Script ZHPFix SysRestore ShortcutFix ProxyFix FirewallRAZ EmptyCLSID EmptyTemp EmptyFlash EmptyPrefetch [MD5.7211C6C78756A61713170301089083A1] - (...) -- C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe [112560] [PID.1580] [MD5.91D1015685F88C5CB8938F6D1F7A8A11] - (.SIEN S.A. - IMGUpdater.) -- C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe [378152] [PID.1696] [MD5.5B96F9ABAC14B0694BBAF213C4C7078A] - (.Iminent - Iminent Service.) -- C:\Program Files (x86)\Common Files\Umbrella\Umbrella224.exe [5325464] [PID.1864] [MD5.556A0BC312FA42F8E2D99E10E84F4242] - (.MyBrowser 1.0.2V01.09 - MyBrowser 1.0.2V01.09 exe.) -- C:\Program Files (x86)\MyBrowser 1.0.2V01.09\df57f450-e39f-4e2d-8b26-91826c57140a-1-6.exe [1327696] [PID.2116] [MD5.6100842E7E178DF7185433D6B16EEF2F] - (...) -- C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077\upgmsd_fr_005010077.exe [3311248] [PID.2108] [MD5.9C8383AD4E946209DEFF75424DCDFEEB] - (...) -- C:\Program Files (x86)\4B3388FF-1441112486-11E4-A961-68F7285F0905\knssC8E1.tmpfs [1329664] [PID.1900] [MD5.08D7D9387A2721C34B366D20472C8013] - (.MyBrowser 1.0.2V01.09 - MyBrowser 1.0.2V01.09 exe.) -- C:\Program Files (x86)\MyBrowser 1.0.2V01.09\df57f450-e39f-4e2d-8b26-91826c57140a-64.exe [1847376] [PID.1992] [MD5.6DAE39C97570E36939D72E909C99D7D4] - (...) -- C:\Program Files\shopperz240820151333\Ooteeotoor.exe [2044280] [PID.4676] P2 - EXT FILE: (...) -- C:\Users\Alizée P\AppData\Roaming\Mozilla\Firefox\Profiles\ynlzrll5.default\extensions\minibar@go.im.xpi P2 - EXT FILE: (...) -- C:\Users\Alizée P\AppData\Roaming\Mozilla\Firefox\Profiles\ynlzrll5.default\searchplugins\StartWeb.xml P2 - EXT FILE: (...) -- C:\Users\Alizée P\AppData\Roaming\Mozilla\Firefox\Profiles\ynlzrll5.default\searchplugins\trovi.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\oursurfing.xml P2 - EXT: (.ObjectB - Object Browser.) -- C:\Users\Alizée P\AppData\Roaming\Mozilla\Firefox\Profiles\ynlzrll5.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.iminent.com/ R3 - URLSearchHook: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} Orphean O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (...) -- C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (.not file.) O4 - HKLM\..\Run: [3D BubbleSound] C:\Program Files\BubbleSound\3D BubbleSound.exe (.not file.) O4 - HKCU\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [gmsd_fr_002010042] (Orphean) O4 - HKLM\..\Wow6432Node\Run: [SmartWeb] C:\Users\Alizée P\AppData\Local\SmartWeb\SmartWebHelper.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_005010077.exe] . (...) -- C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077\upgmsd_fr_005010077.exe O4 - HKUS\S-1-5-21-1952828977-576085348-507956990-1001\..\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) O4 - GS\TaskBar [Administrateur]: Crossbrowse.lnk . (...) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe O4 - GS\TaskBar [Alizée P]: Crossbrowse.lnk . (...) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe O4 - GS\TaskBar [Invité]: Crossbrowse.lnk . (...) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe O4 - GS\TaskBar [Sebastien Petit]: Crossbrowse.lnk . (...) