~ Rapport de ZHPDiag v2015.5.17.49 - Nicolas Coolman (17/05/2015) ~ Lancé par célia (08/07/2015 13:29:22) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Nouvelle version disponible ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.17843 ---\\ Informations sur les produits Windows ~ Langage: Français Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 733WD Windows License : OK ~ Windows Remaining Initializations Number : 0 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\\ Logiciels de protection du système Avast Internet Security v10.2.2218 Microsoft Security Client v4.8.0204.0 Windows Defender W7 (Activate) ---\\ Logiciels d'optimisation du système CCleaner v4.06 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 18 NPAPI Adobe Acrobat Reader DC - Français ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 1908 MB (30% free) System Restore: Activé (Enable) System drive C: has 58 GB (59%) free of 98 GB ---\\ Mode de connexion au système ~ Computer Name: CÉLIA-PC ~ User Name: célia ~ All Users Names: Lycée 1, célia, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : D:\Utilisateurs\célia\AppData\Roaming\ZHP\ ~ %AppData% : D:\Utilisateurs\célia\AppData\Roaming\ ~ %Desktop% : D:\Utilisateurs\célia\Desktop\ ~ %Favorites% : D:\Utilisateurs\célia\Favorites\ ~ %LocalAppData% : D:\Utilisateurs\célia\AppData\Local\ ~ %StartMenu% : D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 58 Go of 98 Go) D: Hard drive, Flash drive, Thumb drive (Free 134 Go of 181 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 46 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/05/2015 - 18:50:20.) -- C:\Windows\System32\wininet.dll [2426880] [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 04s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/6386 ~ Mes musiques (My Musics) : 7/597 ~ Mes Videos (My Videos) : 1/137 ~ Mes Favoris (My Favorites) : 1/13 ~ Mes Documents (My Documents) : 2/26 ~ Mon Bureau (My Desktop) : 1/14 ~ Menu demarrer (Programs) : 1/6 ~ Hidden Files: Scanned in 00mn 59s ---\\ Processus lancés [MD5.8C9D2FFFF653C623369C214E4B83FA7C] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe [740688] [PID.1900] [MD5.9EA7A1CAE39066EDAAC59C7BEE779A6C] - (.Pas de propriétaire - ASP.) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [6733128] [PID.2724] =>PUP.AdvancedSystemProtector [MD5.A74558989E0624989C5B21E442788ED3] - (.Activeris - Activeris AntiMalware.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [6292472] [PID.2988] =>PUP.Activeris [MD5.5B522E61A39D2237F21CFB4A9612FF14] - (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752] [PID.4244] [MD5.775F47E28C96739D0B81DF8A46116EFB] - (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe [532784] [PID.4288] =>PUP.CacaoWeb [MD5.6BCFCFA512A003A8043CF2F370B0B479] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440] [PID.4724] =>PUP.CrossBrowser [MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.4960] [MD5.2EF0B3C51971F51ED700C01CFBC5B82A] - (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942] [PID.5760] [MD5.4D1DA8CE5E364D22B4FF00F163194514] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.5808] [MD5.34084D25BE6F48D072AA54DE630438FD] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896] [PID.4160] [MD5.31EA4BC4328BDBC50CD5CA4870F09E06] - (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496] [PID.3656] [MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.5288] [MD5.72A7D54EB3626CFCBC8B550385CEF97A] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440] [PID.2052] [MD5.6AE1CDECEA3B80AAF662959BD924E9CA] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\3\plugin.exe [616160] [PID.5728] [MD5.CA0639DDD12D63CFD7339A1C50FE1DD0] - (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\WinU\~lsandjv.exe [495616] [PID.6860] [MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8209408] [PID.3992] [MD5.54236E79A44F909612391C8A2D70D512] - (.Avast Software s.r.o. - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336] [PID.1608] [MD5.C569E7F268C43D6C9C4D74EE2F06CCD8] - (.Avast Software s.r.o. - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [107448] [PID.2080] [MD5.5D6859EF745BD5DF5968413CE1DF8A41] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe [1558096] [PID.2148] =>PUP.CrossRider [MD5.23C07500D0DBEF75144D1576A22D3FEA] - (.InstallMoon - GoHD exe.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe [1441872] [PID.2168] =>PUP.CrossRider [MD5.91C6DAF1DD352AC3E9D88F0A4758568D] - (.Cinema PlusV28.05 - CinemaPlus-3.2cV28.05 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe [1453136] [PID.2352] =>PUP.CrossRider [MD5.722CC7C491B200E5FD3BF28345AA6026] - (.Cinema PlusV28.05 - CinemaPlus-3.2cV28.05 exe.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe [1602128] [PID.2396] =>PUP.CrossRider [MD5.929593D76589294BA3F74540298D1B3E] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.2472] [MD5.9A59DF2CA690019FEA3B265D5A7EB619] - (.Conexant Systems, Inc. - Utility Service.) -- C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184] [PID.3724] [MD5.D1AFCCBC2BC504F9F0C70B058EBE344B] - (.Infonaut - Infonaut Client Service.) -- C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600] [PID.3852] =>PUP.Infonaut [MD5.205FD80EF4B9832F9763B9A187957260] - (.Intel Corporation - Intel(R) Rapid Start Technology Service.) -- C:\windows\SysWOW64\irstrtsv.exe [193536] [PID.4020] [MD5.604A8615BB3D7064197A0563C799B938] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.4044] [MD5.A9E358550671BB06E4867EAAB6712AA6] - (.VoiceFive, Inc. - PremierOpinion.) -- C:\Program Files (x86)\PremierOpinion\pmservice.exe [213816] [PID.3108] =>Adware.PremierOpinion [MD5.5C95CEC33FFEFDE2842D01E8E86F4DED] - (...) -- D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp [305664] [PID.2648] [MD5.7CB6287B26DC3DEBF027431479ABF26D] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536] [PID.3360] [MD5.545462D0DBE24AF379BA869B7C185CCD] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.4892] [MD5.AB41542FA180CB3317F597ED7E7D5C5D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.6100] [MD5.8B1E55D70AF701973DE0CD833B2611F4] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe [648416] [PID.7024] [MD5.182BBA1B43898D5DA0938D2E9A526B31] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.7108] [MD5.BE71E5DAE76D35B2E58DB9FBB68F232D] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\5\plugin.exe [783072] [PID.5728] [MD5.2FFF132741408F0F921833C2BEA5350D] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\10\plugin.exe [511712] [PID.5728] [MD5.8510EE91B62D5784EA7548002CBA56F1] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\2\plugin.exe [1172704] [PID.5728] [MD5.DBD93F1BC4403541B6FDA2957E6A2030] - (...) -- C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugins\8\plugin.exe [644320] [PID.5728] [MD5.6D964AC44CBC590CAC5F7CC355D5E141] - (...) -- C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe [572640] [PID.1336] [MD5.292F0644E4CCB80B4D38F65E5C3E94EF] - (.Boxore OU. - Setup.) -- C:\Program Files (x86)\Software\Update\Install\{8EA45EE8-4913-4878-839F-B9A1D271FF1F}\SoftwareUpdateSetup.exe [570168] [PID.4608] =>Adware.Boxore ~ Processes Running: Scanned in 00mn 17s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\prefs.js D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\user.js M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\amazon.xml M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\conduit.xml M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\dokotoolbar.xml =>Hijacker.Doko M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\mixidj.xml =>Toolbar.MixiDJ M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\mysearchskms.xml =>Adware.MyWebSearch M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\trovi-search.xml =>Hijacker.Trovigo M3 - MFPP: Plugins - [célia] -- D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\Web Search.xml =>Parasite.Pugi M2 - MFEP: RegExtension {5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} . (...) -- C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi (.not file.) =>PUP.Wajam M2 - MFEP: RegExtension {a073a988-98af-4f21-86e7-97aee9443951} . (...) -- C:\Program Files (x86)\Pass-Widget\134.xpi =>PUP.PassWidget M0 - MFSP: prefs.js [célia - ftwxqwcg.default] http://search.gboxapp.com =>Hijacker.GadgetBox M2 - MFEP: prefs.js [célia - ftwxqwcg.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.34 (..) =>PUP.CacaoWeb M2 - MFEP: Extension [célia - ftwxqwcg.default] 0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com M2 - MFEP: Extension [célia - ftwxqwcg.default] 16eede48-12e9-4c79-bd54-c82622138533@630d8a34-73af-4e03-9664-9082492eb220.com M2 - MFEP: Extension [célia - ftwxqwcg.default] 71139f7b-cef2-4ada-9c60-25f887d7e2e1@5b129621-59ed-453c-9453-d7593ee48c04.com M2 - MFEP: Extension [célia - ftwxqwcg.default] 9d29e4ccd2024f2d8e320@ad524784406d4c8dab290.com M2 - MFEP: Extension [célia - ftwxqwcg.default] b369ec0b-ca2c-4a80-a1e3-08fd373cdfb5@91e50ee5-448d-41f7-92ed-30eed93f2f2f.com M2 - MFEP: Extension [célia - ftwxqwcg.default] cacaoweb@cacaoweb.org =>PUP.CacaoWeb M2 - MFEP: Extension [célia - ftwxqwcg.default] staged M2 - MFEP: Extension [célia - ftwxqwcg.default] {da7f5ae1-3be3-43c0-8098-c1d183616e97} P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml =>PUP.Istart P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\search-with-eazelbar.xml =>Hijacker.Eazel P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.40416.0.) -- c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.) ~ Firefox Browser: 43 Scanned in 00mn 04s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com =>Hijacker.OurSurfing R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com =>Hijacker.OurSurfing R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com =>Hijacker.OurSurfing R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com =>Hijacker.OurSurfing R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17840 (winblue_r11.150522-0826)) -- C:\Windows\SysWOW64\ieframe.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 24 Scanned in 00mn 01s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (21) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.Avast Software s.r.o. - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: On Stage [64Bits] - {9771c444-42b0-4e23-a7fb-ff707123ab30} Clé orpheline ~ BHO: 3 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar\WebBrowser: (no name) - [HKCU]{DA7F5AE1-3BE3-43C0-8098-C1D183616E97} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Activeris AntiMalware.lnk . (.Activeris - Activeris AntiMalware.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris O4 - GS\Desktop [Public]: Advanced-System Protector.lnk . (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector O4 - GS\Desktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser O4 - GS\Desktop [Public]: Poursuivre l'installation de Reimage Repair.lnk . (.Reimage® - Reimage Downloader.) -- D:\Utilisateurs\célia\Downloads\ReimageRepair (1).exe =>Rogue.ReimageRepair O4 - GS\Program [Public]: WebAdSystem.lnk . (.KalityWeb - WebAdSystem.) -- C:\Program Files (x86)\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem ~ Global Startup: 5 Scanned in 00mn 18s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [Dell Audio] . (.Pas de propriétaire - Dell Audio.) -- C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - DW WLAN Card Wireless Network Tray Applet.) -- C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Tray.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [Windesk Winsearch] . (.Windesk Winsearch - Windesk Winsearch.) -- C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe =>PUP.WindeskWinsearch O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKCU\..\Run: [Dell Audio] Clé orpheline O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKCU\..\Run: [cacaoweb] . (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4EF3DBDDB1015AC6FB69F6D4A7FA4E34] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - Webcam Central.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX Media Server Launcher.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_509] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_567] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_571] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_579] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010002] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010005] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010016] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010021] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.Avast Software s.r.o. - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_005010022] Clé orpheline =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_002020023] C:\Program Files (x86)\gmsd_fr_002020023\gmsd_fr_002020023.exe (.not file.) =>PUP.CrossRider O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_002020021] Clé orpheline =>PUP.CrossRider O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [Dell Audio] Clé orpheline O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- D:\Utilisateurs\célia\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [cacaoweb] . (...) -- D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [GoogleChromeAutoLaunch_4EF3DBDDB1015AC6FB69F6D4A7FA4E34] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser O4 - HKUS\S-1-5-21-3413888292-3295803899-1031872054-1002\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BingSvc.exe ~ Application: Scanned in 00mn 03s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ IE Control Panel: 1 Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\system32\wshbth.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation O10 - WLSP:\000000000010\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll ~ Winsock: 10 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{608EE9BC-ECCC-4FF2-8FB7-C3E78B8A9FC0}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{B799B414-7E95-48A1-B766-7C1E6B467EF7}: DhcpNameServer = 163.244.76.254 163.244.77.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{B8E21126-8841-4DF4-A5B8-6EB8207F9D3C}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ SSODL: 1 Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AtherosSvc (AtherosSvc) . (.Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe O23 - Service: Avast Antivirus (avast! Antivirus) . (.Avast Software s.r.o. - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Avast Firewall (avast! Firewall) . (.Avast Software s.r.o. - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: C:\Windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\system32\CxAudMsg64.exe O23 - Service: CxUtilSvc (CxUtilSvc) . (.Conexant Systems, Inc. - Utility Service.) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe O23 - Service: C:\Program Files\DigitalPersona\Bin\DpHostW.exe (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: Infonaut 1.10.0.14 Client Service (insvc_1.10.0.14) . (.Infonaut - Infonaut Client Service.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) . (.Intel Corporation - Intel(R) Rapid Start Technology Service.) - C:\windows\SysWOW64\irstrtsv.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: PremierOpinion (PremierOpinion) . (.VoiceFive, Inc. - PremierOpinion.) - C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion O23 - Service: Standby Data (rikejehy) . (...) - D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp O23 - Service: Service Mgr OnStage (Service Mgr OnStage) . (...) - C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: Update Mgr OnStage (Update Mgr OnStage) . (...) - C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\Windows\system32\vcsFPService.exe O23 - Service: DW WLAN Tray Service (wltrysvc) . (.Dell Inc. - DW WLAN Card Wireless Network Service.) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe ~ Services: 24 Scanned in 00mn 36s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ BEX: 1 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-1] (...) -- C:\Program Files (x86)\winservice86\winservice86-codedownloader.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-11] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-11.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-4] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-4.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-5] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-5.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-6] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-6.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [17b03655-7c85-4e93-aec7-7ee27469780e-7] (...) -- C:\Program Files (x86)\winservice86\17b03655-7c85-4e93-aec7-7ee27469780e-7.exe (.not file.) [0] =>PUP.CrossRider [MD5.CFF9F7EF196B710349A8B1CABE8D7716] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.exe [1524816] =>PUP.CrossRider [MD5.AA2E845687EDA58EDA1975B6289C7349] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.exe [995408] =>PUP.CrossRider [MD5.523962AB1100E594372580FF604F5862] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.exe [1418320] =>PUP.CrossRider [MD5.E1F8AAFC8DC819206AE4A4CE73B91843] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.exe [1150032] =>PUP.CrossRider [MD5.2C48B03CFEFEB809A27E1676EDBE388A] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.exe [1445968] =>PUP.CrossRider [MD5.AA2E845687EDA58EDA1975B6289C7349] [APT] [2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.exe [995408] =>PUP.CrossRider [MD5.91C6DAF1DD352AC3E9D88F0A4758568D] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-1-6] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe [1453136] =>PUP.CrossRider [MD5.62200123EFE741A7539969AE8CA49F00] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-1-7] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.exe [1100880] =>PUP.CrossRider [MD5.445BFB337ABCB7BE1D636F60EEEF3091] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-3] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-3.exe [1550928] =>PUP.CrossRider [MD5.BF9A7831DB0DF0C47AB058278EE53104] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-5] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-5.exe [1287760] =>PUP.CrossRider [MD5.722CC7C491B200E5FD3BF28345AA6026] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-6] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe [1602128] =>PUP.CrossRider [MD5.62200123EFE741A7539969AE8CA49F00] [APT] [50d3b760-ec4f-47de-bad9-030f088efefc-7] (.Cinema PlusV28.05.) -- C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-7.exe [1100880] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [5280bb8b-3d93-4e80-afaf-a41b391e8248] (...) -- C:\Program Files (x86)\winservice86\5280bb8b-3d93-4e80-afaf-a41b391e8248.exe (.not file.) [0] =>PUP.CrossRider [MD5.5D6859EF745BD5DF5968413CE1DF8A41] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-1-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe [1558096] =>PUP.CrossRider [MD5.80477221000298A19C6B5205E0137389] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-1-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.exe [1016912] =>PUP.CrossRider [MD5.5FD0073C714B2655021639605C6877F6] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-3] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-3.exe [1312848] =>PUP.CrossRider [MD5.1D8E55F37BFDE9128BD1B568B72AB777] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-5] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-5.exe [1065040] =>PUP.CrossRider [MD5.23C07500D0DBEF75144D1576A22D3FEA] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-6] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe [1441872] =>PUP.CrossRider [MD5.80477221000298A19C6B5205E0137389] [APT] [59afac17-44ad-47be-8f0c-de8fe3577e51-7] (.InstallMoon.) -- C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-7.exe [1016912] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7] (...) -- C:\Program Files (x86)\winservice86\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7] (...) -- C:\Program Files (x86)\winservice86\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1] (...) -- C:\Program Files (x86)\winservice86\winservice86-codedownloader.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7] (...) -- C:\Program Files (x86)\winservice86\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.exe (.not file.) [0] =>PUP.CrossRider [MD5.A74558989E0624989C5B21E442788ED3] [APT] [Activeris AntiMalware_startup] (.Activeris.) -- C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [6292472] =>PUP.Activeris [MD5.AE0E3D037E6148133740EDBC08567F5F] [APT] [Adobe Acrobat Update Task] (...) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998088] [MD5.1234A12B71DAE034E45C714AE5A54412] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976] [MD5.9EA7A1CAE39066EDAAC59C7BEE779A6C] [APT] [Advanced-System Protector_startup] (...) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [6733128] =>PUP.AdvancedSystemProtector [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect [MD5.C50B830CA9BCD63754928CD6C0E2B114] [APT] [avast! Emergency Update] (.Avast Software s.r.o..) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1298688] [MD5.00000000000000000000000000000000] [APT] [b0639b86-3d9e-441a-9ee9-556716c43ef7-4] (...) -- C:\Program Files (x86)\HQuality-v3V19.10\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [BCJQQMDVZ1] (...) -- C:\ProgramData\NavRight\NavRight.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [bench-sys] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe (.not file.) [0] =>PUP.GiganticSavings [MD5.00000000000000000000000000000000] [APT] [BoxSoftwareUpdate] (...) -- C:\ProgramData\BoxUpdChk\updchk.exe (.not file.) [0] =>Adware.Boxore [MD5.00000000000000000000000000000000] [APT] [Cassiopesa life] (...) -- C:\ProgramData\{C03F28FC-90BD-F97A-213B-89F8F1B95A76}\1.17.3.1\fiber.js" "433a2f50726f6772616d446174612f7b43303346323846432d393042442d463937412d323133422d3839463846314239354137367d2f312e31372e332e312f6c6966652e646c6c" "687474703a2f2f73616 (.not file.) [0] [MD5.22621F4BC16C5C47E76E40F251F0CC79] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3905304] [MD5.00000000000000000000000000000000] [APT] [DigitalSite] (...) -- D:\UTILIS~1\CLIA~1\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Hijacker.DSite [MD5.00000000000000000000000000000000] [APT] [EPJQFQQ1] (...) -- C:\ProgramData\LolliScan\LolliScan.exe (.not file.) [0] =>Adware.Graftor [MD5.00000000000000000000000000000000] [APT] [LaunchPreSignup] (...) -- C:\Program Files (x86)\OLBPre\OLBPre.exe (.not file.) [0] =>PUP.MyPCBackup [MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.MyPCBackup [MD5.00000000000000000000000000000000] [APT] [media enhance-chromeinstaller] (...) -- C:\Program Files (x86)\media enhance\media enhance-chromeinstaller.exe (.not file.) [0] =>PUP.MediaPlayerEnhance [MD5.00000000000000000000000000000000] [APT] [media enhance-codedownloader] (...) -- C:\Program Files (x86)\media enhance\media enhance-codedownloader.exe (.not file.) [0] =>PUP.MediaPlayerEnhance [MD5.00000000000000000000000000000000] [APT] [media enhance-firefoxinstaller] (...) -- C:\Program Files (x86)\media enhance\media enhance-firefoxinstaller.exe (.not file.) [0] =>PUP.MediaPlayerEnhance [MD5.00000000000000000000000000000000] [APT] [media enhance-updater] (...) -- C:\Program Files (x86)\media enhance\media enhance-updater.exe (.not file.) [0] =>PUP.MediaPlayerEnhance [MD5.E352F97A82E41CCAE582C77C050D4A26] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe [363072] [MD5.CDB768D99CD9FE3B826D310813A42324] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [1243704] [MD5.00000000000000000000000000000000] [APT] [SaveSense] (...) -- D:\UTILIS~1\CLIA~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [SaveSenseLiveUpdateTaskMachineCore] (...) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe (.not file.) [0] =>PUP.CrossRider [MD5.00000000000000000000000000000000] [APT] [SaveSenseLiveUpdateTaskMachineUA] (...) -- C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe (.not file.) [0] =>PUP.CrossRider [MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore [MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore [MD5.00000000000000000000000000000000] [APT] [System Speedup] (...) -- C:\Program Files (x86)\System Speedup\SystemSpeedup.exe (.not file.) [0] =>PUP.SystemSpeedup [MD5.CDB768D99CD9FE3B826D310813A42324] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [1243704] [MD5.00000000000000000000000000000000] [APT] [ZaygU22Y9XSkCQT] (...) -- D:\Utilisateurs\c‚lia\AppData\Roaming\YcSrbDb\WmnWVFG.exe (.not file.) [0] [MD5.F96C77CE767DC06F15B3143CCA61B9FF] [APT] [{0300BDEC-9EFF-4ED9-BF0A-CCBFF24A76ED}] (...) -- C:\Program Files (x86)\Smarts8\Uninstall.exe [79360] [MD5.00000000000000000000000000000000] [APT] [{39F6EE56-C59C-435D-89BF-28CAE17FFC29}] (...) -- D:\Utilisateurs\Administrateur\Desktop\VOSTRO 3360 Win7_64bit Drivers\11-Network_Atheros_W7_A02_Setup-7PM7V_ZPE.