] [MD5.4F9236BE13917B89F7A03DEA85F220FA] - (.Copyright 2012 - WebPlayer.) -- C:\Users\info\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe [202752] [PID.3776] [MD5.77FBCE63719BE1DFDA9E5178CD7EE7CF] - (.RealNetworks, Inc. - RealPlayer Cloud Service UI.) -- C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe [822880] [PID.3908] ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) (12) - 1s G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.v9.com?type=hp&ts=1435062742&from=mych123&uid=toshibaxmq01abd075_62t8p3gxtxx62t8p3gxt&z=f83a289d9cdda61ec5597a6g4z3cew5e0q6o7m4zao G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ocifcklkibdehekfnmflempfgjhbedch] __MSG_name__ G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) (31) - 7s M0 - MFSP: prefs.js [info - gefs9udw.default] http://www.v9.com?type=hp&ts=1436188533&from=mych123&uid=toshibaxmq01abd075_62t8p3gxtxx62t8p3gxt&z=38ba810fc0ab2e74e327a24gdzfc9q4g6b1b0w7ccc M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\addon@defaulttab.com.xpi P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{085c65b5-43c5-4fdc-b8eb-849f6dc50c84}.xpi P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\ask-web-search.xml P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\babylon.xml =>PUP.Optional.Babylon P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\bingp.xml P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\dsrlte.xml P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\utorrentbarfr-customized-web-search.xml =>PUP.Optional.uTorrentBar P2 - EXT FILE: (...) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\V9.xml P2 - EXT: (.Mindspark - Utility Chest.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\49ffxtbr@www.utilitychest.com =>PUP.Optional.MyWebSearch P2 - EXT: (.lightningnewtab.com - Default NewTab.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\default_newtabff@gmail.com =>PUP.Optional.LightningNewTab P2 - EXT: (.lightning - Security Protection.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\detgdp@gmail.com P2 - EXT: (.Plus HD - Plus-HD-V1.8c.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\EOPN29927080@OCIFAPD100469180.com P2 - EXT: (.lightningnewtab.com - Fast Start.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\faststartff@gmail.com =>PUP.Optional.FastStart P2 - EXT: (.lightningnewtab.com - QuickSearch.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\quick_searchff@gmail.com =>PUP.Optional.QuickSearch P2 - EXT: (. - WS-Recommender.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\recws@ws.com P2 - EXT: (. - WebSite Recommendation.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\WebSiteRecommendation@weliketheweb.com P2 - EXT: (.ClientConnect Ltd. - uTorrentBar_FR .) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} =>PUP.Optional.ClientConnect P2 - EXT: (. - AppsHat.) -- C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF} P2 - FPN: [HKLM] [@adobe.com/AuthorwarePlayer] - (.Macromedia, Inc..) -- C:\Windows\System32\Macromed\AUTHORWA\np32asw.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_12_0_0_77.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=17.0.12.0] - (.RealNetworks, Inc..) -- c:\program files\Real\realplayer\Netscape6\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprndlhtml5videoshim;version=17.0.12] - (.RealNetworks, Inc..) -- C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll P2 - FPN: [HKLM] [@real.com/nprpplugin;version=17.0.12.0] - (.RealPlayer Cloud.) -- c:\program files\Real\realplayer\Netscape6\nprpplugin.dll P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.Optional.GlobalUpdate P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.Optional.GlobalUpdate P2 - FPN: [HKLM] [@UtilityChest_49.com/Plugin] - (.UtilityChest_49.) -- C:\Program Files\UtilityChest_49\bar\1.bin\NP49Stub.dll =>PUP.Optional.MyWebSearch P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.3] - (.VideoLAN.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) (14) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/ =>PUP.Optional.Qvo6 R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/ =>PUP.Optional.Qvo6 R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/ =>PUP.Optional.Qvo6 R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/ =>PUP.Optional.Qvo6 R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/ =>PUP.Optional.Qvo6 R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com/ =>PUP.Optional.IsStart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/ =>PUP.Optional.Qvo6 R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com/ =>PUP.Optional.IsStart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} Orphean R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R3 - URLSearchHook: (no name) - {539F76FD-084E-4858-86D5-62F02F54AE86} Orphean ---\\ Internet Explorer, Proxy Management (R5) (6) - 1s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;localhost;10.*;192.168.*;127.0.0.1:895;127.0.0.1:896; =>Hijacker.Proxy R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8555;https=127.0.0.1:8555 =>Hijacker.Proxy R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ---\\ Hosts file redirection (O1) (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object de navigateur (BHO) (O2) (10) - 1s O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll O2 - BHO: Search Assistant BHO - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} . (...) -- C:\Program Files\UtilityChest_49\bar\1.bin\49SrcAs.dll (.not file.) O2 - BHO: CrossriderApp0059568 - {11111111-1111-1111-1111-110511951168} . (.InfoHD-V1.8 - HD-V1.9 BHO.) -- C:\Program Files\HD-V1.9\HD-V1.9-bho.dll =>PUP.Optional.CrossRider O2 - BHO: GoodTab Class - {1F91A9A1-01BA-4c81-863D-3BA0751E1419} . (.Thinkgood Co. Limited - GoodTab.) -- C:\Program Files\MiuiTab\SupTab.dll =>PUP.Optional.MiuiTab O2 - BHO: Record Page - {2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} . (...) -- C:\Program Files\Record Page\Extensions\2335267c-dbba-4dd5-a9d0-c4db8e6a75a4.dll (.not file.) =>RecordPage O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealPlayer Video Downloader.) -- C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Toolbar BHO - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} . (...) -- C:\PROGRA~1\UTILIT~2\bar\1.bin\49bar.dll (.not file.) O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} . (.Search Results LLC. - Search Results.) -- C:\Windows\System32\config\systemprofile\AppData\Roaming\defaulttab\defaulttab\DefaultTabBHO.dll O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} . (...) -- C:\Program Files\Minibar\Minibar.dll (.not file.) =>PUP.Optional.Minibar O2 - BHO: Staging - {C35B7206-62EB-F808-5475-18A6FDE7DD94} . (.Copyright 2013 - .) -- c:\Users\All Users\dl159\159.dll ---\\ Internet Explorer Toolbars (O3) (2) - 1s O3 - Toolbar: 0x5F7567CF65929C4487CFB945519E073B - [HKCU]{CF67755F-9265-449C-87CF-B945519E073B} . (...) -- C:\Program Files\UtilityChest_49\bar\1.bin\49bar.dll (.not file.) =>PUP.Optional.MyWebSearch O3 - Toolbar: (no name) - [HKLM]{cf67755f-9265-449c-87cf-b945519e073b} (Orphean) (.not file.) =>PUP.Optional.MyWebSearch ---\\ Applications lancées au démarrage du sytème (O4) (29) - 2s O4 - HKLM\..\Run: [Utility Chest Search Scope Monitor] C:\PROGRA~1\UTILIT~2\bar\1.bin\49srchmn.exe (.not file.) O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [ultracopier] C:\Program Files\Supercopier\supercopier.exe (.not file.) O4 - HKCU\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe O4 - HKCU\..\Run: [Orbitum] C:\Users\info\AppData\Local\Orbitum\Application\chrome.exe (.not file.) O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\info\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKCU\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Users\info\AppData\Local\FilesFrog Update Checker\update_checker.exe =>PUP.Optional.MegaSearch O4 - HKCU\..\Run: [NextLive] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe O4 - HKCU\..\Run: [FLV Player] . (.Copyright 2012 - WebPlayer.) -- C:\Users\info\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [ultracopier] C:\Program Files\Supercopier\supercopier.exe (.not file.) O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [RocketDock] . (...) -- C:\Program Files\RocketDock\RocketDock.exe O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [Orbitum] C:\Users\info\AppData\Local\Orbitum\Application\chrome.exe (.not file.) O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\info\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [SDP] . (.Somoto - FilesFrog.com Update Checker.) -- C:\Users\info\AppData\Local\FilesFrog Update Checker\update_checker.exe =>PUP.Optional.MegaSearch O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [NextLive] . (.Microsoft Corporation - Processus hôte Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [FLV Player] . (.Copyright 2012 - WebPlayer.) -- C:\Users\info\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe O4 - HKUS\S-1-5-21-3075661393-2257366334-3735391160-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe ---\\ Raccourcis Global Startup (O4G) (1) - 6s O4 - GS\Programs [Public]: MediaGet.lnk . (...) C:\Users\info\AppData\Local\MediaGet2\mediaget.exe =>PUP.Optional.MediaGet ---\\ Modification Domaine/Adresses DNS (O17) (3) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Liste des services NT non Microsoft et non désactivés (O23) (19) - 2s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files\MiuiTab\ProtectService.exe =>PUP.Optional.AgentODR O23 - Service: Ma-Config Agent (MaConfigAgent) . (.CybelSoft - Service de détection matériel.) - C:\Program Files\ma-config.com\MaConfigAgent.exe O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc. - RealPlayer Cloud Service.) - c:\program files\Real\realplayer\RPDS\Bin\rpdsvc.exe O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Util HulaToo (Util HulaToo) . (...) - C:\Program Files\HulaToo\bin\utilHulaToo.exe (.not file.) =>PUP.Optional.HulaToo O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\System32\vmnetdhcp.exe O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\System32\vmnat.exe O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Windows SysTool - Windows SysTool.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Optional.Fuyu O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limited. - dsk service.) - C:\Program Files\WinZipper\winzipersvc.exe ---\\ Tâches planifiées en automatique (O39) (49) - 6s O39 - APT: Orphean - (...) -- C:\Windows\Tasks\AmiUpdXp.job [354] =>PUP.Optional.SoftwareUpdater O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-1.job [1502] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-11.job [3426] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-4.job [2162] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5.job [1384] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5_user.job [1404] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\Tasks\Dealply.job [286] =>PUP.Optional.Dealply O39 - APT: Orphean - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3075661393-2257366334-3735391160-1000Core.job [902] O39 - APT: Orphean - (...) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3075661393-2257366334-3735391160-1000UA.job [924] O39 - APT: Orphean - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [920] =>PUP.Optional.GlobalUpdate O39 - APT: Orphean - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [924] =>PUP.Optional.GlobalUpdate O39 - APT: Orphean - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6e2326c6bcf4.job [1054] O39 - APT: Orphean - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d090258f1ec03e.job [1054] O39 - APT: Orphean - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8db45aa13d9a.job [1058] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-SOUKAINA-info [3488] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\AmiUpdXp [3390] =>PUP.Optional.SoftwareUpdater O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\BobyLyrics-1-codedownloader [3222] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\BobyLyrics-1-updater [3318] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-1 [4532] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-11 [5462] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-4 [4198] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5 [3420] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5_user [3434] =>PUP.Optional.CrossRider O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Dealply [3224] =>PUP.Optional.Dealply O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\Default2Check [3682] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\DefaultCheck [3680] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\DefaultReg [3680] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3075661393-2257366334-3735391160-1000Core [3530] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3075661393-2257366334-3735391160-1000UA [3898] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [3668] =>PUP.Optional.GlobalUpdate O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [3922] =>PUP.Optional.GlobalUpdate O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6e2326c6bcf4 [3802] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d090258f1ec03e [3802] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8db45aa13d9a [4054] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\JkRL2t8okyt6W [2616] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\LuckyTab [3386] =>PUP.Optional.LuckyTab O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3368] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3212] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3348] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3190] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3075661393-2257366334-3735391160-1000 [3326] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{1A7905EF-525B-46D6-A270-9D7C5208FD52} [3146] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{209E3244-2F3F-4175-A02A-B7170F3D4D29} [3230] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{352794CF-90C5-4221-9AF9-517FCF8387FA} [3220] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{4CB0D46F-506A-4640-AD5B-782ACE2ACA19} [3070] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{81D59ACB-668C-46D8-A910-954DD60CAC27} [3128] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{95D72F60-5A40-4223-A250-217A43E8B2D5} [3268] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{AF88D5D3-7B3B-4810-8C2E-AAD071F9EF62} [3152] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{F27A436B-2744-4C3E-9209-D8BB0D18B9F7} [3094] ---\\ Logiciels installés (O42) (98) - 22s O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Creative Cloud O42 - Logiciel: Adobe Flash Player 12 ActiveX & Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Shockwave Player + Authorware Web Player - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player + Authorware Web Player O42 - Logiciel: BB FlashBack Pro 3 - (.Blueberry.) [HKLM] -- BB FlashBack Pro 3 O42 - Logiciel: Bundled software uninstaller - (...) [HKLM] -- bi_uninstaller O42 - Logiciel: Cisco Networking Academy curriculum 4.0.0.0 - (.Cisco Systems, Inc..) [HKLM] -- Cisco Networking Academy curriculum_is1 O42 - Logiciel: Cisco Packet Tracer 5.3 - (.Cisco Systems, Inc..) [HKLM] -- Cisco Packet Tracer 5.3_is1 O42 - Logiciel: CommentCaMarche 2.0.6 - (.Quidéa/CommentCaMarche.net.) [HKLM] -- CommentCaMarche_is1 O42 - Logiciel: Defaulttab - (.Search Results, LLC.) [HKLM] -- DefaultTab O42 - Logiciel: FilesFrog Update Checker - (...) [HKLM] -- FilesFrog Update Checker O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome O42 - Logiciel: HD-V1.9 - (.InfoHD-V1.8.) [HKLM] -- HD-V1.9 O42 - Logiciel: OffersWizard Network System Driver - (...) [HKLM] -- inethnfd O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager O42 - Logiciel: Internet Mobile - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Internet Mobile O42 - Logiciel: GDR 2218 pour SQL Server 2012 (KB2716442) - (.Microsoft Corporation.) [HKLM] -- KB2716442 O42 - Logiciel: Mozilla Firefox 14.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 14.0.1 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: MP3jam 1.1.1.10 - (.MP3jam.) [HKLM] -- MP3jam_is1 O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] -- Notepad++ O42 - Logiciel: RealPlayer Cloud - (.RealNetworks.) [HKLM] -- RealPlayer 17.0 O42 - Logiciel: RocketDock 1.3.5 - (.Punk Software.) [HKLM] -- RocketDock_is1 O42 - Logiciel: SoftwareUpdater - (...) [HKLM] -- SoftwareUpdater =>PUP.Optional.SoftwareUpdater O42 - Logiciel: SopCast 3.9.3 - (.www.sopcast.com.) [HKLM] -- SopCast O42 - Logiciel: The KMPlayer (remove only) - (...) [HKLM] -- The KMPlayer O42 - Logiciel: TELL ME MORE - (...) [HKLM] -- TMM90 O42 - Logiciel: Utility Chest Firefox Toolbar - (.Mindspark Interactive Network.) [HKLM] -- UtilityChest_49bar Uninstall Firefox =>PUP.Optional.MindSpark O42 - Logiciel: Utility Chest Internet Explorer Toolbar - (.Mindspark Interactive Network.) [HKLM] -- UtilityChest_49bar Uninstall Internet Explorer =>PUP.Optional.MindSpark O42 - Logiciel: VLC media player 2.0.3 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: VMware Workstation - (.VMware, Inc.) [HKLM] -- VMware_Workstation O42 - Logiciel: WinRAR 4.11 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: WinZipper - (.Taiwan Shui Mu Chih Ching Technology Limited..) [HKLM] -- WinZipper O42 - Logiciel: tools-freebsd - (.VMware, Inc..) [HKLM] -- {003BFBBD-6C67-419E-A24D-0DCAFC3A5249} O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {0C0304C3-20BC-4B09-ACE3-495CA6C28F3E} O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM] -- {0D94F75A-0EA6-4951-B3AF-B145FA9E05C6} O42 - Logiciel: SQL Server 2012 Common Files - (.Microsoft Corporation.) [HKLM] -- {124D51A1-F3C2-45AE-B812-D3CA71247093} O42 - Logiciel: tools-netware - (.VMware, Inc..) [HKLM] -- {197597A7-AD33-4898-9D8E-73066818B464} O42 - Logiciel: Adobe Touch App Plugins - (.Adobe Systems Incorporated.) [HKLM] -- {1EC083EE-5B76-4A2A-B95A-CAF460AA29D6} O42 - Logiciel: PDF Settings CC - (.Adobe Systems Incorporated.) [HKLM] -- {1FBAE18D-4DE4-47AA-83EC-D1B046F262DC} O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} O42 - Logiciel: Skype™ 7.4 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} O42 - Logiciel: SQL Server 2012 Documentation Components - (.Microsoft Corporation.) [HKLM] -- {2B126817-FEBA-4ADE-84CF-5C807B797870} O42 - Logiciel: Adobe Photoshop CC - (.Adobe Systems Incorporated.) [HKLM] -- {2D99B50E-431D-4AA8-85C1-172A6F8BCF09} O42 - Logiciel: Microsoft VSS Writer for SQL Server 2012 - (.Microsoft Corporation.) [HKLM] -- {2EB88B38-A700-411C-B45E-33A5EB81B936} O42 - Logiciel: Sql Server Customer Experience Improvement Program - (.Microsoft Corporation.) [HKLM] -- {30CA21F2-901A-44DB-A43F-FC31CD0F2493} O42 - Logiciel: SQL Server Browser for SQL Server 2012 - (.Microsoft Corporation.) [HKLM] -- {4B9E6EB0-0EED-4E74-9479-F982C3254F71} O42 - Logiciel: SQL Server 2012 Reporting Services - (.Microsoft Corporation.) [HKLM] -- {4FD1D41E-94FD-42C9-8966-055F187E7B99} O42 - Logiciel: Evernote v. 5.8.1 - (.Evernote Corp..) [HKLM] -- {4FD2D1C8-8636-11E4-9D21-00163E98E7D6} O42 - Logiciel: SQL Server 2012 Documentation Components - (.Microsoft Corporation.) [HKLM] -- {4FDCAF14-93FA-4052-BBB5-E8616C48D7AC} O42 - Logiciel: SQL Server 2012 Full text search - (.Microsoft Corporation.) [HKLM] -- {54E297F1-C05D-4502-B58E-CDCD83BF7E2C} O42 - Logiciel: SQL Server 2012 Database Engine Shared - (.Microsoft Corporation.) [HKLM] -- {54F84805-0116-467F-8713-899DFC472235} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: 6741 - (.Microsoft.) [HKLM] -- {637DC750-5F8C-4397-89B9-FA4B8DD5D9B8} O42 - Logiciel: SQL Server 2012 Reporting Services - (.Microsoft Corporation.) [HKLM] -- {6550E263-00D4-4916-B2C5-F254BFE848B9} O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {7722483A-5FB8-4A2E-9422-6DA527A9173F} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: Adobe Photoshop CC 2014 (32 Bit) - (.Adobe Systems Incorporated.) [HKLM] -- {7C25E7A0-A0A1-4B87-BB30-BF0FBDC37878} O42 - Logiciel: SQL Server 2012 Common Files - (.Microsoft Corporation.) [HKLM] -- {7D29ED63-84F9-4EC7-B49F-994A3A3195B2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {817750FA-EC6A-485D-9901-0683AE6FFDF1} O42 - Logiciel: SQL Server 2012 BI Development Studio - (.Microsoft Corporation.) [HKLM] -- {8A9A1840-AE5C-4721-8F18-E629465A92DE} O42 - Logiciel: Prerequisites for SSDT - (.Microsoft Corporation.) [HKLM] -- {9169C939-ED01-446A-BD0C-29873BAF4E48} O42 - Logiciel: SQL Server 2012 Documentation Components - (.Microsoft Corporation.) [HKLM] -- {91D5025C-139A-4977-82FD-9E2A8A32269A} O42 - Logiciel: VmciSockets - (.VMware, Inc..) [HKLM] -- {9757062A-CF62-47C3-B649-C91BBB8CA9DE} O42 - Logiciel: Software Version Updater - (...) [HKLM] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {9B486871-27EB-49A5-8832-77176E63333C} O42 - Logiciel: SQL Server 2012 BI Development Studio - (.Microsoft Corporation.) [HKLM] -- {9B646DA5-D671-4767-96D0-70808544E5DE} O42 - Logiciel: Microsoft Report Viewer 2012 Runtime - (.Microsoft Corporation.) [HKLM] -- {9CCE40CE-A9E6-4916-8729-B008558EEF3F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: SQL Server 2012 SQL Data Quality Common - (.Microsoft Corporation.) [HKLM] -- {A9CA25A2-4171-4289-B9D3-78A012A3A340} O42 - Logiciel: tools-solaris - (.VMware, Inc..) [HKLM] -- {AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4} O42 - Logiciel: Adobe Reader XI (11.0.04) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} O42 - Logiciel: SQL Server 2012 Management Studio - (.Microsoft Corporation.) [HKLM] -- {AD15759F-488D-442C-A8B4-C4FEEACFA939} O42 - Logiciel: tools-winPre2k - (.VMware, Inc..) [HKLM] -- {AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D} O42 - Logiciel: LG Connection Manager - (.LGE.) [HKLM] -- {BBF60130-FB99-4909-B0F3-A511F25E13A9} O42 - Logiciel: LG Wireless USB Modem Driver - (.LG Electronics.) [HKLM] -- {C4C4642E-B5E3-4044-A3E6-BD997FF6F72E} O42 - Logiciel: Sql Server Customer Experience Improvement Program - (.Microsoft Corporation.) [HKLM] -- {C965F01C-76EA-4BD7-973E-46236AE312D7} O42 - Logiciel: SQL Server 2012 Management Studio - (.Microsoft Corporation.) [HKLM] -- {CB1177DD-0316-4C93-A5AE-BBF1E2B7F07E} O42 - Logiciel: SQL Server 2012 Database Engine Shared - (.Microsoft Corporation.) [HKLM] -- {D0F44C37-A22B-4733-BBA7-86C9F4988725} O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM] -- {D102611A-6466-4101-A51D-51069303AC65} O42 - Logiciel: SQL Server 2012 Database Engine Services - (.Microsoft Corporation.) [HKLM] -- {DCE79FAE-6AC4-4718-A5BB-DA41F1740784} O42 - Logiciel: SQL Server 2012 Database Engine Services - (.Microsoft Corporation.) [HKLM] -- {E0012154-D166-4FDF-96BF-ECFF4AA367B5} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {E14ADE0E-75F3-4A46-87E5-26692DD626EC} O42 - Logiciel: Microsoft System CLR Types for SQL Server 2012 - (.Microsoft Corporation.) [HKLM] -- {E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB} O42 - Logiciel: UpdateService - (.RealNetworks, Inc..) [HKLM] -- {E3AE96D6-E196-45B4-AF62-2B41998B9E37} O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: tools-windows - (.VMware, Inc..) [HKLM] -- {FFD9383C-01D5-4897-A954-43AF599AED30} O42 - Logiciel: AppsHat Mobile Apps - (.Somoto Ltd..) [HKCU] -- AppsHat Mobile Apps =>PUP.Optional.MegaSearch O42 - Logiciel: CVitaeV4 - (...) [HKCU] -- CVitaeV4 O42 - Logiciel: ESET Smart Security Packages - (...) [HKCU] -- ESET Smart Security Packages O42 - Logiciel: FLV Player - (.Somoto Ltd..) [HKCU] -- FLV Player =>PUP.Optional.MegaSearch O42 - Logiciel: jZip - (.Bandoo Media Inc.) [HKCU] -- jZip =>PUP.Optional.Bandoo O42 - Logiciel: MediaGet - (.Media Get LLC.) [HKCU] -- MediaGet =>PUP.Optional.MediaGet O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent ---\\ HKCU & HKLM Software Keys (187) - 22s HKLM\SOFTWARE\534d6dbe06eb949 HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\AMD HKLM\SOFTWARE\Apple Computer, Inc. HKLM\SOFTWARE\Apple Inc. HKLM\SOFTWARE\ATI Technologies HKLM\SOFTWARE\Auralog HKLM\SOFTWARE\Blueberry Software HKLM\SOFTWARE\Bunndle HKLM\SOFTWARE\CDDB HKLM\SOFTWARE\Client HKLM\SOFTWARE\CLSID HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit HKLM\SOFTWARE\cybelsoft HKLM\SOFTWARE\CyberLink HKLM\SOFTWARE\DataMngr =>PUP.Optional.Datamngr HKLM\SOFTWARE\DealPlyLive =>PUP.Optional.Dealply HKLM\SOFTWARE\Default Tab =>Toolbar.Agent HKLM\SOFTWARE\DefaultTab HKLM\SOFTWARE\Delta =>Toolbar.DeltaSearch HKLM\SOFTWARE\delta-homesSoftware =>PUP.Optional.DeltaHomes HKLM\SOFTWARE\Disc Soft HKLM\SOFTWARE\ESET HKLM\SOFTWARE\Evernote HKLM\SOFTWARE\Freemake HKLM\SOFTWARE\GEAR Software HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\GoForFiles HKLM\SOFTWARE\Google HKLM\SOFTWARE\HaaliMkx HKLM\SOFTWARE\HD-V1.9 HKLM\SOFTWARE\hdcode HKLM\SOFTWARE\Huawei technologies HKLM\SOFTWARE\IHProtect =>PUP.Optional.AgentODR HKLM\SOFTWARE\IM Providers HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\InstalledThirdPartyPrograms =>PUP.Optional HKLM\SOFTWARE\InstallShield HKLM\SOFTWARE\Intel HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\JavaSoft HKLM\SOFTWARE\JLC's Software HKLM\SOFTWARE\JreMetrics HKLM\SOFTWARE\LG Electronics HKLM\SOFTWARE\LGE HKLM\SOFTWARE\logishrd HKLM\SOFTWARE\Logitech HKLM\SOFTWARE\LogSys HKLM\SOFTWARE\LuckyTab =>PUP.Optional.LuckyTab HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\mcafeeupdater HKLM\SOFTWARE\Minibar =>PUP.Optional.Minibar HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\Naver HKLM\SOFTWARE\Notepad++ HKLM\SOFTWARE\Nuance HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\OKitSpace =>PUP.Optional.Onekit HKLM\SOFTWARE\Opera Software HKLM\SOFTWARE\PicexaSvc =>PUP.Optional.Picexa HKLM\SOFTWARE\RealNetworks HKLM\SOFTWARE\Realtek HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\Sensible Vision HKLM\SOFTWARE\SharingMax HKLM\SOFTWARE\Skype HKLM\SOFTWARE\SoftwareUpdater =>PUP.Optional.SoftwareUpdater HKLM\SOFTWARE\Sonic HKLM\SOFTWARE\SopCast HKLM\SOFTWARE\SRS Labs HKLM\SOFTWARE\SupDp =>PUP.Optional.SupTab HKLM\SOFTWARE\supTab =>PUP.Optional.SupTab HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Optional.Fuyu HKLM\SOFTWARE\supWPM =>PUP.Optional.WpManager HKLM\SOFTWARE\Systweak =>PUP.Optional.Systweak HKLM\SOFTWARE\ThinPrint HKLM\SOFTWARE\UtilityChest_49 HKLM\SOFTWARE\V9 =>PUP.Optional.V9Software HKLM\SOFTWARE\VideoLAN HKLM\SOFTWARE\Vittalia =>PUP.Optional.Vittalia HKLM\SOFTWARE\VMware, Inc. HKLM\SOFTWARE\Volatile HKLM\SOFTWARE\WebConnect =>WebConnect HKLM\SOFTWARE\webssearchesSoftware =>PUP.Optional.WebsSearches HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\winzipersvc HKLM\SOFTWARE\Xing Technology