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe O10 - WLSP:\Catalog_Entries\000000000001\Winsock LSP File . (...) -- C:\Windows\System32\Ooteeotoor.dll (Not File) O10 - WLSP:\Catalog_Entries\000000000002\Winsock LSP File . (...) -- C:\Windows\System32\Ooteeotoor.dll (Not File) O10 - WLSP:\Catalog_Entries\000000000003\Winsock LSP File . (...) -- C:\Windows\System32\Ooteeotoor.dll (Not File) O10 - WLSP:\Catalog_Entries\000000000004\Winsock LSP File . (...) -- C:\Windows\System32\Ooteeotoor.dll (Not File) O10 - WLSP:\Catalog_Entries\000000000016\Winsock LSP File . (...) -- C:\Windows\System32\Ooteeotoor.dll (Not File) O10 - WLSP:\Catalog_Entries64\000000000001\Winsock LSP File . (...) -- C:\WINDOWS\system32\Ooteeotoor64.dll O10 - WLSP:\Catalog_Entries64\000000000002\Winsock LSP File . (...) -- C:\WINDOWS\system32\Ooteeotoor64.dll O10 - WLSP:\Catalog_Entries64\000000000003\Winsock LSP File . (...) -- C:\WINDOWS\system32\Ooteeotoor64.dll O10 - WLSP:\Catalog_Entries64\000000000004\Winsock LSP File . (...) -- C:\WINDOWS\system32\Ooteeotoor64.dll O10 - WLSP:\Catalog_Entries64\000000000016\Winsock LSP File . (...) -- C:\WINDOWS\system32\Ooteeotoor64.dll O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll C:\PROGRA~2\LENOVO~1\LENOVO~1\bin\SPVC64~1.DLL (.not file.) O23 - Service: (BrsHelper) . (...) - C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe O23 - Service: Search Protect Service (CltMngSvc) . (...) - C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (.not file.) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (...) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe (.not file.) O23 - Service: GlobalUpdater (GlobalUpdater) . (.SIEN S.A. - IMGUpdater.) - C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe O23 - Service: IMService (IMService) . (.Iminent - Iminent Service.) - C:\Program Files (x86)\Common Files\Umbrella\Umbrella224.exe O23 - Service: Pre-formatted Flat Panel Monitor (misetufy) . (...) - C:\Program Files (x86)\4B3388FF-1441112486-11E4-A961-68F7285F0905\knssC8E1.tmpfs O42 - Logiciel: globalupdate Helper - (.globalupdate Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O43 - CFD: 2015/09/01 19:41:41 - [] D -- C:\Program Files (x86)\4B3388FF-1441112486-11E4-A961-68F7285F0905 O43 - CFD: 2015/09/01 20:58:11 - [] D -- C:\Program Files (x86)\MyBrowser 1.0.2V01.09 O43 - CFD: 2015/08/10 20:04:26 - [] D -- C:\ProgramData\McAfee O43 - CFD: 2015/08/15 17:21:46 - [] D -- C:\Program Files (x86)\Common Files\McAfee O43 - CFD: 2015/07/31 22:17:18 - [] D -- C:\Program Files (x86)\McAfee O43 - CFD: 2015/09/01 20:52:03 - [0] D -- C:\Program Files (x86)\Object Browser O43 - CFD: 2015/09/01 20:54:32 - [] D -- C:\Program Files (x86)\SFK O43 - CFD: 2015/09/01 19:09:33 - [] D -- C:\Program Files (x86)\YTDownloader O43 - CFD: 2015/09/01 18:56:58 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP O43 - CFD: 2015/09/01 18:33:41 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY O43 - CFD: 2015/09/01 18:33:04 - [] D -- C:\ProgramData\cWdsManProc O43 - CFD: 2015/09/01 17:13:44 - [] D -- C:\ProgramData\MovieDeaConfig O43 - CFD: 2015/09/01 13:33:00 - [] D -- C:\ProgramData\QWdsManProQ O43 - CFD: 2015/09/01 18:33:18 - [] D -- C:\Program Files (x86)\Common Files\IMGUpdater O43 - CFD: 2015/09/01 18:33:18 - [] D -- C:\Program Files (x86)\Common Files\Umbrella O43 - CFD: 2015/09/01 18:39:22 - [] SHD -- C:\Users\Alizée P\AppData\Roaming\AnyProtectEx O43 - CFD: 2015/09/01 20:57:09 - [0] D -- C:\Users\Alizée P\AppData\Roaming\mystartsearch O43 - CFD: 2015/09/01 18:20:04 - [0] D -- C:\Users\Alizée P\AppData\Roaming\Nosibay O43 - CFD: 2015/09/01 17:06:44 - [0] D -- C:\Users\Alizée