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F518CCDA-21C8-481C-9438-A493B865BD80}] (...) -- E:\TEMP\VOSTRO 3360 Win7_64bit Drivers\Network_Atheros_W7_A02_Setup-KRXNR_ZPE.exe (.not file.) [0] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] O39 - APT: - (..) -- C:\Windows\Tasks\0f606e8f-8393-4f75-a33c-52fa23d9dc61.job [1422] O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-1 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1.job [3430] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-1 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1 [3430] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-11 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11.job [5166] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-11 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11 [5166] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-4 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4.job [4140] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-4 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4 [4140] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-5 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5.job [2428] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-5 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5 [2428] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5_user.job [2428] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-6 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6.job [4140] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-6 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6 [4140] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-7 - (...) -- C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7.job [3796] =>PUP.CrossRider O39 - APT: 17b03655-7c85-4e93-aec7-7ee27469780e-7 - (...) -- C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7 [3796] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.job [3104] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 [3104] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.job [3440] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 [3440] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-10_user.job [2078] O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.job [4460] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 [4460] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.job [2412] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 [2412] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5_user.job [2412] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.job [5828] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 [5828] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 - (.InstallMoon.) -- C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.job [5484] =>PUP.CrossRider O39 - APT: 2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 [5484] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\4oWR9qYkY63.job [1008] O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-6 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.job [3138] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-6 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6 [3138] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-7 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.job [3474] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-1-7 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7 [3474] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-10_user.job [2112] O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-3 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3.job [4494] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-3 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3 [4494] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-5 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5.job [2446] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-5 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5 [2446] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5_user.job [2446] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-6 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6.job [5862] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-6 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6 [5862] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-7 - (.Cinema PlusV28.05.) -- C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7.job [5518] =>PUP.CrossRider O39 - APT: 50d3b760-ec4f-47de-bad9-030f088efefc-7 - (.Cinema PlusV28.05.) -- C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7 [5518] =>PUP.CrossRider O39 - APT: 5280bb8b-3d93-4e80-afaf-a41b391e8248 - (...) -- C:\Windows\Tasks\5280bb8b-3d93-4e80-afaf-a41b391e8248.job [1446] O39 - APT: 5280bb8b-3d93-4e80-afaf-a41b391e8248 - (...) -- C:\Windows\System32\Tasks\5280bb8b-3d93-4e80-afaf-a41b391e8248 [1446] O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.job [3104] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 [3104] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.job [3440] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 [3440] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-10_user.job [2078] O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-3 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3.job [4460] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-3 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3 [4460] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-5 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5.job [2412] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-5 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5 [2412] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5_user.job [2412] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-6 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6.job [5828] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-6 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6 [5828] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-7 - (.InstallMoon.) -- C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7.job [5484] =>PUP.CrossRider O39 - APT: 59afac17-44ad-47be-8f0c-de8fe3577e51-7 - (.InstallMoon.) -- C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7 [5484] =>PUP.CrossRider O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6.job [3120] O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-6 [3120] O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7.job [3456] O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-1-7 [3456] O39 - APT: - (..) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-10_user.job [2094] O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.job [4140] =>PUP.CrossRider O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 [4140] =>PUP.CrossRider O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.job [2428] =>PUP.CrossRider O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 [2428] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5_user.job [2428] =>PUP.CrossRider O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.job [5844] =>PUP.CrossRider O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 [5844] =>PUP.CrossRider O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 - (...) -- C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.job [5500] =>PUP.CrossRider O39 - APT: 6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 - (...) -- C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 [5500] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\a02caaef-bdb1-48ce-a25a-b7494b0783cb.job [612] O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-6.job [3120] O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7.job [3456] O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-1-7 [3456] O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-10_user.job [2094] O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.job [4140] =>PUP.CrossRider O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 [4140] =>PUP.CrossRider O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.job [2428] =>PUP.CrossRider O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 [2428] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5_user.job [2428] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-6.job [5500] =>PUP.CrossRider O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 - (...) -- C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.job [5500] =>PUP.CrossRider O39 - APT: a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 - (...) -- C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 [5500] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\a5fc5ff8-db73-4aeb-b3a8-fd2e231b21ff-4.job [2174] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1.job [2750] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 [2750] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.job [4478] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 [4478] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.job [3452] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 [3452] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.job [2428] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 [2428] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5_user.job [2428] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.job [3452] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 [3452] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 - (...) -- C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.job [3452] =>PUP.CrossRider O39 - APT: a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 - (...) -- C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 [3452] =>PUP.CrossRider O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect O39 - APT: b0639b86-3d9e-441a-9ee9-556716c43ef7-4 - (...) -- C:\Windows\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.job [4830] =>PUP.CrossRider O39 - APT: b0639b86-3d9e-441a-9ee9-556716c43ef7-4 - (...) -- C:\Windows\System32\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4 [4830] =>PUP.CrossRider O39 - APT: BCJQQMDVZ1 - (...) -- C:\Windows\Tasks\BCJQQMDVZ1.job [324] O39 - APT: BCJQQMDVZ1 - (...) -- C:\Windows\System32\Tasks\BCJQQMDVZ1 [324] O39 - APT: bench-sys - (...) -- C:\Windows\Tasks\bench-sys.job [344] =>PUP.GiganticSavings O39 - APT: bench-sys - (...) -- C:\Windows\System32\Tasks\bench-sys [344] =>PUP.GiganticSavings O39 - APT: - (..) -- C:\Windows\Tasks\bench-Updater removing.job [288] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\System32\Tasks\bench-Updater removing [288] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job [340] =>PUP.BidailySync O39 - APT: DigitalSite - (...) -- C:\Windows\Tasks\DigitalSite.job [300] =>Hijacker.DSite O39 - APT: DigitalSite - (...) -- C:\Windows\System32\Tasks\DigitalSite [300] =>Hijacker.DSite O39 - APT: - (..) -- C:\Windows\Tasks\e4B8MC7fGSvdgS.job [1014] O39 - APT: EPJQFQQ1 - (...) -- C:\Windows\Tasks\EPJQFQQ1.job [330] O39 - APT: EPJQFQQ1 - (...) -- C:\Windows\System32\Tasks\EPJQFQQ1 [330] O39 - APT: - (..) -- C:\Windows\Tasks\f56fe68c-ded6-4656-a272-5100e7b20016.job [612] O39 - APT: - (..) -- C:\Windows\Tasks\LLXGQWT.job [1698] O39 - APT: media enhance-chromeinstaller - (...) -- C:\Windows\Tasks\media enhance-chromeinstaller.job [3100] =>PUP.CrossRider O39 - APT: media enhance-chromeinstaller - (...) -- C:\Windows\System32\Tasks\media enhance-chromeinstaller [3100] =>PUP.CrossRider O39 - APT: media enhance-codedownloader - (...) -- C:\Windows\Tasks\media enhance-codedownloader.job [1530] =>PUP.CrossRider O39 - APT: media enhance-codedownloader - (...) -- C:\Windows\System32\Tasks\media enhance-codedownloader [1530] =>PUP.CrossRider O39 - APT: media enhance-firefoxinstaller - (...) -- C:\Windows\Tasks\media enhance-firefoxinstaller.job [2358] =>PUP.CrossRider O39 - APT: media enhance-firefoxinstaller - (...) -- C:\Windows\System32\Tasks\media enhance-firefoxinstaller [2358] =>PUP.CrossRider O39 - APT: media enhance-updater - (...) -- C:\Windows\Tasks\media enhance-updater.job [2396] =>PUP.CrossRider O39 - APT: media enhance-updater - (...) -- C:\Windows\System32\Tasks\media enhance-updater [2396] =>PUP.CrossRider O39 - APT: - (..) -- C:\Windows\Tasks\PassWidget Update.job [392] =>PUP.PassWidget O39 - APT: PCDoctorBackgroundMonitorTask - (.PC-Doctor, Inc..) -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [564] O39 - APT: PCDoctorBackgroundMonitorTask - (.PC-Doctor, Inc..) -- C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask [564] O39 - APT: - (..) -- C:\Windows\Tasks\Periodic Synchronize Task.job [340] O39 - APT: SaveSense - (...) -- C:\Windows\Tasks\SaveSense.job [300] =>PUP.CrossRider O39 - APT: SaveSense - (...) -- C:\Windows\System32\Tasks\SaveSense [300] =>PUP.CrossRider O39 - APT: SaveSenseLiveUpdateTaskMachineCore - (...) -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job [926] =>PUP.CrossRider O39 - APT: SaveSenseLiveUpdateTaskMachineCore - (...) -- C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore [926] =>PUP.CrossRider O39 - APT: SaveSenseLiveUpdateTaskMachineUA - (...) -- C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job [930] =>PUP.CrossRider O39 - APT: SaveSenseLiveUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA [930] =>PUP.CrossRider O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [912] =>Adware.Boxore O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [912] =>Adware.Boxore O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [916] =>Adware.Boxore O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [916] =>Adware.Boxore O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\Windows\Tasks\SystemToolsDailyTest.job [506] O39 - APT: SystemToolsDailyTest - (.PC-Doctor, Inc..) -- C:\Windows\System32\Tasks\SystemToolsDailyTest [506] ~ Scheduled Task: 216 Scanned in 00mn 48s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 11 Scanned in 00mn 02s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (aswKbd) . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) - C:\Windows\system32\drivers\aswKbd.sys O41 - Driver: (aswRdr) . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys O41 - Driver: (aswSnx) . (.Avast Software s.r.o. - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys O41 - Driver: (aswSP) . (.Avast Software s.r.o. - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys O41 - Driver: (b786bdb3c67d) . (. - .) - C:\Windows\System32\drivers\b786bdb3c67d.sys (.not file.) O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (innfd_1_10_0_14) . (.Infonaut - Infonaut Driver x64.) - C:\Windows\System32\drivers\innfd_1_10_0_14.sys =>PUP.Infonaut O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (mwiynzm4ndy1yjz) . (. - .) - C:\Windows\System32\drivers\mwiynzm4ndy1yjz.sys (.not file.) O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (rrgwvwin) . (. - .) - C:\Windows\system32\drivers\rrgwvwin.sys (.not file.) O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: (wpnfd_1_10_0_1) . (.Word Proser - Word Proser Driver x64.) - C:\Windows\System32\drivers\wpnfd_1_10_0_1.sys =>PUP.WordProser ~ Drivers: 90 Scanned in 00mn 04s ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 9.22beta - (...) [HKLM][64Bits] -- 7-Zip O42 - Logiciel: AVG Do Not Track - (."".) [HKLM][64Bits] -- {4E5FE462-1A84-47B4-3411-C72434AAD86C} O42 - Logiciel: AccelerometerP11 - (.STMicroelectronics.) [HKLM][64Bits] -- {87434D51-51DB-4109-B68F-A829ECDCF380} O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {7FE25256-B7C1-480D-B736-10A67A833AEA} O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {B255D495-4734-4E9B-B4F5-96702FD4A7B9} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5D61F006-168C-4B8B-B7FD-F113C10AE0E4} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 O42 - Logiciel: Avast Internet Security - (.AVAST Software.) [HKLM][64Bits] -- Avast O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {CA2B24FD-EE10-42B9-B049-AA80268E7E21} =>Adware.Boxore O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: CinemaPlus-3.2cV28.05 - (.Cinema PlusV28.05.) [HKLM][64Bits] -- CinemaPlus-3.2cV28.05 =>PUP.CrossRider O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} O42 - Logiciel: Codec Pack Packages - (...) [HKCU][64Bits] -- Codec Pack Packages O42 - Logiciel: Conexant SmartAudio HD - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM][64Bits] -- DivX Setup O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.CrossBrowser O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DC-Bass Source 1.3.0 - (...) [HKLM][64Bits] -- DC-Bass Source O42 - Logiciel: DMUninstaller - (...) [HKLM][64Bits] -- DMUninstaller O42 - Logiciel: DW WLAN Card Utility - (.Dell Inc..) [HKLM][64Bits] -- DW WLAN Card Utility O42 - Logiciel: Deeal - (.Kreapixel inc..) [HKLM][64Bits] -- Deeal =>PUP.DeealFr O42 - Logiciel: Dell Audio - (.Cirrus Logic.) [HKLM][64Bits] -- {3A69FD31-5EE7-42C9-918B-81C07AA21043} O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM][64Bits] -- {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM][64Bits] -- Dell Support Center O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A} O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central O42 - Logiciel: DigitalPersona Fingerprint Software 5.20 - (.DigitalPersona, Inc..) [HKLM][64Bits] -- {C0C2D40A-1231-46FA-8F02-B45E6BF2036A} O42 - Logiciel: Freeplane - (.Open source.) [HKLM][64Bits] -- {D3941722-C4DD-4509-88C4-0E87F675A859}_is1 O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3} O42 - Logiciel: GoHD - (.InstallMoon.) [HKLM][64Bits] -- GoHD =>PUP.CrossRider O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HQuality-v3V19.10 - (.HQuality3V19.10.) [HKLM][64Bits] -- HQuality-v3V19.10 =>PUP.CrossRider O42 - Logiciel: Haali Media Splitter - (...) [HKLM][64Bits] -- HaaliMkx O42 - Logiciel: Hades - (.Hades.) [HKLM][64Bits] -- Hades O42 - Logiciel: IePluginService12.27.0.3326 - (.Cherished Technololgy LIMITED.) [HKLM][64Bits] -- IePlugins =>PUP.IePluginService O42 - Logiciel: Infonaut 1.10.0.14 - (.Infonaut.) [HKLM][64Bits] -- Infonaut_1.10.0.14 =>PUP.Infonaut O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel(R) OpenCL CPU Runtime - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: Intel(R) Rapid Start Technology - (.Intel Corporation.) [HKLM][64Bits] -- 3D073343-CEEB-4ce7-85AC-A69A7631B5D6 O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Intel(R) USB 3.0 eXtensible Host Controller Driver - (.Intel Corporation.) [HKLM][64Bits] -- {240C3DDD-C5E9-4029-9DF7-95650D040CF2} O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {538B98C3-773F-4F20-9C66-802D104DCBE2} O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {F6F30C28-38AA-4DBA-AE0B-7E30238E61BB} O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM][64Bits] -- LAME_is1 O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (...) [HKLM][64Bits] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1 O42 - Logiciel: LibreOffice 4.0.2.2 - (.The Document Foundation.) [HKLM][64Bits] -- {1062AD6C-80F4-4BC6-AB7C-A28892B497B8} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation O42 - Logiciel: Mp3tag v2.58 - (.Florian Heidenreich.) [HKLM][64Bits] -- Mp3tag O42 - Logiciel: Muvic - (.ReSoft Ltd..) [HKLM][64Bits] -- {065A5BE9-CE42-475C-BD62-52B229D24AB5} =>Hijacker.SmartBar O42 - Logiciel: Muvic Engine - (.ReSoft Ltd..) [HKCU][64Bits] -- {ab0da7b3-e6dd-492c-951e-44f70b9225b4} =>Hijacker.SmartBar O42 - Logiciel: MySearchs - (.Pay-By-Ads.) [HKCU][64Bits] -- mysearchs =>PUP.PaybyAds O42 - Logiciel: NewPlayer - (.SoftForce LLC.) [HKLM][64Bits] -- NewPlayer =>Adware.NewPlayer O42 - Logiciel: OffersWizard Network System Driver - (...) [HKLM][64Bits] -- inethnfd =>PUP.NetworkSystemDriver O42 - Logiciel: On Stage - (.On Stage.) [HKLM][64Bits] -- On Stage O42 - Logiciel: OpenSource Flash Video Splitter 1.0.0.5 - (...) [HKLM][64Bits] -- OpenSource Flash Video Splitter O42 - Logiciel: PassWidget - (.PassWidget Software.) [HKLM][64Bits] -- {3f700348-270d-469b-b073-4a14e4a79189} =>PUP.PassWidget O42 - Logiciel: PhotoFiltre - (...) [HKCU][64Bits] -- PhotoFiltre O42 - Logiciel: Picasa Instant Upload Move Enabler - (."".) [HKLM][64Bits] -- {AE9B04F2-E9E8-162C-829B-52C116B3EFCC} O42 - Logiciel: PremierOpinion - (.VoiceFive, Inc..) [HKLM][64Bits] -- {eeb86aef-4a5d-4b75-9d74-f16d438fc286} =>Adware.PremierOpinion O42 - Logiciel: PriCeDoWnloADer - (."".) [HKLM][64Bits] -- {2D471A31-4FA7-95BA-1880-D441113ED736} =>PUP.PriceDownloader O42 - Logiciel: ST Microelectronics 3 Axis Digital Accelerometer Solution - (.ST Microelectronics.) [HKLM][64Bits] -- {9C24F411-9CA7-4A8A-91F3-F08A4A38EB31} O42 - Logiciel: SaoftoCeoup - (.SoftCoup.) [HKLM][64Bits] -- {7540FDBD-7FDC-30AE-3778-815CB87DBE46} =>PUP.RandomName O42 - Logiciel: Smarts8 - (.smart-saverplus.) [HKLM][64Bits] -- Smarts8 =>PUP.CrossRider O42 - Logiciel: Spotify - (.Spotify AB.) [HKCU][64Bits] -- Spotify O42 - Logiciel: Spotydl 0.9.36.0 - (.spotydl.com.) [HKLM][64Bits] -- Spotydl_is1 O42 - Logiciel: Streak for Gmail - (."".) [HKLM][64Bits] -- {F6423EE4-93D8-FA04-D09D-A8598F6EFDFD} O42 - Logiciel: SupTab - (...) [HKLM][64Bits] -- SupTab =>PUP.SupTab O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: TI USB 3.0 Host Controller Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F} O42 - Logiciel: TI USB3 Host Driver - (.Texas Instruments Inc..) [HKLM][64Bits] -- {B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F} O42 - Logiciel: TerminusStable - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{4284830a} =>Adware.Graftor O42 - Logiciel: TicTaCoupon - (.TicTaCoeuponu.) [HKLM][64Bits] -- {E370F69F-ED3F-925F-31FC-14D1329A713B} =>PUP.TicTaCoupon O42 - Logiciel: Tny_Cassiopesa - (.Tny_Cassiopesa.) [HKLM][64Bits] -- Tny_Cassiopesa O42 - Logiciel: TrimModule - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f0e9047b} =>Adware.Graftor O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM][64Bits] -- {933B4015-4618-4716-A828-5289FC03165F} O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Validity Sensors DDK - (.Validity Sensors, Inc..) [HKLM][64Bits] -- {CF8F802C-0CEA-4591-A353-12EC03794652} O42 - Logiciel: ValueApps - (.Conduit.) [HKCU][64Bits] -- ValueApps =>Toolbar.Conduit O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {A1439D4F-FD46-47F2-A1D3-FEE097C29A09} O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM][64Bits] -- {4c13db17-a811-442c-9a1b-a92b65dca879} =>Adware.WebAdSystem O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM][64Bits] -- {AF59773E-3245-46A3-B418-DD84AB6C3C50} =>Adware.WebAdSystem O42 - Logiciel: WindeskWinsearch 1.0 - (.PCSoftware.) [HKLM][64Bits] -- WindeskWinsearch =>PUP.WindeskWinsearch O42 - Logiciel: Winservices - (.Kreapixel inc..) [HKLM][64Bits] -- WinServices =>Adware.SocialSkinz O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM][64Bits] -- Xvid Video Codec 1.3.2 O42 - Logiciel: doPDF 7.3 printer - (.Softland.) [HKLM][64Bits] -- doPDF 7 printer_is1 O42 - Logiciel: ffdshow v1.1.4399 [2012-03-22] - (...) [HKLM][64Bits] -- ffdshow_is1 O42 - Logiciel: fix version 1.0.0.0 - (...) [HKLM][64Bits] -- {ACA88935-7188-47AD-B220-B50106DC0D9C}_is1 O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {4046F74A-28F8-48C6-A5D3-2AFC472574C1} O42 - Logiciel: oursurfing uninstall - (.oursurfing.) [HKLM][64Bits] -- oursurfing uninstall =>Hijacker.OurSurfing O42 - Logiciel: sursenel - (.sidecom.) [HKLM][64Bits] -- {7d0ff442-6ee9-4afb-74ec-015a61fc9fd0} O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ~ Logic: 94 Scanned in 00mn 05s ---\\ HKCU & HKLM Software Keys [HKCU\Software\5c55da8cbc3ab845] [HKCU\Software\7-Zip] [HKCU\Software\Activeris] =>PUP.Activeris [HKCU\Software\Adobe] [HKCU\Software\Alexa Internet] [HKCU\Software\Alps] [HKCU\Software\AmiExt] =>Adware.FlashEnhancer [HKCU\Software\AnyProtect] =>PUP.AnyProtect [HKCU\Software\AppDataLow\Software\ConduitSearchScopes] [HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\LyricsMonkey-1] =>Adware.AddLyrics [HKCU\Software\AppDataLow\Software\LyricsSay-1] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\PassWidget] =>PUP.PassWidget [HKCU\Software\AppDataLow\Software\Plus-HD-1.6] =>Adware.PlusHD [HKCU\Software\AppDataLow\Software\Plus-HD-3.5] =>Adware.PlusHD [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKCU\Software\AppDataLow\Software\SmartWeb] =>PUP.SmartWeb [HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar [HKCU\Software\AppDataLow\Software\Smarts8] [HKCU\Software\AppDataLow\Software\WhiteSmoke_New_V6] =>PUP.WhiteSmoke [HKCU\Software\AppDataLow\Software\free ven] =>PUP.Freeven [HKCU\Software\AppDataLow\Software\media enhance] =>PUP.MediaPlayerEnhance [HKCU\Software\AppDataLow\Software\winservice86] =>PUP.CrossRider [HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] [HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}] =>Adware.Graftor [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\ArenaHD] =>PUP.CrossRider [HKCU\Software\Atheros] [HKCU\Software\Audacity] [HKCU\Software\Avast Software] [HKCU\Software\BabSolution] =>Hijacker.BabSolution [HKCU\Software\BatBrowse] =>PUP.BatBrowse [HKCU\Software\BcmSetup] [HKCU\Software\Boxore] =>Adware.Boxore [HKCU\Software\Broadcom] [HKCU\Software\Browser] [HKCU\Software\CanonBJ] [HKCU\Software\Canon] [HKCU\Software\Chromium] [HKCU\Software\CinemaPlus-3.2cV24.05-nv-ie] =>PUP.CrossRider [HKCU\Software\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider [HKCU\Software\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ClkApp] [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\Cores] [HKCU\Software\Creative Tech] [HKCU\Software\CrossBrowser] =>PUP.CrossBrowser [HKCU\Software\Crossbrowse] =>PUP.CrossBrowser [HKCU\Software\DSP-worx] [HKCU\Software\DSiteProducts] =>Hijacker.DSite [HKCU\Software\DataMngr] =>PUP.Datamngr [HKCU\Software\DealPlyLive] =>PUP.DealPly [HKCU\Software\DigitalPersona] [HKCU\Software\Distromatic] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\Doko-Toolbar] =>Hijacker.Doko [HKCU\Software\Duuqu] =>PUP.Duuqu [HKCU\Software\ELIGCHK] [HKCU\Software\Easy Speed Check] [HKCU\Software\FLEXnet] [HKCU\Software\File Type Helper] =>PUP.FileTypeHelper [HKCU\Software\GNU] [HKCU\Software\GoHD-nv-ie] =>PUP.CrossRider [HKCU\Software\GoHD-nv] =>PUP.CrossRider [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hawker] [HKCU\Software\HighDefAction] =>PUP.CrossRider [HKCU\Software\IM Providers] [HKCU\Software\Iminent] =>Adware.IMBooster [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions [HKCU\Software\InstalledThirdPartyPrograms] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\KalityWeb] =>Adware.WebAdSystem [HKCU\Software\LAV] [HKCU\Software\Licenses] [HKCU\Software\LogMeInRescueCallingCard] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\Nosibay] [HKCU\Software\Opera Software] [HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro [HKCU\Software\PC-Doctor] [HKCU\Software\PCPrivacyDockLanguage] [HKCU\Software\PepperZip] =>PUP.PepperZip [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\PowerPack] [HKCU\Software\QtProject] [HKCU\Software\RapidMediaConverterApp] [HKCU\Software\Reg] [HKCU\Software\SafeGuardApp] =>PUP.SafeGuard [HKCU\Software\Samsung] [HKCU\Software\SaveSenseLive] =>PUP.CrossRider [HKCU\Software\SimplyTech] =>PUP.SimplyTech [HKCU\Software\Skype] [HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar [HKCU\Software\SmartbarLog] =>Hijacker.SmartBar [HKCU\Software\Smartbar] =>Hijacker.SmartBar [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\Software] [HKCU\Software\Streaming Audio Recorder] [HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer [HKCU\Software\Synaptics] [HKCU\Software\System Speedup] =>PUP.SystemSpeedup [HKCU\Software\TNT2] =>Adware.TidyNetwork [HKCU\Software\TeleCharger] [HKCU\Software\Trolltech] [HKCU\Software\TutoTag] =>PUP.AgenceExclusive [HKCU\Software\Tutorials] =>PUP.AgenceExclusive [HKCU\Software\UpToDown] =>PUP.UpToDown [HKCU\Software\UpdateFiles] =>Adware.Boxore [HKCU\Software\Visualbee] =>Adware.VisualBeeToolbar [HKCU\Software\Wajam] =>PUP.Wajam [HKCU\Software\Waves Audio] [HKCU\Software\Widcomm] [HKCU\Software\Wow6432Node] [HKCU\Software\YorkNewCin] =>PUP.CrossRider [HKCU\Software\ZebHelpProcess Helper] [HKCU\Software\astromenda] =>PUP.Astromenda [HKCU\Software\cacaoweb] =>PUP.CacaoWeb [HKCU\Software\ej-technologies] [HKCU\Software\gamesdesktop] =>Adware.GamesDesktop [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate [HKCU\Software\kde.org] [HKCU\Software\lollipop] =>Adware.Lollipop [HKCU\Software\mysearchdial] =>Adware.MyWebSearch [HKCU\Software\sidecom] [HKCU\Software\systweak] [HKCU\Software\tny_cassiopesa] [HKCU\Software\tuto4pc] =>PUP.AgenceExclusive [HKCU\Software\winservice86-nv-ie] =>PUP.CrossRider [HKCU\Software\winservice86-nv] =>PUP.CrossRider [HKLM\Software\ATI Technologies] [HKLM\Software\Alps] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\ArenaHD] =>PUP.CrossRider [HKLM\Software\Atheros] [HKLM\Software\Broadcom] [HKLM\Software\BubbleSound] =>PUP.BubbleSound [HKLM\Software\CBSTEST] [HKLM\Software\Canon] [HKLM\Software\Cirrus] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Cnxt_Uiu_Parms] [HKLM\Software\Conexant] [HKLM\Software\Creative Tech] [HKLM\Software\Dell Computer Corporation] [HKLM\Software\Dell] [HKLM\Software\DigitalPersona] [HKLM\Software\DivX] [HKLM\Software\GEAR Software] [HKLM\Software\Google] [HKLM\Software\HQuality-v3V19.10-nv] =>PUP.CrossRider [HKLM\Software\HaaliMkx] [HKLM\Software\HighDefAction] =>PUP.CrossRider [HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions [HKLM\Software\InstalledOptions] [HKLM\Software\InstalledThirdPartyPrograms] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Khronos] [HKLM\Software\LolliScan] =>Adware.Graftor [HKLM\Software\Macromedia] [HKLM\Software\ManageableUpdatePackage] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\PC-Doctor] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\ST Microelectronics] [HKLM\Software\Softland] [HKLM\Software\Sonic] [HKLM\Software\Speedchecker Limited] =>PUP.InternetSpeedChecker [HKLM\Software\Synaptics] [HKLM\Software\UIU] [HKLM\Software\Validity] [HKLM\Software\WIDCOMM_TEMP] [HKLM\Software\Waves Audio] [HKLM\Software\WebBar] =>PUP.WebBar [HKLM\Software\Widcomm] [HKLM\Software\Wow6432Node\11f7643f-77e0-4a4a-a192-4b7a9e9fbf2a] =>PUP.CrossRider [HKLM\Software\Wow6432Node\22fbe0a4-6d53-4d01-9877-31667f148858] =>PUP.CrossRider [HKLM\Software\Wow6432Node\5c55da8cbc3ab845] [HKLM\Software\Wow6432Node\95b48dc0-8b8d-47f8-ab2e-5f40b4109b11] =>PUP.CrossRider [HKLM\Software\Wow6432Node\971bbd6c-f848-4ae2-9434-b893b6d0f4f1] =>PUP.CrossRider [HKLM\Software\Wow6432Node\AVAST Software] [HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris [HKLM\Software\Wow6432Node\Adobe] [HKLM\Software\Wow6432Node\AmiExt] =>Adware.FlashEnhancer [HKLM\Software\Wow6432Node\AppDataLow] [HKLM\Software\Wow6432Node\Apple Inc.] [HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Atheros Communications Inc.] [HKLM\Software\Wow6432Node\Atheros] [HKLM\Software\Wow6432Node\Bench] =>PUP.GiganticSavings [HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf [HKLM\Software\Wow6432Node\BetterSurf Plus V1] =>PUP.BetterSurf [HKLM\Software\Wow6432Node\BetterSurf] =>PUP.BetterSurf [HKLM\Software\Wow6432Node\Canon] [HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider [HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes] [HKLM\Software\Wow6432Node\Client] [HKLM\Software\Wow6432Node\Clients] [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Creative Tech] [HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\Dell Computer Corporation] [HKLM\Software\Wow6432Node\Dell_Wlan] [HKLM\Software\Wow6432Node\DigitalPersona] [HKLM\Software\Wow6432Node\DivXNetworks] [HKLM\Software\Wow6432Node\DivX] [HKLM\Software\Wow6432Node\DownloaderAssistant] =>PUP.Salus [HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu [HKLM\Software\Wow6432Node\FLEXnet] [HKLM\Software\Wow6432Node\FastSearch] [HKLM\Software\Wow6432Node\File Type Helper] =>PUP.FileTypeHelper [HKLM\Software\Wow6432Node\Florian Heidenreich] [HKLM\Software\Wow6432Node\GNU] [HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate [HKLM\Software\Wow6432Node\GoHD-nv-ie] =>PUP.CrossRider [HKLM\Software\Wow6432Node\GoHD-nv] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Google] [HKLM\Software\Wow6432Node\HQuality-v3V19.10-nv] =>PUP.CrossRider [HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider [HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR [HKLM\Software\Wow6432Node\IePlugin] [HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore [HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions [HKLM\Software\Wow6432Node\Intel] [HKLM\Software\Wow6432Node\JavaSoft] [HKLM\Software\Wow6432Node\JreMetrics] [HKLM\Software\Wow6432Node\KalityWeb] =>Adware.WebAdSystem [HKLM\Software\Wow6432Node\Khronos] [HKLM\Software\Wow6432Node\Lame For Audacity] [HKLM\Software\Wow6432Node\LibreOffice] [HKLM\Software\Wow6432Node\Licenses] [HKLM\Software\Wow6432Node\Lightspark Team] [HKLM\Software\Wow6432Node\LogMeInRescueCallingCard] [HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor [HKLM\Software\Wow6432Node\Macromedia] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\Wow6432Node\ManageableUpdatePackage] [HKLM\Software\Wow6432Node\MaxPower] [HKLM\Software\Wow6432Node\MediaPlayerV1] [HKLM\Software\Wow6432Node\MediaPlayerV1alpha3537] [HKLM\Software\Wow6432Node\MediaViewV1] =>PUP.MediaViewer [HKLM\Software\Wow6432Node\MediaViewV1alpha698] =>PUP.MediaViewer [HKLM\Software\Wow6432Node\MediaViewV1alpha7499] =>PUP.MediaViewer [HKLM\Software\Wow6432Node\MediaWatchV1] =>PUP.MediaWatch [HKLM\Software\Wow6432Node\MediaWatchV1home857] =>PUP.MediaWatch [HKLM\Software\Wow6432Node\MovieDea] [HKLM\Software\Wow6432Node\MozillaPlugins] [HKLM\Software\Wow6432Node\Mozilla] [HKLM\Software\Wow6432Node\ODBC] [HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox [HKLM\Software\Wow6432Node\OnStage] [HKLM\Software\Wow6432Node\PicexaSvc] [HKLM\Software\Wow6432Node\Policies] [HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.] [HKLM\Software\Wow6432Node\Realtek] [HKLM\Software\Wow6432Node\Reg] [HKLM\Software\Wow6432Node\RegisteredApplications] [HKLM\Software\Wow6432Node\Registry Helper] =>PUP.RegistryHelper [HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer [HKLM\Software\Wow6432Node\RichMediaViewV1release1055] =>PUP.MediaViewer [HKLM\Software\Wow6432Node\ST Microelectronics] [HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard [HKLM\Software\Wow6432Node\SafeGuard] =>PUP.SafeGuard [HKLM\Software\Wow6432Node\Salus] =>PUP.Salus [HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.CrossRider [HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect [HKLM\Software\Wow6432Node\Skype] [HKLM\Software\Wow6432Node\SoftThinks] [HKLM\Software\Wow6432Node\Software] [HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab [HKLM\Software\Wow6432Node\SuperClick_1.10.0.16] [HKLM\Software\Wow6432Node\SuppHelpDir] [HKLM\Software\Wow6432Node\Symantec] [HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup [HKLM\Software\Wow6432Node\Systweak] [HKLM\Software\Wow6432Node\TabNav] =>PUP.Abengine [HKLM\Software\Wow6432Node\Taronja] [HKLM\Software\Wow6432Node\The Document Foundation] [HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive [HKLM\Software\Wow6432Node\Universal] [HKLM\Software\Wow6432Node\VBMZ] =>PUP.Duuqu [HKLM\Software\Wow6432Node\Validity] [HKLM\Software\Wow6432Node\VideoLAN] [HKLM\Software\Wow6432Node\Visualbee] =>Adware.VisualBeeToolbar [HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia [HKLM\Software\Wow6432Node\Volatile] [HKLM\Software\Wow6432Node\WhiteSmoke_New_V6] =>PUP.WhiteSmoke [HKLM\Software\Wow6432Node\WinU] [HKLM\Software\Wow6432Node\Winservices] =>Trojan.Inject.RRE [HKLM\Software\Wow6432Node\WordProser_1.10.0.1] =>PUP.WordProser [HKLM\Software\Wow6432Node\WordShark_1.10.0.19] [HKLM\Software\Wow6432Node\Wow6432Node] [HKLM\Software\Wow6432Node\Xvid Team] [HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider [HKLM\Software\Wow6432Node\a558af43-d482-4649-b45f-6e1c09b384c2] =>PUP.CrossRider [HKLM\Software\Wow6432Node\aa73fe5b-d1f7-411f-8961-8d74e4ee2c2e] =>PUP.CrossRider [HKLM\Software\Wow6432Node\anset] [HKLM\Software\Wow6432Node\awesomehpSoftware] =>PUP.Awesomehp [HKLM\Software\Wow6432Node\b56ba8d1-2bff-4555-a80e-09eae0dad631] =>PUP.CrossRider [HKLM\Software\Wow6432Node\c968f51d-077d-494f-a31c-82fe202a993e] =>PUP.CrossRider [HKLM\Software\Wow6432Node\delta-homesSoftware] =>Hijacker.DeltaHomes [HKLM\Software\Wow6432Node\e3bdb18e-b300-43e4-991c-3eac4da6d490] =>PUP.CrossRider [HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity [HKLM\Software\Wow6432Node\ej-technologies] [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c] =>PUP.CrossRider [HKLM\Software\Wow6432Node\flash-Enhancer] =>Adware.FlashEnhancer [HKLM\Software\Wow6432Node\free ven] =>PUP.Freeven [HKLM\Software\Wow6432Node\freefallprotection] [HKLM\Software\Wow6432Node\hdcode] [HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.Istart [HKLM\Software\Wow6432Node\mamverifier] [HKLM\Software\Wow6432Node\media enhance] =>PUP.MediaPlayerEnhance [HKLM\Software\Wow6432Node\mozilla.org] [HKLM\Software\Wow6432Node\oursurfingSoftware] =>Hijacker.OurSurfing [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager [HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu [HKLM\Software\Wow6432Node\troll] [HKLM\Software\Wow6432Node\winservice86-nv-ie] =>PUP.CrossRider [HKLM\Software\Wow6432Node\winservice86-nv] =>PUP.CrossRider [HKLM\Software\Wow6432Node\winservice86] =>PUP.CrossRider [HKLM\Software\Wow6432Node] [HKLM\Software\YorkNewCin] =>PUP.CrossRider ~ Key Software: 574 Scanned in 00mn 05s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 07/07/2015 - 20:22:49 - [] ----D C:\Program Files (x86)\0ca45c95134d O43 - CFD: 07/07/2015 - 20:22:35 - [] ----D C:\Program Files (x86)\34c5cc2e-af4c-4dd1-b4e3-89330a3555b0 O43 - CFD: 07/07/2015 - 20:36:45 - [] ----D C:\Program Files (x86)\7-Zip O43 - CFD: 06/07/2015 - 01:01:37 - [] ----D C:\Program Files (x86)\7075d8f6-5e3a-44b5-9ad6-ab229e7e6b97 O43 - CFD: 07/07/2015 - 20:36:46 - [0] ----D C:\Program Files (x86)\732c5602-885d-4b9d-9083-372cdd2690b0 O43 - CFD: 20/05/2015 - 21:58:14 - [] ----D C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris O43 - CFD: 25/05/2015 - 17:27:02 - [] ----D C:\Program Files (x86)\Adobe O43 - CFD: 26/10/2013 - 22:57:44 - [0] ----D C:\Program Files (x86)\Amazon O43 - CFD: 31/07/2014 - 00:29:23 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc O43 - CFD: 24/05/2015 - 23:07:25 - [0] ----D C:\Program Files (x86)\app_setup O43 - CFD: 20/05/2015 - 21:58:16 - [] ----D C:\Program Files (x86)\ASP O43 - CFD: 21/05/2014 - 18:50:27 - [] ----D C:\Program Files (x86)\Audacity O43 - CFD: 04/07/2015 - 15:42:46 - [] ----D C:\Program Files (x86)\AVG Do Not Track O43 - CFD: 18/06/2015 - 15:10:45 - [] ----D C:\Program Files (x86)\AVG PrivacyFix O43 - CFD: 31/07/2014 - 00:28:21 - [] ----D C:\Program Files (x86)\Bonjour O43 - CFD: 20/05/2015 - 21:58:17 - [] ----D C:\Program Files (x86)\Boost O43 - CFD: 07/07/2015 - 20:22:24 - [0] ----D C:\Program Files (x86)\Casual Games O43 - CFD: 27/05/2015 - 20:12:07 - [] ----D C:\Program Files (x86)\cefcba80-57ad-4734-bbf8-6280bb051e68 O43 - CFD: 07/07/2015 - 20:39:11 - [] ----D C:\Program Files (x86)\CinemaPlus-3.2cV28.05 =>PUP.CrossRider O43 - CFD: 27/05/2013 - 21:45:39 - [] ----D C:\Program Files (x86)\Cisco O43 - CFD: 08/07/2015 - 00:42:06 - [] ----D C:\Program Files (x86)\Common Files O43 - CFD: 15/05/2012 - 09:59:13 - [] ----D C:\Program Files (x86)\Creative O43 - CFD: 24/05/2015 - 00:49:08 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser O43 - CFD: 28/05/2015 - 20:41:46 - [] ----D C:\Program Files (x86)\d418cfe8-9402-4dd6-b158-1fce1db4af41 O43 - CFD: 21/05/2015 - 22:04:32 - [] ----D C:\Program Files (x86)\deaal4reala =>PUP.Deal4reaL O43 - CFD: 05/07/2015 - 14:39:24 - [] ----D C:\Program Files (x86)\DealsFuInndeRProo =>PUP.DealsFinderPro O43 - CFD: 05/07/2015 - 14:39:26 - [] ----D C:\Program Files (x86)\DeaolsFiNderPro =>PUP.DealsFinderPro O43 - CFD: 04/07/2015 - 15:40:06 - [] ----D C:\Program Files (x86)\DeeaLsFinDErPro =>PUP.DealsFinderPro O43 - CFD: 15/05/2012 - 09:58:39 - [] ----D C:\Program Files (x86)\Dell Webcam O43 - CFD: 28/05/2013 - 12:42:13 - [] ----D C:\Program Files (x86)\Dell Wireless O43 - CFD: 04/10/2013 - 18:04:46 - [] ----D C:\Program Files (x86)\DigitalPersona O43 - CFD: 07/07/2015 - 19:05:29 - [] ----D C:\Program Files (x86)\DivX O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\DSP-worx O43 - CFD: 07/07/2015 - 20:22:36 - [] ----D C:\Program Files (x86)\Easy Speed Check O43 - CFD: 28/05/2015 - 21:39:31 - [0] ----D C:\Program Files (x86)\Edu App O43 - CFD: 06/07/2015 - 03:44:29 - [] ----D C:\Program Files (x86)\FastSearch O43 - CFD: 04/11/2013 - 22:20:21 - [] ----D C:\Program Files (x86)\ffdshow O43 - CFD: 20/12/2013 - 22:18:32 - [] ----D C:\Program Files (x86)\Freeplane O43 - CFD: 24/05/2015 - 23:39:25 - [] ----D C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate O43 - CFD: 07/07/2015 - 20:43:11 - [] ----D C:\Program Files (x86)\gmsd_fr_002020023 =>PUP.CrossRider O43 - CFD: 07/07/2015 - 20:43:12 - [0] ----D C:\Program Files (x86)\gmsd_fr_005010016 =>PUP.CrossRider O43 - CFD: 07/07/2015 - 20:43:16 - [] ----D C:\Program Files (x86)\GoHD =>PUP.CrossRider O43 - CFD: 03/10/2013 - 20:08:50 - [] ----D C:\Program Files (x86)\Google O43 - CFD: 05/07/2015 - 14:39:23 - [] ----D C:\Program Files (x86)\greattsAVieng =>PUP.GreatSaving O43 - CFD: 04/07/2015 - 19:28:00 - [] ----D C:\Program Files (x86)\GUMD29E.tmp O43 - CFD: 07/07/2015 - 23:43:55 - [] ----D C:\Program Files (x86)\GUPlayer O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\Haali O43 - CFD: 07/07/2015 - 20:22:34 - [0] ----D C:\Program Files (x86)\Hades O43 - CFD: 07/07/2015 - 20:22:48 - [] ----D C:\Program Files (x86)\Hawker O43 - CFD: 06/07/2015 - 02:18:36 - [0] ----D C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches O43 - CFD: 07/07/2015 - 20:41:29 - [] ----D C:\Program Files (x86)\HQuality-v3V19.10 =>PUP.CrossRider O43 - CFD: 06/07/2015 - 00:49:49 - [] ----D C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut O43 - CFD: 04/03/2014 - 22:56:19 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 13/09/2012 - 15:40:25 - [] ----D C:\Program Files (x86)\Intel O43 - CFD: 05/07/2015 - 12:53:13 - [] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 06/07/2015 - 02:56:25 - [] ----D C:\Program Files (x86)\iTunes O43 - CFD: 05/07/2015 - 14:21:45 - [] ----D C:\Program Files (x86)\Java O43 - CFD: 04/11/2013 - 22:20:13 - [] ----D C:\Program Files (x86)\Lame For Audacity O43 - CFD: 06/05/2013 - 23:21:36 - [] ----D C:\Program Files (x86)\LibreOffice 4.0 O43 - CFD: 28/05/2012 - 12:52:20 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 19/05/2015 - 01:58:47 - [] ----D C:\Program Files (x86)\Microsoft Security Client O43 - CFD: 19/05/2015 - 02:28:25 - [] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 18/12/2013 - 18:15:56 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 15/05/2012 - 10:23:53 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 26/02/2012 - 12:49:28 - [] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 19/05/2015 - 19:29:27 - [] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 26/10/2013 - 23:28:38 - [] ----D C:\Program Files (x86)\Mp3tag O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 30/03/2015 - 21:37:34 - [] ----D C:\Program Files (x86)\MTG Finder O43 - CFD: 21/05/2015 - 21:25:55 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup O43 - CFD: 07/07/2015 - 20:22:20 - [] ----D C:\Program Files (x86)\NewPlayer =>Adware.NewPlayer O43 - CFD: 05/07/2015 - 22:19:20 - [] ----D C:\Program Files (x86)\On Stage O43 - CFD: 04/11/2013 - 22:20:06 - [] ----D C:\Program Files (x86)\OpenSource Flash Video Splitter O43 - CFD: 28/06/2015 - 15:29:12 - [0] ----D C:\Program Files (x86)\Opera O43 - CFD: 24/07/2014 - 23:00:22 - [] ----D C:\Program Files (x86)\Pass-Widget =>PUP.PassWidget O43 - CFD: 07/07/2015 - 20:23:34 - [] ----D C:\Program Files (x86)\PCP O43 - CFD: 17/10/2013 - 20:36:02 - [] ----D C:\Program Files (x86)\PhotoFiltre O43 - CFD: 21/05/2015 - 22:06:04 - [] ----D C:\Program Files (x86)\Picasa Instant Upload Move Enabler O43 - CFD: 24/05/2015 - 22:06:53 - [] ----D C:\Program Files (x86)\Picexa O43 - CFD: 24/05/2015 - 21:32:10 - [0] ----D C:\Program Files (x86)\predm =>Adware.Downware O43 - CFD: 07/07/2015 - 20:38:40 - [] ----D C:\Program Files (x86)\PremierOpinion =>Adware.PremierOpinion O43 - CFD: 21/06/2014 - 22:28:09 - [] ----D C:\Program Files (x86)\Premium Software =>Trojan.Tivmonk O43 - CFD: 07/07/2015 - 20:23:13 - [] ----D C:\Program Files (x86)\PriceDowineloader =>PUP.PriceDownloader O43 - CFD: 07/07/2015 - 20:23:14 - [] ----D C:\Program Files (x86)\PriCeDoWnloADer =>PUP.PriceDownloader O43 - CFD: 24/05/2015 - 23:07:40 - [0] ----D C:\Program Files (x86)\Priceless =>PUP.PriceLess O43 - CFD: 05/07/2015 - 22:10:55 - [0] ----D C:\Program Files (x86)\Probit Software =>PUP.ProbitSoftware O43 - CFD: 05/07/2015 - 14:38:15 - [] ----D C:\Program Files (x86)\PrriCeDownaloaderr =>PUP.PriceDownloader O43 - CFD: 04/03/2014 - 22:56:19 - [0] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 23/12/2013 - 13:04:17 - [] ----D C:\Program Files (x86)\Samsung O43 - CFD: 05/07/2015 - 03:44:46 - [] ----D C:\Program Files (x86)\SaoftoCeoup =>PUP.RandomName O43 - CFD: 05/07/2015 - 03:44:43 - [] ----D C:\Program Files (x86)\savInshop =>PUP.SavinShop O43 - CFD: 05/07/2015 - 14:39:26 - [] ----D C:\Program Files (x86)\sHoepndrop =>PUP.ShopDrop O43 - CFD: 08/07/2015 - 00:42:06 - [] R---D C:\Program Files (x86)\Skype O43 - CFD: 07/07/2015 - 20:37:05 - [] ----D C:\Program Files (x86)\Smarts8 O43 - CFD: 07/07/2015 - 20:22:42 - [] ----D C:\Program Files (x86)\Smwyyntm1ndi1zdz O43 - CFD: 18/06/2015 - 15:09:42 - [] ----D C:\Program Files (x86)\SofftCuoup =>PUP.RandomName O43 - CFD: 05/07/2015 - 03:44:39 - [] ----D C:\Program Files (x86)\SoftCoupe =>PUP.RandomName O43 - CFD: 07/10/2013 - 20:32:34 - [] ----D C:\Program Files (x86)\Software O43 - CFD: 24/05/2015 - 13:14:24 - [] ----D C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser O43 - CFD: 22/10/2013 - 00:20:52 - [] ----D C:\Program Files (x86)\Spotydl O43 - CFD: 24/09/2012 - 08:39:13 - [] ----D C:\Program Files (x86)\ST Microelectronics O43 - CFD: 15/05/2012 - 10:09:29 - [] ----D C:\Program Files (x86)\STMicroelectronics O43 - CFD: 06/07/2015 - 00:38:05 - [] ----D C:\Program Files (x86)\Streak for Gmail O43 - CFD: 07/07/2015 - 20:22:36 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab O43 - CFD: 06/07/2015 - 02:18:44 - [0] ----D C:\Program Files (x86)\TerminusStable O43 - CFD: 15/05/2012 - 10:10:20 - [] ----D C:\Program Files (x86)\Texas Instruments Inc O43 - CFD: 04/07/2015 - 18:44:50 - [] ----D C:\Program Files (x86)\Tny_Cassiopesa O43 - CFD: 06/07/2015 - 02:18:46 - [0] ----D C:\Program Files (x86)\TrimModule O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information O43 - CFD: 28/05/2012 - 12:40:00 - [] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 20/05/2015 - 21:58:39 - [] ----D C:\Program Files (x86)\WebAdSystem =>Adware.WebAdSystem O43 - CFD: 24/05/2015 - 23:57:27 - [] ----D C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch O43 - CFD: 05/10/2013 - 13:01:40 - [] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 18/12/2013 - 18:18:29 - [] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation O43 - CFD: 05/07/2015 - 12:53:26 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 21/11/2010 - 05:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 15/05/2012 - 12:42:07 - [] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 07/07/2015 - 20:39:05 - [0] ----D C:\Program Files (x86)\winservice86 =>PUP.CrossRider O43 - CFD: 20/05/2015 - 21:58:41 - [] ----D C:\Program Files (x86)\WordProser_1.10.0.1 =>PUP.WordProser O43 - CFD: 04/11/2013 - 22:21:06 - [] ----D C:\Program Files (x86)\Xvid O43 - CFD: 08/07/2015 - 13:26:39 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman O43 - CFD: 08/07/2015 - 12:46:58 - [] ----D C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8 O43 - CFD: 25/05/2015 - 17:27:04 - [] ----D C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 17/02/2015 - 02:35:57 - [] ----D C:\Program Files (x86)\Common Files\Apple O43 - CFD: 28/05/2013 - 12:37:12 - [] ----D C:\Program Files (x86)\Common Files\Atheros O43 - CFD: 22/06/2014 - 00:10:40 - [] ----D C:\Program Files (x86)\Common Files\Config O43 - CFD: 07/07/2015 - 19:04:04 - [] ----D C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 21/10/2013 - 23:10:49 - [] ----D C:\Program Files (x86)\Common Files\i4j_jres O43 - CFD: 04/10/2013 - 18:04:59 - [] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 13/09/2012 - 15:26:52 - [] ----D C:\Program Files (x86)\Common Files\Intel O43 - CFD: 13/09/2012 - 15:23:20 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 05/07/2015 - 14:20:19 - [] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 18/12/2013 - 18:17:58 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 15/05/2012 - 10:02:35 - [] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 26/05/2012 - 03:49:06 - [] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 15/05/2012 - 10:22:26 - [] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 24/05/2015 - 03:59:37 - [] ----D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf O43 - CFD: 18/06/2015 - 14:33:37 - [0] ----D C:\ProgramData\2678128400004297 O43 - CFD: 08/07/2015 - 12:45:32 - [] ----D C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8 O43 - CFD: 17/02/2015 - 02:35:57 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 O43 - CFD: 01/03/2015 - 20:35:53 - [0] ----D C:\ProgramData\374311380 O43 - CFD: 06/07/2015 - 00:38:33 - [] ----D C:\ProgramData\5551195122105854317 O43 - CFD: 06/07/2015 - 02:04:51 - [0] ----D C:\ProgramData\6c54da2e97bd4bf69fea341a446a9746 O43 - CFD: 24/05/2015 - 21:30:13 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 O43 - CFD: 14/05/2014 - 20:37:33 - [] ----D C:\ProgramData\Activeris =>PUP.Activeris O43 - CFD: 25/05/2015 - 17:26:35 - [] ----D C:\ProgramData\Adobe O43 - CFD: 31/07/2014 - 00:29:08 - [] ----D C:\ProgramData\Apple O43 - CFD: 31/07/2014 - 00:31:48 - [] ----D C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 23/01/2014 - 16:07:56 - [] ----D C:\ProgramData\Atheros O43 - CFD: 07/12/2014 - 17:05:06 - [] ----D C:\ProgramData\atjs O43 - CFD: 24/05/2015 - 00:53:37 - [] ----D C:\ProgramData\Atubonop O43 - CFD: 06/07/2015 - 00:57:20 - [] ----D C:\ProgramData\AVAST Software O43 - CFD: 03/10/2013 - 19:58:55 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon O43 - CFD: 24/05/2015 - 13:09:53 - [] ----D C:\ProgramData\Browser O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Bureau O43 - CFD: 17/10/2013 - 18:23:34 - [] --H-D C:\ProgramData\CanonBJ O43 - CFD: 22/01/2014 - 15:59:31 - [0] ----D C:\ProgramData\Conduit O43 - CFD: 15/05/2012 - 10:07:47 - [] ----D C:\ProgramData\Conexant O43 - CFD: 13/09/2012 - 15:31:39 - [] ----D C:\ProgramData\Creative O43 - CFD: 06/07/2015 - 02:04:49 - [0] ----D C:\ProgramData\dc9def169e834b19aff83090e5e3337a O43 - CFD: 27/05/2013 - 21:41:03 - [] ----D C:\ProgramData\Dell O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 07/07/2015 - 19:05:35 - [] ----D C:\ProgramData\DivX O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 15/05/2012 - 10:25:32 - [] ----D C:\ProgramData\Downloaded Installations O43 - CFD: 06/07/2015 - 02:55:17 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 25/05/2015 - 15:17:31 - [] ----D C:\ProgramData\FlashBeat =>PUP.FlashBeat O43 - CFD: 15/05/2012 - 10:25:39 - [] ----D C:\ProgramData\FLEXnet O43 - CFD: 06/07/2015 - 02:18:53 - [] ----D C:\ProgramData\IePluginService =>PUP.IePluginService O43 - CFD: 07/07/2015 - 20:23:15 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService O43 - CFD: 16/02/2015 - 23:51:42 - [] ----D C:\ProgramData\IHProtectUpDate =>Adware.AgentODR O43 - CFD: 13/09/2012 - 15:07:37 - [] ----D C:\ProgramData\Intel O43 - CFD: 24/05/2015 - 23:15:14 - [] ----D C:\ProgramData\LolliScan =>Adware.Graftor O43 - CFD: 15/05/2012 - 10:25:46 - [] ----D C:\ProgramData\Macrovision O43 - CFD: 21/01/2014 - 20:53:09 - [] ----D C:\ProgramData\Malwarebytes O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 17/05/2015 - 13:59:35 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 18/12/2013 - 18:15:31 - [] ----D C:\ProgramData\Microsoft SkyDrive =>.Microsoft Corporation O43 - CFD: 24/05/2012 - 18:46:11 - [] -SH-D C:\ProgramData\Modèles O43 - CFD: 06/07/2015 - 22:09:05 - [] ----D C:\ProgramData\MovieDeaConfig O43 - CFD: 28/05/2012 - 11:01:33 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 07/07/2015 - 20:22:43 - [0] ----D C:\ProgramData\NavRight O43 - CFD: 05/07/2015 - 14:23:30 - [] ----D C:\ProgramData\Oracle O43 - CFD: 25/05/2015 - 00:05:48 - [] ----D C:\ProgramData\Package Cache O43 - CFD: 11/06/2013 - 16:20:04 - [] ----D C:\ProgramData\PCDr O43 - CFD: 18/06/2015 - 14:35:14 - [] ----D C:\ProgramData\Radio O43 - CFD: 05/07/2015 - 20:22:49 - [] ----D C:\ProgramData\Registry Helper =>PUP.RegistryHelper O43 - CFD: 15/05/2012 - 10:15:17 - [] ----D C:\ProgramData\Roaming O43 - CFD: 15/03/2014 - 18:30:42 - [] ----D C:\ProgramData\SaveSenseLive =>PUP.CrossRider O43 - CFD: 08/07/2015 - 00:41:47 - [] ----D C:\ProgramData\Skype O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 07/10/2013 - 21:36:16 - [] ----D C:\ProgramData\Sun O43 - CFD: 24/03/2015 - 22:42:42 - [] ----D C:\ProgramData\Systweak O43 - CFD: 14/05/2014 - 20:57:25 - [0] ---AD C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 07/07/2015 - 20:22:52 - [] ----D C:\ProgramData\TicTaCoupon =>PUP.TicTaCoupon O43 - CFD: 15/05/2012 - 10:14:20 - [0] ----D C:\ProgramData\Validity O43 - CFD: 06/07/2015 - 02:18:55 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu O43 - CFD: 20/05/2015 - 21:54:57 - [] ----D C:\ProgramData\WPM =>PUP.WpManager O43 - CFD: 24/05/2015 - 13:32:43 - [] ----D C:\ProgramData\{051ab5be-a844-fc94-051a-ab5bea84d6fa} O43 - CFD: 06/07/2015 - 03:42:20 - [] ----D C:\ProgramData\{255b74b1-d838-6576-255b-b74b1d83d2c7} O43 - CFD: 25/05/2015 - 00:39:51 - [] ----D C:\ProgramData\{2a91148f-35ec-ea01-2a91-1148f35e523c} O43 - CFD: 25/05/2015 - 16:54:33 - [] ----D C:\ProgramData\{34e38cd9-f067-60c3-34e3-38cd9f063367} O43 - CFD: 24/05/2015 - 14:38:13 - [] ----D C:\ProgramData\{74a1a381-e0b6-0848-74a1-1a381e0b8e07} O43 - CFD: 20/05/2015 - 23:00:39 - [] ----D C:\ProgramData\{841d1f74-d1cd-67d1-841d-d1f74d1c7dd3} O43 - CFD: 20/05/2015 - 23:03:00 - [] ----D C:\ProgramData\{8f4535e5-876b-d544-8f45-535e5876d796} O43 - CFD: 25/05/2015 - 15:06:05 - [] ----D C:\ProgramData\{b6a04965-3967-fcf6-b6a0-049653962594} O43 - CFD: 04/07/2015 - 18:44:43 - [] ----D C:\ProgramData\{C03F28FC-90BD-F97A-213B-89F8F1B95A76} O43 - CFD: 05/07/2015 - 00:34:52 - [] ----D C:\ProgramData\{c728c226-cf1c-0642-c728-8c226cf1089b} O43 - CFD: 25/05/2015 - 15:59:31 - [] ----D C:\ProgramData\{cf4dd275-99dc-2f9d-cf4d-dd27599d49d6} O43 - CFD: 24/05/2015 - 22:58:27 - [] ----D C:\ProgramData\{da47987d-9949-073b-da47-7987d99461f6} O43 - CFD: 24/05/2015 - 00:30:32 - [] ----D C:\ProgramData\{dd2265a0-1232-d470-dd22-265a01239680} O43 - CFD: 07/07/2015 - 19:06:56 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip O43 - CFD: 03/10/2013 - 19:02:10 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/05/2014 - 20:37:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware =>PUP.Activeris O43 - CFD: 24/03/2015 - 22:42:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector =>PUP.AdvancedSystemProtector O43 - CFD: 07/07/2015 - 18:02:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software O43 - CFD: 03/10/2013 - 19:53:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 24/05/2015 - 00:49:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser O43 - CFD: 07/07/2015 - 19:05:05 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX O43 - CFD: 01/11/2014 - 02:03:08 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer =>PUP.FastPlayer O43 - CFD: 04/11/2013 - 22:20:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow O43 - CFD: 14/06/2014 - 15:15:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Player Pro O43 - CFD: 20/12/2013 - 22:18:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeplane O43 - CFD: 04/11/2013 - 22:20:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter O43 - CFD: 24/05/2015 - 23:05:01 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hawker O43 - CFD: 06/07/2015 - 03:01:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 05/07/2015 - 14:17:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 29/01/2014 - 21:11:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightspark 0.5.3-git O43 - CFD: 24/05/2015 - 19:29:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Bureautique & Internet O43 - CFD: 06/06/2012 - 08:37:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Outils Divers O43 - CFD: 26/09/2012 - 07:19:44 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoRdi - Outils Système O43 - CFD: 18/05/2015 - 20:23:43 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 26/10/2013 - 23:28:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag O43 - CFD: 22/10/2014 - 14:51:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer =>Adware.NewPlayer O43 - CFD: 14/05/2014 - 20:36:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max =>PUP.OptimizerEliteMax O43 - CFD: 01/11/2014 - 02:00:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip =>PUP.PepperZip O43 - CFD: 17/10/2013 - 20:36:02 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre O43 - CFD: 07/07/2015 - 02:40:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion =>Adware.PremierOpinion O43 - CFD: 14/06/2014 - 15:12:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Software =>Trojan.Tivmonk O43 - CFD: 24/05/2015 - 19:29:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong O43 - CFD: 26/05/2015 - 16:38:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeGuard =>PUP.SafeGuard O43 - CFD: 22/10/2013 - 00:20:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotydl O43 - CFD: 07/10/2013 - 21:32:19 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 01/11/2014 - 02:00:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer O43 - CFD: 14/06/2014 - 14:53:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup O43 - CFD: 06/07/2015 - 02:36:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 24/05/2015 - 23:57:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch O43 - CFD: 18/12/2013 - 18:20:08 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 04/11/2013 - 22:20:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid O43 - CFD: 08/07/2015 - 13:26:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 07/12/2014 - 17:05:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\3toU3mm O43 - CFD: 07/07/2015 - 22:42:33 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931 O43 - CFD: 25/05/2015 - 15:58:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432562322-3110-8046-B2C04F315931 O43 - CFD: 07/07/2015 - 22:42:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7cI7WeQ O43 - CFD: 01/03/2015 - 21:22:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7fHYHTq O43 - CFD: 01/03/2015 - 20:47:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\7L9GUhc O43 - CFD: 07/07/2015 - 22:42:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\9hFs6LG O43 - CFD: 20/05/2015 - 21:58:39 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Activeris =>PUP.Activeris O43 - CFD: 04/10/2013 - 17:59:14 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Adobe O43 - CFD: 24/05/2015 - 23:55:43 - [] -SH-D D:\Utilisateurs\célia\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect O43 - CFD: 21/10/2013 - 22:12:32 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Apowersoft O43 - CFD: 06/07/2015 - 03:08:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Apple Computer O43 - CFD: 21/01/2015 - 19:43:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ASP O43 - CFD: 31/07/2014 - 00:16:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Astromenda =>PUP.Astromenda O43 - CFD: 24/09/2012 - 07:22:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Atheros O43 - CFD: 21/05/2014 - 18:54:46 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Audacity O43 - CFD: 06/07/2015 - 02:07:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\AVAST Software O43 - CFD: 17/12/2014 - 20:23:18 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\BBdX5AJ O43 - CFD: 07/07/2015 - 22:52:48 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\BlptK9X O43 - CFD: 07/07/2015 - 22:52:49 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\C94WpYy O43 - CFD: 29/01/2015 - 22:10:06 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\c9w3S7v O43 - CFD: 08/07/2015 - 13:21:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\cacaoweb =>PUP.CacaoWeb O43 - CFD: 04/11/2013 - 22:20:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\CDXReader O43 - CFD: 21/01/2015 - 20:45:32 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\CeRbeVX O43 - CFD: 01/08/2012 - 10:57:24 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Creative O43 - CFD: 07/10/2013 - 20:35:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Dealply =>PUP.DealPly O43 - CFD: 28/09/2012 - 10:34:10 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Dell O43 - CFD: 04/10/2013 - 18:13:29 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\DigitalPersona O43 - CFD: 27/12/2013 - 18:51:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\DivX O43 - CFD: 05/07/2015 - 20:28:12 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp O43 - CFD: 28/05/2015 - 20:49:00 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Easy Speed PC O43 - CFD: 04/10/2013 - 18:04:48 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\FLEXnet O43 - CFD: 07/07/2015 - 22:52:35 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\fNyKNDV O43 - CFD: 02/11/2013 - 15:27:22 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Freeplane O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\fXA7ZWu O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\g3dLhln O43 - CFD: 26/10/2013 - 22:25:42 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Groovedown_Uninstall O43 - CFD: 07/07/2015 - 22:52:36 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\gVH9NQO O43 - CFD: 07/07/2015 - 19:31:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\hljorppg O43 - CFD: 07/07/2015 - 22:52:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Hztc0st O43 - CFD: 01/08/2012 - 10:56:51 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Identities O43 - CFD: 13/09/2012 - 15:06:43 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\InstallShield O43 - CFD: 13/09/2012 - 14:39:29 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Intel O43 - CFD: 01/08/2012 - 10:57:34 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Intel Corporation O43 - CFD: 18/02/2015 - 22:00:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Intelli-studio O43 - CFD: 06/07/2015 - 00:26:28 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ironsource O43 - CFD: 07/07/2015 - 22:53:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\IVYw8x1 O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jhhkt4s O43 - CFD: 07/07/2015 - 01:05:12 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jkzhqxzt O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\JWqfJOL O43 - CFD: 07/07/2015 - 22:53:08 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\jXJptzM O43 - CFD: 07/07/2015 - 22:53:09 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\k12SmyQ O43 - CFD: 07/07/2015 - 01:06:21 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy O43 - CFD: 04/11/2013 - 22:20:09 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\LavFilters O43 - CFD: 03/10/2013 - 19:49:29 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\LibreOffice O43 - CFD: 17/12/2014 - 22:40:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\m0Wb767 O43 - CFD: 01/08/2012 - 11:02:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Macromedia O43 - CFD: 04/10/2013 - 18:04:52 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Macrovision O43 - CFD: 21/01/2014 - 20:54:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Malwarebytes O43 - CFD: 07/07/2015 - 22:51:58 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\MbQHHQA O43 - CFD: 15/05/2012 - 12:46:37 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Media Center Programs O43 - CFD: 21/10/2013 - 22:29:03 - [] -S--D D:\Utilisateurs\célia\AppData\Roaming\Microsoft O43 - CFD: 01/08/2012 - 10:59:56 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Mozilla O43 - CFD: 25/10/2014 - 01:20:31 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Mp3tag O43 - CFD: 14/03/2014 - 03:32:50 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\mysearchdial =>Adware.MyWebSearch O43 - CFD: 08/10/2013 - 19:11:46 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Nosibay =>PUP.BubbleDock O43 - CFD: 07/07/2015 - 22:52:33 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ofDcp0Q O43 - CFD: 25/05/2015 - 16:13:41 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\oursurfing =>Hijacker.OurSurfing O43 - CFD: 24/05/2015 - 23:46:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PC Privacy Dock O43 - CFD: 28/09/2012 - 10:34:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PCDr O43 - CFD: 17/10/2013 - 20:49:43 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PhotoFiltre O43 - CFD: 07/07/2015 - 22:52:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PqRZsZS O43 - CFD: 24/05/2015 - 20:06:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Pro PC Cleaner =>PUP.DoctorPC O43 - CFD: 07/07/2015 - 22:52:38 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\PwCNQaH O43 - CFD: 13/09/2012 - 15:31:39 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Reallusion O43 - CFD: 07/07/2015 - 22:52:38 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\rhvkZW0 O43 - CFD: 08/07/2015 - 00:41:44 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Skype O43 - CFD: 11/06/2013 - 16:16:42 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Softland O43 - CFD: 07/07/2015 - 16:40:17 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Spotify O43 - CFD: 22/10/2013 - 02:42:30 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Spotydl O43 - CFD: 13/06/2014 - 20:14:27 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\SupTab =>PUP.SupTab O43 - CFD: 24/05/2015 - 22:58:46 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\sursenel O43 - CFD: 06/07/2015 - 01:01:11 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Systweak O43 - CFD: 04/07/2015 - 18:44:54 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\Tny_cassiopesa O43 - CFD: 07/07/2015 - 22:53:07 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\tY32mRt O43 - CFD: 07/07/2015 - 22:53:03 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vj42M4Q O43 - CFD: 24/05/2015 - 03:17:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vlc O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\vY4Gjsm O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\wEh9ste O43 - CFD: 31/01/2014 - 19:40:46 - [0] ----D D:\Utilisateurs\célia\AppData\Roaming\Windows Live Writer O43 - CFD: 06/07/2015 - 00:26:28 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\winservices =>Trojan.Inject.RRE O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\WUlPkfL O43 - CFD: 07/07/2015 - 22:53:04 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\xD5vMQi O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\xZFgArf O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\YcSrbDb O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\YfOoDrC O43 - CFD: 07/07/2015 - 22:53:05 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\yMRVGuQ O43 - CFD: 21/01/2015 - 22:19:59 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ysLWf5C O43 - CFD: 08/07/2015 - 13:32:37 - [] ----D D:\Utilisateurs\célia\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 17/05/2015 - 14:36:35 - [0] ----D D:\Utilisateurs\célia\AppData\Local\10004 O43 - CFD: 06/07/2015 - 02:18:56 - [] ----D D:\Utilisateurs\célia\AppData\Local\1387 O43 - CFD: 07/07/2015 - 22:22:55 - [] ----D D:\Utilisateurs\célia\AppData\Local\4C4C4544-1432508804-3110-8046-B2C04F315931 O43 - CFD: 28/06/2015 - 15:43:24 - [] ----D D:\Utilisateurs\célia\AppData\Local\A8C4B549-794-4D30-9811-97B4B6BD746C O43 - CFD: 04/10/2013 - 17:59:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\Adobe O43 - CFD: 26/05/2015 - 16:39:45 - [] ----D D:\Utilisateurs\célia\AppData\Local\Alerts_LLC =>PUP.AlertsLLC O43 - CFD: 31/07/2014 - 00:29:36 - [] ----D D:\Utilisateurs\célia\AppData\Local\Apple O43 - CFD: 31/07/2014 - 00:34:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\Apple Computer O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Application Data O43 - CFD: 25/05/2015 - 15:16:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\Astromenda =>PUP.Astromenda O43 - CFD: 03/10/2013 - 20:48:24 - [] ----D D:\Utilisateurs\célia\AppData\Local\avgchrome O43 - CFD: 24/09/2012 - 07:25:56 - [] ----D D:\Utilisateurs\célia\AppData\Local\BMExplorer O43 - CFD: 04/11/2013 - 22:20:52 - [] ----D D:\Utilisateurs\célia\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals O43 - CFD: 19/01/2013 - 09:42:11 - [] ----D D:\Utilisateurs\célia\AppData\Local\Broadcom O43 - CFD: 29/01/2014 - 21:12:22 - [0] ----D D:\Utilisateurs\célia\AppData\Local\cache O43 - CFD: 04/07/2015 - 18:49:27 - [] ----D D:\Utilisateurs\célia\AppData\Local\Chromium O43 - CFD: 14/05/2014 - 20:57:53 - [] ----D D:\Utilisateurs\célia\AppData\Local\com O43 - CFD: 29/01/2014 - 21:05:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\Conduit O43 - CFD: 01/08/2012 - 10:57:33 - [] ----D D:\Utilisateurs\célia\AppData\Local\Conexant O43 - CFD: 07/07/2015 - 18:02:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\CrashDumps O43 - CFD: 07/10/2013 - 21:40:10 - [] ----D D:\Utilisateurs\célia\AppData\Local\CRE O43 - CFD: 24/05/2015 - 00:50:06 - [] ----D D:\Utilisateurs\célia\AppData\Local\Crossbrowse =>PUP.CrossBrowser O43 - CFD: 07/10/2013 - 20:35:13 - [] ----D D:\Utilisateurs\célia\AppData\Local\DealPlyLive =>PUP.DealPly O43 - CFD: 24/03/2015 - 22:53:42 - [] ----D D:\Utilisateurs\célia\AppData\Local\Diagnostics O43 - CFD: 04/10/2013 - 18:13:29 - [] ----D D:\Utilisateurs\célia\AppData\Local\DigitalPersona O43 - CFD: 13/09/2012 - 15:22:22 - [] ----D D:\Utilisateurs\célia\AppData\Local\Downloaded Installations O43 - CFD: 07/10/2013 - 21:40:25 - [] ----D D:\Utilisateurs\célia\AppData\Local\Duuqu =>PUP.Duuqu O43 - CFD: 24/03/2015 - 22:54:14 - [] ----D D:\Utilisateurs\célia\AppData\Local\ElevatedDiagnostics O43 - CFD: 07/10/2013 - 21:38:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\emaze O43 - CFD: 05/07/2015 - 14:00:35 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieBrowserModeList O43 - CFD: 05/07/2015 - 14:00:26 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieSiteList O43 - CFD: 05/07/2015 - 14:00:32 - [0] -SH-D D:\Utilisateurs\célia\AppData\Local\EmieUserList O43 - CFD: 29/01/2014 - 21:09:47 - [0] ----D D:\Utilisateurs\célia\AppData\Local\genienext =>PUP.NextLive O43 - CFD: 14/05/2014 - 20:36:17 - [] ----D D:\Utilisateurs\célia\AppData\Local\globalUpdate =>PUP.GlobalUpdate O43 - CFD: 07/07/2015 - 20:12:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_002020023 =>PUP.CrossRider O43 - CFD: 28/06/2015 - 15:17:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010016 =>PUP.CrossRider O43 - CFD: 07/07/2015 - 19:51:28 - [] ----D D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010022 =>PUP.CrossRider O43 - CFD: 03/10/2013 - 20:13:58 - [] ----D D:\Utilisateurs\célia\AppData\Local\Google O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Historique O43 - CFD: 22/10/2013 - 00:34:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\JDownloader 2.0 O43 - CFD: 29/01/2014 - 21:08:41 - [] ----D D:\Utilisateurs\célia\AppData\Local\KalityWeb =>Adware.WebAdSystem O43 - CFD: 26/09/2012 - 07:14:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\Macromedia O43 - CFD: 06/07/2015 - 22:28:29 - [] ----D D:\Utilisateurs\célia\AppData\Local\Microsoft O43 - CFD: 04/03/2014 - 23:04:30 - [] ----D D:\Utilisateurs\célia\AppData\Local\Mobogenie =>PUP.Mobogenie O43 - CFD: 05/10/2013 - 13:07:32 - [] ----D D:\Utilisateurs\célia\AppData\Local\Mozilla O43 - CFD: 01/11/2014 - 01:59:18 - [] ----D D:\Utilisateurs\célia\AppData\Local\MySearchs =>Adware.MyWebSearch O43 - CFD: 14/05/2014 - 20:39:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\newplayer =>Adware.NewPlayer O43 - CFD: 12/06/2014 - 10:05:21 - [] ----D D:\Utilisateurs\célia\AppData\Local\Packages O43 - CFD: 24/05/2015 - 23:07:17 - [] ----D D:\Utilisateurs\célia\AppData\Local\PC_Privacy_Dock O43 - CFD: 07/10/2013 - 20:32:34 - [] ----D D:\Utilisateurs\célia\AppData\Local\Programs O43 - CFD: 27/05/2015 - 13:58:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\SafeGuard =>PUP.SafeGuard O43 - CFD: 15/03/2014 - 18:30:42 - [] ----D D:\Utilisateurs\célia\AppData\Local\SaveSenseLive =>PUP.CrossRider O43 - CFD: 14/06/2014 - 14:51:34 - [] ----D D:\Utilisateurs\célia\AppData\Local\SearchProtect =>PUP.SearchProtect O43 - CFD: 04/07/2015 - 18:41:22 - [] ----D D:\Utilisateurs\célia\AppData\Local\Setup12209574 O43 - CFD: 19/05/2015 - 22:33:04 - [] ----D D:\Utilisateurs\célia\AppData\Local\Skype O43 - CFD: 07/10/2013 - 20:37:31 - [] ----D D:\Utilisateurs\célia\AppData\Local\Smartbar =>Hijacker.SmartBar O43 - CFD: 07/07/2015 - 22:32:43 - [] ----D D:\Utilisateurs\célia\AppData\Local\SmartWeb =>PUP.SmartWeb O43 - CFD: 08/10/2013 - 19:08:16 - [] ----D D:\Utilisateurs\célia\AppData\Local\SoftThinks O43 - CFD: 24/05/2015 - 13:22:23 - [] ----D D:\Utilisateurs\célia\AppData\Local\speed browser =>PUP.SpeedBrowser O43 - CFD: 07/07/2015 - 14:55:51 - [] ----D D:\Utilisateurs\célia\AppData\Local\Spotify O43 - CFD: 29/01/2014 - 21:04:20 - [] ----D D:\Utilisateurs\célia\AppData\Local\SwvUpdater =>PUP.Software.Updater O43 - CFD: 08/07/2015 - 13:32:51 - [] ----D D:\Utilisateurs\célia\AppData\Local\Temp O43 - CFD: 03/10/2013 - 18:32:31 - [] -SH-D D:\Utilisateurs\célia\AppData\Local\Temporary Internet Files O43 - CFD: 24/05/2015 - 19:32:37 - [] ----D D:\Utilisateurs\célia\AppData\Local\WebBar =>PUP.WebBar O43 - CFD: 24/05/2015 - 23:57:55 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch O43 - CFD: 24/05/2015 - 01:25:19 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windows Live O43 - CFD: 31/01/2014 - 19:41:08 - [] ----D D:\Utilisateurs\célia\AppData\Local\Windows Live Writer O43 - CFD: 07/07/2015 - 23:29:57 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 08/07/2015 - 12:40:12 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices O43 - CFD: 07/07/2015 - 23:29:57 - [] R---D D:\Utilisateurs\célia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ~ Program Folder: 429 Scanned in 00mn 08s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.A29BAFC1543F9D2234AFFFEA9BCE76C8] - 04/07/2015 - 15:31:35 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [24917504] O44 - LFC:[MD5.06A8CE6C3AE6B7916F026B0EFDDCAAA5] - 04/07/2015 - 15:31:43 ---A- . (.Microsoft Corporation - DLL de gestion d'utilisateur local et de co.) -- C:\Windows\System32\msrating.dll [199680] O44 - LFC:[MD5.2BC2D3A41BB755487FD55C09938F00BC] - 04/07/2015 - 15:31:44 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [417792] O44 - LFC:[MD5.16091938F6CDBCCCBA1CBE24600121BC] - 04/07/2015 - 15:31:44 ---A- . (.Microsoft Corporation - DAC for Trident DOM.) -- C:\Windows\System32\MshtmlDac.dll [88064] O44 - LFC:[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - 04/07/2015 - 15:31:45 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2426880] O44 - LFC:[MD5.CFA52E2FE8E623042A1EEF96EB1B9481] - 04/07/2015 - 15:31:46 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [6026240] O44 - LFC:[MD5.3854BFE1C0F14872C94501421CC40813] - 04/07/2015 - 15:31:46 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [814080] O44 - LFC:[MD5.4A5A84B457C72E79A64AE4036EC6BB0E] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft (R) HTML Media DLL.) -- C:\Windows\System32\mshtmlmedia.dll [1359360] O44 - LFC:[MD5.83781DF625A4448B39410D7FA2BDC48D] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [816640] O44 - LFC:[MD5.ACD6FE6C82B93813F023FC01A51CB940] - 04/07/2015 - 15:31:47 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160] O44 - LFC:[MD5.AE5A2843B4A2E1E558B9EE13EF62CCE5] - 04/07/2015 - 15:31:48 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [14404096] O44 - LFC:[MD5.35622F5A652C4E16774234DCA0026E74] - 04/07/2015 - 15:31:49 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [633856] O44 - LFC:[MD5.AFF5C12099B87FA645F8867701729894] - 04/07/2015 - 15:31:51 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [54784] O44 - LFC:[MD5.0EDA3219FA027A486AA11269355AB279] - 04/07/2015 - 15:31:51 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [144384] O44 - LFC:[MD5.33B5F1A727FACDEA7CDA0E35FFAADDCF] - 04/07/2015 - 15:31:52 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [584192] O44 - LFC:[MD5.FF84182188CA8F0DC28CFED06C9B7816] - 04/07/2015 - 15:31:53 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2125824] O44 - LFC:[MD5.6E295C7364DAEB151CC0E98434B6AC92] - 04/07/2015 - 15:31:53 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [2885632] O44 - LFC:[MD5.7F8F9AE03D1BA4354671E05F07A40F1A] - 04/07/2015 - 15:31:54 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768] O44 - LFC:[MD5.5F8EE9311ECF078CD9426874FFAD660C] - 04/07/2015 - 15:31:55 ---A- . (.Microsoft Corporation - IOD Version Map.) -- C:\Windows\System32\iesetup.dll [66560] O44 - LFC:[MD5.083BCA14FCE290D682D8DAC9372CBF23] - 04/07/2015 - 15:31:56 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [801280] O44 - LFC:[MD5.57DFACB53ED16190EF732E2430B39741] - 04/07/2015 - 15:31:57 ---A- . (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [968704] O44 - LFC:[MD5.36F3718E67F442F54AB4A39DCDD8FD19] - 04/07/2015 - 15:31:58 ---A- . (.Microsoft Corporation - IE ETW Collector Service Resources.) -- C:\Windows\System32\ieetwcollectorres.dll [4096] O44 - LFC:[MD5.6ABFC5736EC920C4436F32111F5CBCEE] - 04/07/2015 - 15:31:59 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1545728] O44 - LFC:[MD5.D202078FBA3A77B85D39669EE4110DE2] - 04/07/2015 - 15:31:59 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [389840] O44 - LFC:[MD5.3C3E159F284F51D55DB59C3D0B843979] - 04/07/2015 - 15:32:00 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2724864] O44 - LFC:[MD5.4BD747AAF01C480901B3E777EC48826B] - 04/07/2015 - 15:32:02 ---A- . (.Microsoft Corporation - JavaScript Performance Collection Agent.) -- C:\Windows\System32\JavaScriptCollectionAgent.dll [77824] O44 - LFC:[MD5.9E2B8C0601E3D460F78F0233B509CE4F] - 04/07/2015 - 15:32:03 ---A- . (.Microsoft Corporation - Traitement de RunOnce complet avec interfac.) -- C:\Windows\System32\iernonce.dll [34304] O44 - LFC:[MD5.70D24021ED327CE7FFA9DEE327BB4C6B] - 04/07/2015 - 15:32:04 ---A- . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Expl.) -- C:\Windows\System32\ie4uinit.exe [720384] O44 - LFC:[MD5.9DB8E01D5A546FAFCACE95489E351186] - 04/07/2015 - 15:32:05 ---A- . (.Microsoft Corporation - IE ETW Collector Proxy Stub Resources.) -- C:\Windows\System32\ieetwproxystub.dll [48640] O44 - LFC:[MD5.73509D13542A90E260F45D1D6D4100A8] - 04/07/2015 - 15:32:06 ---A- . (.Microsoft Corporation - IE ETW Collector Service.) -- C:\Windows\System32\ieetwcollector.exe [114688] O44 - LFC:[MD5.36E0DDD19038C92B7C7709BFA03F813F] - 04/07/2015 - 15:32:19 ---A- . (.Microsoft Corporation - WDM CODEC Class Device Driver 2.0.) -- C:\Windows\System32\Drivers\stream.sys [69888] O44 - LFC:[MD5.8A4EB32C7C948F70EAC6F85063596A39] - 04/07/2015 - 15:45:19 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\UtcResources.dll [36864] O44 - LFC:[MD5.837BBE4170D5A75F293BD6F294A8FE34] - 04/07/2015 - 15:45:19 ---A- . (.Microsoft Corporation - Nom d’audit des objets système.) -- C:\Windows\System32\msobjs.dll [60416] O44 - LFC:[MD5.6E882D7CA34073890107559B5A515A24] - 04/07/2015 - 15:45:20 ---A- . (.Microsoft Corporation - DLL des événements d’audit de la sécurité.) -- C:\Windows\System32\msaudite.dll [146432] O44 - LFC:[MD5.6ACFCC28E4D60B5A931D8749332A14E2] - 04/07/2015 - 15:45:21 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [686080] O44 - LFC:[MD5.81B68AEDFF64F9312E3A4091DC3B4350] - 04/07/2015 - 15:45:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [3072] O44 - LFC:[MD5.D7BE1B4E54F5BF66B2F64F14FF089213] - 04/07/2015 - 15:45:22 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [4096] O44 - LFC:[MD5.AF557D115972A73964FC8F209300948A] - 04/07/2015 - 15:45:23 ---A- . (.Microsoft Corporation - ApiSet Schema DLL.) -- C:\Windows\System32\apisetschema.dll [6656] O44 - LFC:[MD5.7374BE3C94F721974EB7CEE6CAC080A1] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [3072] O44 - LFC:[MD5.461C11B3B0CD6EFD74F282CA160BB3E5] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [3072] O44 - LFC:[MD5.217AF5666CD1D01BDA05957A3BA4ED56] - 04/07/2015 - 15:45:23 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [6144] O44 - LFC:[MD5.D0C051A23DD90BDD11DE6B220F865CB2] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [3072] O44 - LFC:[MD5.762405262030AB9270FC0FB58443331D] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [3072] O44 - LFC:[MD5.CF1EBDF8579610BC08B5AF54D153DF5E] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [3072] O44 - LFC:[MD5.F4D2A9604AC45AA1ECD774A4A43D5507] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [5120] O44 - LFC:[MD5.129C00E47C8B1235B360E8AA021C172F] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [3072] O44 - LFC:[MD5.A61BA1D836FAD2B758B4272F46B9E6B7] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [3584] O44 - LFC:[MD5.1F8369639C3868BEF7DC793C88F58802] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [3072] O44 - LFC:[MD5.6A130893D14B0A3052888829A50CDC82] - 04/07/2015 - 15:45:24 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [3072] O44 - LFC:[MD5.37BCFB564EC2A718EC5232F848CB10CC] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [3072] O44 - LFC:[MD5.69EEE5C0512DB117631DFE0EEB389E2C] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [3584] O44 - LFC:[MD5.8853BF5D5B9F71E845254645D65B3B44] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [4096] O44 - LFC:[MD5.B7961B430491D17B0D29C5A6D0AB83CB] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [3584] O44 - LFC:[MD5.C52469860312C68D513FBA2311DC3E86] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [3584] O44 - LFC:[MD5.4DCCC113E1C4DF0C11A812F1C1E4647A] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [3584] O44 - LFC:[MD5.ACC2BFDE75FC405C5274E799296BA164] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [3584] O44 - LFC:[MD5.234884F84DF4660FAF16A0513A6AC391] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [4608] O44 - LFC:[MD5.64325654E2CE9CCAFEEBCB41CB3B9289] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [3072] O44 - LFC:[MD5.DE65205699C893FCE741F3B7EFB84B05] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [3584] O44 - LFC:[MD5.01432C6FF4C172490A50B824AFA51714] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [3072] O44 - LFC:[MD5.062001070BC49D7D17A480FC2DFEFCD0] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [4096] O44 - LFC:[MD5.766461F29A75E0CD208E220BC122F28F] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [4096] O44 - LFC:[MD5.150E7CF40A92220624BA38B4F14E7490] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [4608] O44 - LFC:[MD5.7CA867AB1775550C9370F57463DE3BF4] - 04/07/2015 - 15:45:25 --HA- . (.Microsoft Corporation - ApiSet Stub DLL.) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [3072] O44 - LFC:[MD5.20BD408AC3F8576997D6A47F48A1C5B2] - 04/07/2015 - 15:45:28 ---A- . (.Microsoft Corporation - AMD64 Wow64 CPU.) -- C:\Windows\System32\wow64cpu.dll [13312] O44 - LFC:[MD5.289D99B0879C6ED5C6D1B3A856CA6DA3] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll [22016] O44 - LFC:[MD5.6ACD3C75BE449F039E1A4E43424D5B6F] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\secur32.dll [28160] O44 - LFC:[MD5.5A17FF38EDE95B2313E428BF444126D7] - 04/07/2015 - 15:45:29 ---A- . (.Microsoft Corporation - Wow64 Console and Win32 API Logging.) -- C:\Windows\System32\wow64win.dll [362496] O44 - LFC:[MD5.5EC57AC6DC16CB8A058CA019AA2C188D] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - LSA SSPI RPC interface DLL.) -- C:\Windows\System32\sspisrv.dll [29184] O44 - LFC:[MD5.13DE715D959DD502CFD52DC920408B33] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Processus d'exécution client-serveur.) -- C:\Windows\System32\csrsrv.dll [43520] O44 - LFC:[MD5.1B93381366141875D8EE7EC1085236B9] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Utilitaire de configuration des performance.) -- C:\Windows\System32\diskperf.exe [19456] O44 - LFC:[MD5.D68690450978D127E030FB14E9B2023B] - 04/07/2015 - 15:45:30 ---A- . (.Microsoft Corporation - Émulation 16 bits sur NT64.) -- C:\Windows\System32\ntvdm64.dll [16384] O44 - LFC:[MD5.11D5815F0DC571CE3C72213B375860B1] - 04/07/2015 - 15:45:31 ---A- . (.Microsoft Corporation - Microsoft® Windows System Restore Client Li.) -- C:\Windows\System32\srclient.dll [50176] O44 - LFC:[MD5.17A6A9AAD04CCC6EE53290585BFC43AF] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\System32\lsass.exe [31232] O44 - LFC:[MD5.E20BF3FA89DE67B00ED713B5254C0BF0] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Moniteur de performance de la ligne de comm.) -- C:\Windows\System32\typeperf.exe [47104] O44 - LFC:[MD5.03BA5D20751137F3A705B389C52DB8D6] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Programme de stratégie d’audit.) -- C:\Windows\System32\auditpol.exe [64000] O44 - LFC:[MD5.858F04B3C39239972959E9EE97CACAE4] - 04/07/2015 - 15:45:32 ---A- . (.Microsoft Corporation - Utilitaire de réenregistrement de Performan.) -- C:\Windows\System32\relog.exe [43008] O44 - LFC:[MD5.9BBEA639884C0338DD78654277BD188A] - 04/07/2015 - 15:45:33 ---A- . (.Microsoft Corporation - Gestionnaire de sessions Windows.) -- C:\Windows\System32\smss.exe [112640] O44 - LFC:[MD5.A5F57F4866C2DC7F8215058D7D56BD21] - 04/07/2015 - 15:45:33 ---A- . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll [86528] O44 - LFC:[MD5.7C5E375F20F639607376351A8BCC0647] - 04/07/2015 - 15:45:34 ---A- . (.Microsoft Corporation - Bibliothèque de chiffrement Windows.) -- C:\Windows\System32\ncrypt.dll [309760] O44 - LFC:[MD5.A929B9ABA1083AF35ECE7BD63AF3E42F] - 04/07/2015 - 15:45:34 ---A- . (.Microsoft Corporation - Security Support Provider Interface.) -- C:\Windows\System32\sspicli.dll [136192] O44 - LFC:[MD5.66DF73B202105406602941778792FE3D] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Bibliothèque de l’application auxiliaire de.) -- C:\Windows\System32\tdh.dll [879104] O44 - LFC:[MD5.4F90A7A0FCBC0ED18E573917860062FF] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\Windows\System32\sechost.dll [113664] O44 - LFC:[MD5.AD54856A16B635720B0BE5FAF44526FC] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll [210944] O44 - LFC:[MD5.210E7D1EA34369194BE09493784E27BE] - 04/07/2015 - 15:45:35 ---A- . (.Microsoft Corporation - Utilitaire d’enregistrement des Performance.) -- C:\Windows\System32\logman.exe [104448] O44 - LFC:[MD5.BF69D973523D539A35807946C6DA7E16] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecdd.sys [95680] O44 - LFC:[MD5.996EE6571ADB880A60846DD02C8D5869] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll [314880] O44 - LFC:[MD5.37DFCC91E419952772E02F2B3BBB2E2B] - 04/07/2015 - 15:45:36 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [342016] O44 - LFC:[MD5.2313AF8D5A9CEB4A55400A01DD311A95] - 04/07/2015 - 15:45:37 ---A- . (.Microsoft Corporation - DLL serveur de Windows multi-utilisateurs.) -- C:\Windows\System32\winsrv.dll [215040] O44 - LFC:[MD5.16154A6682B1552DEAB953BFA4B8E955] - 04/07/2015 - 15:45:37 ---A- . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\System32\rstrui.exe [296960] O44 - LFC:[MD5.CCB352B939B77B38983DD878C547451F] - 04/07/2015 - 15:45:38 ---A- . (.Microsoft Corporation - Bibliothèque principale de Restauration du.) -- C:\Windows\System32\srcore.dll [503808] O44 - LFC:[MD5.6703266C1E56157B5965F9AC868A20AC] - 04/07/2015 - 15:45:38 ---A- . (.Microsoft Corporation - Outil de rapport de suivi d’événements.) -- C:\Windows\System32\tracerpt.exe [404992] O44 - LFC:[MD5.48C30C54194142910FB6B86D308220ED] - 04/07/2015 - 15:45:39 ---A- . (.Microsoft Corporation - Hôte de la fenêtre de la console.) -- C:\Windows\System32\conhost.exe [338432] O44 - LFC:[MD5.FF9BBFAE899091C1FF0D1A3F2C587911] - 04/07/2015 - 15:45:39 ---A- . (.Microsoft Corporation - Win32 Emulation on NT64.) -- C:\Windows\System32\wow64.dll [243712] O44 - LFC:[MD5.53042708C242959B3924242FBBE297B1] - 04/07/2015 - 15:45:40 ---A- . (.Microsoft Corporation - DLL Couche NT.) -- C:\Windows\System32\ntdll.dll [1728960] O44 - LFC:[MD5.272C27711C8AA6E7815EE33F8ACA9C66] - 04/07/2015 - 15:45:40 ---A- . (.Microsoft Corporation - Kernel Security Support Provider Interface.) -- C:\Windows\System32\Drivers\ksecpkg.sys [155584] O44 - LFC:[MD5.9E2A2028228645DD57EF45A02CAC0CCE] - 04/07/2015 - 15:45:41 ---A- . (.Microsoft Corporation - NT Kernel & System.) -- C:\Windows\System32\ntoskrnl.exe [5569984] O44 - LFC:[MD5.4FFD08A01047EF6B58F6EB4E6D001A8D] - 04/07/2015 - 15:45:42 ---A- . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\System32\advapi32.dll [879104] O44 - LFC:[MD5.93A05407F8E53BC731C42AAD56163F80] - 04/07/2015 - 15:45:43 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1461760] O44 - LFC:[MD5.6FDF03A3B110C5264F52F979335AE301] - 04/07/2015 - 15:45:44 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\kernel32.dll [1162752] O44 - LFC:[MD5.8DCA1C70AF170C3FBCE47A4F49BFC887] - 04/07/2015 - 15:45:45 ---A- . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\System32\KernelBase.dll [424960] O44 - LFC:[MD5.AA5319FA8602676B5D3A2B4A1355896D] - 04/07/2015 - 15:45:46 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\diagtrack.dll [1255424] O44 - LFC:[MD5.6ECD6D92F43C2DC55099F892978D5BE7] - 04/07/2015 - 15:45:46 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [728576] O44 - LFC:[MD5.587BBA3B3959144334700EC48232712F] - 04/07/2015 - 15:46:10 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [227328] O44 - LFC:[MD5.E87D4371B24BC9E5BAE95AEA60FFD959] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [193536] O44 - LFC:[MD5.6E2EB5A36C3CCD917F7FF9BED7C1390E] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll [45568] O44 - LFC:[MD5.6F07FC190DBCB42C8A5319235F72F906] - 04/07/2015 - 15:46:11 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [423424] O44 - LFC:[MD5.CFF429F2234C1D1A5993E80F46C37CFB] - 04/07/2015 - 15:46:12 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1119232] O44 - LFC:[MD5.B23AB4C401E2DE02C47B7497D41E2318] - 04/07/2015 - 15:46:12 ---A- . (.Microsoft Corporation - Inventory Agent.) -- C:\Windows\System32\invagent.dll [757248] O44 - LFC:[MD5.2DCA988113A02EB9BCB98A5DC2D34E57] - 04/07/2015 - 15:46:13 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [700416] O44 - LFC:[MD5.52DEF4C743C2EABD6BD3EDC790A0E778] - 04/07/2015 - 15:46:14 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [1021440] O44 - LFC:[MD5.51ECEE70F33601310DDEF3EEE39550D3] - 04/07/2015 - 15:46:21 ---A- . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.DLL [12625920] O44 - LFC:[MD5.1A8C5D4BE449E4A9D8667A341E535E22] - 04/07/2015 - 15:46:25 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\dxmasf.dll [5120] O44 - LFC:[MD5.1A8C5D4BE449E4A9D8667A341E535E22] - 04/07/2015 - 15:46:25 ---A- . (.Microsoft Corporation - Microsoft Windows Media Component Removal F.) -- C:\Windows\System32\msdxm.ocx [5120] O44 - LFC:[MD5.834FD7C31EA16D59CC3B2DC60F2F2620] - 04/07/2015 - 15:46:26 ---A- . (.Microsoft Corporation - Windows Media Player System Preparation DLL.) -- C:\Windows\System32\spwmp.dll [9728] O44 - LFC:[MD5.9D80A82B0BB77AC3EF6A87FA0C534E20] - 04/07/2015 - 15:46:31 ---A- . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\System32\wmp.dll [14635008] O44 - LFC:[MD5.51F89CE2D0FEC66070354504E6C4C3E4] - 04/07/2015 - 15:46:44 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\System32\comctl32.dll [633856] O44 - LFC:[MD5.1EE2DBA5AD2E5EB618C7FB187C2CFDF4] - 04/07/2015 - 15:46:46 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [3206144] O44 - LFC:[MD5.AD6BE9946C8E44097EAECFAA4DED663F] - 05/07/2015 - 01:58:28 ---A- . (.VoiceFive, Inc. - PremierOpinion.) -- C:\Windows\System32\pmls64.dll [974648] =>Adware.PremierOpinion O44 - LFC:[MD5.8E8E66D376776BC541E3179D2F5EAF76] - 05/07/2015 - 02:56:26 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [140135120] O44 - LFC:[MD5.DF7C79C1FFFBBE3D4BEC2BA7FF8A8AB1] - 05/07/2015 - 11:08:23 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [300704] O44 - LFC:[MD5.A6D70C86EB0D4EB7AD0CED21D50B5CB8] - 05/07/2015 - 11:55:39 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [326080] O44 - LFC:[MD5.23B58DEF11B45727D3351702515F86AF] - 05/07/2015 - 23:24:09 ---A- . (...) -- C:\END [2] O44 - LFC:[MD5.3B4AC2DBFC86F7247C1FF1FAF2860530] - 06/07/2015 - 00:13:41 ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1047320] O44 - LFC:[MD5.2169B4B1EFAA3453A4DA732F1F94C1E1] - 06/07/2015 - 00:14:08 ---A- . (.Avast Software s.r.o. - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [43112] O44 - LFC:[MD5.6D37D8DB30D086739507C5F6E542656A] - 06/07/2015 - 00:14:20 ---A- . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93528] O44 - LFC:[MD5.B5B4C90E9F52DA8586F1E5461AD90A5D] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29168] O44 - LFC:[MD5.07E32DFCA422A2920482D762D01957EC] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65736] O44 - LFC:[MD5.91782404718C6352C26B3242BAC3F0F1] - 06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [272248] O44 - LFC:[MD5.300CB8E510855189CAD0B72FFB5590CB] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [89944] O44 - LFC:[MD5.B1368BE5F6BA529E0886F4DA2361BD2D] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [442264] O44 - LFC:[MD5.9CA2FDD44F7C1F8AC1652F6C2638CFED] - 06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! start-up scanner.) -- C:\Windows\System32\aswBoot.exe [364472] O44 - LFC:[MD5.6E53278ECCFFBC2ACC2A5006745ED4BB] - 06/07/2015 - 00:14:22 ---A- . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [137288] O44 - LFC:[MD5.16C8C539480B87F7B688CCBB9E5A2D2B] - 06/07/2015 - 21:47:11 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1669584] O44 - LFC:[MD5.051349D4AE8AA7143C2A4D19A978B29A] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122336] O44 - LFC:[MD5.439B5F14EA1AA2F047247FE5D5FA44F5] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [150386] O44 - LFC:[MD5.301CED7D149ACAB51F7C864F1EB93A78] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654464] O44 - LFC:[MD5.EB65F0E8375F2E6444542A52A3F04199] - 06/07/2015 - 21:47:13 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [747894] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/07/2015 - 15:42:06 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.81A2A421E6D7B43AA9E87A5FCB5730C3] - 07/07/2015 - 16:56:48 ---A- . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [449896] O44 - LFC:[MD5.2EF62E6F46345480A2946AA7D7EB28F5] - 07/07/2015 - 16:58:02 ---A- . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28144] O44 - LFC:[MD5.50A4B0C0690E8CB925745FE353CF1E1A] - 07/07/2015 - 23:28:59 ---A- . (...) -- C:\Windows\Reimage.ini [99] =>Rogue.ReimageRepair O44 - LFC:[MD5.1511A529C9637026C6AFD549743AC216] - 08/07/2015 - 11:37:55 ---A- . (...) -- C:\Windows\PFRO.log [36218] O44 - LFC:[MD5.973F4621458C4E96473809100C2194FF] - 08/07/2015 - 11:38:12 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.E570239983AA75E89B105CE43F92F21F] - 08/07/2015 - 11:38:30 ---A- . (...) -- C:\Windows\setupact.log [448] O44 - LFC:[MD5.A90FD9C575D9E676D4F701EA25382643] - 08/07/2015 - 12:19:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1644065] ~ Files: 148 Scanned in 02mn 42s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.4F864E3BD271C369118FC357A20092E4] - 17/10/2013 - 19:36:21 ---A- - C:\Windows\Prefetch\BABMAINT.EXE-E1567F24.pf =>Hijacker.BabSolution O45 - LFCP:[MD5.B17D780DD273E696F5A11938DD139422] - 03/10/2013 - 18:59:03 ---A- - C:\Windows\Prefetch\SEARCHGOL.EXE-D910FB8B.pf =>Hijacker.SearchGol O45 - LFCP:[MD5.093790E61C9BFEB6B482A5040D090BD6] - 19/01/2014 - 16:42:15 ---A- - C:\Windows\Prefetch\WAJAMUPDATER.EXE-D7CB9704.pf =>PUP.Wajam O45 - LFCP:[MD5.EC8234AFE812DB604113CD1F901D4D79] - 03/10/2013 - 18:58:59 ---A- - C:\Windows\Prefetch\WAJAM_DOWNLOAD.EXE-3FCF235A.pf =>PUP.Wajam O45 - LFCP:[MD5.5DE2A757F851EE8E4EDAE900FE13F360] - 03/10/2013 - 18:59:13 ---A- - C:\Windows\Prefetch\WAJAM_INSTALL.EXE-E50D6A22.pf =>PUP.Wajam O45 - LFCP:[MD5.C797E7C97BEB506248C4271F692E03DF] - 03/10/2013 - 18:58:05 ---A- - C:\Windows\Prefetch\WAJAM_VALIDATE.EXE-D6F47989.pf =>PUP.Wajam ~ Prefetcher: 6 Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.DigitalPersona, Inc. - Password Filter.) -- C:\Windows\System32\DPPassFilter.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Notification Packages . (.Broadcom Corporation. - BtwProximityCP DLL.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ LSA: 11 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode noyau.) -- C:\Windows\System32\Drivers\Wdf01000.sys ~ CSB: 15 Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{250014d2-6bbd-11e3-9e54-9c2a70d1f532}\AutoRun\command. (...) -- E:\iStudio.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\System32\xvidvfw.dll ~ TDSD: 6 Scanned in 00mn 01s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\CrashMon [Key] . (...) -- C:\Program Files (x86)\0ca45c95134d\5596b4e010aa.exe (.not file.) =>PUP.Salus O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O53 - SMSR:HKLM\...\startupreg\gmsd_fr_002020021 [Key] . (...) -- C:\Program Files (x86)\gmsd_fr_002020021\gmsd_fr_002020021.exe (.not file.) =>PUP.CrossRider O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie O53 - SMSR:HKLM\...\startupreg\Salus CrashMon [Key] . (...) -- C:\Program Files (x86)\f552dd4c52e3\a7d12b5975b4.exe (.not file.) =>PUP.Salus O53 - SMSR:HKLM\...\startupreg\shopperz [Key] . (...) -- C:\Program Files\shopperz\Suarez.exe (.not file.) =>PUP.Shopperz O53 - SMSR:HKLM\...\startupreg\shopperz64 [Key] . (...) -- C:\Program Files\shopperz\Suarez64.exe (.not file.) =>PUP.Shopperz ~ SMSR Keys: 7 Scanned in 00mn 00s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1 ~ MWPS: 17 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ MWPE Keys: 4 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:13/12/2010 - 15:34:14 ---A- . (.ST Microelectronics - Accelerometer Port I/O.) -- C:\Windows\System32\Drivers\Accelern.sys [27760] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [339536] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\Drivers\adpu320.sys [182864] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [15440] O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [107904] O58 - SDL:14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [194128] O58 - SDL:11/03/2011 - 07:41:12 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [27008] O58 - SDL:12/12/2011 - 09:33:36 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [195072] O58 - SDL:24/01/2012 - 14:01:40 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\Drivers\Apfiltr.sys [416592] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [87632] O58 - SDL:14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [97856] O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29168] =>.ALWIL Software O58 - SDL:07/07/2015 - 16:58:02 ---A- . (.Avast Software s.r.o. - avast! Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\aswKbd.sys [28144] O58 - SDL:06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswMonFlt.sys [89944] O58 - SDL:07/07/2015 - 16:56:48 ---A- . (.Avast Software s.r.o. - avast! Filtering NDIS driver.) -- C:\Windows\System32\Drivers\aswNdisFlt.sys [449896] O58 - SDL:06/07/2015 - 00:14:20 ---A- . (.Avast Software s.r.o. - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [93528] O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65736] =>.ALWIL Software O58 - SDL:06/07/2015 - 00:13:41 ---A- . (.Avast Software s.r.o. - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswSnx.sys [1047320] O58 - SDL:06/07/2015 - 00:14:21 ---A- . (.Avast Software s.r.o. - avast! self protection module.) -- C:\Windows\System32\Drivers\aswSP.sys [442264] O58 - SDL:06/07/2015 - 00:14:22 ---A- . (.Avast Software s.r.o. - Stream Filter.) -- C:\Windows\System32\Drivers\aswStm.sys [137288] O58 - SDL:06/07/2015 - 00:14:21 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [272248] =>.ALWIL Software O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Windows (R) Win 7 DDK provider - BulkUsb Driver.) -- C:\Windows\System32\Drivers\AthDfu.sys [52352] O58 - SDL:24/10/2012 - 17:31:18 ---A- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athrx.sys [3802112] O58 - SDL:10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\System32\Drivers\b57nd60a.sys [270848] O58 - SDL:27/04/2012 - 11:08:32 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\Drivers\bcbtums.sys [138280] O58 - SDL:27/05/2013 - 20:42:43 ---A- . (.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Proxy Protocol Driver.) -- C:\Windows\System32\Drivers\bcm42rly.sys [22632] O58 - SDL:27/04/2012 - 11:09:30 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Virtual Wireless Driver.) -- C:\Windows\System32\Drivers\bcmvwl64.sys [21568] O58 - SDL:27/04/2012 - 11:09:34 ---A- . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\System32\Drivers\BCMWL664.SYS [5443648] O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [18432] O58 - SDL:10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [8704] O58 - SDL:14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [286720] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [47104] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976] O58 - SDL:10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720] O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Atheros - Atheros A2DP driver.) -- C:\Windows\System32\Drivers\btath_a2dp.sys [341120] O58 - SDL:16/10/2012 - 10:19:40 ---A- . (.Atheros - Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\Drivers\btath_avdt.sys [111232] O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros BUS driver.) -- C:\Windows\System32\Drivers\btath_bus.sys [30848] O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_flt.sys [36480] O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros HCRP driver.) -- C:\Windows\System32\Drivers\btath_hcrp.sys [168064] O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros FILTER driver.) -- C:\Windows\System32\Drivers\btath_lwflt.sys [68736] O58 - SDL:16/10/2012 - 10:19:42 ---A- . (.Atheros - Atheros AVRCP driver.) -- C:\Windows\System32\Drivers\btath_rcp.sys [281728] O58 - SDL:16/10/2012 - 10:19:58 ---A- . (.Atheros - BtFilter Driver.) -- C:\Windows\System32\Drivers\btfilter.sys [551040] O58 - SDL:15/11/2011 - 00:13:00 ---A- . (.Intel Corporation - Bluetooth HighSpeed Filter Driver.) -- C:\Windows\System32\Drivers\btmhsf.sys [327168] O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windows Vista.) -- C:\Windows\System32\Drivers\btwampfl.sys [615464] O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\Windows\System32\Drivers\btwaudio.sys [184872] O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\Drivers\btwavdt.sys [210984] O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\Windows\System32\Drivers\btwl2cap.sys [39976] O58 - SDL:27/04/2012 - 11:08:40 ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\Windows\System32\Drivers\btwrchid.sys [21544] O58 - SDL:10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [468480] O58 - SDL:10/06/2011 - 20:04:38 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\CHDRT64.sys [1591936] O58 - SDL:14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [17488] O58 - SDL:05/04/2012 - 12:34:42 ---A- . (.Cirrus Logic - Hdaudio.sys Customization Filter.) -- C:\Windows\System32\Drivers\CSLFDx64.sys [35328] O58 - SDL:05/04/2012 - 12:34:42 ---A- . (.Cirrus Logic - Hdaudio.sys Customization Filter.) -- C:\Windows\System32\Drivers\CSUFDx64.sys [8704] O58 - SDL:28/05/2009 - 16:49:00 ---A- . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\Windows\System32\Drivers\CtAudDrv.sys [224768] O58 - SDL:20/01/2011 - 17:20:46 ---A- . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\Windows\System32\Drivers\CtClsFlt.sys [176096] O58 - SDL:11/11/2010 - 13:14:52 ---A- . (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) -- C:\Windows\System32\Drivers\diskperf64.sys [17512] O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3286016] O58 - SDL:03/10/2012 - 16:14:56 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240] O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:10/11/2011 - 00:04:14 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [60184] O58 - SDL:21/11/2010 - 04:23:47 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [78720] O58 - SDL:01/02/2012 - 15:16:40 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStor.sys [568600] O58 - SDL:11/03/2011 - 07:41:26 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [410496] O58 - SDL:09/12/2011 - 18:45:00 ---A- . (.Intel Corporation - Intel(R) Centrino(R) Wireless (Bluetooth Adapter) Driver.) -- C:\Windows\System32\Drivers\iBtFltCoex.sys [60416] O58 - SDL:26/03/2012 - 18:09:54 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [14748416] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [44112] O58 - SDL:10/04/2015 - 20:56:56 ---A- . (.Infonaut - Infonaut Driver x64.) -- C:\Windows\System32\Drivers\innfd_1_10_0_14.sys [58224] =>PUP.Infonaut O58 - SDL:06/12/2011 - 03:23:08 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [331264] O58 - SDL:28/03/2012 - 09:21:26 ---A- . (.Intel Corporation - Intel(R) Rapid Start Technology Driver.) -- C:\Windows\System32\Drivers\irstrtdv.sys [26504] O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Driver.) -- C:\Windows\System32\Drivers\iusb3hcs.sys [16152] O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\Drivers\iusb3hub.sys [356120] O58 - SDL:27/02/2012 - 02:01:00 ---A- . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller Driver.) -- C:\Windows\System32\Drivers\iusb3xhc.sys [788760] O58 - SDL:23/12/2011 - 16:53:10 ---A- . (.Atheros Communications, Inc. - Atheros Ar81xx series PCI-E Gigabit Ethernet Controller.) -- C:\Windows\System32\Drivers\L1C62x64.sys [104048] O58 - SDL:16/10/2012 - 10:19:44 ---A- . (.Atheros - Bluetooth Low Engergy Hid Driver.) -- C:\Windows\System32\Drivers\leath_hid.sys [36608] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [114752] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [106560] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [65600] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [115776] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\System32\Drivers\megasas.sys [35392] O58 - SDL:14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [284736] O58 - SDL:12/12/2011 - 14:19:16 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwNs64.sys [8616448] O58 - SDL:14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [51264] O58 - SDL:27/05/2013 - 20:42:43 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344] O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [148352] O58 - SDL:11/03/2011 - 07:41:34 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [166272] O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1524816] O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [128592] O58 - SDL:10/06/2011 - 05:34:52 ---A- . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\System32\Drivers\Rt64win7.sys [539240] O58 - SDL:10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040] O58 - SDL:14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [43584] O58 - SDL:14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [80464] O58 - SDL:12/04/2012 - 16:37:08 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [24848] O58 - SDL:12/04/2012 - 16:37:10 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [24848] O58 - SDL:15/07/2011 - 20:31:22 ---A- . (.ST Microelectronics - Disk Class Filter Driver for Accelerometer.) -- C:\Windows\System32\Drivers\stdcfltn.sys [22128] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:03/01/2012 - 15:04:52 ---A- . (.STMicroelectronics - STM Accelerometer Device Driver.) -- C:\Windows\System32\Drivers\ST_ACCEL.sys [67184] O58 - SDL:12/04/2012 - 16:37:12 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [425232] O58 - SDL:20/07/2011 - 23:21:50 ---A- . (.Texas Instruments Incorporated - TI USB3 Hub Driver.) -- C:\Windows\System32\Drivers\tihub3.sys [136000] O58 - SDL:20/07/2011 - 23:21:50 ---A- . (.Texas Instruments Incorporated - TI XHCI Host Controller Driver.) -- C:\Windows\System32\Drivers\tixhci.sys [406336] O58 - SDL:10/06/2015 - 22:08:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [17488] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [161872] O58 - SDL:14/10/2014 - 22:46:46 ---A- . (.Word Proser - Word Proser Driver x64.) -- C:\Windows\System32\Drivers\wpnfd_1_10_0_1.sys [58240] =>PUP.WordProser O58 - SDL:24/10/2012 - 17:31:18 ----- . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\athrx.sys [3802112] ~ Drivers: 106 Scanned in 00mn 10s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 04/07/2015 - 13:37:02 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Chromium\Application\45.0.2441.0\Installer\uninstall.exe [902144] O61 - LFC: 04/07/2015 - 13:37:02 ---A- . (.The Chromium Authors.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\Application\45.0.2441.0\Installer\setup.exe [934912] O61 - LFC: 04/07/2015 - 13:37:04 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ChromeApproveTBPlugin.dll [117024] O61 - LFC: 04/07/2015 - 13:37:04 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ChromeAutoApproveTB.dll [155936] O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\TBVerifier.dll [287008] =>Toolbar.Conduit O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\ConduitChromeApiPlugin.dll [858400] O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\np-cwmp.dll [68896] O61 - LFC: 04/07/2015 - 13:37:05 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\plugins\np-mswmp.dll [163256] O61 - LFC: 04/07/2015 - 13:37:06 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_0\Search\plugins\npConduitNewTabPlugin.dll [62240] =>Toolbar.Conduit O61 - LFC: 04/07/2015 - 13:38:49 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Setup12209574\Sqlite3.dll [599419] O61 - LFC: 04/07/2015 - 13:39:23 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\itdownload.dll [205312] O61 - LFC: 04/07/2015 - 13:41:32 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\g3dLhln\LibDownloadManagement.dll [5120] =>Adware.Pirrit O61 - LFC: 05/07/2015 - 13:37:09 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Chromium\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 05/07/2015 - 13:41:26 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\C94WpYy\LibDownloadManagement.dll [5120] =>Adware.Pirrit O61 - LFC: 05/07/2015 - 13:41:28 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp\encecal.dll [140800] O61 - LFC: 05/07/2015 - 13:41:28 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\dohqrvcp\ticyver.dll [168960] O61 - LFC: 05/07/2015 - 13:42:07 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\yMRVGuQ\LibDownloadManagement.dll [5120] =>Adware.Pirrit O61 - LFC: 05/07/2015 - 13:42:13 ---A- . (.Avast Software s.r.o..) -- D:\Utilisateurs\célia\Downloads\avast_free_antivirus_setup_online_01net.exe [5481336] O61 - LFC: 05/07/2015 - 13:44:15 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetupFull.exe [40430720] O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ChromeApproveTBPlugin.dll [117024] O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ChromeAutoApproveTB.dll [155936] O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\ConduitChromeApiPlugin.dll [858400] O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Conduit.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\np-cwmp.dll [68896] O61 - LFC: 07/07/2015 - 13:37:38 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\np-mswmp.dll [163256] O61 - LFC: 07/07/2015 - 13:37:39 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\Search\plugins\npConduitNewTabPlugin.dll [62240] =>Toolbar.Conduit O61 - LFC: 07/07/2015 - 13:37:39 ---A- . (.Conduit Ltd..) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibcgjcbeckcdemelifnledhihpaighfk\10.20.1.8_2\plugins\TBVerifier.dll [287008] =>Toolbar.Conduit O61 - LFC: 07/07/2015 - 13:37:43 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 07/07/2015 - 13:37:52 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe [1068696] O61 - LFC: 07/07/2015 - 13:37:53 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\BingSvc\BSvcUpdater.exe [169104] O61 - LFC: 07/07/2015 - 13:37:54 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\DefaultSetup\sqlite3.dll [362029] O61 - LFC: 07/07/2015 - 13:37:54 ---A- . (.© 2013 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe [2649752] O61 - LFC: 07/07/2015 - 13:37:55 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0] O61 - LFC: 07/07/2015 - 13:39:22 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\BSvcProcessor.exe [1068696] O61 - LFC: 07/07/2015 - 13:39:22 ---A- . (.© 2015 Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\BSvcUpdater.exe [169104] O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\Outbrowse_Bundle.exe [0] O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-BNC5E.tmp\cmd.bat [85] O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-92R6P.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 07/07/2015 - 13:39:24 ---A- . (.Microsoft Corporation.) -- D:\Utilisateurs\célia\AppData\Local\Temp\is-BNC5E.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 07/07/2015 - 13:39:31 ---A- . (.M-GPlayer.) -- D:\Utilisateurs\célia\AppData\Local\Temp\n9586\gusetup_pub.exe [7097528] O61 - LFC: 07/07/2015 - 13:39:47 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr25.bin [24] O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\hljorppg\encecal.dll [140800] O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\hljorppg\ticyver.dll [168960] O61 - LFC: 07/07/2015 - 13:41:33 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\jkzhqxzt\encecal.dll [140800] O61 - LFC: 07/07/2015 - 13:41:34 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy\encecal.dll [140800] O61 - LFC: 07/07/2015 - 13:41:34 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Roaming\kucvcjhy\ticyver.dll [168960] O61 - LFC: 07/07/2015 - 13:42:29 ---A- . (.Google Inc..) -- D:\Utilisateurs\célia\Downloads\ChromeSetup.exe [931408] O61 - LFC: 07/07/2015 - 13:43:17 ---A- . (.Reimage®.) -- D:\Utilisateurs\célia\Downloads\ReimageRepair (1).exe [772016] =>Rogue.ReimageRepair O61 - LFC: 07/07/2015 - 13:43:28 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetup (1).exe [1384576] O61 - LFC: 07/07/2015 - 13:43:30 ---A- . (.Skype Technologies S.A..) -- D:\Utilisateurs\célia\Downloads\SkypeSetup.exe [1384576] O61 - LFC: 08/07/2015 - 13:37:29 ---A- . (...) -- D:\Utilisateurs\célia\AppData\Local\Crossbrowse\Crossbrowse\User Data\nacl_validation_cache.bin [128] =>PUP.CrossBrowser O61 - LFC: 08/07/2015 - 13:42:10 ---A- . (...) -- D:\Utilisateurs\célia\Desktop\cacaoweb.exe [532784] =>PUP.CacaoWeb ~ 75 Fichiers temporaires (Temporary files) ~ 322 Fichiers cookies (Cookies files) ~ Files: 51 Scanned in 07mn 42s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.Avast Software s.r.o. - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT O64 - Services: CurCS - 07/07/2015 - C:\Windows\System32\DRIVERS\aswNdisFlt.sys (aswNdisFlt) .(.Avast Software s.r.o. - avast! Filtering NDIS driver.) - LEGACY_ASWNDISFLT O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.Avast Software s.r.o. - avast! WFP Redirect Driver.) - LEGACY_ASWRDR O64 - Services: CurCS - 06/07/2015 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.Avast Software s.r.o. - avast! Virtualization Driver.) - LEGACY_ASWSNX O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.Avast Software s.r.o. - avast! self protection module.) - LEGACY_ASWSP O64 - Services: CurCS - 06/07/2015 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.Avast Software s.r.o. - Stream Filter.) - LEGACY_ASWSTM O64 - Services: CurCS - 06/07/2015 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM O64 - Services: CurCS - 27/05/2013 - C:\Windows\System32\drivers\BCM42RLY.sys (BCM42RLY) .(.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Pr.) - LEGACY_BCM42RLY O64 - Services: CurCS - 10/04/2015 - C:\Windows\System32\drivers\innfd_1_10_0_14.sys (innfd_1_10_0_14) .(.Infonaut - Infonaut Driver x64.) - LEGACY_INNFD_1_10_0_14 =>PUP.Infonaut O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/10/2014 - C:\Windows\System32\drivers\wpnfd_1_10_0_1.sys (wpnfd_1_10_0_1) .(.Word Proser - Word Proser Driver x64.) - LEGACY_WPNFD_1_10_0_1 =>PUP.WordProser ~ Legacy: 88 Scanned in 00mn 03s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\searchplugins\conduit.xml O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.delta.excTlbr", false); O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("CT3241952.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3241952&SearchSource=2&q="); O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.delta_i.babTrack", "affID=120700&tsp=5029"); O69 - SBI: prefs.js [célia - ftwxqwcg.default] user_pref("extensions.crossrider.bic", "1419918217a0c77c1984d7fa9bb7f732"); =>PUP.CrossRider O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Astromenda) - http://www.oursurfing.com =>PUP.Astromenda O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www.oursurfing.com =>Hijacker.OurSurfing O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.oursurfing.com =>Hijacker.OurSurfing O69 - SBI: SearchScopes [HKCU] {24611EB1-2B5E-4065-8B0F-3A499898EF7A} - (WhiteSmoke New V6 Customized Web Search) - http://www.oursurfing.com =>PUP.WhiteSmoke O69 - SBI: SearchScopes [HKCU] {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing O69 - SBI: SearchScopes [HKCU] {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} - () - http://www.oursurfing.com =>Hijacker.OurSurfing O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Cassiopesa) - http://www.cassiopessa.com O69 - SBI: SearchScopes [HKCU] {483830EE-A4CD-4b71-B0A3-3D82E62A6909} - () - http://www.oursurfing.com =>Hijacker.OurSurfing O69 - SBI: SearchScopes [HKCU] {5B9843CD-BEC6-05E7-8AB2-3891FF74046C} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (Web Search) - http://www.oursurfing.com =>Hijacker.OurSurfing O69 - SBI: SearchScopes [HKCU] {9143e921-7c9a-4d27-ac43-eaccc78cc55a} - (istartsurf) - http://www.istartsurf.com =>PUP.Istart O69 - SBI: SearchScopes [HKCU] {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} - (Amazon) - http://www.oursurfing.com =>Hijacker.OurSurfing O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.oursurfing.com =>Hijacker.OurSurfing ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [859648] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [680960] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [683520] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [2553856] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70144] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [193536] ~ Services: 33 Scanned in 00mn 03s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.AF82D7FAD38E49DDA65ECE4F87B2C95B] [SPRF][28/07/2014] (...) -- C:\ProgramData\uninstall_Deeal.exe [431104] =>PUP.DeealFr [MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\4oWR9qYkY63.exe [1579520] [MD5.767B13F54357A9BF53EAA2392C664665] [SPRF][07/07/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr25.bin [24] [MD5.4BE82EB7925A65C354655F35845528C5] [SPRF][17/05/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\appdataFr3.bin [20] [MD5.3A1D89B89C9D62951957F0839578DD9B] [SPRF][20/04/2015] (...) -- D:\Utilisateurs\célia\AppData\Roaming\e4B8MC7fGSvdgS.exe [1579520] [MD5.775F47E28C96739D0B81DF8A46116EFB] [SPRF][08/07/2015] (...) -- D:\Utilisateurs\célia\Desktop\cacaoweb.exe [532784] =>PUP.CacaoWeb ~ Files: 6 Scanned in 00mn 06s ---\\ Recherche d'infection Rogue (SRI) (O86) O43 - CFD: 24/05/2015 - 03:59:37 - [] ----D C:\ProgramData\12db864551ae4c578eb17db1a9f5d3cf O43 - CFD: 06/07/2015 - 02:04:51 - [0] ----D C:\ProgramData\6c54da2e97bd4bf69fea341a446a9746 O43 - CFD: 24/05/2015 - 21:30:13 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066 O43 - CFD: 06/07/2015 - 02:04:49 - [0] ----D C:\ProgramData\dc9def169e834b19aff83090e5e3337a ~ Files: Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{690310D7-EA92-4A80-B01C-B855168501D7}" | In - None - P17 - TRUE | .(.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser ~ Firewall: 1 Scanned in 00mn 15s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "DF42B2AC01EE9B240B94AA0862E8E712" . (.Boxore Client.) -- C:\Windows\Installer\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}\boxore.ico =>Adware.Boxore ~ Update Products: 1 Scanned in 00mn 00s ---\\ Export de clés de registre aléatoires (O91) [HKCU\Software\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" [HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb" [HKCU\Software\5c55da8cbc3ab845]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard [HKCU\Software\5c55da8cbc3ab845]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKCU\Software\5c55da8cbc3ab845]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKCU\Software\5c55da8cbc3ab845]:SERVICE_NAME="BitGuard" =>PUP.BitGuard [HKCU\Software\5c55da8cbc3ab845]:showagain="p/2lTJU4olIuro52tJurFmjRNz33u7Fj1NwGCbkzNke6o3V1OPj3+TJ2Nrg=" [HKCU\Software\5c55da8cbc3ab845]:usrcheckbox="1" [HKCU\Software\5c55da8cbc3ab845]:version="2.6.1694.246" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPCHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:HPIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:INSTALL_FOLDER_NAME="BitGuard" =>PUP.BitGuard [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:KWFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP0="FO81jovjQUF+5S6+haV7vGe3TMfw8oqWAhSaKzFS9OtdgZ1j5X+B4jW/459R" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP1="FO81jovjQUF+5S6+hbF0tnG4Tc/u94SDBhydJTxS8+ldnZRi5niE4Dm49Yxb" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTCHREGEXP2="FO81jovjQUF+5S6+hbF/tG24SsHn9oyWDBuXLj1U8e1fjIJv8XSE4Dy75IlV" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:NTFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:PROTECTOR_DLL_NAME="BitGuard.dll" =>PUP.BitGuard [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:PROTECT_EXE_NAME="BitGuard.exe" =>PUP.BitGuard [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SECHREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEFFREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP0="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41YG65LTMswjv2p+BbY" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP10="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tcC7Z7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP11="FO81jovjQUF+5S6+hb1oqXHuCob28bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4PgTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP12="FO81jovjQUF+5S6+hb1oqXHuCobi7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4bnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP13="FO81jovjQUF+5S6+hb1oqXHuCobh7bvIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4YnTyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP14="FO81jovjQUF+5S6+hb1oqXHuCobp+7vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Qizyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP15="FO81jovjQUF+5S6+hb1oqXHuCobq77vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Tnzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP16="FO81jovjQUF+5S6+hb1oqXHuCob097vIARmacmgOwqhSgp8k3Sia4We454NmCbZefM0c/670ylCTeqKqVQ4Nhzyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP17="FO81jovjQUF+5S6+hf10qXWkH4avttjOR1OpbXMX8/9twJ1l7X6A6gb39opYC7RPf4sPz/Povw==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP18="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tLEKdLRvlB0/un51uaSb37CTxXxQ==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP19="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5tQErZ7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP1="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4xVGKVIf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP20="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BXFa57DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP21="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tWErh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP22="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4BJDb57DtUNx/uau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP23="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xMCbJVf4gcwfmjyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP24="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41WAbh7DtYJweyl/WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP25="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr59cC6RITcQA/LOk51eFZvbqOn8agH+n2A==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP26="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4JYAYsKUNEN0uqau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP27="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4pXEbZJQMAI/LO18FmAdvvESDIWgjyj" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP2="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tcFaNGf4gfxf+09lCuO/D3C39T" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP3="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr41MHLlIUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP4="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES/lBx/Gn+WTcdvz1SHs=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP5="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5xcGKVES8IDzMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP6="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4dWFbZURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP7="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4hWFaRCQtcPyMLo9lefO7k=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP8="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr4tYFbJURsQew/aau1udeL2y" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SEIEREGEXP9="FO81jovjQUF+5S6+hf10qXWkDdqpoN3JRlHKawFcs/wBwMtXrErF03Tzr5pXFosKUMAN0v2uyRaRev62TA==" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:SERVICE_NAME="BitGuard" =>PUP.BitGuard [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:showagain="p/2lTJU4olIuro52tJurFmjRNz33u7Fj1NwGCbkzNke6o3V1OPj3+TJ2Nrg=" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:usrcheckbox="1" [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:version="2.6.1694.246" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:060df2cd="GlAu/YP/c/Au/YZ/GxAp/YZ/GP/j/Xt/axAv/X6////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0c230bcb="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0dc3ee96="/P////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:0e93c3f3="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:1520c6f1="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:1c311243="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:27ddcf6f="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:2d71d5ab="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:2e22d94e="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:340d3099="/P////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:3c09c42b="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:414bc593="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:48bd1aff="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:51d2f2ea="K/Au/YZ/aPAp/X2/cPAg/WV/c/Ay/XZ/a/Au////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:587b5709="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:6185d035="Vx/2/Cx/V//l////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:65114b36="VP/l////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:72758a5d="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:7367429f="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:7f69fa1f="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:8b9e4cbc="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a0743acc="N/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a1dcff5b="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:a2e3b941="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:bbf88800="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c24899a6="VP/g/CV/Vl/2/Cx////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c5705860="Vx////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c6c5dd44="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:c99a5f5c="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:d1abcdb6="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:d94388d2="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:e46c271e="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f0bf0bde="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f1f24e29="Vl/l/C/////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f2c53c49="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:f6ad6fa6="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\19837173716557470\eae10f9d]:fe94ce1e="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:060df2cd="GlAu/YP/c/Au/YZ/GxAp/YZ/GP/j/Xt/axAv/X6////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0c230bcb="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0dc3ee96="/P////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:0e93c3f3="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:1520c6f1="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:1c311243="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:27ddcf6f="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:2d71d5ab="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:2e22d94e="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:340d3099="/P////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:3c09c42b="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:414bc593="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:48bd1aff="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:51d2f2ea="K/Af/Xt/aPAM/X6/G/A+/Xl/GP////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:587b5709="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:6185d035="Vx/2/Cx/V//l////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:65114b36="VP/l////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:72758a5d="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:7367429f="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:7f69fa1f="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:8b9e4cbc="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a0743acc="N/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a1dcff5b="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:a2e3b941="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:bbf88800="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c24899a6="Vl/3/CJ/MP/g/CZ////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c5705860="Vx////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c6c5dd44="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:c99a5f5c="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:d1abcdb6="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:d94388d2="GxAp/X2/FPAm/X6/FlAu/XD/ax/j/Xt/axAv/X6////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:e46c271e="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f0bf0bde="///%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f1f24e29="Vl/l/C/////%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f2c53c49="UlAr/XJ/c//k////" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:f6ad6fa6="V/////%%" [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c\71845289303720625\eae10f9d]:fe94ce1e="V/////%%" ~ Export Key Software: Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.77C2FD47FBD0F2284B64AB6E40397BFA] [WIS][12/11/2013] (.KalityWeb - WebAdSystem.) -- C:\Windows\Installer\572f60.msi [1126400] =>Adware.WebAdSystem ~ WIS: 1 Scanned in 00mn 07s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32 =>Adware.NewPlayer HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS =>Adware.NewPlayer HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASAPI32 =>PUP.SafeGuard HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASMANCS =>PUP.SafeGuard HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASAPI32 =>Hijacker.Eazel HKLM\SOFTWARE\Microsoft\Tracing\srvBrowserProtect_RASMANCS =>Hijacker.Eazel HKLM\SOFTWARE\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus HKLM\SOFTWARE\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ActiverisAntiMalware_RASAPI32 =>PUP.Activeris HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\ActiverisAntiMalware_RASMANCS =>PUP.Activeris HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASAPI32 =>Hijacker.BabSolution HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabMaint_RASMANCS =>Hijacker.BabSolution HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS =>Toolbar.Bing HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32 =>Adware.IMBooster HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS =>Adware.IMBooster HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASAPI32 =>Hijacker.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Muvic_RASMANCS =>Hijacker.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASAPI32 =>Adware.NewPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\NewPlayer_RASMANCS =>Adware.NewPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBatBrowse_RASAPI32 =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateBatBrowse_RASMANCS =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASAPI32 =>PUP.LinkSwift HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateLinkSwift_RASMANCS =>PUP.LinkSwift HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASAPI32 =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilBatBrowse_RASMANCS =>PUP.BatBrowse HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz16_RASAPI32 =>PUP.Duuqu HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\vbmz16_RASMANCS =>PUP.Duuqu HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_2506-8ea7fd25_RASAPI32 =>Adware.VisualBeeToolbar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VisualBeeSilent_2506-8ea7fd25_RASMANCS =>Adware.VisualBeeToolbar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASAPI32 =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamUpdater_RASMANCS =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_download_RASAPI32 =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_download_RASMANCS =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASAPI32 =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\wajam_install_RASMANCS =>PUP.Wajam ~ BTK: 249 Scanned in 00mn 01s ---\\ Recherche de clés de registre CLSID (O101) [HKCR\CLSID\{22222222-2222-2222-2222-220422892226}] (CrossriderApp0048926.Sandbox) =>PUP.CrossRider [HKCR\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}] (Value Apps plugin) =>Toolbar.Conduit [HKCR\CLSID\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}] (WordProser) =>PUP.WordProser ~ BCK: 4503 Scanned in 00mn 25s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 07/07/2015 268976 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 04/04/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe SR - | Auto 06/03/2015 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 29/05/2015 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 16/10/2012 219776 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe SR - | Auto 06/07/2015 343336 | (avast! Antivirus) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 07/07/2015 107448 | (avast! Firewall) . (.Avast Software s.r.o..) - C:\Program Files\AVAST Software\Avast\afwServ.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 05/03/2012 952608 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe SR - | Auto 09/08/2011 200832 | (CxAudMsg) . (.Conexant Systems Inc..) - C:\Windows\system32\CxAudMsg64.exe SR - | Auto 12/10/2011 109184 | (CxUtilSvc) . (.Conexant Systems, Inc..) - C:\Program Files\Conexant\SA3\CxUtilSvc.exe SR - | Auto 29/12/2010 440144 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\DigitalPersona\Bin\DpHostW.exe SR - | Auto 01/02/2012 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 10/04/2015 278600 | (insvc_1.10.0.14) . (.Infonaut.) - C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut SR - | Auto 10/01/2012 627936 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe SR - | Demand 29/06/2015 644904 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 27/03/2012 193536 | (irstrtsv) . (.Intel Corporation.) - C:\windows\SysWOW64\irstrtsv.exe SR - | Auto 20/01/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe SR - | Auto 20/01/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe SR - | Auto 04/03/2015 213816 | (PremierOpinion) . (.VoiceFive, Inc..) - C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion SR - | Auto 24/05/2015 305664 | (rikejehy) . (...) - D:\Utilisateurs\célia\AppData\Roaming\4C4C4544-1432501316-3110-8046-B2C04F315931\jnst50DE.tmp SR - | Auto 08/07/2015 648416 | (Service Mgr OnStage) . (...) - C:\ProgramData\2988696b-294c-4054-b34f-e97ca58a10e8\plugincontainer.exe SR - | Auto 20/01/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 08/07/2015 572640 | (Update Mgr OnStage) . (...) - C:\Program Files (x86)\Common Files\2988696b-294c-4054-b34f-e97ca58a10e8\updater.exe SR - | Auto 23/08/2011 3175728 | (vcsFPService) . (.Validity Sensors, Inc..) - C:\Windows\system32\vcsFPService.exe SR - | Auto 27/05/2013 48128 | (wltrysvc) . (.Dell Inc..) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 24/10/2012 81536 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe ~ Services: Scanned in 00mn 35s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by célia at 08/07/2015 13:48:15 ~ OS 64 not supported by MBR tool ~ MBR: 0 Scanned in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 13008 - (17/05/2015) Clés trouvées (Keys found) : 294 Valeurs trouvées (Values found) : 7 Dossiers trouvés (Folders found) : 108 Fichiers trouvés (Files found) : 288 [HKLM\SYSTEM\CurrentControlSet\Services\insvc_1.10.0.14] =>PUP.Infonaut^ [HKLM\SYSTEM\CurrentControlSet\Services\PremierOpinion] =>Adware.PremierOpinion^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CA2B24FD-EE10-42B9-B049-AA80268E7E21}] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV28.05] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse] =>PUP.CrossBrowser^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Deeal] =>PUP.DeealFr^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GoHD] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HQuality-v3V19.10] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins] =>PUP.IePluginService^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Infonaut_1.10.0.14] =>PUP.Infonaut^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{065A5BE9-CE42-475C-BD62-52B229D24AB5}] =>Hijacker.SmartBar^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ab0da7b3-e6dd-492c-951e-44f70b9225b4}] =>Hijacker.SmartBar^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchs] =>PUP.PaybyAds^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\NewPlayer] =>Adware.NewPlayer^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd] =>PUP.NetworkSystemDriver^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3f700348-270d-469b-b073-4a14e4a79189}] =>PUP.PassWidget^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}] =>Adware.PremierOpinion^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2D471A31-4FA7-95BA-1880-D441113ED736}] =>PUP.PriceDownloader^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7540FDBD-7FDC-30AE-3778-815CB87DBE46}] =>PUP.RandomName^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smarts8] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SupTab] =>PUP.SupTab^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{4284830a}] =>Adware.Graftor^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E370F69F-ED3F-925F-31FC-14D1329A713B}] =>PUP.TicTaCoupon^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f0e9047b}] =>Adware.Graftor^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps] =>Toolbar.Conduit^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4c13db17-a811-442c-9a1b-a92b65dca879}] =>Adware.WebAdSystem^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF59773E-3245-46A3-B418-DD84AB6C3C50}] =>Adware.WebAdSystem^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindeskWinsearch] =>PUP.WindeskWinsearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinServices] =>Adware.SocialSkinz^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall] =>Hijacker.OurSurfing^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\CrashMon] =>PUP.Salus^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\gmsd_fr_002020021] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] =>PUP.Mobogenie^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Salus CrashMon] =>PUP.Salus^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\shopperz] =>PUP.Shopperz^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\shopperz64] =>PUP.Shopperz^ [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon [HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon [HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep [HKLM\Software\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep [HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep [HKLM\Software\Wow6432Node\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep [HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}] =>Adware.PricePeep [HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon [HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon [HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep [HKLM\Software\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep [HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater [HKLM\Software\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater [HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater [HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon [HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon [HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon [HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch [HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon [HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon [HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon [HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing [HKLM\Software\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru [HKLM\Software\Wow6432Node\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}] =>Adware.Adkubru [HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater [HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>PUP.Wajam [HKCU\Software\Boxore] =>Adware.Boxore [HKCU\Software\cacaoweb] =>PUP.CacaoWeb [HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>PUP.Conduit [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKCU\Software\lollipop] =>Adware.Lollipop [HKCU\Software\Iminent] =>Adware.IMBooster [HKCU\Software\KalityWeb] =>Toolbar.Agent [HKLM\Software\Wow6432Node\KalityWeb] =>Toolbar.Agent [HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar [HKCU\Software\SmartbarLog] =>Hijacker.SmartBar [HKCU\Software\Softonic] =>PUP.Conduit [HKCU\Software\AppDataLow\Toolbar] =>PUP.Conduit [HKCU\Software\Tuto4pc] =>PUP.Eorezo [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing [HKLM\Software\Wow6432Node\VBMZ] =>PUP.Conduit [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore [HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Classes\ScriptHost.Tool.1] =>Toolbar.Agent [HKLM\Software\Classes\ScriptHost.Tool] =>Toolbar.Agent [HKLM\Software\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\AddonsFramework.DLL] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\ButtonSite.DLL] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\ScriptHost.DLL] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}] =>Toolbar.Freecorder [HKLM\Software\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{93CF54F5-CFAA-4440-B588-8ED0DFAD5C21}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}] =>Toolbar.Freecorder [HKLM\Software\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\Classes\Interface\{D3BC53E7-0437-4C97-90EE-2CD6FF47FB14}] =>Toolbar.Freecorder [HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider [HKLM\Software\Wow6432Node\SoftwareUpdater] =>Hijacker.Eazel [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater] =>Hijacker.Eazel [HKLM\Software\Wow6432Node\delta-homesSoftware] =>Toolbar.DeltaSearch [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc] =>PUP.eSafeSecurity [HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider [HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider [HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Classes\CrossriderApp0044150.BHO] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0044150.BHO.1] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0044150.Sandbox] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0044150.Sandbox.1] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0048926.BHO] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0048926.BHO.1] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0048926.Sandbox] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0048926.Sandbox.1] =>PUP.CrossRider [HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch [HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch [HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch [HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch [HKLM\Software\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch [HKLM\Software\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch [HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422892226}] =>PUP.CrossRider [HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.BHO] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.BHO.1] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.Sandbox] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CrossriderApp0044150.Sandbox.1] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.BHO] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.BHO.1] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.Sandbox] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CrossriderApp0048926.Sandbox.1] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch [HKLM\Software\Wow6432Node\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch [HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch [HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch [HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch [HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch [HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch [HKLM\Software\Wow6432Node\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151146}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151152}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422892226}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Windesk Winsearch =>PUP.WindeskWinsearch^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^ D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^ C:\Program Files (x86)\Activeris AntiMalware =>PUP.Activeris^ C:\Program Files (x86)\CinemaPlus-3.2cV28.05 =>PUP.CrossRider^ C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser^ C:\Program Files (x86)\deaal4reala =>PUP.Deal4reaL^ C:\Program Files (x86)\DealsFuInndeRProo =>PUP.DealsFinderPro^ C:\Program Files (x86)\DeaolsFiNderPro =>PUP.DealsFinderPro^ C:\Program Files (x86)\DeeaLsFinDErPro =>PUP.DealsFinderPro^ C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate^ C:\Program Files (x86)\gmsd_fr_002020023 =>PUP.CrossRider^ C:\Program Files (x86)\gmsd_fr_005010016 =>PUP.CrossRider^ C:\Program Files (x86)\GoHD =>PUP.CrossRider^ C:\Program Files (x86)\greattsAVieng =>PUP.GreatSaving^ C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches^ C:\Program Files (x86)\HQuality-v3V19.10 =>PUP.CrossRider^ C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut^ C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^ C:\Program Files (x86)\NewPlayer =>Adware.NewPlayer^ C:\Program Files (x86)\Pass-Widget =>PUP.PassWidget^ C:\Program Files (x86)\predm =>Adware.Downware^ C:\Program Files (x86)\PremierOpinion =>Adware.PremierOpinion^ C:\Program Files (x86)\Premium Software =>Trojan.Tivmonk^ C:\Program Files (x86)\PriceDowineloader =>PUP.PriceDownloader^ C:\Program Files (x86)\PriCeDoWnloADer =>PUP.PriceDownloader^ C:\Program Files (x86)\Priceless =>PUP.PriceLess^ C:\Program Files (x86)\Probit Software =>PUP.ProbitSoftware^ C:\Program Files (x86)\PrriCeDownaloaderr =>PUP.PriceDownloader^ C:\Program Files (x86)\SaoftoCeoup =>PUP.RandomName^ C:\Program Files (x86)\savInshop =>PUP.SavinShop^ C:\Program Files (x86)\sHoepndrop =>PUP.ShopDrop^ C:\Program Files (x86)\SofftCuoup =>PUP.RandomName^ C:\Program Files (x86)\SoftCoupe =>PUP.RandomName^ C:\Program Files (x86)\speed browser =>PUP.SpeedBrowser^ C:\Program Files (x86)\SupTab =>PUP.SupTab^ C:\Program Files (x86)\WebAdSystem =>Adware.WebAdSystem^ C:\Program Files (x86)\WindeskWinsearch =>PUP.WindeskWinsearch^ C:\Program Files (x86)\winservice86 =>PUP.CrossRider^ C:\Program Files (x86)\WordProser_1.10.0.1 =>PUP.WordProser^ C:\ProgramData\Activeris =>PUP.Activeris^ C:\ProgramData\Babylon =>PUP.Babylon^ C:\ProgramData\FlashBeat =>PUP.FlashBeat^ C:\ProgramData\IePluginService =>PUP.IePluginService^ C:\ProgramData\IePluginServices =>PUP.IePluginService^ C:\ProgramData\IHProtectUpDate =>Adware.AgentODR^ C:\ProgramData\LolliScan =>Adware.Graftor^ C:\ProgramData\Registry Helper =>PUP.RegistryHelper^ C:\ProgramData\SaveSenseLive =>PUP.CrossRider^ C:\ProgramData\TicTaCoupon =>PUP.TicTaCoupon^ C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^ C:\ProgramData\WPM =>PUP.WpManager^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware =>PUP.Activeris^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector =>PUP.AdvancedSystemProtector^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastPlayer =>PUP.FastPlayer^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer =>Adware.NewPlayer^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max =>PUP.OptimizerEliteMax^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip =>PUP.PepperZip^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion =>Adware.PremierOpinion^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Premium Software =>Trojan.Tivmonk^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeGuard =>PUP.SafeGuard^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer =>PUP.SuperOptimizer^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Speedup =>PUP.SystemSpeedup^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch =>PUP.WindeskWinsearch^ D:\Utilisateurs\célia\AppData\Roaming\Activeris =>PUP.Activeris^ D:\Utilisateurs\célia\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^ D:\Utilisateurs\célia\AppData\Roaming\Astromenda =>PUP.Astromenda^ D:\Utilisateurs\célia\AppData\Roaming\cacaoweb =>PUP.CacaoWeb^ D:\Utilisateurs\célia\AppData\Roaming\Dealply =>PUP.DealPly^ D:\Utilisateurs\célia\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^ D:\Utilisateurs\célia\AppData\Roaming\Nosibay =>PUP.BubbleDock^ D:\Utilisateurs\célia\AppData\Roaming\oursurfing =>Hijacker.OurSurfing^ D:\Utilisateurs\célia\AppData\Roaming\Pro PC Cleaner =>PUP.DoctorPC^ D:\Utilisateurs\célia\AppData\Roaming\SupTab =>PUP.SupTab^ D:\Utilisateurs\célia\AppData\Roaming\winservices =>Trojan.Inject.RRE^ D:\Utilisateurs\célia\AppData\Local\Alerts_LLC =>PUP.AlertsLLC^ D:\Utilisateurs\célia\AppData\Local\Astromenda =>PUP.Astromenda^ D:\Utilisateurs\célia\AppData\Local\BonanzaDealsLive =>Adware.BonanzaDeals^ D:\Utilisateurs\célia\AppData\Local\Crossbrowse =>PUP.CrossBrowser^ D:\Utilisateurs\célia\AppData\Local\DealPlyLive =>PUP.DealPly^ D:\Utilisateurs\célia\AppData\Local\Duuqu =>PUP.Duuqu^ D:\Utilisateurs\célia\AppData\Local\genienext =>PUP.NextLive^ D:\Utilisateurs\célia\AppData\Local\globalUpdate =>PUP.GlobalUpdate^ D:\Utilisateurs\célia\AppData\Local\gmsd_fr_002020023 =>PUP.CrossRider^ D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010016 =>PUP.CrossRider^ D:\Utilisateurs\célia\AppData\Local\gmsd_fr_005010022 =>PUP.CrossRider^ D:\Utilisateurs\célia\AppData\Local\KalityWeb =>Adware.WebAdSystem^ D:\Utilisateurs\célia\AppData\Local\Mobogenie =>PUP.Mobogenie^ D:\Utilisateurs\célia\AppData\Local\MySearchs =>Adware.MyWebSearch^ D:\Utilisateurs\célia\AppData\Local\newplayer =>Adware.NewPlayer^ D:\Utilisateurs\célia\AppData\Local\SafeGuard =>PUP.SafeGuard^ D:\Utilisateurs\célia\AppData\Local\SaveSenseLive =>PUP.CrossRider^ D:\Utilisateurs\célia\AppData\Local\SearchProtect =>PUP.SearchProtect^ D:\Utilisateurs\célia\AppData\Local\Smartbar =>Hijacker.SmartBar^ D:\Utilisateurs\célia\AppData\Local\SmartWeb =>PUP.SmartWeb^ D:\Utilisateurs\célia\AppData\Local\speed browser =>PUP.SpeedBrowser^ D:\Utilisateurs\célia\AppData\Local\SwvUpdater =>PUP.Software.Updater^ D:\Utilisateurs\célia\AppData\Local\WebBar =>PUP.WebBar^ D:\Utilisateurs\célia\AppData\Local\Windesk_Winsearch =>PUP.WindeskWinsearch^ C:\Program Files (x86)\Software =>Adware.Boxore C:\ProgramData\Conduit =>PUP.Conduit D:\Utilisateurs\célia\AppData\Local\Conduit =>PUP.Conduit D:\Utilisateurs\célia\AppData\LocalLow\Conduit =>PUP.Conduit D:\Utilisateurs\célia\AppData\LocalLow\PriceGong =>Adware.PriceGong D:\Utilisateurs\célia\AppData\LocalLow\Smartbar =>Hijacker.SmartBar D:\Utilisateurs\célia\AppData\LocalLow\mixidj =>Adware.SmileyBar D:\Utilisateurs\célia\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle =>Adware.RelevantKnowledge D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\Smartbar =>Hijacker.SmartBar D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\bprotector_extensions.sqlite =>PUP.BProtector D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\bprotector_prefs.js =>PUP.BProtector D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\SearchPlugins\conduit.xml =>PUP.Conduit C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector^ C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe =>PUP.Activeris^ D:\Utilisateurs\célia\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^ C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser^ C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-6.exe =>PUP.CrossRider^ C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.exe =>PUP.CrossRider^ C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-6.exe =>PUP.CrossRider^ C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut^ C:\Program Files (x86)\PremierOpinion\pmservice.exe =>Adware.PremierOpinion^ C:\Program Files (x86)\Software\Update\Install\{8EA45EE8-4913-4878-839F-B9A1D271FF1F}\SoftwareUpdateSetup.exe =>Adware.Boxore^ D:\Utilisateurs\célia\AppData\Roaming\Mozilla\Firefox\Profiles\ftwxqwcg.default\Extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^ C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.exe =>PUP.CrossRider^ C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.exe =>PUP.CrossRider^ C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-3.exe =>PUP.CrossRider^ C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-5.exe =>PUP.CrossRider^ C:\Program Files (x86)\CinemaPlus-3.2cV28.05\50d3b760-ec4f-47de-bad9-030f088efefc-7.