Corp. HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AnchorFree HKCU\SOFTWARE\AOMEI HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\Armand_Morin HKCU\SOFTWARE\BabSolution =>PUP.Optional.BabSolution HKCU\SOFTWARE\BI =>PUP.Optional.MegaSearch HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Blueberry Software HKCU\SOFTWARE\Cisco HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\CyberLink HKCU\SOFTWARE\DataMngr =>PUP.Optional.Datamngr HKCU\SOFTWARE\DataMngr_Toolbar =>PUP.Optional.Datamngr HKCU\SOFTWARE\DealPlyLive =>PUP.Optional.Dealply HKCU\SOFTWARE\Default Tab =>Toolbar.Agent HKCU\SOFTWARE\DefaultTab HKCU\SOFTWARE\Delta =>Toolbar.DeltaSearch HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\drpsu HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Evernote HKCU\SOFTWARE\Facebook HKCU\SOFTWARE\Freemake HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\GoforFiles HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Imagenomic HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\InstalledThirdPartyPrograms =>PUP.Optional HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\jZip HKCU\SOFTWARE\kde.org HKCU\SOFTWARE\Kiloo Games HKCU\SOFTWARE\KMPlayer HKCU\SOFTWARE\LG Connection Manager HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\LogiShrd HKCU\SOFTWARE\Logitech HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\Media Get LLC HKCU\SOFTWARE\Mediaget =>PUP.Optional.MediaGet HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MP3Jam HKCU\SOFTWARE\Naver HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\PegasusImaging HKCU\SOFTWARE\PluginAddon =>Trojan.Vonteera HKCU\SOFTWARE\PySoft HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\RocketDock HKCU\SOFTWARE\SamLab.ws HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SkypeRS HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\Somoto =>PUP.Optional.MegaSearch HKCU\SOFTWARE\SubSystems HKCU\SOFTWARE\Systweak =>PUP.Optional.Systweak HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\TeleCharger HKCU\SOFTWARE\TeleCharger_v2 HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Ultracopier HKCU\SOFTWARE\UpdateStar HKCU\SOFTWARE\UpToDown =>PUP.Optional.UpToDown HKCU\SOFTWARE\Ut Video Codec Suite HKCU\SOFTWARE\UtilityChest_49 HKCU\SOFTWARE\V9 =>PUP.Optional.V9Software HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\VMware, Inc. HKCU\SOFTWARE\WebApp HKCU\SOFTWARE\WebPlayer =>PUP.Optional.WebPlayer HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\SOFTWARE HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DefaultTab HKCU\SOFTWARE\AppDataLow\Software\HD-V1.9 HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\RealNetworks HKCU\SOFTWARE\AppDataLow\Software\SmartBar =>PUP.Optional.SmartBar HKCU\SOFTWARE\AppDataLow\Software\ThinPrint HKCU\SOFTWARE\AppDataLow\Software\UtilityChest_49 ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) (277) - 21s O43 - CFD: 2013/09/01 14:26:15 - [] D -- C:\Program Files\Active WebCam O43 - CFD: 2014/10/07 02:14:25 - [] D -- C:\Program Files\Adobe O43 - CFD: 2013/10/16 00:39:09 - [] D -- C:\Program Files\Apple Software Update O43 - CFD: 2013/10/08 21:40:16 - [] D -- C:\Program Files\Auralog O43 - CFD: 2013/06/12 07:56:40 - [] D -- C:\Program Files\Blueberry Software O43 - CFD: 2013/06/03 22:20:57 - [] D -- C:\Program Files\Cisco Packet Tracer 5.3 O43 - CFD: 2014/09/08 12:31:32 - [] D -- C:\Program Files\CommentCaMarche O43 - CFD: 2015/05/10 23:49:02 - [] D -- C:\Program Files\Common Files O43 - CFD: 2013/07/14 23:16:09 - [] D -- C:\Program Files\CVitaeV4 O43 - CFD: 2013/09/04 16:01:59 - [] D -- C:\Program Files\CyberLink O43 - CFD: 2013/06/24 21:19:50 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 2013/06/01 20:04:07 - [] D -- C:\Program Files\ESET O43 - CFD: 2015/01/12 23:10:42 - [] D -- C:\Program Files\Evernote O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\Program Files\Fichiers communs O43 - CFD: 2015/03/15 10:47:38 - [] D -- C:\Program Files\Freemake O43 - CFD: 2015/06/04 16:31:10 - [] D -- C:\Program Files\Google O43 - CFD: 2015/01/06 21:14:07 - [] D -- C:\Program Files\HD-V1.9 O43 - CFD: 2014/01/18 23:29:36 - [] HD -- C:\Program Files\InstallShield Installation Information O43 - CFD: 2013/06/02 10:40:45 - [] D -- C:\Program Files\Intel O43 - CFD: 2015/06/28 16:27:31 - [] D -- C:\Program Files\Internet Download Manager O43 - CFD: 2015/07/15 17:31:01 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 2013/06/05 21:25:20 - [] D -- C:\Program Files\Internet Mobile O43 - CFD: 2013/10/16 00:40:04 - [] D -- C:\Program Files\iPod O43 - CFD: 2013/10/16 00:40:56 - [] D -- C:\Program Files\iTunes O43 - CFD: 2013/11/11 12:27:29 - [0] D -- C:\Program Files\JLC's Software O43 - CFD: 2015/05/18 20:49:13 - [] D -- C:\Program Files\JpegWizard2 O43 - CFD: 2014/01/19 00:12:23 - [] D -- C:\Program Files\KONAMI O43 - CFD: 2013/06/21 07:26:00 - [] D -- C:\Program Files\LG Connection Manager O43 - CFD: 2013/06/21 07:27:02 - [] D -- C:\Program Files\LG Electronics O43 - CFD: 2013/09/01 15:03:45 - [] D -- C:\Program Files\Logitech O43 - CFD: 2014/12/03 20:09:09 - [] D -- C:\Program Files\LuckyTab =>PUP.Optional.LuckyTab O43 - CFD: 2013/06/01 19:59:00 - [] D -- C:\Program Files\ma-config.com O43 - CFD: 2014/02/13 23:43:17 - [] D -- C:\Program Files\Microsoft Analysis Services O43 - CFD: 2009/07/14 07:49:30 - [] D -- C:\Program Files\Microsoft Games O43 - CFD: 2014/02/13 22:53:08 - [] D -- C:\Program Files\Microsoft Help Viewer O43 - CFD: 2013/06/20 16:56:11 - [] D -- C:\Program Files\Microsoft Learning O43 - CFD: 2014/09/17 11:49:39 - [] D -- C:\Program Files\Microsoft Office O43 - CFD: 2014/02/13 22:44:25 - [] D -- C:\Program Files\Microsoft SDKs O43 - CFD: 2014/02/17 00:30:18 - [] D -- C:\Program Files\Microsoft SQL Server O43 - CFD: 2014/09/14 11:59:47 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 2014/09/14 11:59:47 - [] D -- C:\Program Files\Microsoft Sync Framework O43 - CFD: 2014/09/14 12:00:34 - [] D -- C:\Program Files\Microsoft Synchronization Services O43 - CFD: 2014/02/13 23:06:00 - [] D -- C:\Program Files\Microsoft Visual Studio 10.0 O43 - CFD: 2014/09/14 11:57:12 - [] D -- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 2014/02/02 20:25:33 - [] D -- C:\Program Files\Microsoft Visual Studio 9.0 O43 - CFD: 2014/09/15 01:55:08 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 2015/07/16 12:02:57 - [] D -- C:\Program Files\MiuiTab =>PUP.Optional.MiuiTab O43 - CFD: 2015/05/08 23:55:03 - [] D -- C:\Program Files\Mozilla Firefox O43 - CFD: 2013/06/01 19:48:59 - [] D -- C:\Program Files\Mozilla Maintenance Service O43 - CFD: 2014/12/04 12:39:45 - [] D -- C:\Program Files\MP3jam O43 - CFD: 2014/09/17 12:10:21 - [] D -- C:\Program Files\MSBuild O43 - CFD: 2013/07/27 20:51:56 - [0] D -- C:\Program Files\Naver O43 - CFD: 2013/11/15 18:48:45 - [] D -- C:\Program Files\Notepad++ O43 - CFD: 2014/12/04 20:00:42 - [] D -- C:\Program Files\Opera O43 - CFD: 2013/10/01 23:51:26 - [] D -- C:\Program Files\Photoshop O43 - CFD: 2014/08/15 10:27:10 - [] D -- C:\Program Files\Real O43 - CFD: 2014/08/15 10:26:55 - [] D -- C:\Program Files\RealNetworks O43 - CFD: 2014/07/10 17:55:43 - [] D -- C:\Program Files\Realtek O43 - CFD: 2009/07/14 04:52:30 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 2013/06/05 18:27:37 - [] D -- C:\Program Files\RocketDock O43 - CFD: 2014/07/10 18:02:33 - [] D -- C:\Program Files\SAM CoDeC Pack O43 - CFD: 2015/06/04 21:43:42 - [] RD -- C:\Program Files\Skype O43 - CFD: 2014/09/30 15:21:33 - [] D -- C:\Program Files\SopCast O43 - CFD: 2014/07/09 19:25:39 - [] D -- C:\Program Files\SupTab =>PUP.Optional.SupTab O43 - CFD: 2013/06/01 19:49:16 - [] D -- C:\Program Files\The KMPlayer O43 - CFD: 2013/11/17 13:56:00 - [] D -- C:\Program Files\UltraISO O43 - CFD: 2009/07/14 04:53:23 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 2014/07/10 18:02:34 - [0] D -- C:\Program Files\utvideo O43 - CFD: 2013/06/01 19:49:56 - [] D -- C:\Program Files\VideoLAN O43 - CFD: 2013/06/05 20:13:23 - [] D -- C:\Program Files\VMware O43 - CFD: 2013/07/15 02:48:26 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 2015/05/18 22:05:20 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 2013/06/24 21:19:51 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 2015/06/17 22:14:33 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 2013/06/01 19:31:39 - [] D -- C:\Program Files\Windows NT O43 - CFD: 2013/06/24 21:19:49 - [] D -- C:\Program Files\Windows Photo Viewer O43 - CFD: 2013/06/24 21:19:49 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 2013/06/24 21:19:50 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 2013/06/01 19:47:46 - [] D -- C:\Program Files\WinRAR O43 - CFD: 2015/07/31 08:15:36 - [] D -- C:\Program Files\WinZipper O43 - CFD: 2013/06/01 19:28:31 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2009/07/14 04:46:36 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2013/06/12 07:56:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blueberry Software O43 - CFD: 2013/09/22 21:07:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Networking Academy O43 - CFD: 2013/06/03 22:20:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer O43 - CFD: 2015/07/22 07:05:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CommentCaMarche O43 - CFD: 2013/06/01 20:04:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET O43 - CFD: 2015/01/12 23:11:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote O43 - CFD: 2013/06/01 19:28:32 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2015/03/15 13:55:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 2013/09/21 10:27:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud O43 - CFD: 2013/06/01 19:49:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2013/06/05 21:25:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Mobile O43 - CFD: 2013/10/16 00:41:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 2013/11/11 12:27:29 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JLC's Software O43 - CFD: 2014/01/18 23:29:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI O43 - CFD: 2013/06/21 07:25:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Connection Manager O43 - CFD: 2013/06/01 19:58:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com O43 - CFD: 2009/07/14 04:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2013/06/20 16:56:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Learning O43 - CFD: 2014/10/09 10:48:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 2014/02/13 23:30:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 O43 - CFD: 2014/02/13 23:56:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 O43 - CFD: 2014/02/15 16:18:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 O43 - CFD: 2013/11/15 13:03:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ O43 - CFD: 2013/09/01 14:26:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PY Software O43 - CFD: 2014/08/15 10:26:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks O43 - CFD: 2013/06/05 18:27:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock O43 - CFD: 2014/09/17 12:13:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 2015/04/17 12:03:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 2014/09/30 15:21:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast O43 - CFD: 2014/08/15 10:25:20 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2009/07/14 07:48:18 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2013/10/08 21:40:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TELL ME MORE Performance O43 - CFD: 2015/05/15 22:40:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The JPEG Wizard2 O43 - CFD: 2013/06/01 19:50:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 2013/06/05 20:14:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware O43 - CFD: 2013/06/01 19:47:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2015/07/16 12:03:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper O43 - CFD: 2013/10/16 00:40:56 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 O43 - CFD: 2014/06/21 01:20:09 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2013/09/04 15:53:45 - [] D -- C:\ProgramData\Apple O43 - CFD: 2013/09/04 15:56:40 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2013/06/12 10:30:47 - [] D -- C:\ProgramData\Blueberry O43 - CFD: 2014/01/19 15:08:06 - [] D -- C:\ProgramData\BlueStacksSetup O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\ProgramData\Bureau O43 - CFD: 2013/08/08 23:22:14 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 2013/10/08 21:38:05 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 2015/03/15 10:52:12 - [] D -- C:\ProgramData\DatacardService O43 - CFD: 2013/06/11 08:44:30 - [] D -- C:\ProgramData\DealPlyLive =>PUP.Optional.Dealply O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2014/11/21 21:21:17 - [] D -- C:\ProgramData\dl159 O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2013/06/01 20:04:07 - [] D -- C:\ProgramData\ESET O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\ProgramData\Favoris O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 2015/03/15 10:47:47 - [0] D -- C:\ProgramData\Freemake O43 - CFD: 2013/09/25 14:44:21 - [] D -- C:\ProgramData\Google O43 - CFD: 2013/06/01 19:49:27 - [0] D -- C:\ProgramData\IDM O43 - CFD: 2014/07/09 19:25:43 - [] D -- C:\ProgramData\IePluginServices =>Trojan.SProtector O43 - CFD: 2015/05/08 23:53:30 - [] D -- C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR O43 - CFD: 2014/06/20 19:11:44 - [] D -- C:\ProgramData\InstallMate =>PUP.Optional.Tarma O43 - CFD: 2013/11/18 02:42:59 - [] D -- C:\ProgramData\IsolatedStorage O43 - CFD: 2013/09/01 14:33:00 - [] D -- C:\ProgramData\LogiShrd O43 - CFD: 2013/06/12 07:56:54 - [] D -- C:\ProgramData\LogSys O43 - CFD: 2013/06/01 19:58:59 - [] D -- C:\ProgramData\ma-config.com O43 - CFD: 2015/07/19 08:40:23 - [] D -- C:\ProgramData\MailUpdate =>PUP.Optional.MailUpdate O43 - CFD: 2014/01/15 12:22:51 - [] D -- C:\ProgramData\McAfee O43 - CFD: 2013/09/01 14:54:49 - [0] D -- C:\ProgramData\Media Get LLC =>PUP.Optional.MediaGet O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\ProgramData\Menu Démarrer O43 - CFD: 2015/04/21 11:47:52 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2015/07/15 17:53:01 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2013/09/18 12:58:12 - [] D -- C:\ProgramData\Modem HDM EC156 O43 - CFD: 2013/06/01 19:31:39 - [0] SHD -- C:\ProgramData\Modèles O43 - CFD: 2013/06/01 19:48:57 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 2014/06/19 13:30:34 - [0] D -- C:\ProgramData\Oracle O43 - CFD: 2014/08/06 19:19:07 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 2014/08/15 10:26:00 - [] D -- C:\ProgramData\Real O43 - CFD: 2014/08/15 10:26:53 - [] D -- C:\ProgramData\RealNetworks O43 - CFD: 2014/07/08 18:04:17 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 2015/07/30 16:59:14 - [] D -- C:\ProgramData\Skype O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2013/12/08 21:33:12 - [] D -- C:\ProgramData\Sun O43 - CFD: 2013/07/25 17:31:02 - [] D -- C:\ProgramData\Temp O43 - CFD: 2009/07/14 04:53:55 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2015/07/31 08:10:54 - [] D -- C:\ProgramData\VMware O43 - CFD: 2015/07/16 11:59:05 - [] D -- C:\ProgramData\WindowsMangerProtect =>PUP.Optional.Fuyu O43 - CFD: 2015/07/01 17:51:16 - [] D -- C:\Program Files\Common Files\Adobe O43 - CFD: 2013/10/16 00:40:00 - [] D -- C:\Program Files\Common Files\Apple O43 - CFD: 2013/06/12 07:56:46 - [] D -- C:\Program Files\Common Files\Blueberry Software O43 - CFD: 2014/06/20 14:52:10 - [] D -- C:\Program Files\Common Files\Config O43 - CFD: 2014/09/17 12:13:01 - [] D -- C:\Program Files\Common Files\DESIGNER O43 - CFD: 2014/01/18 23:27:46 - [] D -- C:\Program Files\Common Files\InstallShield O43 - CFD: 2013/06/02 10:40:46 - [] D -- C:\Program Files\Common Files\Intel O43 - CFD: 2013/09/01 15:04:30 - [] D -- C:\Program Files\Common Files\LogiShrd O43 - CFD: 2014/02/13 22:57:40 - [0] D -- C:\Program Files\Common Files\Merge Modules O43 - CFD: 2014/09/17 12:11:00 - [] D -- C:\Program Files\Common Files\microsoft shared O43 - CFD: 2009/07/14 02:37:05 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 2015/04/17 12:03:02 - [] D -- C:\Program Files\Common Files\Skype O43 - CFD: 2009/07/14 02:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 2013/07/15 02:01:49 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 2013/06/05 20:13:18 - [] D -- C:\Program Files\Common Files\VMware O43 - CFD: 2014/08/15 10:26:05 - [] D -- C:\Program Files\Common Files\xing shared O43 - CFD: 2013/06/11 08:44:17 - [] D -- C:\Users\info\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C O43 - CFD: 2014/07/08 18:04:22 - [] D -- C:\Users\info\AppData\Roaming\Adobe O43 - CFD: 2013/09/20 18:10:41 - [] D -- C:\Users\info\AppData\Roaming\Apple Computer O43 - CFD: 2013/06/12 10:31:08 - [] D -- C:\Users\info\AppData\Roaming\Blueberry O43 - CFD: 2015/03/28 20:34:33 - [] D -- C:\Users\info\AppData\Roaming\CVitae O43 - CFD: 2013/09/04 16:05:30 - [] D -- C:\Users\info\AppData\Roaming\CyberLink O43 - CFD: 2013/11/17 16:47:05 - [] D -- C:\Users\info\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 2015/07/31 08:04:54 - [] D -- C:\Users\info\AppData\Roaming\DMCache O43 - CFD: 2013/06/01 20:11:12 - [] D -- C:\Users\info\AppData\Roaming\ESET O43 - CFD: 2013/06/01 19:32:25 - [] D -- C:\Users\info\AppData\Roaming\Identities O43 - CFD: 2015/06/26 22:15:11 - [] D -- C:\Users\info\AppData\Roaming\IDM O43 - CFD: 2013/11/18 02:42:59 - [] D -- C:\Users\info\AppData\Roaming\IsolatedStorage O43 - CFD: 2013/11/11 12:27:29 - [0] D -- C:\Users\info\AppData\Roaming\JLC's Software O43 - CFD: 2013/09/01 14:29:57 - [] D -- C:\Users\info\AppData\Roaming\Leadertech O43 - CFD: 2014/05/09 01:46:07 - [] D -- C:\Users\info\AppData\Roaming\LG Connection Manager O43 - CFD: 2013/06/12 07:57:57 - [] D -- C:\Users\info\AppData\Roaming\LogSys O43 - CFD: 2013/06/02 10:47:38 - [] D -- C:\Users\info\AppData\Roaming\Macromedia O43 - CFD: 2015/07/16 12:00:49 - [] D -- C:\Users\info\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate O43 - CFD: 2009/07/14 07:48:18 - [0] D -- C:\Users\info\AppData\Roaming\Media Center Programs O43 - CFD: 2015/02/10 00:12:22 - [] SD -- C:\Users\info\AppData\Roaming\Microsoft O43 - CFD: 2013/10/28 19:04:06 - [] D -- C:\Users\info\AppData\Roaming\Mozilla O43 - CFD: 2014/12/04 12:39:54 - [] D -- C:\Users\info\AppData\Roaming\Mp3jam O43 - CFD: 2013/11/15 13:03:31 - [] D -- C:\Users\info\AppData\Roaming\Notepad++ O43 - CFD: 2014/12/04 20:00:36 - [0] D -- C:\Users\info\AppData\Roaming\Opera Software O43 - CFD: 2013/11/14 23:53:33 - [] D -- C:\Users\info\AppData\Roaming\PDAppFlex O43 - CFD: 2014/09/01 01:24:46 - [] D -- C:\Users\info\AppData\Roaming\Real O43 - CFD: 2014/08/15 10:27:46 - [] D -- C:\Users\info\AppData\Roaming\RealNetworks O43 - CFD: 2015/07/30 16:59:11 - [] D -- C:\Users\info\AppData\Roaming\Skype O43 - CFD: 2015/02/12 20:21:10 - [] D -- C:\Users\info\AppData\Roaming\Sphinx O43 - CFD: 2015/07/31 08:21:13 - [] D -- C:\Users\info\AppData\Roaming\uTorrent O43 - CFD: 2015/04/01 22:07:08 - [] D -- C:\Users\info\AppData\Roaming\vlc O43 - CFD: 2014/02/27 22:47:40 - [] D -- C:\Users\info\AppData\Roaming\VMware O43 - CFD: 2013/06/02 09:36:59 - [] D -- C:\Users\info\AppData\Roaming\WinRAR O43 - CFD: 2014/12/26 20:31:31 - [0] D -- C:\Users\info\AppData\Roaming\WinZipper O43 - CFD: 2015/07/31 08:20:38 - [] D -- C:\Users\info\AppData\Roaming\ZHP O43 - CFD: 2014/07/09 14:11:07 - [] D -- C:\Users\info\AppData\Local\13812 O43 - CFD: 2014/06/20 16:00:14 - [] D -- C:\Users\info\AppData\Local\15601 O43 - CFD: 2014/09/23 18:16:40 - [] D -- C:\Users\info\AppData\Local\9212 O43 - CFD: 2014/07/09 19:22:49 - [] D -- C:\Users\info\AppData\Local\9349 O43 - CFD: 2015/07/31 08:19:51 - [] D -- C:\Users\info\AppData\Local\Adobe O43 - CFD: 2013/09/19 13:55:00 - [] D -- C:\Users\info\AppData\Local\adslTV O43 - CFD: 2013/09/04 15:55:38 - [] D -- C:\Users\info\AppData\Local\Apple O43 - CFD: 2013/09/04 15:59:33 - [] D -- C:\Users\info\AppData\Local\Apple Computer O43 - CFD: 2013/06/01 19:32:11 - [0] SHD -- C:\Users\info\AppData\Local\Application Data O43 - CFD: 2013/10/04 00:54:33 - [] D -- C:\Users\info\AppData\Local\avgchrome O43 - CFD: 2014/01/19 00:35:45 - [] D -- C:\Users\info\AppData\Local\cache O43 - CFD: 2013/07/25 17:34:07 - [] D -- C:\Users\info\AppData\Local\CyberLink O43 - CFD: 2015/02/13 17:06:43 - [] D -- C:\Users\info\AppData\Local\Diagnostics O43 - CFD: 2013/12/09 12:54:26 - [] D -- C:\Users\info\AppData\Local\Eclipse O43 - CFD: 2014/12/04 01:46:16 - [] SHD -- C:\Users\info\AppData\Local\EmieBrowserModeList O43 - CFD: 2014/08/22 21:58:00 - [] SHD -- C:\Users\info\AppData\Local\EmieSiteList O43 - CFD: 2014/08/22 21:58:00 - [] SHD -- C:\Users\info\AppData\Local\EmieUserList O43 - CFD: 2013/06/01 20:11:12 - [] D -- C:\Users\info\AppData\Local\ESET O43 - CFD: 2015/01/12 23:12:23 - [] D -- C:\Users\info\AppData\Local\Evernote O43 - CFD: 2013/07/27 21:57:29 - [] D -- C:\Users\info\AppData\Local\Facebook O43 - CFD: 2015/07/16 11:59:26 - [] D -- C:\Users\info\AppData\Local\FilesFrog Update Checker =>PUP.Optional.MegaSearch O43 - CFD: 2015/03/15 13:55:35 - [] D -- C:\Users\info\AppData\Local\Google O43 - CFD: 2015/06/02 05:27:38 - [] D -- C:\Users\info\AppData\Local\GWX O43 - CFD: 2013/06/01 19:32:11 - [0] SHD -- C:\Users\info\AppData\Local\Historique O43 - CFD: 2013/09/01 14:43:06 - [] D -- C:\Users\info\AppData\Local\Logitech® Webcam Software O43 - CFD: 2013/06/02 10:47:38 - [] D -- C:\Users\info\AppData\Local\Macromedia O43 - CFD: 2013/06/05 19:43:43 - [] D -- C:\Users\info\AppData\Local\Media Get LLC =>PUP.Optional.MediaGet O43 - CFD: 2014/02/23 22:54:46 - [] D -- C:\Users\info\AppData\Local\Microsoft O43 - CFD: 2014/02/02 23:54:26 - [] D -- C:\Users\info\AppData\Local\Microsoft Games O43 - CFD: 2014/09/17 12:51:16 - [] D -- C:\Users\info\AppData\Local\Microsoft Help O43 - CFD: 2014/02/01 20:31:58 - [] D -- C:\Users\info\AppData\Local\Microsoft_Corporation O43 - CFD: 2013/06/01 19:49:34 - [] D -- C:\Users\info\AppData\Local\Mozilla O43 - CFD: 2014/12/04 20:00:36 - [0] D -- C:\Users\info\AppData\Local\Opera Software O43 - CFD: 2013/11/18 02:41:13 - [] D -- C:\Users\info\AppData\Local\Programs O43 - CFD: 2013/06/05 19:17:42 - [] D -- C:\Users\info\AppData\Local\Real O43 - CFD: 2014/06/09 21:21:06 - [] D -- C:\Users\info\AppData\Local\Skype O43 - CFD: 2015/07/31 08:20:55 - [] D -- C:\Users\info\AppData\Local\Temp O43 - CFD: 2013/06/01 19:32:11 - [0] SHD -- C:\Users\info\AppData\Local\Temporary Internet Files O43 - CFD: 2013/07/18 02:59:35 - [] D -- C:\Users\info\AppData\Local\TrafficSpaceLLC O43 - CFD: 2013/08/09 01:19:58 - [] D -- C:\Users\info\AppData\Local\VirtualStore O43 - CFD: 2014/02/27 22:47:39 - [] D -- C:\Users\info\AppData\Local\VMware O43 - CFD: 2015/07/16 12:00:02 - [] D -- C:\Users\info\AppData\Local\WebPlayer O43 - CFD: 2009/07/14 04:42:04 - [] RD -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/03/10 21:48:16 - [] RD -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2013/07/14 23:16:14 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CVitaeV4 O43 - CFD: 2013/09/04 16:02:02 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam O43 - CFD: 2013/10/07 10:51:31 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker =>PUP.Optional.MegaSearch O43 - CFD: 2015/06/04 09:57:00 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player O43 - CFD: 2013/06/01 19:49:26 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2013/11/11 12:27:29 - [0] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JLC's Software O43 - CFD: 2009/07/14 04:37:42 - [] RD -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2013/06/05 19:45:21 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2 =>PUP.Optional.MediaGet O43 - CFD: 2013/11/15 13:03:14 - [0] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ O43 - CFD: 2013/09/01 14:26:17 - [0] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PY Software O43 - CFD: 2014/09/30 15:21:22 - [0] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast O43 - CFD: 2015/03/10 21:48:16 - [] RD -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2013/06/01 19:49:16 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer O43 - CFD: 2013/06/01 19:47:46 - [] D -- C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) (4) - 11s O45 - LFCP:[MD5.7F722B558018338CB79C8717D632E8AB] 2015/03/15 10:31:28 A -- C:\Windows\Prefetch\HULATOO.BROWSERADAPTER.EXE-9402D691.pf =>PUP.Optional.HulaToo O45 - LFCP:[MD5.29F7343FB2F430010EB35B6590E62AD5] 2015/03/15 10:31:16 A -- C:\Windows\Prefetch\HULATOO.PURBROWSE.EXE-A5CA1715.pf =>PUP.Optional.HulaToo O45 - LFCP:[MD5.98DBF577BB2FE31F032D7B35379BD888] 2015/03/15 10:49:39 A -- C:\Windows\Prefetch\UPDATEHULATOO.EXE-26DCAB08.pf =>PUP.Optional.HulaToo O45 - LFCP:[MD5.185991622049A8BD880C9E27B22C4DD1] 2015/03/15 10:49:24 A -- C:\Windows\Prefetch\UTILHULATOO.EXE-851A7670.pf =>PUP.Optional.HulaToo ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) (10) - 1s O53 - SMSR:HKLM\...\startupreg\Adobe Creative Cloud [Key] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\MediaGet2 [Key] . (...) -- C:\Users\info\AppData\Local\MediaGet2\mediaget.exe (.not file.) =>PUP.Optional.MediaGet O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Optional.Mobogenie O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O53 - SMSR:HKLM\...\startupreg\Utility Chest Search Scope Monitor [Key] . (...) -- C:\PROGRA~1\UTILIT~2\bar\1.bin\49srchmn.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\UtilityChest_49 Browser Plugin Loader [Key] . (...) -- C:\PROGRA~1\UTILIT~2\bar\1.bin\49brmon.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe ---\\ Liste des pilotes du système (SDL) (O58) (97) - 11s O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] O58 - SDL:2009/07/14 01:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] O58 - SDL:2009/07/14 01:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] O58 - SDL:2011/03/11 05:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256] O58 - SDL:2009/07/14 01:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] O58 - SDL:2011/03/11 05:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400] O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] O58 - SDL:2009/07/14 01:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] O58 - SDL:2009/07/13 22:02:49 A . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gi.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888] O58 - SDL:2013/06/12 07:57:19 A . (.Windows (R) Codename Longhorn DDK provider - Mirror Miniport Driver.) -- C:\Windows\System32\drivers\bbcap.sys [4096] O58 - SDL:2009/07/13 22:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] O58 - SDL:2009/07/13 22:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] O58 - SDL:2009/07/14 00:57:25 A . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128] O58 - SDL:2009/07/13 22:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] O58 - SDL:2009/07/13 22:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] O58 - SDL:2009/07/13 22:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] O58 - SDL:2009/07/13 22:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] O58 - SDL:2009/07/14 01:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] O58 - SDL:2009/07/14 01:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] O58 - SDL:2013/02/14 10:21:04 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [171680] O58 - SDL:2013/01/10 07:25:20 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [122240] O58 - SDL:2009/07/14 01:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] O58 - SDL:2013/01/10 07:25:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [150080] O58 - SDL:2013/01/10 07:25:20 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [46056] O58 - SDL:2013/02/14 10:21:04 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [47568] O58 - SDL:2009/07/13 22:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] O58 - SDL:2012/08/21 13:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26840] O58 - SDL:2011/08/29 20:11:00 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [32496] O58 - SDL:2009/07/13 22:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] O58 - SDL:2013/02/19 08:59:36 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECI.sys [49272] O58 - SDL:2009/07/14 01:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] O58 - SDL:2013/12/18 11:27:40 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\drivers\iaStorA.sys [490344] O58 - SDL:2013/12/18 11:27:40 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [24424] O58 - SDL:2011/03/11 05:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160] O58 - SDL:2015/05/20 12:55:54 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [123968] O58 - SDL:2013/02/19 11:43:42 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [10861056] O58 - SDL:2009/07/14 01:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] O58 - SDL:2010/02/26 13:31:24 A . (.Intel Corporation - Intel(R) Turbo Boost Technology Driver.) -- C:\Windows\System32\drivers\Impcd.sys [132480] O58 - SDL:2011/08/23 03:11:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [270336] O58 - SDL:2009/09/23 00:31:44 A . (.LG Electronics Inc - LG Wireless USB Multi function Driver.) -- C:\Windows\System32\drivers\lgwusbbus.sys [13696] O58 - SDL:2009/09/23 00:31:44 A . (.LG Electronics Inc - LG Wireless USB Modem Driver.) -- C:\Windows\System32\drivers\lgwusbmodem.sys [25216] O58 - SDL:2009/09/23 00:31:46 A . (.LG Electronics Inc - LG Wireless USB Serial1 Driver.) -- C:\Windows\System32\drivers\lgwusbser01.sys [21248] O58 - SDL:2009/09/23 00:31:48 A . (.LG Electronics Inc - LG Wireless USB Serial2 Driver.) -- C:\Windows\System32\drivers\lgwusbser02.sys [21248] O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] O58 - SDL:2009/07/14 01:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168] O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] O58 - SDL:2009/07/14 01:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] O58 - SDL:2014/03/07 15:43:58 A . (.Ralink Technology, Corp. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28.sys [2144456] O58 - SDL:2009/07/14 01:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] O58 - SDL:2011/03/11 05:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120] O58 - SDL:2011/03/11 05:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744] O58 - SDL:2009/07/14 01:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] O58 - SDL:2009/07/14 01:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] O58 - SDL:2014/01/08 16:23:46 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys [693464] O58 - SDL:2014/03/13 06:02:52 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [3032664] O58 - SDL:2014/01/03 09:33:52 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [214232] O58 - SDL:2009/07/13 20:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] O58 - SDL:2009/07/14 01:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] O58 - SDL:2009/07/14 01:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] O58 - SDL:2009/07/14 01:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] O58 - SDL:2012/12/13 12:50:38 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056] O58 - SDL:2009/07/14 01:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] O58 - SDL:2011/08/08 12:58:56 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [98928] O58 - SDL:2012/01/18 11:06:02 A . (.VMware, Inc. - VMware virtual network driver (32-bit).) -- C:\Windows\System32\drivers\vmnet.sys [19568] O58 - SDL:2012/01/18 11:06:02 A . (.VMware, Inc. - VMware virtual network adapter driver (32-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [16624] O58 - SDL:2012/01/18 11:06:02 A . (.VMware, Inc. - VMware bridge driver (32-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [36464] O58 - SDL:2012/01/18 13:46:16 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [25712] O58 - SDL:2011/08/29 20:01:10 A . (.VMware, Inc. - VMware USB driver.) -- C:\Windows\System32\drivers\vmusb.sys [31280] O58 - SDL:2012/01/18 13:47:36 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [55664] O58 - SDL:2009/07/14 01:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] O58 - SDL:2011/07/08 13:32:56 A . (.VMware, Inc. - VMware Virtual Storage Volume Driver.) -- C:\Windows\System32\drivers\vstor2-mntapi10-shared.sys [22768] O58 - SDL:2014/11/27 06:46:00 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{033a6f56-e958-4ed8-a315-2fedc919d2dc}w.sys [43192] =>PUP.Optional.LinkiDoo O58 - SDL:2014/07/08 17:42:04 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw.sys [52920] =>PUP.Optional.LinkiDoo O58 - SDL:2014/08/29 17:15:30 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}w.sys [52408] =>PUP.Optional.LinkiDoo O58 - SDL:2014/11/28 08:46:30 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{b00f276a-69b7-4e9b-b1d3-dc3c7bb35170}w.sys [43192] =>PUP.Optional.LinkiDoo O58 - SDL:2014/11/29 23:47:06 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{c933aa85-a419-42da-9957-2f32a4c0601a}w.sys [43192] =>PUP.Optional.LinkiDoo O58 - SDL:2013/05/07 13:27:10 A . (...) -- C:\Windows\System32\ambakdrv.sys [26424] O58 - SDL:2013/05/07 13:27:10 A . (...) -- C:\Windows\System32\ammntdrv.sys [129720] O58 - SDL:2013/02/06 14:52:48 A . (...) -- C:\Windows\System32\amwrtdrv.sys [14392] O58 - SDL:2009/07/13 21:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:2009/07/13 21:40:44 A . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:2009/07/13 21:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:2009/07/13 21:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:2009/07/13 21:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:2009/07/13 21:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:2009/07/13 21:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:2009/07/13 21:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:2009/07/13 21:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:2009/07/13 21:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:2009/07/13 21:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:2009/07/13 21:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:2009/07/13 21:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:2009/07/13 21:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:2009/07/13 21:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672] ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) (2) - 41s O61 - LFC: 2015/07/31 08:12:37 A . (..) -- C:\Users\info\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 2015/07/31 08:19:21 A . (..) -- C:\Users\info\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [236] ---\\ Associations Shell Spawning (O67) (1) - 1s O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Ob.) -- C:\Windows\System32\eventvwr.exe ---\\ Menu de démarrage Internet (SMI) (O68) (12) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- c:\program files\mozilla firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) (365) - 38s O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_TMP_city", "MOHAMMEDIA"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_TMP_country", "MA"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_country", "MOROCCO"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_locId", "MOXX0006"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_location", "Mohammedia, 08, Morocco"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_region", "OT"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.FirstTime", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.FirstTimeFF3", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.RestartDialogFirstTime", "false"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.RestartDialogShouldDisplay", "false"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.SearchAppState.enc", "Mg=="); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.SearchAppTracking.enc", "MQ=="); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://trovi.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN2961344506296[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.UserID", "UN29613445062962223"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.appOptions", "{}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.browser.search.defaultthis.engineName", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.countryCode", "MA"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.dum", "2"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.firstTimeDialogOpened", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "TRUE"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.fullUserID", "UN29613445062962223.IN.20131006005520"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installDate", "06/10/2013 00:55:25"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installSessionId", "-1"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installSp", "FALSE"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installType", "Unknown"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installUsage", "2015-02-10T02:57:06.8796403+03:00"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installUsageEarly", "2015-02-10T02:56:58.9857873+03:00"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.installerVersion", "1.7.0.9"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.isCheckedStartAsHidden", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.keyword", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://www.trovi.com/?gd=&ctid=CT2851639&octid=CT28[...] =>PUP.Optional.Trovigo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.lastVersion", "10.35.0.503"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "VFJVRQ=="); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"F136368553@taalim.ma\",\"EB_MAIN_FRAME_URL\":\"https%3A%2F%2Fm[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.originalHomepage", "http://rts.dsrlte.com?affID=na"); =>PUP.Optional.PaybyAds O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.originalSearchAddressUrl", "http://rts.dsrlte.com/?q="); =>PUP.Optional.PaybyAds O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.originalSearchEngine", "Yahoo! Search"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.originalSearchEngineName", "Yahoo! Search"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.performedDomainChangesMigration", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.search.searchAppId", "129351529700743801"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.search.searchCount", "0"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchFromAddressBarEnabledByUser", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchRevert", "FALSE"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchSuggestEnabledByUser", "True"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchUninstallUserMode", "8"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.searchUserMode", "8"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR [...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_Configuration_lastUpdate", "1435254888824"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1435254885542"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1435254886850"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1435254885224"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1423526219129"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1423526227673"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_login_10.35.0.503_lastUpdate", "1435277402267"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1435254885372"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1435254887984"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1435254886827"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1423526219821"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1435254885121"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1435277402617"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1435254884977"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.settingsINI", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.showToolbarPermission", "false"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.smartbar.homepage", true); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.toolbarBornServerTime", "10-2-2015"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.toolbarCurrentServerTime", "26-6-2015"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.toolbarInstallDate", "09-02-2015 23:56:59"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.toolbarLoginClientTime", "Mon Feb 09 2015 23:57:07 GMT+0000 (Maroc)"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.versionFromInstaller", "10.20.0.13"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639.xpeMode", "0"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1435277389028,\"isWithState\"[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://rts.dsrlte.com/?q="); =>PUP.Optional.PaybyAds O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.TBHomepagesList", "http://trovi.com/?ctid=CT2851639&SearchSource=13&CUI=UN29613445062962223"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.TBSearchEngineList", ""); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.TBSearchUrlList", ""); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("Smartbar.keywordURLSelectedCTID", "CT2851639"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("browser.newtab.url", "http://www.delta-homes.com/newtab/?type=nt&ts=1437047963&z=17c1027f7fb805ad6aeb162gaz4c8mceaz8m1t[...] =>PUP.Optional.Qvo6 O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.asul", "1426083196957"); =>PUP.Optional.HulaToo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.aul", "1426083158953"); =>PUP.Optional.HulaToo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.irl", true); =>PUP.Optional.HulaToo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.is", "amp18lmma"); =>PUP.Optional.HulaToo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.HulaToo.ug", "AEE042CA-FE46-425B-B9C0-5D1410405E88"); =>PUP.Optional.HulaToo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.OKitSpace.installed_version", "1.0.3"); =>PUP.Optional.Onekit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.WebConnect.aul", "1382711517435"); =>PUP.Optional.WebConnect O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.WebConnect.irl", true); =>PUP.Optional.WebConnect O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.WebConnect.is", "isgiwkFR"); =>PUP.Optional.WebConnect O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.WebConnect.ug", "D143769E-7DF4-4DF7-9B68-56CFF1CC81BA"); =>PUP.Optional.WebConnect O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealpl[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_bundledWithHash.value", "null"); =>PUP.Optional.Monetization O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri [...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D"); =>PUP.Optional.Monetization O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_regBundledWithSoftware.expiration[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.internaldb.monetization_plugin_regBundledWithSoftware.value", "%[...] =>PUP.Optional.Monetization O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.aEOPN29927080OCIFAPD100469180com61758.61758.name", "Plus-HD-V1.8c"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.af80af4ec42b9429d99b04078ec7cf86444882d2088654b13b79eae8470d9a955com59568.59568.name", "Plus-HD-V1.8"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.crossrider.bic", "1471baa08718ad10df48225cf0dd42e2"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.admin", false); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.aflt", "babsst"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.autoRvrt", "false"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.dfltLng", "fr"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.excTlbr", false); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.ffxUnstlRst", true); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.id", "8282dbe8000000000000889ffa00d37e"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.instlDay", "15982"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.instlRef", "sst"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.newTab", false); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.prdct", "delta"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.prtnrId", "delta"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.rvrt", "false"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.smplGrp", "none"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.tlbrId", "base"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.tlbrSrchUrl", ""); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.vrsn", "1.8.24.6"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.vrsnTs", "1.8.24.60:54:10"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta.vrsni", "1.8.24.6"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta_i.babExt", ""); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta_i.babTrack", "affID=124798&tsp=5025"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.delta_i.srcExt", "ss"); =>Toolbar.DeltaSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.mywebsearch.prevDefaultEngine", "Google"); =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.mywebsearch.prevKwdEnabled", true); =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.mywebsearch.prevKwdURL", "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="); =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.mywebsearch.prevSelectedEngine", "Google"); =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.quick_start.enable_search1", false); =>PUP.Optional.QuickStart O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); =>PUP.Optional.QuickStart O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.BUTTON_STRUCTURE", "[{\"b\":224546983,\"c\":\"mindspark.magnify\",\"p\":\"L.0\[...] =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.browser.version.last", "14.0"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.firstKnownVersion", "5.71.2.59707"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.homepage", "http://home.tb.ask.com/index.jhtml?ptb=3A6249CE-89AE-456D-93A2-264[...] =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.hp.enabled", false); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.hp.lastGuardTime", -2089350704); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.hp.numGuards", 1); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.initialized", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.contextKey", ""); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.installDate", "2013090417"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerId", "^ZO^xdm091^YYA^ma"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerSubId", "GA_UT_INTL_MOR_122"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.success", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.installation.toolbarId", "3A6249CE-89AE-456D-93A2-2646C11079B6"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.isCompliantUninstallImplementation", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.lastActivePing", "1435277393349"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.lastKnownVersion", "7.13.6.48727"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.options.defaultSearch", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.options.homePageEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.options.keywordEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.options.tabEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.searchHistory", "http://puu.sh/7jKu4.jpg"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.toolbarCollapsed", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._49Members_.weather.location", "10001"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "http://home.tb.ask.com/index.jhtml?ptb=4529806D-09F0-4915-9DE8-E67[...] =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", ""); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013071810"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YYA^ma"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "right"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "4529806D-09F0-4915-9DE8-E67023F5C233"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1374940503196"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark.hp.enabled", false); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark.hp.enabled.guid", ""); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("extensions.toolbar.mindspark.lastInstalled", "utilitychest@mindspark.com"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("keyword.URL", "http://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=3A6249CE-89AE-456D-93A2-2646C11079B6&n=77fd5271&[...] =>Toolbar.Ask O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.addressBarOwnerCTID", "CT2851639"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.conduitHomepageList", "http://trovi.com/?ctid=CT2851639&SearchSource=13&CUI=UN29613445062962223"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://trovi.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN2961344506[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.defaultSearchOwnerCTID", "CT2851639"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.homePageOwnerCTID", "CT2851639"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.homepageList", "http://trovi.com/?ctid=CT2851639&SearchSource=13&CUI=UN29613445062962223"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.machineId", "AFB02JTZXNQXI0BOMYN1IIF9RSFAKRR2ZLQL9XYJVAZXPKTQOD7WEQCPC30+A+HRHRGEPKFFY6GV7W6R5LS1OA"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("smartbar.searchAddressUrlList", "http://trovi.com/ResultsExt.aspx?ctid=CT2851639&SearchSource=2&CUI=UN29613445062962223[...] =>PUP.Optional.SmartBar O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E+x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E+x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E,x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E,x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E-x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E-x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E.:2z527", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E.:2z527.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E.x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E.x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E/x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E/x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E06CG5EL8:", "6E6C6F6F6E726F747376"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E06CG5EL8:.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E06CG5EL;8I:K", "247E2D2F226A747275757478757A797C242F4B49474F42357D5D5C3D"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E06CG5EL;8I:K.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E0x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E0x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E1x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E1x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E2x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E2x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E3x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E3x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E4x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E4x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E5x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E5x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E6x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E6x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E7x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E7x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E8x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E8x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E9x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E9x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E:x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E:x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E;x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E;x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EPUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EPUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E=x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E=x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E>x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E>x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E?x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E?x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E@x305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7E@x305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EAx305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EAx305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D337D56545[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EBE3G=;D9N9=D.