P\AppData\Roaming\Store O43 - CFD: 2015/09/01 17:13:19 - [0] D -- C:\Users\Alizée P\AppData\Roaming\WTools O43 - CFD: 2015/09/01 15:10:04 - [] D -- C:\Users\Alizée P\AppData\Local\BoBrowser O43 - CFD: 2015/09/01 13:33:54 - [] D -- C:\Users\Alizée P\AppData\Local\Boxore O43 - CFD: 2015/09/01 19:00:16 - [] D -- C:\Users\Alizée P\AppData\Local\BrowserHelper O43 - CFD: 2015/09/01 18:36:45 - [] D -- C:\Users\Alizée P\AppData\Local\Crossbrowse O43 - CFD: 2015/09/01 18:34:53 - [] D -- C:\Users\Alizée P\AppData\Local\globalUpdate O43 - CFD: 2015/09/01 20:56:07 - [] D -- C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077 O43 - CFD: 2015/09/01 18:29:32 - [] D -- C:\Users\Alizée P\AppData\Local\Installer O43 - CFD: 2015/09/01 15:50:38 - [] D -- C:\Users\Alizée P\AppData\Local\mbot_fr_014010076 O43 - CFD: 2015/09/01 18:52:39 - [] D -- C:\Users\Alizée P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0 O45 - LFCP:[MD5.8471052051529648894BB8BC59E544B7] 2015/09/01 18:17:30 A -- C:\WINDOWS\Prefetch\3D BUBBLESOUND.EXE-0711FD62.pf O45 - LFCP:[MD5.D2F2E235FEC07A2EBE914523CEC6E217] 2015/09/01 17:14:28 A -- C:\WINDOWS\Prefetch\3DBUBBLESOUND.EXE-E4C60AC2.pf O45 - LFCP:[MD5.4FF67784EF09F419C1C86CA3FE505F78] 2015/09/01 15:07:08 A -- C:\WINDOWS\Prefetch\62793.WINDAPP.MON001.NO.EXE-07860DCB.pf O45 - LFCP:[MD5.2DF8FE1A010D413A8981F0B86F3BD398] 2015/09/01 17:12:54 A -- C:\WINDOWS\Prefetch\AIRWEBBAR_SOFT_PARTNER.EXE-AB75E768.pf O45 - LFCP:[MD5.D62C91AD418FCEAA080F13B121814477] 2015/09/01 17:12:57 A -- C:\WINDOWS\Prefetch\AIRWEBBAR_SOFT_PARTNER.TMP-2E640739.pf O45 - LFCP:[MD5.65ECF93F54EFFF4CF44EF09A2B267EA8] 2015/09/01 13:32:04 A -- C:\WINDOWS\Prefetch\AMT_OURSURFING.EXE-0A598EC5.pf O45 - LFCP:[MD5.4A254646AED4181131B623779E8F202D] 2015/09/01 18:44:27 A -- C:\WINDOWS\Prefetch\ANYPROTECT.EXE-7064871B.pf O45 - LFCP:[MD5.2AFDEDA1D54E04B3215A36DCACBCE403] 2015/09/01 16:53:12 A -- C:\WINDOWS\Prefetch\ASPACKAGE.EXE-AABAF2EA.pf O45 - LFCP:[MD5.D64F28353219A420108A216D40BDAE73] 2015/09/01 13:34:08 A -- C:\WINDOWS\Prefetch\BOBROWSER.EXE-0BB00155.pf O45 - LFCP:[MD5.3C0035EF27538136849FC84DCD71F829] 2015/09/01 15:05:40 A -- C:\WINDOWS\Prefetch\BOBROWSER.EXE-4BAC1A02.pf O45 - LFCP:[MD5.B633D0DDA86C5E4A1B9A5AAB6F203C60] 2015/09/01 13:33:55 A -- C:\WINDOWS\Prefetch\BOXORE.EXE-A21182E0.pf O45 - LFCP:[MD5.80128A730955AB2A1AA5585DABD7A402] 2015/09/01 17:13:49 A -- C:\WINDOWS\Prefetch\BUBBLE DOCK BSETUP.EXE-41E4CC21.pf O45 - LFCP:[MD5.BEC02CE5935060297B908E00A42AC46F] 2015/09/01 15:04:40 A -- C:\WINDOWS\Prefetch\BUBBLE DOCK BSETUP.EXE-4CBD86E4.pf O45 - LFCP:[MD5.848674CA88ECA50AA656F7D08062C4CF] 2015/09/01 18:18:09 A -- C:\WINDOWS\Prefetch\BUBBLE DOCK UNINSTALL.EXE-4AD38C0B.pf O45 - LFCP:[MD5.11E0F985297073D7B32008CC48D73C4F] 2015/09/01 18:18:19 A -- C:\WINDOWS\Prefetch\BUBBLE DOCK UNINSTALL.EXE-8B6D460D.pf O45 - LFCP:[MD5.30FE342D1AC8478E7DCF7B55675CD5B8] 2015/09/01 19:00:58 A -- C:\WINDOWS\Prefetch\CROSSBROWSE.EXE-3A672F00.pf O45 - LFCP:[MD5.0A0CB335F1838AFD628EDF844B9F5F0C] 2015/09/01 18:35:26 A -- C:\WINDOWS\Prefetch\DAILYPCCLEAN.EXE-8CEDC54B.pf O45 - LFCP:[MD5.6A5FC80C528839287C08261D3D54636D] 2015/09/01 18:35:26 A -- C:\WINDOWS\Prefetch\DAILYPCCLEAN.TMP-1BA831DF.pf O45 - LFCP:[MD5.C88DF63939CF726B697D541FAF9F0451] 2015/09/01 18:30:12 A -- C:\WINDOWS\Prefetch\DCYTDOWNLOADER.EXE-26D14E65.pf O45 - LFCP:[MD5.6B1F3BABC4EFDC389D21A3CF1A3F6823] 2015/07/27 20:01:24 A -- C:\WINDOWS\Prefetch\GAMESDESKTOP-FRINSTALLER.TMP-AC81C558.pf O45 - LFCP:[MD5.114291724479CEDEB6DC8D710C5DA110] 2015/09/01 19:14:09 A -- C:\WINDOWS\Prefetch\GLOBALUPDATE.EXE-A3071C5B.pf O45 - LFCP:[MD5.4EDBF4426637E08ADAC19E6EEA859613] 2015/09/01 18:39:43 A -- C:\WINDOWS\Prefetch\GLOBALUPDATE.EXE-C622A94D.pf O45 - LFCP:[MD5.4C42C76C5991DF1C5D8E4320B67D944A] 2015/09/01 19:14:09 A -- C:\WINDOWS\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-DFFDC96B.pf O45 - LFCP:[MD5.F2013CD5EDD23FF56FCA5685E3953303] 2015/09/01 18:37:33 A -- C:\WINDOWS\Prefetch\GMSD_FR_005010077.EXE-E1949E3A.pf O45 - LFCP:[MD5.85DD467F78E1590513166BADE4F2A7C8] 2015/09/01 15:04:33 A -- C:\WINDOWS\Prefetch\INSTALL_BUBBLEDOCK.EXE-073C7A63.pf O45 - LFCP:[MD5.30D34C32DF9919C66693F7C0E31C364B] 2015/09/01 18:30:12 A -- C:\WINDOWS\Prefetch\INS_IWEBAR.EXE-AC558DEE.pf O45 - LFCP:[MD5.4BE87A76A82B6880F47040BB98D02C28] 2015/09/01 18:32:16 A -- C:\WINDOWS\Prefetch\INS_SHOPPERPRO.EXE-AB3EE0CE.pf O45 - LFCP:[MD5.3026656DEACE2957D73CBCA414C6B650] 2015/09/01 17:02:20 A -- C:\WINDOWS\Prefetch\LBUBBLE DOCK.EXE-BF2BCF55.pf O45 - LFCP:[MD5.D50487743A42741085487228B9BA8810] 2015/09/01 13:31:54 A -- C:\WINDOWS\Prefetch\MBOT_FR_014010076.EXE-58D315D6.pf O45 - LFCP:[MD5.A79CC8E7C2023EEFFE214D610F0974DC] 2015/09/01 17:13:46 A -- C:\WINDOWS\Prefetch\MOVIEDEA.EXE-A437378C.pf O45 - LFCP:[MD5.340FEAE691958C427E6F06ADBA096771] 2015/09/01 17:12:37 A -- C:\WINDOWS\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-646668E7.pf O45 - LFCP:[MD5.C4975EFA13C74AAC25905907C2805B6D] 2015/09/01 17:12:37 A -- C:\WINDOWS\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-DF0900C1.pf O45 - LFCP:[MD5.E90DF69CC6AADBD268E1DACF83CDDE03] 2015/09/01 18:53:28 A -- C:\WINDOWS\Prefetch\PACKAGE_BUBBLESOUND_INSTALLER-402FD984.pf O45 - LFCP:[MD5.E564C13FF8F9BD173E9AC32CEFF2EBCA] 2015/09/01 17:13:15 A -- C:\WINDOWS\Prefetch\PACKAGE_BUBBLESOUND_INSTALLER-6D03940F.pf O45 - LFCP:[MD5.1C720361E63B87BBBABE0DF455FD4095] 2015/09/01 17:13:15 A -- C:\WINDOWS\Prefetch\PACKAGE_BUBBLESOUND_INSTALLER-C1D3DE50.pf O45 - LFCP:[MD5.C97BE6F0D36783E73C8D134113113513] 2015/09/01 15:12:32 A -- C:\WINDOWS\Prefetch\PCSULAUNCHER.EXE-DBB42F7E.pf O45 - LFCP:[MD5.57D431292BFD5DF437EE807DC6F2DE80] 2015/09/01 19:17:36 A -- C:\WINDOWS\Prefetch\PCSUNOTIFIER.EXE-FEAA7AA4.pf O45 - LFCP:[MD5.A7065EFE16FE4BEC6B5548CBAFFC621C] 2015/09/01 20:26:43 A -- C:\WINDOWS\Prefetch\PCSUSD.EXE-3ACE13C7.pf O45 - LFCP:[MD5.AF657D873B279133C542C73123116280] 2015/09/01 20:26:43 A -- C:\WINDOWS\Prefetch\PCSUSERVICE.EXE-F8C2A551.pf O45 - LFCP:[MD5.5C8A3AFA20C833780A48E680F9128529] 2015/09/01 20:26:43 A -- C:\WINDOWS\Prefetch\PCSUUCC.EXE-FD613CAB.pf O45 - LFCP:[MD5.A02C909088842DDC537061CD01FAECB2] 2015/09/01 18:50:01 A -- C:\WINDOWS\Prefetch\PREDM.EXE-4BE64711.pf O45 - LFCP:[MD5.F47C51F7E6A318F49429E5B41CAD3888] 2015/09/01 18:46:57 A -- C:\WINDOWS\Prefetch\PREDM.EXE-9CF16E46.pf O45 - LFCP:[MD5.B68FEE9C6B3D59E52B52CCAFBBE0A5B2] 2015/09/01 18:50:01 A -- C:\WINDOWS\Prefetch\PREDM.TMP-681B9AE5.pf O45 - LFCP:[MD5.101C6B5DDC08BDEF2D33F3BB4A3B53BD] 2015/09/01 18:44:59 A -- C:\WINDOWS\Prefetch\PREDM.TMP-C057C79E.pf O45 - LFCP:[MD5.996214D678984C6198B18471C2FC4FD9] 2015/09/01 18:46:57 A -- C:\WINDOWS\Prefetch\PREDM.TMP-D6112406.pf O45 - LFCP:[MD5.DA3FD96EEF3CA93C1E4856CB18CFA04B] 2015/09/01 17:10:36 A -- C:\WINDOWS\Prefetch\SELECTION TOOLS UNINSTALL.EXE-2A35CA98.pf O45 - LFCP:[MD5.06F77340FB7320D93EAD23C4B79AA3EF] 