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-3.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-5.exe =>PUP.CrossRider^ C:\Program Files (x86)\GoHD\59afac17-44ad-47be-8f0c-de8fe3577e51-7.exe =>PUP.CrossRider^ C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^ C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-1 =>PUP.CrossRider^ C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-11 =>PUP.CrossRider^ C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-4 =>PUP.CrossRider^ C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5 =>PUP.CrossRider^ C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-5_user.job =>PUP.CrossRider^ C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-6 =>PUP.CrossRider^ C:\Windows\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\17b03655-7c85-4e93-aec7-7ee27469780e-7 =>PUP.CrossRider^ C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-6 =>PUP.CrossRider^ C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-1-7 =>PUP.CrossRider^ C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-3 =>PUP.CrossRider^ C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5 =>PUP.CrossRider^ C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-5_user.job =>PUP.CrossRider^ C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-6 =>PUP.CrossRider^ C:\Windows\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\2ad55dc4-11a2-483a-95a3-61a7acd6d6e5-7 =>PUP.CrossRider^ C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-6 =>PUP.CrossRider^ C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-1-7 =>PUP.CrossRider^ C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-3 =>PUP.CrossRider^ C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5 =>PUP.CrossRider^ C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-5_user.job =>PUP.CrossRider^ C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-6 =>PUP.CrossRider^ C:\Windows\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\50d3b760-ec4f-47de-bad9-030f088efefc-7 =>PUP.CrossRider^ C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-6 =>PUP.CrossRider^ C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-1-7 =>PUP.CrossRider^ C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-3 =>PUP.CrossRider^ C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5 =>PUP.CrossRider^ C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-5_user.job =>PUP.CrossRider^ C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-6 =>PUP.CrossRider^ C:\Windows\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\59afac17-44ad-47be-8f0c-de8fe3577e51-7 =>PUP.CrossRider^ C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-4 =>PUP.CrossRider^ C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5 =>PUP.CrossRider^ C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-5_user.job =>PUP.CrossRider^ C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-6 =>PUP.CrossRider^ C:\Windows\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\6e2b75f7-2df8-4ae1-abe6-2e8fd7eccffd-7 =>PUP.CrossRider^ C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-4 =>PUP.CrossRider^ C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5 =>PUP.CrossRider^ C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-5_user.job =>PUP.CrossRider^ C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-6.job =>PUP.CrossRider^ C:\Windows\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a4e18f4e-2dc5-4a9a-97ce-2eedf7bde895-7 =>PUP.CrossRider^ C:\Windows\Tasks\a5fc5ff8-db73-4aeb-b3a8-fd2e231b21ff-4.job =>PUP.CrossRider^ C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-1 =>PUP.CrossRider^ C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-11 =>PUP.CrossRider^ C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-4 =>PUP.CrossRider^ C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5 =>PUP.CrossRider^ C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-5_user.job =>PUP.CrossRider^ C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-6 =>PUP.CrossRider^ C:\Windows\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\a8d80158-8a89-4bce-b3c5-45be4ebf96dd-7 =>PUP.CrossRider^ C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^ C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^ C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^ C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^ C:\Windows\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\b0639b86-3d9e-441a-9ee9-556716c43ef7-4 =>PUP.CrossRider^ C:\Windows\Tasks\bench-sys.job =>PUP.GiganticSavings^ C:\Windows\System32\Tasks\bench-sys =>PUP.GiganticSavings^ C:\Windows\Tasks\bench-Updater removing.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\bench-Updater removing =>PUP.CrossRider^ C:\Windows\Tasks\Bidaily Synchronize Task =>PUP.BidailySync^ C:\Windows\Tasks\DigitalSite.job =>Hijacker.DSite^ C:\Windows\System32\Tasks\DigitalSite =>Hijacker.DSite^ C:\Windows\Tasks\media enhance-chromeinstaller.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\media enhance-chromeinstaller =>PUP.CrossRider^ C:\Windows\Tasks\media enhance-codedownloader.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\media enhance-codedownloader =>PUP.CrossRider^ C:\Windows\Tasks\media enhance-firefoxinstaller.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\media enhance-firefoxinstaller =>PUP.CrossRider^ C:\Windows\Tasks\media enhance-updater.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\media enhance-updater =>PUP.CrossRider^ C:\Windows\Tasks\PassWidget Update.job =>PUP.PassWidget^ C:\Windows\Tasks\SaveSense.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\SaveSense =>PUP.CrossRider^ C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore =>PUP.CrossRider^ C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA =>PUP.CrossRider^ C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^ C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^ C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^ C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^ [HKCU\Software\Activeris] =>PUP.Activeris^ [HKCU\Software\AmiExt] =>Adware.FlashEnhancer^ [HKCU\Software\AnyProtect] =>PUP.AnyProtect^ [HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^ [HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE^ [HKCU\Software\AppDataLow\Software\LyricsMonkey-1] =>Adware.AddLyrics^ [HKCU\Software\AppDataLow\Software\LyricsSay-1] =>PUP.CrossRider^ [HKCU\Software\AppDataLow\Software\PassWidget] =>PUP.PassWidget^ [HKCU\Software\AppDataLow\Software\Plus-HD-1.6] =>Adware.PlusHD^ [HKCU\Software\AppDataLow\Software\Plus-HD-3.5] =>Adware.PlusHD^ [HKCU\Software\AppDataLow\Software\SmartWeb] =>PUP.SmartWeb^ [HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^ [HKCU\Software\AppDataLow\Software\WhiteSmoke_New_V6] =>PUP.WhiteSmoke^ [HKCU\Software\AppDataLow\Software\free ven] =>PUP.Freeven^ [HKCU\Software\AppDataLow\Software\media enhance] =>PUP.MediaPlayerEnhance^ [HKCU\Software\AppDataLow\Software\winservice86] =>PUP.CrossRider^ [HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}] =>Adware.Graftor^ [HKCU\Software\ArenaHD] =>PUP.CrossRider^ [HKCU\Software\BabSolution] =>Hijacker.BabSolution^ [HKCU\Software\BatBrowse] =>PUP.BatBrowse^ [HKCU\Software\CinemaPlus-3.2cV24.05-nv-ie] =>PUP.CrossRider^ [HKCU\Software\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider^ [HKCU\Software\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider^ [HKCU\Software\Conduit] =>Toolbar.Conduit^ [HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^ [HKCU\Software\Crossbrowse] =>PUP.CrossBrowser^ [HKCU\Software\DSiteProducts] =>Hijacker.DSite^ [HKCU\Software\DealPlyLive] =>PUP.DealPly^ [HKCU\Software\Doko-Toolbar] =>Hijacker.Doko^ [HKCU\Software\Duuqu] =>PUP.Duuqu^ [HKCU\Software\File Type Helper] =>PUP.FileTypeHelper^ [HKCU\Software\GoHD-nv-ie] =>PUP.CrossRider^ [HKCU\Software\GoHD-nv] =>PUP.CrossRider^ [HKCU\Software\HighDefAction] =>PUP.CrossRider^ [HKCU\Software\Optimizer Elite Max] =>PUP.OptimizerEliteMax^ [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^ [HKCU\Software\PepperZip] =>PUP.PepperZip^ [HKCU\Software\SafeGuardApp] =>PUP.SafeGuard^ [HKCU\Software\SaveSenseLive] =>PUP.CrossRider^ [HKCU\Software\SimplyTech] =>PUP.SimplyTech^ [HKCU\Software\Smartbar] =>Hijacker.SmartBar^ [HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^ [HKCU\Software\System Speedup] =>PUP.SystemSpeedup^ [HKCU\Software\TNT2] =>Adware.TidyNetwork^ [HKCU\Software\TutoTag] =>PUP.AgenceExclusive^ [HKCU\Software\UpToDown] =>PUP.UpToDown^ [HKCU\Software\UpdateFiles] =>Adware.Boxore^ [HKCU\Software\Visualbee] =>Adware.VisualBeeToolbar^ [HKCU\Software\Wajam] =>PUP.Wajam^ [HKCU\Software\YorkNewCin] =>PUP.CrossRider^ [HKCU\Software\astromenda] =>PUP.Astromenda^ [HKCU\Software\gamesdesktop] =>Adware.GamesDesktop^ [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^ [HKCU\Software\mysearchdial] =>Adware.MyWebSearch^ [HKCU\Software\tuto4pc] =>PUP.AgenceExclusive^ [HKCU\Software\winservice86-nv-ie] =>PUP.CrossRider^ [HKCU\Software\winservice86-nv] =>PUP.CrossRider^ [HKLM\Software\ArenaHD] =>PUP.CrossRider^ [HKLM\Software\BubbleSound] =>PUP.BubbleSound^ [HKLM\Software\HQuality-v3V19.10-nv] =>PUP.CrossRider^ [HKLM\Software\HighDefAction] =>PUP.CrossRider^ [HKLM\Software\LolliScan] =>Adware.Graftor^ [HKLM\Software\Speedchecker Limited] =>PUP.InternetSpeedChecker^ [HKLM\Software\WebBar] =>PUP.WebBar^ [HKLM\Software\Wow6432Node\11f7643f-77e0-4a4a-a192-4b7a9e9fbf2a] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\22fbe0a4-6d53-4d01-9877-31667f148858] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\95b48dc0-8b8d-47f8-ab2e-5f40b4109b11] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\971bbd6c-f848-4ae2-9434-b893b6d0f4f1] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\Activeris] =>PUP.Activeris^ [HKLM\Software\Wow6432Node\AmiExt] =>Adware.FlashEnhancer^ [HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\Bench] =>PUP.GiganticSavings^ [HKLM\Software\Wow6432Node\Better-Surf] =>PUP.BetterSurf^ [HKLM\Software\Wow6432Node\BetterSurf Plus V1] =>PUP.BetterSurf^ [HKLM\Software\Wow6432Node\BetterSurf] =>PUP.BetterSurf^ [HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv-ie] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\CinemaPlus-3.2cV28.05-nv] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^ [HKLM\Software\Wow6432Node\DownloaderAssistant] =>PUP.Salus^ [HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu^ [HKLM\Software\Wow6432Node\File Type Helper] =>PUP.FileTypeHelper^ [HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate^ [HKLM\Software\Wow6432Node\GoHD-nv-ie] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\GoHD-nv] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\HQuality-v3V19.10-nv] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\IHProtect] =>Adware.AgentODR^ [HKLM\Software\Wow6432Node\LolliScan] =>Adware.Graftor^ [HKLM\Software\Wow6432Node\MediaViewV1] =>PUP.MediaViewer^ [HKLM\Software\Wow6432Node\MediaViewV1alpha698] =>PUP.MediaViewer^ [HKLM\Software\Wow6432Node\MediaViewV1alpha7499] =>PUP.MediaViewer^ [HKLM\Software\Wow6432Node\MediaWatchV1] =>PUP.MediaWatch^ [HKLM\Software\Wow6432Node\MediaWatchV1home857] =>PUP.MediaWatch^ [HKLM\Software\Wow6432Node\Registry Helper] =>PUP.RegistryHelper^ [HKLM\Software\Wow6432Node\RichMediaViewV1] =>PUP.MediaViewer^ [HKLM\Software\Wow6432Node\RichMediaViewV1release1055] =>PUP.MediaViewer^ [HKLM\Software\Wow6432Node\SafeGuardApp] =>PUP.SafeGuard^ [HKLM\Software\Wow6432Node\SafeGuard] =>PUP.SafeGuard^ [HKLM\Software\Wow6432Node\Salus] =>PUP.Salus^ [HKLM\Software\Wow6432Node\SaveSenseLive] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect^ [HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser^ [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^ [HKLM\Software\Wow6432Node\System Speedup] =>PUP.SystemSpeedup^ [HKLM\Software\Wow6432Node\TabNav] =>PUP.Abengine^ [HKLM\Software\Wow6432Node\Visualbee] =>Adware.VisualBeeToolbar^ [HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia^ [HKLM\Software\Wow6432Node\WhiteSmoke_New_V6] =>PUP.WhiteSmoke^ [HKLM\Software\Wow6432Node\Winservices] =>Trojan.Inject.RRE^ [HKLM\Software\Wow6432Node\WordProser_1.10.0.1] =>PUP.WordProser^ [HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\a558af43-d482-4649-b45f-6e1c09b384c2] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\aa73fe5b-d1f7-411f-8961-8d74e4ee2c2e] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\awesomehpSoftware] =>PUP.Awesomehp^ [HKLM\Software\Wow6432Node\b56ba8d1-2bff-4555-a80e-09eae0dad631] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\c968f51d-077d-494f-a31c-82fe202a993e] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\e3bdb18e-b300-43e4-991c-3eac4da6d490] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\fc60fca7-1634-44d5-35f0-e30c324b850c] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\flash-Enhancer] =>Adware.FlashEnhancer^ [HKLM\Software\Wow6432Node\free ven] =>PUP.Freeven^ [HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.Istart^ [HKLM\Software\Wow6432Node\media enhance] =>PUP.MediaPlayerEnhance^ [HKLM\Software\Wow6432Node\oursurfingSoftware] =>Hijacker.OurSurfing^ [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^ [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^ [HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^ [HKLM\Software\Wow6432Node\winservice86-nv-ie] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\winservice86-nv] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\winservice86] =>PUP.CrossRider^ [HKLM\Software\YorkNewCin] =>PUP.CrossRider^ C:\ProgramData\uninstall_Deeal.exe =>PUP.DeealFr^ D:\Utilisateurs\célia\Desktop\cacaoweb.exe =>PUP.CacaoWeb^ [HKCU\Software\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^ [HKLM\Software\Wow6432Node\5c55da8cbc3ab845]:GUID="{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^ C:\Windows\Installer\572f60.msi =>Adware.WebAdSystem^ [HKCR\CLSID\{22222222-2222-2222-2222-220422892226}] (CrossriderApp0048926.Sandbox) =>PUP.CrossRider^ [HKCR\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}] (Value Apps plugin) =>Toolbar.Conduit^ [HKCR\CLSID\{F6F484C9-29B9-43EC-A924-DCBAAA86B31D}] (WordProser) =>PUP.WordProser^ D:\Utilisateurs\célia\Downloads\cacaoweb.exe =>PUP.CacaoWeb C:\Windows\Reimage.ini =>Rogue.ReimageRepair D:\Utilisateurs\célia\AppData\Local\Temp\{3C2D27EF-E2C2-46F8-A808-5C26F3B22E29}-Boxore_5.9.0.0.msi =>Adware.Boxore ~ Additionnel Scan: 308476 Items scanned in 05mn 08s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51) ~ AMI: 5 Scanned in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.fr/pup-advancedsystemprotector =>PUP.AdvancedSystemProtector http://nicolascoolman.fr/pup-activeris =>PUP.Activeris http://nicolascoolman.fr/pup-cacaoweb =>PUP.CacaoWeb http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut http://nicolascoolman.fr/adware-premieropinion =>Adware.PremierOpinion http://nicolascoolman.fr/adware-boxore =>Adware.Boxore http://nicolascoolman.fr/34208035-hijacker-doko =>Hijacker.Doko http://www.nicolascoolman.fr/blog/ =>Toolbar.MixiDJ http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch http://nicolascoolman.fr/hijacker-trovigo =>Hijacker.Trovigo http://nicolascoolman.fr/parasite-pugi =>Parasite.Pugi http://nicolascoolman.fr/pup-wajam =>PUP.Wajam http://nicolascoolman.fr/pup-passwidget =>PUP.PassWidget http://nicolascoolman.fr/hijacker-gadgetbox =>Hijacker.GadgetBox http://www.nicolascoolman.fr/blog/ =>PUP.Istart http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar http://www.nicolascoolman.fr/blog/ =>Hijacker.OurSurfing http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair http://nicolascoolman.fr/adware-webadsystem =>Adware.WebAdSystem http://www.nicolascoolman.fr/blog/ =>PUP.WindeskWinsearch http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect http://nicolascoolman.fr/pup-giganticsavings =>PUP.GiganticSavings http://nicolascoolman.fr/hijacker-dsite =>Hijacker.DSite http://www.nicolascoolman.fr/blog/ =>Adware.Graftor http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup http://www.nicolascoolman.fr/blog/ =>PUP.MediaPlayerEnhance http://nicolascoolman.fr/pup-systemspeedup =>PUP.SystemSpeedup http://www.nicolascoolman.fr/blog/ =>PUP.BidailySync http://www.nicolascoolman.fr/blog/ =>PUP.WordProser http://www.nicolascoolman.fr/blog/ =>PUP.DeealFr http://www.nicolascoolman.fr/blog/ =>PUP.IePluginService http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds http://www.nicolascoolman.fr/blog/ =>Adware.NewPlayer http://www.nicolascoolman.fr/blog/ =>PUP.NetworkSystemDriver http://www.nicolascoolman.fr/blog/ =>PUP.PriceDownloader http://www.nicolascoolman.fr/blog/ =>PUP.RandomName http://nicolascoolman.fr/pup-suptab =>PUP.SupTab http://www.nicolascoolman.fr/blog/ =>PUP.TicTaCoupon http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz http://nicolascoolman.fr/adware-flashenhancer =>Adware.FlashEnhancer http://www.nicolascoolman.fr/blog/ =>PUP.DynConIE http://nicolascoolman.fr/adware-addlyrics =>Adware.AddLyrics http://nicolascoolman.fr/adware-plushd =>Adware.PlusHD http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb http://nicolascoolman.fr/pup-whitesmoke =>PUP.WhiteSmoke http://www.nicolascoolman.fr/blog/ =>PUP.Freeven http://nicolascoolman.fr/hijacker-babsolution =>Hijacker.BabSolution http://nicolascoolman.fr/pup-batbrowse =>PUP.BatBrowse http://nicolascoolman.fr/pup-datamngr =>PUP.Datamngr http://nicolascoolman.fr/pup-dealply =>PUP.DealPly http://nicolascoolman.fr/pup-duuqu =>PUP.Duuqu http://www.nicolascoolman.fr/blog/ =>PUP.FileTypeHelper http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions http://nicolascoolman.fr/pup-optimizerelitemax =>PUP.OptimizerEliteMax http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro http://www.nicolascoolman.fr/blog/ =>PUP.PepperZip http://www.nicolascoolman.fr/blog/ =>PUP.SafeGuard http://www.nicolascoolman.fr/blog/ =>PUP.SimplyTech http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer http://nicolascoolman.fr/adware-tidynetwork =>Adware.TidyNetwork http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive http://www.nicolascoolman.fr/blog/ =>PUP.UpToDown http://nicolascoolman.fr/adware-visualbeetoolbar =>Adware.VisualBeeToolbar http://nicolascoolman.fr/pup-astromenda =>PUP.Astromenda http://www.nicolascoolman.fr/blog/ =>Adware.GamesDesktop http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate http://nicolascoolman.fr/adware-lollipop =>Adware.Lollipop http://www.nicolascoolman.fr/blog/ =>PUP.BubbleSound http://nicolascoolman.fr/pup-internetspeedchecker =>PUP.InternetSpeedChecker http://www.nicolascoolman.fr/blog/ =>PUP.WebBar http://nicolascoolman.fr/pup-bettersurf =>PUP.BetterSurf http://www.nicolascoolman.fr/blog/ =>PUP.Salus http://www.nicolascoolman.fr/blog/ =>Adware.AgentODR http://www.nicolascoolman.fr/blog/ =>PUP.MediaViewer http://www.nicolascoolman.fr/blog/ =>PUP.MediaWatch http://nicolascoolman.fr/pup-offerbox =>PUP.OfferBox http://www.nicolascoolman.fr/blog/ =>PUP.RegistryHelper http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect http://www.nicolascoolman.fr/blog/ =>PUP.SpeedBrowser http://www.nicolascoolman.fr/blog/ =>PUP.Abengine http://nicolascoolman.fr/pup-vittalia =>PUP.Vittalia http://www.nicolascoolman.fr/blog/ =>Trojan.Inject.RRE http://nicolascoolman.fr/pup-awesomehp =>PUP.Awesomehp http://www.nicolascoolman.fr/blog/ =>Hijacker.DeltaHomes http://nicolascoolman.fr/pup-esafesecurity =>PUP.eSafeSecurity http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu http://www.nicolascoolman.fr/blog/ =>PUP.Deal4reaL http://www.nicolascoolman.fr/blog/ =>PUP.DealsFinderPro http://www.nicolascoolman.fr/blog/ =>PUP.GreatSaving http://www.nicolascoolman.fr/blog/ =>PUP.HighlightSearches http://nicolascoolman.fr/adware-downware =>Adware.Downware http://nicolascoolman.fr/trojan-tivmonk =>Trojan.Tivmonk http://www.nicolascoolman.fr/blog/ =>PUP.PriceLess http://nicolascoolman.fr/pup-probitsoftware =>PUP.ProbitSoftware http://nicolascoolman.fr/pup-savinshop =>PUP.SavinShop http://www.nicolascoolman.fr/blog/ =>PUP.ShopDrop http://nicolascoolman.fr/pup-babylon =>PUP.Babylon http://www.nicolascoolman.fr/blog/ =>PUP.FlashBeat http://www.nicolascoolman.fr/blog/ =>PUP.FastPlayer http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock http://www.nicolascoolman.fr/blog/ =>PUP.DoctorPC http://www.nicolascoolman.fr/blog/ =>PUP.AlertsLLC http://nicolascoolman.fr/adware-bonanzadeals =>Adware.BonanzaDeals http://nicolascoolman.fr/pup-nextlive =>PUP.NextLive http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie http://nicolascoolman.fr/pup-software-updater =>PUP.Software.Updater http://nicolascoolman.fr/hijacker-searchgol =>Hijacker.SearchGol http://www.nicolascoolman.fr/blog/ =>PUP.Shopperz http://www.nicolascoolman.fr/blog/ =>Adware.Pirrit http://nicolascoolman.fr/pup-bitguard =>PUP.BitGuard http://nicolascoolman.fr/pup-glindorus =>PUP.Glindorus http://nicolascoolman.fr/pup-linkswift =>PUP.LinkSwift http://nicolascoolman.fr/pup-rewardsarcade =>PUP.RewardsArcade http://www.nicolascoolman.fr/blog/ =>Adware.PricePeep http://nicolascoolman.fr/pup-v9software =>PUP.V9Software http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch http://www.nicolascoolman.fr/blog/ =>Adware.Adkubru http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd http://www.nicolascoolman.fr/blog/ =>PUP.Conduit http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent http://nicolascoolman.fr/pup-eorezo =>PUP.Eorezo http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive http://www.nicolascoolman.fr/blog/ =>Adware.Agent http://nicolascoolman.fr/pup-tarma =>PUP.Tarma http://www.nicolascoolman.fr/blog/ =>Toolbar.Freecorder http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods http://nicolascoolman.fr/adware-smileybar =>Adware.SmileyBar http://nicolascoolman.fr/adware-relevantknowledge =>Adware.RelevantKnowledge http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector ~ MSI: 139 link(s) detected in 00mn 01s End of the scan (3716 lines in 24mn 34s)(0.11)