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EBx305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EBx305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7ECx305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7ECx305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EDx305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7EDx305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7Etx305", "2423"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B+7Etx305.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3G>D", "663F3F3C727174737A787146732075484D7C2522227D262A56262A25232757262C28292D"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3G>D.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3G@6:5;", ""); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3G@6:5;.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3GFA7EF", "2B2E2C3D"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-0?3GFA7EF.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A2329282A31323334353A45[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B-3=3ECCJA=F>.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B/>01=9A6K6PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B/>01=9A6K6PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B3=>@44I48?.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B5BA==9CJAG", "66686C696C4271447A704479747B7C4B4E20507B20"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B5BA==9CJAG.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B6B11G4C56B>F;P;ANR@P", "6E6C6E6D716F716E6E7371787A"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B9643G3/9E", "6A"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B9643G3/9E.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B;45>:BI9I7IE", "2B2E2C3D"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B;45>:BI9I7IE.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B<:222H64<", "393F352F3E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B<:222H64<.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B<:222H64PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B<:222H64PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B=+03EH8H8J?:", "4443"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B=+03EH8H8J?:.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B?+E2A52D8.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B?B0D:8AJ62PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9B?B0D:8AJ62PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9BA@0<0BI6A7GN:6@L?", "6C"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639./9BA@0<0BI6A7GN:6@L?.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.PG_ENABLE", "74727565"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.PG_ENABLE.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_JUST_INSTALLED", "46414C5345"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_JUST_INSTALLED.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_STATUS", "454E41424C4544"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_STATUS.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_USER_ID", "6369645F39323230313532333537323539383433353034"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.SF_USER_ID.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.cb_user_id_000", "43423438373333393036303238325F313432333532363234373133335F46697265666F78"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.cb_user_id_000.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.cbfirsttime", "4D6F6E2046656220303920323031352032333A35373A323720474D542B3030303020284D61726F6329")[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.cbfirsttime.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appStateReportTime", "31343335323737343039303832"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appStateReportTime.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_CouponBuddy", "6F6E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_CouponBuddy.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_Easytobook", "6F6E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_Easytobook.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_Easytobook_targeted", "6F6E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_Easytobook_targeted.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_PriceGong", "6F6E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_PriceGong.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_WindowShopper", "6F6E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appState_WindowShopper.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appsConfig.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appsDefaultEnabled", "6E756C6C"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_appsDefaultEnabled.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_calledSetupService", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_calledSetupService.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_currentVersion", "312E31332E302E3137"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_currentVersion.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_existingUsersRecoveryDone", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_existingUsersRecoveryDone.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_first_time", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_first_time.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_lastLoginTime", "31343335323737343039343630"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_lastLoginTime.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_localization.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_mamEnabled", "74727565"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_mamEnabled.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_migrated_from_ls", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_migrated_from_ls.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_new_welcome_experience", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_new_welcome_experience.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_settings1.13.0.17.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_showWelcomeGadget", "66616C7365"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_showWelcomeGadget.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_stamp", "38345F30"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_stamp.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_userBornDate", "4E2F41"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_userBornDate.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_userId", "36303931346431622D656637382D343332372D623130372D363766306235343734353363"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_userId.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_user_approval_interacted", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_user_approval_interacted.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_welcomeDialogMode", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.mam_gk_welcomeDialogMode.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.url_history0001", "68747470733A2F2F7777772E676F6F676C652E636F6D3A3A3A636C69636B68616E646C65723A3A3A[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [info - gefs9udw.default] user_pref("valueApps.CT2851639.url_history0001.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: SearchScopes [HKCU] 007A2B3CE91E4C89B3C33C79668EEFEC - (Delta Search) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bing) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (delta-homes) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} - (Ask Web Search) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {ED5A4F3C-C90A-4C07-AA9E-3AED531F154B} - (Yahoo! Search) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {F4E3BE78-F4F5-4200-804A-CA890D141367} - (Search Here) - http://do-search.com/ =>PUP.Optional.DoSearches ---\\ Enumère les services démarrés par Svchost (SSS) (O83) (32) - 2s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de ca.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\IKEEXT.DLL [679424] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [475136] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements systèm.) -- C:\Windows\System32\Sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM.) -- C:\Windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du se.) -- C:\Windows\System32\termsrv.dll [523776] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Up.) -- C:\Windows\System32\wuaueng.dll [2057216] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière.) -- C:\Windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur u.) -- C:\Windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secon.) -- C:\Windows\System32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédia.) -- C:\Windows\System32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\KMSVC.DLL [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à.) -- C:\Windows\System32\SessEnv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800] ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) (29) - 3s O87 - FAEL: "NetPres-In-TCP-NoScope" [In-None-P6-FALSE] .(...) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP-NoScope" [Out-None-P6-FALSE] .(...) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-In-UDP" [In-None-P17-FALSE] .(...) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-WSD-Out-UDP" [Out-None-P17-FALSE] .(...) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-In-TCP" [In-None-P6-FALSE] .(...) -- C:\Windows\system32\netproj.exe O87 - FAEL: "NetPres-Out-TCP" [Out-None-P6-FALSE] .(...) -- C:\Windows\system32\netproj.exe O87 - FAEL: "{DEE5FED4-6A7A-4D72-A689-BF52CCEA172D}" [In-None-P6-TRUE] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe O87 - FAEL: "{83929A26-9DE7-4425-8FC3-8101EF1F0A93}" [In-None-P17-TRUE] .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\MaConfigAgent.exe O87 - FAEL: "{4308EFFB-241C-4124-AA2A-E42C872FD63E}" [In-None-P6-TRUE] .(...) -- C:\Users\info\AppData\Local\MediaGet2\mediaget.exe =>PUP.Optional.MediaGet O87 - FAEL: "{F95E0D64-256F-48FA-B0C9-C990DBF352BD}" [In-None-P17-TRUE] .(...) -- C:\Users\info\AppData\Local\MediaGet2\mediaget.exe =>PUP.Optional.MediaGet O87 - FAEL: "{0669A0B3-B790-4EF3-A1CB-6A2DC90DD72B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe O87 - FAEL: "{F13F1FEB-C7C0-4D81-A1FC-646AAFF60F80}" [In-None-P17-TRUE] .(...) -- C:\Program Files\VMware\VMware Workstation\vmware-hostd.exe O87 - FAEL: "{643252EB-539C-4393-B1DC-2EE8F86B92BE}" [In-None-P6-FALSE] .(...) -- C:\Program Files\Naver\LINE\Line.exe O87 - FAEL: "{12F09248-9633-4736-B299-7DCB5ADEC54C}" [In-None-P17-FALSE] .(...) -- C:\Program Files\Naver\LINE\Line.exe O87 - FAEL: "{F30964AE-5874-459E-BA0B-790574CCA1E7}" [In-None-P6-TRUE] .(...) -- C:\Program Files\adslTV\adsltv.exe O87 - FAEL: "{503CE00B-1B65-4887-A9E8-247237BC801F}" [In-None-P17-TRUE] .(...) -- C:\Program Files\adslTV\adsltv.exe O87 - FAEL: "{12FF5837-0C3E-4544-86A1-AD6086FDB65D}" [In-None-P6-TRUE] .(...) -- C:\Program Files\adslTV\VLC\vlc.exe O87 - FAEL: "{5705D1CF-206A-4245-9778-DF164D262500}" [In-None-P17-TRUE] .(...) -- C:\Program Files\adslTV\VLC\vlc.exe O87 - FAEL: "{D35B2819-4DCD-496E-BBC6-AFE50069EE6C}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{EDD82BB9-1533-47D2-9B69-0C42B0890298}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\info\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{46D9DE4C-D657-4BAD-9A86-F459F457AC9B}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Tango\Tango.exe O87 - FAEL: "{3A356776-6208-4F1B-AA79-38739EA59BD5}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Tango\Tango.exe O87 - FAEL: "{DED12320-3842-44A6-A5CD-7CA11DD9E5A7}" [In-None-P6-TRUE] .(.RealNetworks, Inc. - RealPlayer Cloud Service.) -- c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe O87 - FAEL: "TCP Query User{7E270FA1-534A-4744-8874-03731F15F001}C:\program files\sopcast\sopcast.exe" [In-None-P6-TRUE] .(.www.sopcast.com - SopCast Main Application.) -- C:\program files\sopcast\sopcast.exe O87 - FAEL: "UDP Query User{5C5D1DCD-093A-4978-B6B0-B4CC72F03A48}C:\program files\sopcast\sopcast.exe" [In-None-P17-TRUE] .(.www.sopcast.com - SopCast Main Application.) -- C:\program files\sopcast\sopcast.exe O87 - FAEL: "{9F0DBB15-1AC9-42DA-96D6-D9D4CC6FC187}" [In-None-P6-TRUE] .(...) -- C:\Program Files\GoForFiles\GoforFiles.exe O87 - FAEL: "{C2FBF330-5575-4ED9-AB04-BA617CBEB5AC}" [In-None-P17-TRUE] .(...) -- C:\Program Files\GoForFiles\GoforFiles.exe O87 - FAEL: "TCP Query User{80B62F00-6C5F-4F48-B090-BF83FCE6FAB5}C:\program files\goforfiles\goforfilesdl.exe" [In-None-P6-TRUE] .(...) -- C:\program files\goforfiles\goforfilesdl.exe O87 - FAEL: "UDP Query User{16C8CC7B-6993-40C8-AD99-31A5BC38A9DA}C:\program files\goforfiles\goforfilesdl.exe" [In-None-P17-TRUE] .(...) -- C:\program files\goforfiles\goforfilesdl.exe ---\\ Recherche de clés de registre Tracing (O100) (18) - 5s HKLM\SOFTWARE\Microsoft\Tracing\HulaTooUntemp_RASAPI32 =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\HulaTooUntemp_RASMANCS =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\HulaToo_RASAPI32 =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\HulaToo_RASMANCS =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id4466666ids2s_RASAPI32 =>PUP.Optional.MediaGet HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id4466666ids2s_RASMANCS =>PUP.Optional.MediaGet HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_webcammax_RASAPI32 =>PUP.Optional.Softonic HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_webcammax_RASMANCS =>PUP.Optional.Softonic HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_yawcam_RASAPI32 =>PUP.Optional.Softonic HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_yawcam_RASMANCS =>PUP.Optional.Softonic HKLM\SOFTWARE\Microsoft\Tracing\updateHulaToo_RASAPI32 =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\updateHulaToo_RASMANCS =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASAPI32 =>PUP.Optional.WebConnect HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASMANCS =>PUP.Optional.WebConnect HKLM\SOFTWARE\Microsoft\Tracing\utilHulaToo_RASAPI32 =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\utilHulaToo_RASMANCS =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\utilWebConnect_RASAPI32 =>PUP.Optional.WebConnect HKLM\SOFTWARE\Microsoft\Tracing\utilWebConnect_RASMANCS =>PUP.Optional.WebConnect ---\\ Scan Additionnel (O88) (132) - 0s C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Optional.Fuyu C:\Program Files\MiuiTab\ProtectService.exe =>PUP.Optional.MiuiTab C:\Program Files\LuckyTab\LuckyTab.exe =>PUP.Optional.LuckyTab C:\Users\info\AppData\Local\FilesFrog Update Checker\update_checker.exe =>PUP.Optional.MegaSearch C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\babylon.xml =>PUP.Optional.Babylon C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\searchplugins\utorrentbarfr-customized-web-search.xml =>PUP.Optional.uTorrentBar C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\49ffxtbr@www.utilitychest.com =>PUP.Optional.MyWebSearch C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\default_newtabff@gmail.com =>PUP.Optional.LightningNewTab C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\faststartff@gmail.com =>PUP.Optional.FastStart C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\quick_searchff@gmail.com =>PUP.Optional.QuickSearch C:\Users\info\AppData\Roaming\Mozilla\Firefox\Profiles\gefs9udw.default\extensions\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} =>PUP.Optional.ClientConnect C:\Program Files\HD-V1.9\HD-V1.9-bho.dll =>PUP.Optional.CrossRider C:\Program Files\MiuiTab\SupTab.dll =>PUP.Optional.MiuiTab HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91A9A1-01BA-4c81-863D-3BA0751E1419} =>PUP.Optional.MiuiTab HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service =>PUP.Optional.AgentODR C:\Program Files\MiuiTab\ProtectService.exe =>PUP.Optional.AgentODR HKLM\SYSTEM\CurrentControlSet\Services\Util HulaToo =>PUP.Optional.HulaToo HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect =>PUP.Optional.Fuyu C:\Windows\Tasks\AmiUpdXp.job =>PUP.Optional.SoftwareUpdater C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-1.job =>PUP.Optional.CrossRider C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-11.job =>PUP.Optional.CrossRider C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-4.job =>PUP.Optional.CrossRider C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5.job =>PUP.Optional.CrossRider C:\Windows\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5_user.job =>PUP.Optional.CrossRider C:\Windows\Tasks\Dealply.job =>PUP.Optional.Dealply C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\AmiUpdXp =>PUP.Optional.SoftwareUpdater C:\Windows\System32\Tasks\BobyLyrics-1-codedownloader =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\BobyLyrics-1-updater =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-1 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-11 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-4 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\cdf836cc-4bc2-46b5-bb35-2040b1f63224-5_user =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\Dealply =>PUP.Optional.Dealply C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\LuckyTab =>PUP.Optional.LuckyTab HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater =>PUP.Optional.SoftwareUpdater HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UtilityChest_49bar Uninstall Firefox =>PUP.Optional.MindSpark HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UtilityChest_49bar Uninstall Internet Explorer =>PUP.Optional.MindSpark HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps =>PUP.Optional.MegaSearch HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player =>PUP.Optional.MegaSearch HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip =>PUP.Optional.Bandoo HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaGet =>PUP.Optional.MediaGet HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit HKLM\SOFTWARE\DataMngr =>PUP.Optional.Datamngr HKLM\SOFTWARE\DealPlyLive =>PUP.Optional.Dealply HKLM\SOFTWARE\Default Tab =>Toolbar.Agent HKLM\SOFTWARE\Delta =>Toolbar.DeltaSearch HKLM\SOFTWARE\delta-homesSoftware =>PUP.Optional.DeltaHomes HKLM\SOFTWARE\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\IHProtect =>PUP.Optional.AgentODR HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKLM\SOFTWARE\InstalledThirdPartyPrograms =>PUP.Optional HKLM\SOFTWARE\LuckyTab =>PUP.Optional.LuckyTab HKLM\SOFTWARE\OKitSpace =>PUP.Optional.Onekit HKLM\SOFTWARE\PicexaSvc =>PUP.Optional.Picexa HKLM\SOFTWARE\SoftwareUpdater =>PUP.Optional.SoftwareUpdater HKLM\SOFTWARE\SupDp =>PUP.Optional.SupTab HKLM\SOFTWARE\supTab =>PUP.Optional.SupTab HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Optional.Fuyu HKLM\SOFTWARE\supWPM =>PUP.Optional.WpManager HKLM\SOFTWARE\Systweak =>PUP.Optional.Systweak HKLM\SOFTWARE\V9 =>PUP.Optional.V9Software HKLM\SOFTWARE\Vittalia =>PUP.Optional.Vittalia HKLM\SOFTWARE\WebConnect =>WebConnect HKLM\SOFTWARE\webssearchesSoftware =>PUP.Optional.WebsSearches HKCU\SOFTWARE\BabSolution =>PUP.Optional.BabSolution HKCU\SOFTWARE\BI =>PUP.Optional.MegaSearch HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\DataMngr =>PUP.Optional.Datamngr HKCU\SOFTWARE\DataMngr_Toolbar =>PUP.Optional.Datamngr HKCU\SOFTWARE\DealPlyLive =>PUP.Optional.Dealply HKCU\SOFTWARE\Default Tab =>Toolbar.Agent HKCU\SOFTWARE\Delta =>Toolbar.DeltaSearch HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\InstalledThirdPartyPrograms =>PUP.Optional HKCU\SOFTWARE\PluginAddon =>Trojan.Vonteera HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\Somoto =>PUP.Optional.MegaSearch HKCU\SOFTWARE\Systweak =>PUP.Optional.Systweak HKCU\SOFTWARE\UpToDown =>PUP.Optional.UpToDown HKCU\SOFTWARE\V9 =>PUP.Optional.V9Software HKCU\SOFTWARE\WebPlayer =>PUP.Optional.WebPlayer HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\SmartBar =>PUP.Optional.SmartBar =>PUP.Optional.SmartBar C:\Program Files\LuckyTab =>PUP.Optional.LuckyTab C:\Program Files\MiuiTab =>PUP.Optional.MiuiTab C:\Program Files\SupTab =>PUP.Optional.SupTab C:\ProgramData\DealPlyLive =>PUP.Optional.Dealply C:\ProgramData\IePluginServices =>Trojan.SProtector C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR C:\ProgramData\InstallMate =>PUP.Optional.Tarma C:\ProgramData\MailUpdate =>PUP.Optional.MailUpdate C:\ProgramData\Media Get LLC =>PUP.Optional.MediaGet C:\ProgramData\WindowsMangerProtect =>PUP.Optional.Fuyu C:\Users\info\AppData\Roaming\MailUpdate =>PUP.Optional.MailUpdate C:\Users\info\AppData\Local\FilesFrog Update Checker =>PUP.Optional.MegaSearch C:\Users\info\AppData\Local\Media Get LLC =>PUP.Optional.MediaGet C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker =>PUP.Optional.MegaSearch C:\Users\info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaGet2 =>PUP.Optional.MediaGet C:\Windows\Prefetch\HULATOO.BROWSERADAPTER.EXE-9402D691.pf =>PUP.Optional.HulaToo C:\Windows\Prefetch\HULATOO.PURBROWSE.EXE-A5CA1715.pf =>PUP.Optional.HulaToo C:\Windows\Prefetch\UPDATEHULATOO.EXE-26DCAB08.pf =>PUP.Optional.HulaToo C:\Windows\Prefetch\UTILHULATOO.EXE-851A7670.pf =>PUP.Optional.HulaToo C:\Windows\System32\drivers\{033a6f56-e958-4ed8-a315-2fedc919d2dc}w.sys =>PUP.Optional.LinkiDoo C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}Gw.sys =>PUP.Optional.LinkiDoo C:\Windows\System32\drivers\{3f538614-b636-4023-9ec2-564ada4b07b3}w.sys =>PUP.Optional.LinkiDoo C:\Windows\System32\drivers\{b00f276a-69b7-4e9b-b1d3-dc3c7bb35170}w.sys =>PUP.Optional.LinkiDoo C:\Windows\System32\drivers\{c933aa85-a419-42da-9957-2f32a4c0601a}w.sys =>PUP.Optional.LinkiDoo HKLM\SOFTWARE\Microsoft\Tracing\HulaTooUntemp_RASAPI32 =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\HulaTooUntemp_RASMANCS =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\HulaToo_RASAPI32 =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\HulaToo_RASMANCS =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id4466666ids2s_RASAPI32 =>PUP.Optional.MediaGet HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id4466666ids2s_RASMANCS =>PUP.Optional.MediaGet HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_webcammax_RASAPI32 =>PUP.Optional.Softonic HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_webcammax_RASMANCS =>PUP.Optional.Softonic HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_yawcam_RASAPI32 =>PUP.Optional.Softonic HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_yawcam_RASMANCS =>PUP.Optional.Softonic HKLM\SOFTWARE\Microsoft\Tracing\updateHulaToo_RASAPI32 =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\updateHulaToo_RASMANCS =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASAPI32 =>PUP.Optional.WebConnect HKLM\SOFTWARE\Microsoft\Tracing\updateWebConnect_RASMANCS =>PUP.Optional.WebConnect HKLM\SOFTWARE\Microsoft\Tracing\utilHulaToo_RASAPI32 =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\utilHulaToo_RASMANCS =>PUP.Optional.Sambreel HKLM\SOFTWARE\Microsoft\Tracing\utilWebConnect_RASAPI32 =>PUP.Optional.WebConnect HKLM\SOFTWARE\Microsoft\Tracing\utilWebConnect_RASMANCS =>PUP.Optional.WebConnect ---\\ Récapitulatif des éléments trouvées sur votre station (60) - 0s http://www.nicolascoolman.fr/trojan-fuyu/ =>PUP.Optional.Fuyu http://www.nicolascoolman.fr/blog =>PUP.Optional.MiuiTab http://www.nicolascoolman.fr/blog =>PUP.Optional.LuckyTab http://www.nicolascoolman.fr/adware-megasearch/ =>PUP.Optional.MegaSearch http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Optional.Babylon http://www.nicolascoolman.fr/blog =>PUP.Optional.uTorrentBar http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.LightningNewTab http://www.nicolascoolman.fr/blog =>PUP.Optional.FastStart http://www.nicolascoolman.fr/blog =>PUP.Optional.QuickSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.ClientConnect http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate http://www.nicolascoolman.fr/hijacker-qvo6/ =>PUP.Optional.Qvo6 http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/blog =>RecordPage http://www.nicolascoolman.fr/pup-minibar/ =>PUP.Optional.Minibar http://www.nicolascoolman.fr/pup-mediaget/ =>PUP.Optional.MediaGet http://www.nicolascoolman.fr/blog =>PUP.Optional.AgentODR http://www.nicolascoolman.fr/pup-hulatoo/ =>PUP.Optional.HulaToo http://www.nicolascoolman.fr/pup-software-updater/ =>PUP.Optional.SoftwareUpdater http://www.nicolascoolman.fr/pup-dealply/ =>PUP.Optional.Dealply http://www.nicolascoolman.fr/pup-mindspark/ =>PUP.Optional.MindSpark http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit http://www.nicolascoolman.fr/pup-datamngr/ =>PUP.Optional.Datamngr http://www.nicolascoolman.fr/blog =>Toolbar.Agent http://www.nicolascoolman.fr/toolbar-deltasearch/ =>Toolbar.DeltaSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.DeltaHomes http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions http://www.nicolascoolman.fr/blog =>PUP.Optional http://www.nicolascoolman.fr/pup-onekit/ =>PUP.Optional.Onekit http://www.nicolascoolman.fr/blog =>PUP.Optional.Picexa http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab http://www.nicolascoolman.fr/pup-wpmanager/ =>PUP.Optional.WpManager http://www.nicolascoolman.fr/pup-systweak/ =>PUP.Optional.Systweak http://www.nicolascoolman.fr/pup-v9software/ =>PUP.Optional.V9Software http://www.nicolascoolman.fr/pup-vittalia/ =>PUP.Optional.Vittalia http://www.nicolascoolman.fr/blog =>WebConnect http://www.nicolascoolman.fr/hijacker-webssearches/ =>PUP.Optional.WebsSearches http://www.nicolascoolman.fr/hijacker-babsolution/ =>PUP.Optional.BabSolution http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore http://www.nicolascoolman.fr/trojan-vonteera/ =>Trojan.Vonteera http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic http://www.nicolascoolman.fr/blog =>PUP.Optional.UpToDown http://www.nicolascoolman.fr/blog =>PUP.Optional.WebPlayer http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar http://www.nicolascoolman.fr/trojan-sprotector/ =>Trojan.SProtector http://www.nicolascoolman.fr/pup-tarma/ =>PUP.Optional.Tarma http://www.nicolascoolman.fr/blog =>PUP.Optional.MailUpdate http://www.nicolascoolman.fr/pup-mobogenie/ =>PUP.Optional.Mobogenie http://www.nicolascoolman.fr/pup-linkidoo/ =>PUP.Optional.LinkiDoo http://www.nicolascoolman.fr/hijacker-trovigo/ =>PUP.Optional.Trovigo http://www.nicolascoolman.fr/pup-paybyads/ =>PUP.Optional.PaybyAds http://www.nicolascoolman.fr/pup-webconnect/ =>PUP.Optional.WebConnect http://www.nicolascoolman.fr/blog =>PUP.Optional.Monetization http://www.nicolascoolman.fr/pup-quickstart/ =>PUP.Optional.QuickStart http://www.nicolascoolman.fr/toolbar-ask/ =>Toolbar.Ask http://www.nicolascoolman.fr/pup-dosearches/ =>PUP.Optional.DoSearches http://www.nicolascoolman.fr/blog =>PUP.Optional.Sambreel ~ End of the scan, 44007 items in 265 seconds (1620)(0)()