2015/09/01 17:02:20 A -- C:\WINDOWS\Prefetch\SELECTION TOOLS.EXE-AD0DD5E4.pf O45 - LFCP:[MD5.C8DCC47C6899AD322D4A99C352FD1ED9] 2015/09/01 19:08:14 A -- C:\WINDOWS\Prefetch\SMARTWEBAPP.EXE-45DB071F.pf O45 - LFCP:[MD5.B9EFFD9C91E268B7E530CE83728AD494] 2015/09/01 18:31:54 A -- C:\WINDOWS\Prefetch\SMARTWEBHELPER.EXE-ED9EB332.pf O45 - LFCP:[MD5.368CB8B22167B21334A708B87CE35A9D] 2015/09/01 20:27:01 A -- C:\WINDOWS\Prefetch\SPEEDCHECKERSERVICE.EXE-F35A4BE8.pf O45 - LFCP:[MD5.17888BD5881926D382F7130158644BC3] 2015/09/01 18:38:43 A -- C:\WINDOWS\Prefetch\UMBRELLA224.EXE-9D3AEA48.pf O45 - LFCP:[MD5.AA8D3F46A3425EBEACB09C191F313055] 2015/09/01 20:56:07 A -- C:\WINDOWS\Prefetch\UPGMSD_FR_005010077.EXE-C65F298B.pf O45 - LFCP:[MD5.6DA308955699ADBD5A1AA685D64054BE] 2015/09/01 13:35:06 A -- C:\WINDOWS\Prefetch\UPMBOT_FR_014010076.EXE-3AE37947.pf O45 - LFCP:[MD5.1C940A1BB1091859FBBD01C833903F28] 2015/09/01 18:01:03 A -- C:\WINDOWS\Prefetch\WDSMANPRO.EXE-2932C298.pf O45 - LFCP:[MD5.FE2D44F44A22C673767E3DF1AEC91873] 2015/09/01 18:35:05 A -- C:\WINDOWS\Prefetch\WDSMANPRO.EXE-35BDD9AC.pf O45 - LFCP:[MD5.68C8B0E0FE2A2AA28A918885CA1D98CB] 2015/09/01 18:35:05 A -- C:\WINDOWS\Prefetch\WPM_V20.0.0.2298.EXE-AD657288.pf O45 - LFCP:[MD5.BD55AE982A0CFF5075591B1AC429BCC6] 2015/09/01 13:32:52 A -- C:\WINDOWS\Prefetch\WPM_V20.0.0.2298.EXE-B1B642D6.pf O45 - LFCP:[MD5.285DC3390C5F48F5F71E54AF25E8124E] 2015/09/01 18:29:43 A -- C:\WINDOWS\Prefetch\YTDOWNLOADER.EXE-84EA474D.pf O61 - LFC: 2015/09/01 20:57:01 A . (.EVXHJ.) -- C:\Users\Alizée P\AppData\Local\Microsoft\Windows\INetCache\IE\N1Y8HJQW\Reimage[1].exe [717824] O61 - LFC: 2015/09/01 14:56:07 A . (..) -- C:\Users\Alizée P\AppData\Local\mbot_fr_014010076\Download\myoffergroup_fr.exe [1146880] O61 - LFC: 2015/09/01 18:29:18 A . (.Copyright (C) 2014.) -- C:\Users\Alizée P\AppData\Local\Installer\Install_8126\DCYTDownloader.exe [1446912] O61 - LFC: 2015/09/01 10:53:37 A . (..) -- C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077\upgmsd_fr_005010077.exe [3311248] O61 - LFC: 2015/09/01 17:08:34 A . (..) -- C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077\Download\myoffergroup_fr.exe [5165224] O61 - LFC: 2015/09/01 19:15:00 A . (..) -- C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077\Download\oasis.exe [385181] O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (.not file.) O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_bundle[...] O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_notBun[...] O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.internaldb.monetization_plugin_regBun[...] O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.name", "MyBrowser 1.0.2V01.09"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("extensions.a6a1a03975fde4c8690f6b883c36bc17d88519bfe704d8cae3851239com74253.74253.publisher", "MyBrowser 1.0.2V01.09"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("extensions.a9321b2762c2e4c5fbd04b8118e512707c0c8a2d632754caca0b252e936311db9com32850.32850.name", "Object Browser"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("extensions.crossrider.bic", "14f89d117b235e5c5dff8c97f89d1006"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("extensions.enabledAddons", "minibar%40go.im:9.30.5.1,9321b276-2c2e-4c5f-bd04-b8118e512707%40c0c8a2d6-3275-4cac-a0b2-52e[...] O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.BirthDate", "1441125198"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.LayoutId", "1"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.adapters", "{\"start.iminent.com\":{\"CountryCode\":\"FR\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminen[...] O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.cifs", "0"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.enableToolbar", "false"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.enabledAds", "obsolete"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"ad[...] O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.newtabredirect", "true"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.registerToolbarEvent102", "1441126902699"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.searchindex", "1"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.version", "9.30.5.1"); O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("iminent.versioning", "{\"CurrentVersion\":\"9.30.5.1\",\"InstallEventCTime\":1441134463930,\"InstallEvent\":\"True\"}")[...] O69 - SBI: prefs.js [Alizée P - ynlzrll5.default] user_pref("{0420BEC0-F2C1-4578-8F19-471B9E5C63A5}.ScriptData_product_name", "shopperz240820151333"); O69 - SBI: SearchScopes [HKCU] {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Trovi) - http://www.trovi.com/ O69 - SBI: SearchScopes [HKCU] {82EECC30-A59E-4F74-B976-FE40C92B9763} - (Bing.com) - http://www.trovi.com/ O90 - PUC: "93BAD29AC2E44034A96BCB446EB8552E" . (.globalupdate Helper.) SR - Auto [2015/08/26 11:57:04] [ 112560] (BrsHelper) . (...) - C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe SR - Auto [2015/08/21 10:41:32] [ 378152] GlobalUpdater (GlobalUpdater) . (.SIEN S.A..) - C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe SR - Auto [2015/08/21 10:41:32] [ 5325464] IMService (IMService) . (.Iminent.) - C:\Program Files (x86)\Common Files\Umbrella\Umbrella224.exe SR - Auto [2015/09/01 11:23:40] [ 1329664] Pre-formatted Flat Panel Monitor (misetufy) . (...) - C:\Program Files (x86)\4B3388FF-1441112486-11E4-A961-68F7285F0905\knssC8E1.tmpfs SR - Demand [2015/08/24 12:35:56] [ 2044280] Ooteeotoor (Ooteeotoor) . (...) - C:\Program Files\shopperz240820151333\Ooteeotoor.exe C:\Program Files (x86)\YTDownloader\BrowserHelperSrv.exe C:\Program Files (x86)\Common Files\IMGUpdater\IMGUpdater.exe C:\Program Files (x86)\Common Files\Umbrella\Umbrella224.exe C:\Program Files (x86)\MyBrowser 1.0.2V01.09\df57f450-e39f-4e2d-8b26-91826c57140a-1-6.exe C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077\upgmsd_fr_005010077.exe C:\Program Files (x86)\4B3388FF-1441112486-11E4-A961-68F7285F0905\knssC8E1.tmpfs C:\Program Files (x86)\MyBrowser 1.0.2V01.09\df57f450-e39f-4e2d-8b26-91826c57140a-64.exe C:\Program Files\shopperz240820151333\Ooteeotoor.exe C:\Users\Alizée P\AppData\Roaming\Mozilla\Firefox\Profiles\ynlzrll5.default\extensions\minibar@go.im.xpi C:\Users\Alizée P\AppData\Roaming\Mozilla\Firefox\Profiles\ynlzrll5.default\searchplugins\StartWeb.xml C:\Users\Alizée P\AppData\Roaming\Mozilla\Firefox\Profiles\ynlzrll5.default\searchplugins\trovi.xml C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\oursurfing.xml C:\Users\Alizée P\AppData\Roaming\Mozilla\Firefox\Profiles\ynlzrll5.default\extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com C:\WINDOWS\system32\Ooteeotoor64.dll C:\Program Files (x86)\4B3388FF-1441112486-11E4-A961-68F7285F0905 C:\Program Files (x86)\MyBrowser 1.0.2V01.09 C:\Program Files (x86)\Object Browser C:\Program Files (x86)\SFK C:\Program Files (x86)\YTDownloader C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY C:\ProgramData\cWdsManProc C:\ProgramData\MovieDeaConfig C:\ProgramData\QWdsManProQ C:\Program Files (x86)\Common Files\IMGUpdater C:\Program Files (x86)\Common Files\Umbrella C:\Users\Alizée P\AppData\Roaming\AnyProtectEx C:\Users\Alizée P\AppData\Roaming\mystartsearch C:\Users\Alizée P\AppData\Roaming\Nosibay C:\Users\Alizée P\AppData\Roaming\Store C:\Users\Alizée P\AppData\Local\BoBrowser C:\Users\Alizée P\AppData\Local\Boxore C:\Users\Alizée P\AppData\Local\BrowserHelper C:\Users\Alizée P\AppData\Local\Crossbrowse C:\Users\Alizée P\AppData\Local\globalUpdate C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077 C:\Users\Alizée P\AppData\Local\Installer C:\Users\Alizée P\AppData\Local\mbot_fr_014010076 C:\Users\Alizée P\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BubbleSound 1.0 C:\WINDOWS\Prefetch\3D BUBBLESOUND.EXE-0711FD62.pf C:\WINDOWS\Prefetch\3DBUBBLESOUND.EXE-E4C60AC2.pf C:\WINDOWS\Prefetch\62793.WINDAPP.MON001.NO.EXE-07860DCB.pf C:\WINDOWS\Prefetch\AIRWEBBAR_SOFT_PARTNER.EXE-AB75E768.pf C:\WINDOWS\Prefetch\AIRWEBBAR_SOFT_PARTNER.TMP-2E640739.pf C:\WINDOWS\Prefetch\AMT_OURSURFING.EXE-0A598EC5.pf C:\WINDOWS\Prefetch\ANYPROTECT.EXE-7064871B.pf C:\WINDOWS\Prefetch\ASPACKAGE.EXE-AABAF2EA.pf C:\WINDOWS\Prefetch\BOBROWSER.EXE-0BB00155.pf C:\WINDOWS\Prefetch\BOBROWSER.EXE-4BAC1A02.pf C:\WINDOWS\Prefetch\BOXORE.EXE-A21182E0.pf C:\WINDOWS\Prefetch\BUBBLE DOCK BSETUP.EXE-41E4CC21.pf C:\WINDOWS\Prefetch\BUBBLE DOCK BSETUP.EXE-4CBD86E4.pf C:\WINDOWS\Prefetch\BUBBLE DOCK UNINSTALL.EXE-4AD38C0B.pf C:\WINDOWS\Prefetch\BUBBLE DOCK UNINSTALL.EXE-8B6D460D.pf C:\WINDOWS\Prefetch\CROSSBROWSE.EXE-3A672F00.pf C:\WINDOWS\Prefetch\DAILYPCCLEAN.EXE-8CEDC54B.pf C:\WINDOWS\Prefetch\DAILYPCCLEAN.TMP-1BA831DF.pf C:\WINDOWS\Prefetch\DCYTDOWNLOADER.EXE-26D14E65.pf C:\WINDOWS\Prefetch\GAMESDESKTOP-FRINSTALLER.TMP-AC81C558.pf C:\WINDOWS\Prefetch\GLOBALUPDATE.EXE-A3071C5B.pf C:\WINDOWS\Prefetch\GLOBALUPDATE.EXE-C622A94D.pf C:\WINDOWS\Prefetch\GLOBALUPDATECRASHHANDLER.EXE-DFFDC96B.pf C:\WINDOWS\Prefetch\GMSD_FR_005010077.EXE-E1949E3A.pf C:\WINDOWS\Prefetch\INSTALL_BUBBLEDOCK.EXE-073C7A63.pf C:\WINDOWS\Prefetch\INS_IWEBAR.EXE-AC558DEE.pf C:\WINDOWS\Prefetch\INS_SHOPPERPRO.EXE-AB3EE0CE.pf C:\WINDOWS\Prefetch\LBUBBLE DOCK.EXE-BF2BCF55.pf C:\WINDOWS\Prefetch\MBOT_FR_014010076.EXE-58D315D6.pf C:\WINDOWS\Prefetch\MOVIEDEA.EXE-A437378C.pf C:\WINDOWS\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-646668E7.pf C:\WINDOWS\Prefetch\PACKAGE_AIRWEBBAR_INSTALLER_M-DF0900C1.pf C:\WINDOWS\Prefetch\PACKAGE_BUBBLESOUND_INSTALLER-402FD984.pf C:\WINDOWS\Prefetch\PACKAGE_BUBBLESOUND_INSTALLER-6D03940F.pf C:\WINDOWS\Prefetch\PACKAGE_BUBBLESOUND_INSTALLER-C1D3DE50.pf C:\WINDOWS\Prefetch\PCSULAUNCHER.EXE-DBB42F7E.pf C:\WINDOWS\Prefetch\PCSUNOTIFIER.EXE-FEAA7AA4.pf C:\WINDOWS\Prefetch\PCSUSD.EXE-3ACE13C7.pf C:\WINDOWS\Prefetch\PCSUSERVICE.EXE-F8C2A551.pf C:\WINDOWS\Prefetch\PCSUUCC.EXE-FD613CAB.pf C:\WINDOWS\Prefetch\PREDM.EXE-4BE64711.pf C:\WINDOWS\Prefetch\PREDM.EXE-9CF16E46.pf C:\WINDOWS\Prefetch\PREDM.TMP-681B9AE5.pf C:\WINDOWS\Prefetch\PREDM.TMP-C057C79E.pf C:\WINDOWS\Prefetch\PREDM.TMP-D6112406.pf C:\WINDOWS\Prefetch\SELECTION TOOLS UNINSTALL.EXE-2A35CA98.pf C:\WINDOWS\Prefetch\SELECTION TOOLS.EXE-AD0DD5E4.pf C:\WINDOWS\Prefetch\SMARTWEBAPP.EXE-45DB071F.pf C:\WINDOWS\Prefetch\SMARTWEBHELPER.EXE-ED9EB332.pf C:\WINDOWS\Prefetch\SPEEDCHECKERSERVICE.EXE-F35A4BE8.pf C:\WINDOWS\Prefetch\UMBRELLA224.EXE-9D3AEA48.pf C:\WINDOWS\Prefetch\UPGMSD_FR_005010077.EXE-C65F298B.pf C:\WINDOWS\Prefetch\UPMBOT_FR_014010076.EXE-3AE37947.pf C:\WINDOWS\Prefetch\WDSMANPRO.EXE-2932C298.pf C:\WINDOWS\Prefetch\WDSMANPRO.EXE-35BDD9AC.pf C:\WINDOWS\Prefetch\WPM_V20.0.0.2298.EXE-AD657288.pf C:\WINDOWS\Prefetch\WPM_V20.0.0.2298.EXE-B1B642D6.pf C:\WINDOWS\Prefetch\YTDOWNLOADER.EXE-84EA474D.pf C:\Users\Alizée P\AppData\Local\Microsoft\Windows\INetCache\IE\N1Y8HJQW\Reimage[1].exe C:\Users\Alizée P\AppData\Local\mbot_fr_014010076\Download\myoffergroup_fr.exe C:\Users\Alizée P\AppData\Local\Installer\Install_8126\DCYTDownloader.exe C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077\Download\myoffergroup_fr.exe C:\Users\Alizée P\AppData\Local\gmsd_fr_005010077\Download\oasis.exe HKLM\Software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E HKLM\Software\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E HKLM\SYSTEM\CurrentControlSet\Services\Ooteeotoor HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedCheckerService_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedCheckerService_RASMANCS HKLM\SYSTEM\CurrentControlSet\Services\BrsHelper HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate HKLM\SYSTEM\CurrentControlSet\Services\GlobalUpdater HKLM\SYSTEM\CurrentControlSet\Services\IMService HKLM\SYSTEM\CurrentControlSet\Services\misetufy HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} HKLM\SOFTWARE\Wow6432Node\379edbbb-dc68-4be3-87aa-34660f4c0bb2 HKLM\SOFTWARE\Wow6432Node\43e0fe39-4400-4ecb-9420-230a77957f5d HKLM\SOFTWARE\Wow6432Node\79c6fdef-7b00-413e-a3f3-95c2a8916018 HKLM\SOFTWARE\Wow6432Node\ArenaHD HKLM\SOFTWARE\Wow6432Node\Boxore HKLM\SOFTWARE\Wow6432Node\Clara HKLM\SOFTWARE\Wow6432Node\GAMESDESKTOP HKLM\SOFTWARE\Wow6432Node\GlobalUpdate HKLM\SOFTWARE\Wow6432Node\HighDefAction HKLM\SOFTWARE\Wow6432Node\IMGUpdater HKLM\SOFTWARE\Wow6432Node\InstalledBrowserExtensions HKLM\SOFTWARE\Wow6432Node\MYBESTOFFERSTODAY HKLM\SOFTWARE\Wow6432Node\MyBrowser 1.0.2V01.09-nv HKLM\SOFTWARE\Wow6432Node\MyBrowser 1.0.2V01.09-nv-ie HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware HKLM\SOFTWARE\Wow6432Node\Object Browser-nv HKLM\SOFTWARE\Wow6432Node\Object Browser-nv-ie HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware HKLM\SOFTWARE\Wow6432Node\SearchProtect HKLM\SOFTWARE\Wow6432Node\SPPDCOM HKLM\SOFTWARE\Wow6432Node\TermCoach_1.10.0.21 HKLM\SOFTWARE\Wow6432Node\Tutorials HKLM\SOFTWARE\Wow6432Node\Umbrella HKLM\SOFTWARE\Wow6432Node\WdsManPro HKLM\SOFTWARE\Wow6432Node\YorkNewCin HKCU\SOFTWARE\ArenaHD HKCU\SOFTWARE\Boxore HKCU\SOFTWARE\CrossBrowser HKCU\SOFTWARE\DailyPcClean HKCU\SOFTWARE\gamesdesktop HKCU\SOFTWARE\globalUpdate HKCU\SOFTWARE\HighDefAction HKCU\SOFTWARE\Iminent HKCU\SOFTWARE\InstalledBrowserExtensions HKCU\SOFTWARE\iWebar-nv-ie HKCU\SOFTWARE\MyBrowser 1.0.2V01.09 HKCU\SOFTWARE\MyBrowser 1.0.2V01.09-nv HKCU\SOFTWARE\MyBrowser 1.0.2V01.09-nv-ie HKCU\SOFTWARE\Nosibay HKCU\SOFTWARE\Object Browser-nv HKCU\SOFTWARE\Object Browser-nv-ie HKCU\SOFTWARE\Store HKCU\SOFTWARE\Tutorials HKCU\SOFTWARE\TutoTag HKCU\SOFTWARE\WTools HKCU\SOFTWARE\YorkNewCin HKCU\SOFTWARE\AppDataLow\Software\Crossrider [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified