A voir également:
- Aide pour supprimer les publicités
- Supprimer les publicités - Guide
- Supprimer une page word - Guide
- Supprimer compte instagram - Guide
- Comment récupérer les messages supprimés sur whatsapp - Guide
- Supprimer les cookies - Guide
14 réponses
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
27 mai 2015 à 20:19
27 mai 2015 à 20:19
ZHPCleaner
Désactiver l'Anti-virus
Ton moteur de recherche va se fermer il faudra le réouvrir pour poster les rapports
téléchargement : https://nicolascoolman.eu
- Cet outil ne nécessite aucune installation, il est très rapide car basé sur l'éxécution de scripts.
- Clique droit sur le dossier téléchargé
- Clique sur Scanner :
- Savoir que tous les navigateurs ou onglets ouvert seront fermés et qu'il faudra les remettre
- En cas de présence d'un proxy, un message apparaît avec la question suivante
- Avez-vous installé ce proxy ? suivi de l'adresse IP du proxy
- Si vous n'avez pas installé de Proxy, cliquer sur "NON" pour accepter la réparation du proxy.
- En cas de présence d'un serveur inconnu, un message peut apparaître avec la question suivante
- Avez-vous installé ce serveur ? suivi du nom du serveur
- Si vous n'avez pas installé de serveur,, cliquer sur "NON" pour accepter la réparation
- Fournir le rapport
Désactiver l'Anti-virus
Ton moteur de recherche va se fermer il faudra le réouvrir pour poster les rapports
téléchargement : https://nicolascoolman.eu
- Cet outil ne nécessite aucune installation, il est très rapide car basé sur l'éxécution de scripts.
- Clique droit sur le dossier téléchargé
- Clique sur Scanner :
- Savoir que tous les navigateurs ou onglets ouvert seront fermés et qu'il faudra les remettre
- En cas de présence d'un proxy, un message apparaît avec la question suivante
- Avez-vous installé ce proxy ? suivi de l'adresse IP du proxy
- Si vous n'avez pas installé de Proxy, cliquer sur "NON" pour accepter la réparation du proxy.
- En cas de présence d'un serveur inconnu, un message peut apparaître avec la question suivante
- Avez-vous installé ce serveur ? suivi du nom du serveur
- Si vous n'avez pas installé de serveur,, cliquer sur "NON" pour accepter la réparation
- Fournir le rapport
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
29 mai 2015 à 07:46
29 mai 2015 à 07:46
Ne fais pas nettoyer ni réparer pour l'instant..
Tu connais xtab?
ENCONTRADOS archivo: C:\Program Files (x86)\XTab\skin (Adware.AgentODR) --
Si problème il y a il existe toujours une solution
~~~~~~ Cs ~~~~~~
Tu connais xtab?
ENCONTRADOS archivo: C:\Program Files (x86)\XTab\skin (Adware.AgentODR) --
Si problème il y a il existe toujours une solution
~~~~~~ Cs ~~~~~~
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
29 mai 2015 à 08:50
29 mai 2015 à 08:50
C'est une extension sur chrome
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
29 mai 2015 à 23:12
29 mai 2015 à 23:12
Fais réparer
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
DazoteYT
Messages postés
155
Date d'inscription
mardi 2 juin 2015
Statut
Membre
Dernière intervention
27 juillet 2015
7
2 juin 2015 à 11:59
2 juin 2015 à 11:59
Salut, je vais faire court, pour commencer désinstale tout tes adwares, tu met comme pilote seulement Adblock Ou Adblock +. Si les problèmes persistes, il n'y a plus que deux solutions, soit la désinféctation de ton pc, soit le reformatage qui je pence dans ton cas est la meilleur solution ! ;)
cabrier
Messages postés
5591
Date d'inscription
dimanche 7 août 2011
Statut
Contributeur sécurité
Dernière intervention
27 octobre 2020
702
2 juin 2015 à 12:52
2 juin 2015 à 12:52
Hey !
Il y a d'autres solutions à explorer moins contraignantes qu'un "reformatage" !
Laisse lili continuer, je ne doute pas qu'elle te donnes la solution.
@+
Il y a d'autres solutions à explorer moins contraignantes qu'un "reformatage" !
Laisse lili continuer, je ne doute pas qu'elle te donnes la solution.
@+
DazoteYT
Messages postés
155
Date d'inscription
mardi 2 juin 2015
Statut
Membre
Dernière intervention
27 juillet 2015
7
2 juin 2015 à 13:35
2 juin 2015 à 13:35
A remettre le pc a état d'usine, comme quand vous venez de l'acheter !
claudie7
>
DazoteYT
Messages postés
155
Date d'inscription
mardi 2 juin 2015
Statut
Membre
Dernière intervention
27 juillet 2015
2 juin 2015 à 19:54
2 juin 2015 à 19:54
Il n'y aurait pas une solution moins contraignante à la place ?
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
2 juin 2015 à 13:47
2 juin 2015 à 13:47
Claudie
Refais moi le point
Refais moi le point
D'accord, alors en voulant télécharger une série, pleins de adwares ce sont installés sur mon pc, je les ai supprimé pour la plupart via le panneau de configuration mais crossbrowe demeurait. De plus beaucoup de publicités ce sont invitées dans mon navigateur, mozilla, ce qui l'a rendu très lent. Puis j'ai utilisé ZHPCleaner qui m'a débarrasser de crossbrowe, scanner/réparer, mais pas des publicités intempestives qui continuent de ralentir mon navigateur.Voilà
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
2 juin 2015 à 19:59
2 juin 2015 à 19:59
Peux tu établir un diagnostic avec zhpdiag
Oui le voici,
~ Rapport de ZHPDiag v2015.5.31.53 - Nicolas Coolman (31/05/2015)
~ Lancé par Claudie (02/06/2015 20:20:22)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801
MFIE: Mozilla Firefox 38.0.1 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Logiciels de protection du système
Microsoft Security Client v4.8.0204.0
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader XI
---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3818 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 89 GB (31%) free of 283 GB
---\\ Mode de connexion au système
~ Computer Name: CLAUDIE-PC
~ User Name: Claudie
~ All Users Names: Invitado, HomeGroupUser$, Claudie, Administrador,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Claudie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Claudie\AppData\Roaming\
~ %Desktop% : C:\Users\Claudie\Desktop\
~ %Favorites% : C:\Users\Claudie\Favorites\
~ %LocalAppData% : C:\Users\Claudie\AppData\Local\
~ %StartMenu% : C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 89 Go of 283 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorador de Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicación de inicio de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensiones de Internet para Win32.) (.21/04/2015 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicación de inicio de sesión de Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de licencias de software.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Controlador de puerto de i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Controlador del sistema de archivos NTFS.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Controlador de puerto paralelo.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Controlador de instantánea de volumen.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1724
~ Mes musiques (My Musics) : 19/667
~ Mes Videos (My Videos) : 1/128
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 5/734
~ Mon Bureau (My Desktop) : 1/19
~ Menu demarrer (Programs) : 1/5
~ Hidden Files: Scanned in 00mn 05s
---\\ Processus lancés
[MD5.A824317EA303679481EF1039A5D66212] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.1532]
[MD5.4EA63B2AF94A69E5D89D25D45BF8C8D8] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176] [PID.2352]
[MD5.0D360F06B168A6F37ACA9D9F958245DA] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.3364]
[MD5.9ABC4E3B00CFA3A47D5569F5B49FE42F] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1103440] [PID.3392]
[MD5.D474767D4805CEF801AF6D4AEED1F9E3] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.3524]
[MD5.4AB15690A90D8AD0642FAB1FBF03804F] - (.LeapFrog Enterprises, Inc. - Monitor Application.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [295304] [PID.3672]
[MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.3680]
[MD5.CC29FDF0E680C0F3531C9F2A834CA2A6] - (.VideoLAN - VLC media player 2.1.5.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [126995] [PID.5072]
[MD5.14CF73D771FA977A9F1CBAA5C301F912] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.2892]
[MD5.D20916C6EA423DE829717357BE09731C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [270960] [PID.4160]
[MD5.66F6B3894132CC3D347CB85FBAE48D57] - (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe [1892528] [PID.3040]
[MD5.F3198BA5BA8CC86D3F2DEA8C2ACA7385] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8212992] [PID.160]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1592]
[MD5.9DD3A22F804697606C2B7FF9E912FF6B] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [353360] [PID.1440]
[MD5.21ACFD2B4BF6C0F4D9080A437E400E88] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [418896] [PID.1644]
[MD5.C9B2D1D3F86FD3673EF847DEF73B6F9E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [36456] [PID.388]
[MD5.C8158791418A749F981D1423C74BA4EE] - (.LeapFrog Enterprises, Inc. - CommandService Application.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7392136] [PID.1704]
[MD5.B705C7097F9A0EC941D02DCE7C7D426C] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624] [PID.2060]
[MD5.1873214666F6F0A883742DF91FBC48C9] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832] [PID.2156]
[MD5.CECFDE5D3701B2D914862F5E6C3DFE18] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [211104] [PID.2392]
[MD5.3B43F4F67F3C539C3BBF40A552A12B5E] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93040] [PID.2444]
[MD5.4E1BB8A9CCDB4BAF41F7F9A930EB121D] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [534184] [PID.2492]
[MD5.B4D1D62A09F09CB2DFD55628350CDAFB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822496] [PID.2752]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Claudie\AppData\Roaming\Mozilla\Firefox\Profiles\1xq6g3o0.default-1432043555660\prefs.js
M2 - MFEP: RegExtension {B64D9B05-48E1-4CEB-BF58-E0643994E900} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ (.not file.)
M0 - MFSP: prefs.js [Claudie - 1xq6g3o0.default-1432043555660] http://www.google.fr
M2 - MFEP: Extension [Claudie - 1xq6g3o0.default-1432043555660] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.11.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
~ Firefox Browser: 22 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Explorador de Internet.) (11.00.9600.17631 (winblue_r7.150111-1500)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 19 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.) =>Toolbar.Bing
~ BHO: 1 Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acheter en ligne.lnk . (...) -- C:\Program Files (x86)\Accessory Store\StartUrl.exe (.not file.)
~ Global Startup: 1 Scanned in 00mn 04s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [DesktopSearch] C:\ProgramData\DesktopSearch\DesktopSearch.exe (.not file.)
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe =>.Symantec Corporation
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Monitor] . (.LeapFrog Enterprises, Inc. - Monitor Application.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [stv_fr_18] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® Installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® Installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® Installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® Installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-2303779101-1737599147-2988863568-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-2303779101-1737599147-2988863568-1001\..\Run: [DesktopSearch] C:\ProgramData\DesktopSearch\DesktopSearch.exe (.not file.)
O4 - HKUS\S-1-5-21-2303779101-1737599147-2988863568-1001\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Proveedor de correcciones de compatibilidad (shim) de nomenclaturas de co.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Proveedor de espacio de nombres PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Proveedor de espacio de nombres PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Proveedor de servicios de Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{158A3509-0F27-4438-BBD2-8A4FE49BA1A2}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D6ECE21-4C46-4E93-B529-C8213EC74FF5}: DhcpNameServer = 212.27.40.244 212.27.40.245
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF259E09-9C44-4038-ABA2-F8C398209002}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{158A3509-0F27-4438-BBD2-8A4FE49BA1A2}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{5D6ECE21-4C46-4E93-B529-C8213EC74FF5}: DhcpNameServer = 212.27.40.244 212.27.40.245
O17 - HKLM\System\CS1\Services\Tcpip\..\{CF259E09-9C44-4038-ABA2-F8C398209002}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{158A3509-0F27-4438-BBD2-8A4FE49BA1A2}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{5D6ECE21-4C46-4E93-B529-C8213EC74FF5}: DhcpNameServer = 212.27.40.244 212.27.40.245
O17 - HKLM\System\CS2\Services\Tcpip\..\{CF259E09-9C44-4038-ABA2-F8C398209002}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visor HTML de Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C:\Windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\system32\CxAudMsg64.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: LeapFrog Connect Device Service (LeapFrog Connect Device Service) . (.LeapFrog Enterprises, Inc. - CommandService Application.) - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: Live Updater Service (Live Updater Service) . (.Acer Incorporated - Updater Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NTI Corporation - Backup Manager Module.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
~ Services: 13 Scanned in 00mn 11s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job [390]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Acer Registration - Reminder Recall task [390]
O39 - APT: - (..) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [838]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [838]
~ Scheduled Task: 2 Scanned in 00mn 00s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos del Reproductor de Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de temas de Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Procesador de comandos de Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensión del shell para FTP de Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos del Reproductor de Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilidad de inicialización por usuario de IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Archivo DLL común del shell de Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilidad de inicialización por usuario de IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (innfd_1_10_0_14) . (. - .) - C:\Windows\System32\drivers\innfd_1_10_0_14.sys (.not file.)
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Mini Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Programador de paquetes QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Controlador del subsistema de almacenamient.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (tbfd_1_10_0_16) . (. - .) - C:\Windows\System32\drivers\tbfd_1_10_0_16.sys (.not file.) =>PUP.TermBlazer
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: Entorno de compatibilidad con proveedores de servicios no IFS de Windows Socket 2.0 (ws2ifsl) . (.Microsoft Corporation - Nivel IFS de Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 78 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Media Foundation Decoders - (.ATI Technologies Inc..) [HKLM][64Bits] -- {2E12FEB9-11CD-5B44-D51B-0837225A6594}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {3605D89A-BD66-F5C5-779B-BE9110B41077}
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.11) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {28791292-D18D-42FA-AE66-3D3D20AA8618}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5ED7462B-EF58-4757-B609-53755021EC34}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: Free YouTube to MP3 Converter version 3.12.44.910 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free YouTube to MP3 Converter_is1
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {7A2BB1C8-903D-4585-9F3B-CADD67D07D37}
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {BB05590A-6602-43F3-A400-77EA0976BC0A}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03. - (.Leapfrog.) [HKLM][64Bits] -- 8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}
~ Logic: 40 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\45918InstEnd]
[HKCU\Software\AOL]
[HKCU\Software\ATI]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Feven Pro 1.1] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\HappyLyrics] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Baidu Security]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\Cyberlink]
[HKCU\Software\DSP-worx]
[HKCU\Software\David Esperalta]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Dritek]
[HKCU\Software\Foxit Software]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hyper-Practical]
[HKCU\Software\ICSW1.8]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kromtech]
[HKCU\Software\LAV]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Policies]
[HKCU\Software\PowerPack]
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\RealNetworks]
[HKCU\Software\Skype]
[HKCU\Software\Software]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\WTools] =>PUP.Nosibay
[HKCU\Software\WebApp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\mozilla]
[HKCU\Software\sidecom] =>PUP.Sidecom
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Baidu Security]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\DivX]
[HKLM\Software\EgisTec IPS]
[HKLM\Software\EgisTec Shredder]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\McFPDetect]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\OemSetup]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TuneUp]
[HKLM\Software\Wow6432Node\AIM Toolbar]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\DivX]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\EgisTec IPS]
[HKLM\Software\Wow6432Node\EgisTec MyWinLockerSuite]
[HKLM\Software\Wow6432Node\EgisTec MyWinLocker]
[HKLM\Software\Wow6432Node\EgisTec Shredder]
[HKLM\Software\Wow6432Node\Evernote]
[HKLM\Software\Wow6432Node\FUHU, Inc.]
[HKLM\Software\Wow6432Node\Feven Pro 1.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Foxit Software]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lame For Audacity]
[HKLM\Software\Wow6432Node\LeapFrog]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RealNetworks]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\S3R521]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SpeedBit]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\VirualDiskRedist]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\Xing Technology Corp.]
[HKLM\Software\Wow6432Node\Xvid Team]
[HKLM\Software\Wow6432Node\afplanet]
[HKLM\Software\Wow6432Node\hdcode]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\winzipersvc] =>Adware.D365
[HKLM\Software\Wow6432Node]
~ Key Software: 227 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/02/2012 - 20:45:49 - [] ----D C:\Program Files (x86)\Acer
O43 - CFD: 19/10/2011 - 05:15:32 - [] ----D C:\Program Files (x86)\Acer Games
O43 - CFD: 08/01/2014 - 19:16:01 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 16/02/2012 - 20:15:09 - [] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 27/11/2013 - 15:01:52 - [0] ----D C:\Program Files (x86)\AnglaisFacile.com
O43 - CFD: 08/12/2012 - 17:38:57 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 16/05/2015 - 15:01:30 - [0] ----D C:\Program Files (x86)\app_setup
O43 - CFD: 16/02/2012 - 20:14:42 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 20/05/2015 - 15:46:47 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 08/12/2012 - 17:37:48 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 24/05/2015 - 13:45:35 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 16/05/2015 - 15:14:42 - [0] ----D C:\Program Files (x86)\ConnectPC
O43 - CFD: 16/05/2015 - 16:16:53 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 16/02/2012 - 20:35:55 - [] ----D C:\Program Files (x86)\Cyberlink
O43 - CFD: 12/04/2015 - 18:19:45 - [] ----D C:\Program Files (x86)\DivX
O43 - CFD: 01/03/2014 - 21:15:55 - [] ----D C:\Program Files (x86)\DSP-worx
O43 - CFD: 16/02/2012 - 20:23:58 - [] ----D C:\Program Files (x86)\EgisTec IPS
O43 - CFD: 16/02/2012 - 20:24:24 - [] ----D C:\Program Files (x86)\EgisTec MyWinLocker
O43 - CFD: 16/02/2012 - 20:22:32 - [] ----D C:\Program Files (x86)\EgisTec MyWinLockerSuite
O43 - CFD: 16/02/2012 - 20:25:20 - [] ----D C:\Program Files (x86)\EgisTec Shredder
O43 - CFD: 19/10/2011 - 05:16:56 - [] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 19/10/2011 - 06:13:05 - [] ----D C:\Program Files (x86)\Fooz Kids
O43 - CFD: 08/02/2015 - 10:40:39 - [] ----D C:\Program Files (x86)\Foxit Software
O43 - CFD: 24/05/2015 - 13:38:03 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 24/05/2015 - 19:39:57 - [] ----D C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches
O43 - CFD: 16/02/2012 - 20:43:06 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 23/05/2015 - 13:44:03 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 08/02/2015 - 00:40:54 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 01/03/2014 - 21:16:26 - [] ----D C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 16/02/2012 - 20:11:17 - [] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 25/08/2013 - 12:12:23 - [] ----D C:\Program Files (x86)\LeapFrog
O43 - CFD: 16/03/2014 - 07:49:22 - [] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 16/02/2012 - 20:19:29 - [] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 16/05/2015 - 15:43:16 - [] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 12/11/2012 - 22:14:08 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 16/05/2015 - 15:33:04 - [] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 02/09/2012 - 17:09:02 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 28/05/2015 - 19:07:48 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 20/05/2015 - 16:43:11 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 19/10/2011 - 06:14:34 - [] ----D C:\Program Files (x86)\newsXpresso
O43 - CFD: 16/02/2012 - 20:27:59 - [] ----D C:\Program Files (x86)\NTI
O43 - CFD: 30/08/2012 - 13:56:10 - [] ----D C:\Program Files (x86)\OEM
O43 - CFD: 07/04/2013 - 15:26:11 - [] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 01/03/2014 - 21:15:57 - [] ----D C:\Program Files (x86)\OpenSource Flash Video Splitter
O43 - CFD: 18/11/2012 - 18:31:28 - [] ----D C:\Program Files (x86)\Real
O43 - CFD: 19/10/2011 - 04:37:39 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 19/10/2011 - 06:03:00 - [] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 14/02/2015 - 00:21:59 - [] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 16/06/2014 - 12:50:48 - [] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 26/02/2014 - 15:41:21 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 10/07/2013 - 10:47:30 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 27/11/2013 - 15:36:04 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 17/02/2012 - 04:58:52 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 11/03/2015 - 17:33:39 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 17/02/2012 - 04:58:52 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 17/02/2012 - 04:58:52 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 28/05/2015 - 19:08:01 - [0] ----D C:\Program Files (x86)\WinZipper
O43 - CFD: 02/06/2015 - 20:19:10 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 08/01/2014 - 19:16:20 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 19/10/2011 - 06:13:03 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 08/02/2015 - 00:40:27 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 16/02/2012 - 20:15:03 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 15/05/2014 - 13:39:46 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 20/05/2015 - 16:01:02 - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 16/02/2012 - 20:23:51 - [] ----D C:\Program Files (x86)\Common Files\EgisTec
O43 - CFD: 16/02/2012 - 20:26:37 - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 01/09/2012 - 17:46:54 - [] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 27/11/2013 - 15:12:20 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 03/09/2012 - 17:44:21 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 19/10/2011 - 05:24:10 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 23/10/2013 - 15:09:09 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 16/01/2015 - 16:54:25 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 19/10/2011 - 05:23:15 - [] ----D C:\ProgramData\Acer
O43 - CFD: 08/01/2014 - 19:16:07 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 06/09/2014 - 16:58:59 - [] ----D C:\ProgramData\Apple
O43 - CFD: 08/12/2012 - 17:40:40 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 19/10/2011 - 06:09:45 - [] ----D C:\ProgramData\BackupManager
O43 - CFD: 20/05/2015 - 15:44:57 - [] ----D C:\ProgramData\Baidu
O43 - CFD: 29/05/2015 - 20:39:03 - [0] ----D C:\ProgramData\Baidu Security
O43 - CFD: 01/06/2015 - 21:45:57 - [] ----D C:\ProgramData\clear.fi
O43 - CFD: 16/02/2012 - 20:39:41 - [] ----D C:\ProgramData\CLSK
O43 - CFD: 02/12/2012 - 23:18:17 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 17/06/2014 - 11:42:18 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Datos de programa
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 08/02/2015 - 00:42:23 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 16/02/2012 - 20:48:36 - [] ----D C:\ProgramData\EgisTec
O43 - CFD: 16/02/2012 - 20:58:24 - [] ----D C:\ProgramData\EgisTec IPS
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Escritorio
O43 - CFD: 19/10/2011 - 05:16:40 - [0] ----D C:\ProgramData\Evernote
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Favoritos
O43 - CFD: 16/02/2012 - 20:26:40 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 19/10/2011 - 06:13:06 - [] ----D C:\ProgramData\Fooz Kids
O43 - CFD: 25/08/2013 - 12:07:35 - [] ----D C:\ProgramData\Leapfrog
O43 - CFD: 15/03/2014 - 13:59:01 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 24/10/2013 - 11:12:29 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Menú Inicio
O43 - CFD: 21/12/2014 - 14:21:18 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 12/09/2012 - 15:13:19 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 16/05/2015 - 21:52:27 - [] ----D C:\ProgramData\NetEngine =>PUP.NetEngine
O43 - CFD: 19/10/2011 - 06:14:39 - [] ----D C:\ProgramData\newsXpresso
O43 - CFD: 16/02/2012 - 20:29:29 - [] ----D C:\ProgramData\NTI Launcher
O43 - CFD: 30/08/2012 - 14:00:50 - [] ----D C:\ProgramData\oem
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Plantillas
O43 - CFD: 18/11/2012 - 18:31:27 - [] ----D C:\ProgramData\Real
O43 - CFD: 24/05/2015 - 13:45:45 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 19/10/2011 - 06:03:00 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 16/02/2012 - 20:40:12 - [] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 16/06/2014 - 12:52:40 - [] ----D C:\ProgramData\TomTom
O43 - CFD: 02/12/2012 - 23:18:50 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 18/11/2012 - 16:50:50 - [] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 20/05/2015 - 15:32:37 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 24/05/2015 - 14:30:26 - [] ----D C:\ProgramData\{6b4b7a09-046b-f7d5-6b4b-b7a09046e824}
O43 - CFD: 02/12/2012 - 23:18:17 - [] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 19/10/2011 - 04:30:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 19/10/2011 - 06:02:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
O43 - CFD: 19/10/2011 - 06:08:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
O43 - CFD: 16/02/2012 - 20:42:12 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
O43 - CFD: 16/02/2012 - 20:08:53 - [] ---AD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
O43 - CFD: 14/07/2009 - 06:57:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/02/2012 - 20:14:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
O43 - CFD: 21/10/2013 - 21:16:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnglaisFacile.com
O43 - CFD: 16/02/2012 - 20:36:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi
O43 - CFD: 16/02/2012 - 20:25:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
O43 - CFD: 19/10/2011 - 05:17:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
O43 - CFD: 20/05/2015 - 15:32:32 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 01/03/2014 - 21:16:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 08/02/2015 - 00:42:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 14/07/2009 - 06:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/08/2012 - 13:55:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
O43 - CFD: 19/10/2011 - 06:14:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newsXpresso
O43 - CFD: 19/10/2011 - 06:03:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup =>.Symantec Corporation
O43 - CFD: 16/02/2012 - 20:29:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
O43 - CFD: 07/04/2013 - 15:27:31 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
O43 - CFD: 24/10/2013 - 11:11:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 21/11/2010 - 09:16:41 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/02/2015 - 00:21:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
O43 - CFD: 11/04/2015 - 16:42:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 02/06/2015 - 20:19:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 16/05/2015 - 20:22:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZSoft
O43 - CFD: 04/10/2012 - 18:37:56 - [] ----D C:\Users\Claudie\AppData\Roaming\Adobe
O43 - CFD: 13/11/2013 - 17:13:23 - [] ----D C:\Users\Claudie\AppData\Roaming\Apple Computer
O43 - CFD: 28/05/2015 - 20:17:18 - [] ----D C:\Users\Claudie\AppData\Roaming\Baidu
O43 - CFD: 20/05/2015 - 15:44:56 - [] ----D C:\Users\Claudie\AppData\Roaming\BavMini
O43 - CFD: 01/03/2014 - 21:16:31 - [] ----D C:\Users\Claudie\AppData\Roaming\CDXReader
O43 - CFD: 17/06/2014 - 11:42:15 - [] ----D C:\Users\Claudie\AppData\Roaming\CyberLink
O43 - CFD: 20/05/2015 - 16:00:57 - [0] ----D C:\Users\Claudie\AppData\Roaming\DVDVideoSoft
O43 - CFD: 12/04/2015 - 18:09:34 - [] ----D C:\Users\Claudie\AppData\Roaming\Foxit Software
O43 - CFD: 18/11/2014 - 22:00:07 - [] ----D C:\Users\Claudie\AppData\Roaming\GeoGebra 4.4
O43 - CFD: 20/02/2013 - 15:08:09 - [] ----D C:\Users\Claudie\AppData\Roaming\Hyperpractical
O43 - CFD: 30/08/2012 - 13:59:46 - [] ----D C:\Users\Claudie\AppData\Roaming\Identities
O43 - CFD: 01/03/2014 - 21:16:33 - [] ----D C:\Users\Claudie\AppData\Roaming\LavFilters
O43 - CFD: 19/10/2011 - 06:13:03 - [] ----D C:\Users\Claudie\AppData\Roaming\Macromedia
O43 - CFD: 15/03/2014 - 13:59:16 - [] ----D C:\Users\Claudie\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - 09:16:41 - [0] ----D C:\Users\Claudie\AppData\Roaming\Media Center Programs
O43 - CFD: 16/05/2015 - 15:07:31 - [] -S--D C:\Users\Claudie\AppData\Roaming\Microsoft
O43 - CFD: 12/09/2012 - 15:14:58 - [] ----D C:\Users\Claudie\AppData\Roaming\Mozilla
O43 - CFD: 07/04/2013 - 15:27:47 - [] ----D C:\Users\Claudie\AppData\Roaming\OpenOffice.org
O43 - CFD: 17/05/2013 - 21:48:16 - [] ----D C:\Users\Claudie\AppData\Roaming\player
O43 - CFD: 07/09/2014 - 16:07:48 - [] ----D C:\Users\Claudie\AppData\Roaming\PowerCinema
O43 - CFD: 18/11/2012 - 18:31:17 - [] ----D C:\Users\Claudie\AppData\Roaming\Real
O43 - CFD: 24/05/2015 - 13:44:49 - [] ----D C:\Users\Claudie\AppData\Roaming\Skype
O43 - CFD: 11/03/2015 - 18:32:23 - [] ----D C:\Users\Claudie\AppData\Roaming\SoftGrid Client
O43 - CFD: 16/06/2014 - 12:52:36 - [] ----D C:\Users\Claudie\AppData\Roaming\TomTom
O43 - CFD: 12/11/2012 - 22:16:17 - [0] ----D C:\Users\Claudie\AppData\Roaming\TP
O43 - CFD: 02/12/2012 - 23:18:49 - [] ----D C:\Users\Claudie\AppData\Roaming\TuneUp Software
O43 - CFD: 02/06/2015 - 13:06:51 - [] ----D C:\Users\Claudie\AppData\Roaming\vlc
O43 - CFD: 20/05/2015 - 15:32:36 - [] ----D C:\Users\Claudie\AppData\Roaming\WildTangent
O43 - CFD: 15/09/2012 - 15:38:15 - [0] ----D C:\Users\Claudie\AppData\Roaming\Windows Live Writer
O43 - CFD: 16/05/2015 - 16:45:15 - [0] ----D C:\Users\Claudie\AppData\Roaming\WTools =>PUP.Nosibay
O43 - CFD: 02/06/2015 - 20:21:02 - [] ----D C:\Users\Claudie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 24/05/2015 - 14:34:20 - [0] ----D C:\Users\Claudie\AppData\Local\670A1AB5-1431789339-E111-9DD7-DC0EA197F0EA
O43 - CFD: 30/08/2012 - 13:56:04 - [] ----D C:\Users\Claudie\AppData\Local\Acer
O43 - CFD: 08/02/2015 - 10:05:29 - [] ----D C:\Users\Claudie\AppData\Local\Adobe
O43 - CFD: 08/12/2012 - 17:39:01 - [] ----D C:\Users\Claudie\AppData\Local\Apple
O43 - CFD: 12/02/2013 - 20:54:54 - [] ----D C:\Users\Claudie\AppData\Local\Apple Computer
O43 - CFD: 30/08/2012 - 13:55:36 - [] -SH-D C:\Users\Claudie\AppData\Local\Archivos temporales de Internet
O43 - CFD: 23/02/2014 - 18:58:27 - [] ----D C:\Users\Claudie\AppData\Local\Big Fish
O43 - CFD: 16/05/2015 - 16:18:42 - [] ----D C:\Users\Claudie\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 18/03/2013 - 13:52:56 - [] ----D C:\Users\Claudie\AppData\Local\Cyberlink
O43 - CFD: 30/08/2012 - 13:55:36 - [] -SH-D C:\Users\Claudie\AppData\Local\Datos de programa
O43 - CFD: 23/04/2015 - 09:27:31 - [] ----D C:\Users\Claudie\AppData\Local\Diagnostics
O43 - CFD: 14/02/2015 - 00:19:05 - [] ----D C:\Users\Claudie\AppData\Local\Downloaded Installations
O43 - CFD: 30/08/2012 - 14:05:41 - [] ----D C:\Users\Claudie\AppData\Local\EgisTec IPS
O43 - CFD: 27/08/2014 - 22:36:27 - [0] ----D C:\Users\Claudie\AppData\Local\ElevatedDiagnostics
O43 - CFD: 12/04/2015 - 18:10:55 - [] -SH-D C:\Users\Claudie\AppData\Local\EmieBrowserModeList
O43 - CFD: 22/04/2014 - 18:18:37 - [] -SH-D C:\Users\Claudie\AppData\Local\EmieSiteList
O43 - CFD: 22/04/2014 - 18:18:37 - [] -SH-D C:\Users\Claudie\AppData\Local\EmieUserList
O43 - CFD: 23/05/2015 - 13:42:57 - [] ----D C:\Users\Claudie\AppData\Local\Google
O43 - CFD: 30/08/2012 - 13:55:36 - [] -SH-D C:\Users\Claudie\AppData\Local\Historial
O43 - CFD: 12/09/2012 - 18:58:36 - [] ----D C:\Users\Claudie\AppData\Local\Macromedia
O43 - CFD: 21/02/2015 - 21:02:38 - [] ----D C:\Users\Claudie\AppData\Local\Microsoft
O43 - CFD: 19/11/2014 - 16:12:58 - [] ----D C:\Users\Claudie\AppData\Local\Microsoft Games
O43 - CFD: 03/10/2013 - 09:46:15 - [] ----D C:\Users\Claudie\AppData\Local\Mozilla
O43 - CFD: 15/07/2014 - 13:24:35 - [] ----D C:\Users\Claudie\AppData\Local\Packages
O43 - CFD: 20/04/2015 - 00:20:02 - [] ----D C:\Users\Claudie\AppData\Local\PowerCinema
O43 - CFD: 21/10/2013 - 13:26:07 - [] ----D C:\Users\Claudie\AppData\Local\Programs
O43 - CFD: 27/02/2014 - 21:35:55 - [] ----D C:\Users\Claudie\AppData\Local\Skype
O43 - CFD: 12/11/2012 - 22:16:01 - [] ----D C:\Users\Claudie\AppData\Local\SoftGrid Client
O43 - CFD: 02/06/2015 - 20:19:14 - [] ----D C:\Users\Claudie\AppData\Local\Temp
O43 - CFD: 16/06/2014 - 12:52:36 - [] ----D C:\Users\Claudie\AppData\Local\TomTom
O43 - CFD: 23/10/2013 - 16:55:15 - [0] ----D C:\Users\Claudie\AppData\Local\Updater19962 =>PUP.CrossRider
O43 - CFD: 03/12/2012 - 20:49:25 - [] ----D C:\Users\Claudie\AppData\Local\VirtualStore
O43 - CFD: 15/09/2012 - 15:38:26 - [] ----D C:\Users\Claudie\AppData\Local\Windows Live Writer
O43 - CFD: 11/03/2015 - 17:38:29 - [] R---D C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 01/06/2015 - 23:00:15 - [] R---D C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 219 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FE49F7FE7CCBA7AF367C0F45FABE1E36] - 02/06/2015 - 10:42:41 ---A- . (...) -- C:\Windows\setupact.log [1414]
O44 - LFC:[MD5.5AB459404727B3272B3D22757D57B7EF] - 02/06/2015 - 18:33:49 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.6838C4020BF19701F659128AD1AAC36F] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1679770]
O44 - LFC:[MD5.9B60B58194DF90E76A48F74C741BBD57] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122530]
O44 - LFC:[MD5.7A63DAE8945257BA1D437765AB2D623E] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\perfc00A.dat [158860]
O44 - LFC:[MD5.17A91564EACE2D92444237BFB0C414C2] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654916]
O44 - LFC:[MD5.E319F43A9035118F8E7536B50753B479] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\perfh00A.dat [738036]
O44 - LFC:[MD5.93CFFDA739D84E024125214B88BBF1D2] - 02/06/2015 - 18:44:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1374044]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/05/2015 - 15:02:34 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.9485B9749BB2721F7174E6852ED6E32E] - 20/05/2015 - 16:17:56 ---A- . (.Baidu, Inc. - Baidu Antivirus BdSandboxDll.dll.) -- C:\Windows\System32\BdSandboxDll64.dll [421784]
O44 - LFC:[MD5.673A0D0C8195863B366FAA283A4776B9] - 27/05/2015 - 18:41:45 ---A- . (...) -- C:\Windows\System32\HWLook.log [648]
O44 - LFC:[MD5.5E2A728AF94605491FB3A655D043BBAD] - 28/05/2015 - 19:16:35 ---A- . (...) -- C:\Windows\wininit.ini [1576]
O44 - LFC:[MD5.89D5E5A2B12B2BAF37A5C515B953403A] - 29/05/2015 - 16:41:04 ---A- . (...) -- C:\Windows\PFRO.log [55666]
~ Files: 13 Scanned in 00mn 08s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.FD8FF58AB88D9CA356C94FA7BF7AE074] - 20/05/2015 - 14:14:45 ---A- - C:\Windows\Prefetch\NETENGINE.EXE-64E8D09E.pf =>PUP.NetEngine
O45 - LFCP:[MD5.C29763B701E7269068829900F6B16AAC] - 20/05/2015 - 14:12:11 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-0E984AFA.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.479BE87F4BDDCB95735DF8500074723C] - 20/05/2015 - 14:09:45 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-7BBFF103.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.C877DE115A8D6BA59D2C1C9B4A36ABF5] - 20/05/2015 - 14:09:47 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.TMP-B901E625.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.EB92DEF169568EFE847C807798A4886E] - 20/05/2015 - 14:12:04 ---A- - C:\Windows\Prefetch\OPTPROSTART.EXE-A2325A58.pf =>PUP.OptimizerPro
~ Prefetcher: 5 Scanned in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Paquete de autenticación de Microsoft v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Motor del cliente del Editor de configuración de seguridad de Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Paquete de seguridad de Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Paquete de autenticación de Microsoft v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authori
~ Rapport de ZHPDiag v2015.5.31.53 - Nicolas Coolman (31/05/2015)
~ Lancé par Claudie (02/06/2015 20:20:22)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801
MFIE: Mozilla Firefox 38.0.1 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
---\\ Logiciels de protection du système
Microsoft Security Client v4.8.0204.0
Windows Defender W7 (Deactivate)
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader XI
---\\ Informations sur le système
~ Processor: AMD64 Family 20 Model 2 Stepping 0, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3818 MB (55% free)
System Restore: Activé (Enable)
System drive C: has 89 GB (31%) free of 283 GB
---\\ Mode de connexion au système
~ Computer Name: CLAUDIE-PC
~ User Name: Claudie
~ All Users Names: Invitado, HomeGroupUser$, Claudie, Administrador,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Claudie\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Claudie\AppData\Roaming\
~ %Desktop% : C:\Users\Claudie\Desktop\
~ %Favorites% : C:\Users\Claudie\Favorites\
~ %LocalAppData% : C:\Users\Claudie\AppData\Local\
~ %StartMenu% : C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 89 Go of 283 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 49 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorador de Windows.) (.14/07/2011 - 06:30:29.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Aplicación de inicio de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensiones de Internet para Win32.) (.21/04/2015 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Aplicación de inicio de sesión de Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioteca de licencias de software.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Controlador de puerto de i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.14/07/2011 - 06:33:59.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Controlador del sistema de archivos NTFS.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Controlador de puerto paralelo.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Controlador de instantánea de volumen.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/1724
~ Mes musiques (My Musics) : 19/667
~ Mes Videos (My Videos) : 1/128
~ Mes Favoris (My Favorites) : 1/21
~ Mes Documents (My Documents) : 5/734
~ Mon Bureau (My Desktop) : 1/19
~ Menu demarrer (Programs) : 1/5
~ Hidden Files: Scanned in 00mn 05s
---\\ Processus lancés
[MD5.A824317EA303679481EF1039A5D66212] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.1532]
[MD5.4EA63B2AF94A69E5D89D25D45BF8C8D8] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176] [PID.2352]
[MD5.0D360F06B168A6F37ACA9D9F958245DA] - (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280] [PID.3364]
[MD5.9ABC4E3B00CFA3A47D5569F5B49FE42F] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1103440] [PID.3392]
[MD5.D474767D4805CEF801AF6D4AEED1F9E3] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.3524]
[MD5.4AB15690A90D8AD0642FAB1FBF03804F] - (.LeapFrog Enterprises, Inc. - Monitor Application.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [295304] [PID.3672]
[MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.3680]
[MD5.CC29FDF0E680C0F3531C9F2A834CA2A6] - (.VideoLAN - VLC media player 2.1.5.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [126995] [PID.5072]
[MD5.14CF73D771FA977A9F1CBAA5C301F912] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.2892]
[MD5.D20916C6EA423DE829717357BE09731C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [270960] [PID.4160]
[MD5.66F6B3894132CC3D347CB85FBAE48D57] - (.Adobe Systems, Inc. - Adobe Flash Player 17.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe [1892528] [PID.3040]
[MD5.F3198BA5BA8CC86D3F2DEA8C2ACA7385] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8212992] [PID.160]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.1592]
[MD5.9DD3A22F804697606C2B7FF9E912FF6B] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [353360] [PID.1440]
[MD5.21ACFD2B4BF6C0F4D9080A437E400E88] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [418896] [PID.1644]
[MD5.C9B2D1D3F86FD3673EF847DEF73B6F9E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [36456] [PID.388]
[MD5.C8158791418A749F981D1423C74BA4EE] - (.LeapFrog Enterprises, Inc. - CommandService Application.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe [7392136] [PID.1704]
[MD5.B705C7097F9A0EC941D02DCE7C7D426C] - (.Acer Incorporated - Updater Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [244624] [PID.2060]
[MD5.1873214666F6F0A883742DF91FBC48C9] - (.NTI Corporation - Backup Manager Module.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832] [PID.2156]
[MD5.CECFDE5D3701B2D914862F5E6C3DFE18] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [211104] [PID.2392]
[MD5.3B43F4F67F3C539C3BBF40A552A12B5E] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [93040] [PID.2444]
[MD5.4E1BB8A9CCDB4BAF41F7F9A930EB121D] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [534184] [PID.2492]
[MD5.B4D1D62A09F09CB2DFD55628350CDAFB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822496] [PID.2752]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Claudie\AppData\Roaming\Mozilla\Firefox\Profiles\1xq6g3o0.default-1432043555660\prefs.js
M2 - MFEP: RegExtension {B64D9B05-48E1-4CEB-BF58-E0643994E900} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ (.not file.)
M0 - MFSP: prefs.js [Claudie - 1xq6g3o0.default-1432043555660] http://www.google.fr
M2 - MFEP: Extension [Claudie - 1xq6g3o0.default-1432043555660] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.11.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
~ Firefox Browser: 22 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Explorador de Internet.) (11.00.9600.17631 (winblue_r7.150111-1500)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 19 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.) =>Toolbar.Bing
~ BHO: 1 Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acheter en ligne.lnk . (...) -- C:\Program Files (x86)\Accessory Store\StartUrl.exe (.not file.)
~ Global Startup: 1 Scanned in 00mn 04s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Power Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [DesktopSearch] C:\ProgramData\DesktopSearch\DesktopSearch.exe (.not file.)
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe =>.Symantec Corporation
O4 - HKLM\..\Wow6432Node\Run: [BackupManagerTray] . (.NTI Corporation - Acer Backup Manager.) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Monitor] . (.LeapFrog Enterprises, Inc. - Monitor Application.) -- C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [stv_fr_18] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets de escritorio de Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® Installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® Installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® Installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] . (.Microsoft Corporation - Windows® Installer.) -- C:\Windows\System32\msiexec.exe
O4 - HKUS\S-1-5-21-2303779101-1737599147-2988863568-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-2303779101-1737599147-2988863568-1001\..\Run: [DesktopSearch] C:\ProgramData\DesktopSearch\DesktopSearch.exe (.not file.)
O4 - HKUS\S-1-5-21-2303779101-1737599147-2988863568-1001\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Proveedor de correcciones de compatibilidad (shim) de nomenclaturas de co.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Proveedor de espacio de nombres PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Proveedor de espacio de nombres PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Proveedor de servicios de Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 7 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{158A3509-0F27-4438-BBD2-8A4FE49BA1A2}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D6ECE21-4C46-4E93-B529-C8213EC74FF5}: DhcpNameServer = 212.27.40.244 212.27.40.245
O17 - HKLM\System\CCS\Services\Tcpip\..\{CF259E09-9C44-4038-ABA2-F8C398209002}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{158A3509-0F27-4438-BBD2-8A4FE49BA1A2}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{5D6ECE21-4C46-4E93-B529-C8213EC74FF5}: DhcpNameServer = 212.27.40.244 212.27.40.245
O17 - HKLM\System\CS1\Services\Tcpip\..\{CF259E09-9C44-4038-ABA2-F8C398209002}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{158A3509-0F27-4438-BBD2-8A4FE49BA1A2}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS2\Services\Tcpip\..\{5D6ECE21-4C46-4E93-B529-C8213EC74FF5}: DhcpNameServer = 212.27.40.244 212.27.40.245
O17 - HKLM\System\CS2\Services\Tcpip\..\{CF259E09-9C44-4038-ABA2-F8C398209002}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visor HTML de Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: C:\Windows\system32\CxAudMsg64.exe (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\system32\CxAudMsg64.exe
O23 - Service: Dritek WMI Service (DsiWMIService) . (.Dritek System Inc. - Dritek WMI Service.) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: ePower Service (ePowerSvc) . (.Acer Incorporated - ePowerSvc.) - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GREGService (GREGService) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: LeapFrog Connect Device Service (LeapFrog Connect Device Service) . (.LeapFrog Enterprises, Inc. - CommandService Application.) - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: Live Updater Service (Live Updater Service) . (.Acer Incorporated - Updater Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation
O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NTI Corporation - Backup Manager Module.) - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
~ Services: 13 Scanned in 00mn 11s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job [390]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Acer Registration - Reminder Recall task [390]
O39 - APT: - (..) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [838]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [838]
~ Scheduled Task: 2 Scanned in 00mn 00s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos del Reproductor de Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de temas de Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Procesador de comandos de Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensión del shell para FTP de Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos del Reproductor de Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilidad de inicialización por usuario de IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Archivo DLL común del shell de Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilidad de inicialización por usuario de IE.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\drivers\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (innfd_1_10_0_14) . (. - .) - C:\Windows\System32\drivers\innfd_1_10_0_14.sys (.not file.)
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Mini Filter Driver.) - C:\Windows\System32\DRIVERS\mwlPSDFilter.sys
O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\System32\DRIVERS\mwlPSDNServ.sys
O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Programador de paquetes QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Controlador del subsistema de almacenamient.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (tbfd_1_10_0_16) . (. - .) - C:\Windows\System32\drivers\tbfd_1_10_0_16.sys (.not file.) =>PUP.TermBlazer
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: Entorno de compatibilidad con proveedores de servicios no IFS de Windows Socket 2.0 (ws2ifsl) . (.Microsoft Corporation - Nivel IFS de Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 78 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}
O42 - Logiciel: AMD Media Foundation Decoders - (.ATI Technologies Inc..) [HKLM][64Bits] -- {2E12FEB9-11CD-5B44-D51B-0837225A6594}
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM][64Bits] -- {3605D89A-BD66-F5C5-779B-BE9110B41077}
O42 - Logiciel: Adobe Flash Player 17 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader XI (11.0.11) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001802114130}
O42 - Logiciel: Apple Application Support (32 bits) - (.Apple Inc..) [HKLM][64Bits] -- {2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}
O42 - Logiciel: Apple Application Support (64 bits) - (.Apple Inc..) [HKLM][64Bits] -- {28791292-D18D-42FA-AE66-3D3D20AA8618}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {5ED7462B-EF58-4757-B609-53755021EC34}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM][64Bits] -- CNXT_AUDIO_HDA
O42 - Logiciel: Free YouTube to MP3 Converter version 3.12.44.910 - (.DVDVideoSoft Ltd..) [HKLM][64Bits] -- Free YouTube to MP3 Converter_is1
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D9FCBAAE-DB72-488B-96D0-0AA3C892C0D6}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: MyWinLocker - (.Egis Technology Inc..) [HKLM][64Bits] -- {0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {7A2BB1C8-903D-4585-9F3B-CADD67D07D37}
O42 - Logiciel: TomTom HOME - (.Nom de votre société.) [HKLM][64Bits] -- {BB05590A-6602-43F3-A400-77EA0976BC0A}
O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03. - (.Leapfrog.) [HKLM][64Bits] -- 8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}
~ Logic: 40 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\45918InstEnd]
[HKCU\Software\AOL]
[HKCU\Software\ATI]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Feven Pro 1.1] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\HappyLyrics] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Baidu Security]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Clubic]
[HKCU\Software\Cyberlink]
[HKCU\Software\DSP-worx]
[HKCU\Software\David Esperalta]
[HKCU\Software\DivXNetworks]
[HKCU\Software\DivX]
[HKCU\Software\Dritek]
[HKCU\Software\Foxit Software]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hyper-Practical]
[HKCU\Software\ICSW1.8]
[HKCU\Software\IM Providers]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kromtech]
[HKCU\Software\LAV]
[HKCU\Software\Licenses]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\MainConcept]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\OEM]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Policies]
[HKCU\Software\PowerPack]
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\RealNetworks]
[HKCU\Software\Skype]
[HKCU\Software\Software]
[HKCU\Software\Synaptics]
[HKCU\Software\TeleCharger]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\WTools] =>PUP.Nosibay
[HKCU\Software\WebApp]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\mozilla]
[HKCU\Software\sidecom] =>PUP.Sidecom
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Baidu Security]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\Cyberlink]
[HKLM\Software\DivX]
[HKLM\Software\EgisTec IPS]
[HKLM\Software\EgisTec Shredder]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Macromedia]
[HKLM\Software\McAfee.com]
[HKLM\Software\McAfee]
[HKLM\Software\McFPDetect]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OOBEOffer]
[HKLM\Software\OemSetup]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Sonic]
[HKLM\Software\Symantec]
[HKLM\Software\Synaptics]
[HKLM\Software\TuneUp]
[HKLM\Software\Wow6432Node\AIM Toolbar]
[HKLM\Software\Wow6432Node\AMD]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\ATI]
[HKLM\Software\Wow6432Node\Acer Incorporated]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdwCleaner]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Baidu Security]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\CDDB]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\DivXNetworks]
[HKLM\Software\Wow6432Node\DivX]
[HKLM\Software\Wow6432Node\Dritek]
[HKLM\Software\Wow6432Node\EgisTec IPS]
[HKLM\Software\Wow6432Node\EgisTec MyWinLockerSuite]
[HKLM\Software\Wow6432Node\EgisTec MyWinLocker]
[HKLM\Software\Wow6432Node\EgisTec Shredder]
[HKLM\Software\Wow6432Node\Evernote]
[HKLM\Software\Wow6432Node\FUHU, Inc.]
[HKLM\Software\Wow6432Node\Feven Pro 1.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Foxit Software]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lame For Audacity]
[HKLM\Software\Wow6432Node\LeapFrog]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NewTech Infosystems]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\OEM]
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\RealNetworks]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\S3R521]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\SpeedBit]
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\VirualDiskRedist]
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\Xing Technology Corp.]
[HKLM\Software\Wow6432Node\Xvid Team]
[HKLM\Software\Wow6432Node\afplanet]
[HKLM\Software\Wow6432Node\hdcode]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\winzipersvc] =>Adware.D365
[HKLM\Software\Wow6432Node]
~ Key Software: 227 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/02/2012 - 20:45:49 - [] ----D C:\Program Files (x86)\Acer
O43 - CFD: 19/10/2011 - 05:15:32 - [] ----D C:\Program Files (x86)\Acer Games
O43 - CFD: 08/01/2014 - 19:16:01 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 16/02/2012 - 20:15:09 - [] ----D C:\Program Files (x86)\AMD APP
O43 - CFD: 27/11/2013 - 15:01:52 - [0] ----D C:\Program Files (x86)\AnglaisFacile.com
O43 - CFD: 08/12/2012 - 17:38:57 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 16/05/2015 - 15:01:30 - [0] ----D C:\Program Files (x86)\app_setup
O43 - CFD: 16/02/2012 - 20:14:42 - [] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 20/05/2015 - 15:46:47 - [] ----D C:\Program Files (x86)\Baidu Security
O43 - CFD: 08/12/2012 - 17:37:48 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 24/05/2015 - 13:45:35 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 16/05/2015 - 15:14:42 - [0] ----D C:\Program Files (x86)\ConnectPC
O43 - CFD: 16/05/2015 - 16:16:53 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 16/02/2012 - 20:35:55 - [] ----D C:\Program Files (x86)\Cyberlink
O43 - CFD: 12/04/2015 - 18:19:45 - [] ----D C:\Program Files (x86)\DivX
O43 - CFD: 01/03/2014 - 21:15:55 - [] ----D C:\Program Files (x86)\DSP-worx
O43 - CFD: 16/02/2012 - 20:23:58 - [] ----D C:\Program Files (x86)\EgisTec IPS
O43 - CFD: 16/02/2012 - 20:24:24 - [] ----D C:\Program Files (x86)\EgisTec MyWinLocker
O43 - CFD: 16/02/2012 - 20:22:32 - [] ----D C:\Program Files (x86)\EgisTec MyWinLockerSuite
O43 - CFD: 16/02/2012 - 20:25:20 - [] ----D C:\Program Files (x86)\EgisTec Shredder
O43 - CFD: 19/10/2011 - 05:16:56 - [] ----D C:\Program Files (x86)\Evernote
O43 - CFD: 19/10/2011 - 06:13:05 - [] ----D C:\Program Files (x86)\Fooz Kids
O43 - CFD: 08/02/2015 - 10:40:39 - [] ----D C:\Program Files (x86)\Foxit Software
O43 - CFD: 24/05/2015 - 13:38:03 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 24/05/2015 - 19:39:57 - [] ----D C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches
O43 - CFD: 16/02/2012 - 20:43:06 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 23/05/2015 - 13:44:03 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 08/02/2015 - 00:40:54 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 01/03/2014 - 21:16:26 - [] ----D C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 16/02/2012 - 20:11:17 - [] ----D C:\Program Files (x86)\Launch Manager
O43 - CFD: 25/08/2013 - 12:12:23 - [] ----D C:\Program Files (x86)\LeapFrog
O43 - CFD: 16/03/2014 - 07:49:22 - [] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware
O43 - CFD: 16/02/2012 - 20:19:29 - [] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 16/05/2015 - 15:43:16 - [] ----D C:\Program Files (x86)\Microsoft Application Virtualization Client
O43 - CFD: 12/11/2012 - 22:14:08 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 16/05/2015 - 15:33:04 - [] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 02/09/2012 - 17:09:02 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 28/05/2015 - 19:07:48 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 20/05/2015 - 16:43:11 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 19/10/2011 - 06:14:34 - [] ----D C:\Program Files (x86)\newsXpresso
O43 - CFD: 16/02/2012 - 20:27:59 - [] ----D C:\Program Files (x86)\NTI
O43 - CFD: 30/08/2012 - 13:56:10 - [] ----D C:\Program Files (x86)\OEM
O43 - CFD: 07/04/2013 - 15:26:11 - [] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 01/03/2014 - 21:15:57 - [] ----D C:\Program Files (x86)\OpenSource Flash Video Splitter
O43 - CFD: 18/11/2012 - 18:31:28 - [] ----D C:\Program Files (x86)\Real
O43 - CFD: 19/10/2011 - 04:37:39 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 19/10/2011 - 06:03:00 - [] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 14/02/2015 - 00:21:59 - [] ----D C:\Program Files (x86)\TomTom HOME 2
O43 - CFD: 16/06/2014 - 12:50:48 - [] ----D C:\Program Files (x86)\TomTom International B.V
O43 - CFD: 14/07/2009 - 06:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 26/02/2014 - 15:41:21 - [] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 10/07/2013 - 10:47:30 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 27/11/2013 - 15:36:04 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 17/02/2012 - 04:58:52 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 11/03/2015 - 17:33:39 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 07:32:38 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 17/02/2012 - 04:58:52 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 21/11/2010 - 05:31:38 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 17/02/2012 - 04:58:52 - [] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 28/05/2015 - 19:08:01 - [0] ----D C:\Program Files (x86)\WinZipper
O43 - CFD: 02/06/2015 - 20:19:10 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 08/01/2014 - 19:16:20 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 19/10/2011 - 06:13:03 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 08/02/2015 - 00:40:27 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 16/02/2012 - 20:15:03 - [] ----D C:\Program Files (x86)\Common Files\ATI Technologies
O43 - CFD: 15/05/2014 - 13:39:46 - [] ----D C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 20/05/2015 - 16:01:02 - [] ----D C:\Program Files (x86)\Common Files\DVDVideoSoft
O43 - CFD: 16/02/2012 - 20:23:51 - [] ----D C:\Program Files (x86)\Common Files\EgisTec
O43 - CFD: 16/02/2012 - 20:26:37 - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 01/09/2012 - 17:46:54 - [] ----D C:\Program Files (x86)\Common Files\mcafee
O43 - CFD: 27/11/2013 - 15:12:20 - [] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 05:20:08 - [] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 03/09/2012 - 17:44:21 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 19/10/2011 - 05:24:10 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 23/10/2013 - 15:09:09 - [] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 16/01/2015 - 16:54:25 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 19/10/2011 - 05:23:15 - [] ----D C:\ProgramData\Acer
O43 - CFD: 08/01/2014 - 19:16:07 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 06/09/2014 - 16:58:59 - [] ----D C:\ProgramData\Apple
O43 - CFD: 08/12/2012 - 17:40:40 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 19/10/2011 - 06:09:45 - [] ----D C:\ProgramData\BackupManager
O43 - CFD: 20/05/2015 - 15:44:57 - [] ----D C:\ProgramData\Baidu
O43 - CFD: 29/05/2015 - 20:39:03 - [0] ----D C:\ProgramData\Baidu Security
O43 - CFD: 01/06/2015 - 21:45:57 - [] ----D C:\ProgramData\clear.fi
O43 - CFD: 16/02/2012 - 20:39:41 - [] ----D C:\ProgramData\CLSK
O43 - CFD: 02/12/2012 - 23:18:17 - [] --H-D C:\ProgramData\Common Files
O43 - CFD: 17/06/2014 - 11:42:18 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Datos de programa
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 08/02/2015 - 00:42:23 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 16/02/2012 - 20:48:36 - [] ----D C:\ProgramData\EgisTec
O43 - CFD: 16/02/2012 - 20:58:24 - [] ----D C:\ProgramData\EgisTec IPS
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Escritorio
O43 - CFD: 19/10/2011 - 05:16:40 - [0] ----D C:\ProgramData\Evernote
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Favoritos
O43 - CFD: 16/02/2012 - 20:26:40 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 19/10/2011 - 06:13:06 - [] ----D C:\ProgramData\Fooz Kids
O43 - CFD: 25/08/2013 - 12:07:35 - [] ----D C:\ProgramData\Leapfrog
O43 - CFD: 15/03/2014 - 13:59:01 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 24/10/2013 - 11:12:29 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Menú Inicio
O43 - CFD: 21/12/2014 - 14:21:18 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 12/09/2012 - 15:13:19 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 16/05/2015 - 21:52:27 - [] ----D C:\ProgramData\NetEngine =>PUP.NetEngine
O43 - CFD: 19/10/2011 - 06:14:39 - [] ----D C:\ProgramData\newsXpresso
O43 - CFD: 16/02/2012 - 20:29:29 - [] ----D C:\ProgramData\NTI Launcher
O43 - CFD: 30/08/2012 - 14:00:50 - [] ----D C:\ProgramData\oem
O43 - CFD: 30/08/2012 - 13:55:22 - [] -SH-D C:\ProgramData\Plantillas
O43 - CFD: 18/11/2012 - 18:31:27 - [] ----D C:\ProgramData\Real
O43 - CFD: 24/05/2015 - 13:45:45 - [] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 19/10/2011 - 06:03:00 - [] ----D C:\ProgramData\Symantec
O43 - CFD: 16/02/2012 - 20:40:12 - [] ----D C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - 07:08:56 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 16/06/2014 - 12:52:40 - [] ----D C:\ProgramData\TomTom
O43 - CFD: 02/12/2012 - 23:18:50 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 18/11/2012 - 16:50:50 - [] ----D C:\ProgramData\VirtualizedApplications
O43 - CFD: 20/05/2015 - 15:32:37 - [] ----D C:\ProgramData\WildTangent
O43 - CFD: 24/05/2015 - 14:30:26 - [] ----D C:\ProgramData\{6b4b7a09-046b-f7d5-6b4b-b7a09046e824}
O43 - CFD: 02/12/2012 - 23:18:17 - [] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 19/10/2011 - 04:30:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 19/10/2011 - 06:02:35 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
O43 - CFD: 19/10/2011 - 06:08:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Backup Manager
O43 - CFD: 16/02/2012 - 20:42:12 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
O43 - CFD: 16/02/2012 - 20:08:53 - [] ---AD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
O43 - CFD: 14/07/2009 - 06:57:13 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 16/02/2012 - 20:14:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
O43 - CFD: 21/10/2013 - 21:16:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnglaisFacile.com
O43 - CFD: 16/02/2012 - 20:36:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\clear.fi
O43 - CFD: 16/02/2012 - 20:25:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
O43 - CFD: 19/10/2011 - 05:17:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
O43 - CFD: 20/05/2015 - 15:32:32 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 01/03/2014 - 21:16:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 08/02/2015 - 00:42:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 14/07/2009 - 06:57:09 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/08/2012 - 13:55:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Family Protection
O43 - CFD: 19/10/2011 - 06:14:34 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\newsXpresso
O43 - CFD: 19/10/2011 - 06:03:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup =>.Symantec Corporation
O43 - CFD: 16/02/2012 - 20:29:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
O43 - CFD: 07/04/2013 - 15:27:31 - [] -S--D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
O43 - CFD: 24/10/2013 - 11:11:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 21/11/2010 - 09:16:41 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/02/2015 - 00:21:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
O43 - CFD: 11/04/2015 - 16:42:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 02/06/2015 - 20:19:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 16/05/2015 - 20:22:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZSoft
O43 - CFD: 04/10/2012 - 18:37:56 - [] ----D C:\Users\Claudie\AppData\Roaming\Adobe
O43 - CFD: 13/11/2013 - 17:13:23 - [] ----D C:\Users\Claudie\AppData\Roaming\Apple Computer
O43 - CFD: 28/05/2015 - 20:17:18 - [] ----D C:\Users\Claudie\AppData\Roaming\Baidu
O43 - CFD: 20/05/2015 - 15:44:56 - [] ----D C:\Users\Claudie\AppData\Roaming\BavMini
O43 - CFD: 01/03/2014 - 21:16:31 - [] ----D C:\Users\Claudie\AppData\Roaming\CDXReader
O43 - CFD: 17/06/2014 - 11:42:15 - [] ----D C:\Users\Claudie\AppData\Roaming\CyberLink
O43 - CFD: 20/05/2015 - 16:00:57 - [0] ----D C:\Users\Claudie\AppData\Roaming\DVDVideoSoft
O43 - CFD: 12/04/2015 - 18:09:34 - [] ----D C:\Users\Claudie\AppData\Roaming\Foxit Software
O43 - CFD: 18/11/2014 - 22:00:07 - [] ----D C:\Users\Claudie\AppData\Roaming\GeoGebra 4.4
O43 - CFD: 20/02/2013 - 15:08:09 - [] ----D C:\Users\Claudie\AppData\Roaming\Hyperpractical
O43 - CFD: 30/08/2012 - 13:59:46 - [] ----D C:\Users\Claudie\AppData\Roaming\Identities
O43 - CFD: 01/03/2014 - 21:16:33 - [] ----D C:\Users\Claudie\AppData\Roaming\LavFilters
O43 - CFD: 19/10/2011 - 06:13:03 - [] ----D C:\Users\Claudie\AppData\Roaming\Macromedia
O43 - CFD: 15/03/2014 - 13:59:16 - [] ----D C:\Users\Claudie\AppData\Roaming\Malwarebytes
O43 - CFD: 21/11/2010 - 09:16:41 - [0] ----D C:\Users\Claudie\AppData\Roaming\Media Center Programs
O43 - CFD: 16/05/2015 - 15:07:31 - [] -S--D C:\Users\Claudie\AppData\Roaming\Microsoft
O43 - CFD: 12/09/2012 - 15:14:58 - [] ----D C:\Users\Claudie\AppData\Roaming\Mozilla
O43 - CFD: 07/04/2013 - 15:27:47 - [] ----D C:\Users\Claudie\AppData\Roaming\OpenOffice.org
O43 - CFD: 17/05/2013 - 21:48:16 - [] ----D C:\Users\Claudie\AppData\Roaming\player
O43 - CFD: 07/09/2014 - 16:07:48 - [] ----D C:\Users\Claudie\AppData\Roaming\PowerCinema
O43 - CFD: 18/11/2012 - 18:31:17 - [] ----D C:\Users\Claudie\AppData\Roaming\Real
O43 - CFD: 24/05/2015 - 13:44:49 - [] ----D C:\Users\Claudie\AppData\Roaming\Skype
O43 - CFD: 11/03/2015 - 18:32:23 - [] ----D C:\Users\Claudie\AppData\Roaming\SoftGrid Client
O43 - CFD: 16/06/2014 - 12:52:36 - [] ----D C:\Users\Claudie\AppData\Roaming\TomTom
O43 - CFD: 12/11/2012 - 22:16:17 - [0] ----D C:\Users\Claudie\AppData\Roaming\TP
O43 - CFD: 02/12/2012 - 23:18:49 - [] ----D C:\Users\Claudie\AppData\Roaming\TuneUp Software
O43 - CFD: 02/06/2015 - 13:06:51 - [] ----D C:\Users\Claudie\AppData\Roaming\vlc
O43 - CFD: 20/05/2015 - 15:32:36 - [] ----D C:\Users\Claudie\AppData\Roaming\WildTangent
O43 - CFD: 15/09/2012 - 15:38:15 - [0] ----D C:\Users\Claudie\AppData\Roaming\Windows Live Writer
O43 - CFD: 16/05/2015 - 16:45:15 - [0] ----D C:\Users\Claudie\AppData\Roaming\WTools =>PUP.Nosibay
O43 - CFD: 02/06/2015 - 20:21:02 - [] ----D C:\Users\Claudie\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 24/05/2015 - 14:34:20 - [0] ----D C:\Users\Claudie\AppData\Local\670A1AB5-1431789339-E111-9DD7-DC0EA197F0EA
O43 - CFD: 30/08/2012 - 13:56:04 - [] ----D C:\Users\Claudie\AppData\Local\Acer
O43 - CFD: 08/02/2015 - 10:05:29 - [] ----D C:\Users\Claudie\AppData\Local\Adobe
O43 - CFD: 08/12/2012 - 17:39:01 - [] ----D C:\Users\Claudie\AppData\Local\Apple
O43 - CFD: 12/02/2013 - 20:54:54 - [] ----D C:\Users\Claudie\AppData\Local\Apple Computer
O43 - CFD: 30/08/2012 - 13:55:36 - [] -SH-D C:\Users\Claudie\AppData\Local\Archivos temporales de Internet
O43 - CFD: 23/02/2014 - 18:58:27 - [] ----D C:\Users\Claudie\AppData\Local\Big Fish
O43 - CFD: 16/05/2015 - 16:18:42 - [] ----D C:\Users\Claudie\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 18/03/2013 - 13:52:56 - [] ----D C:\Users\Claudie\AppData\Local\Cyberlink
O43 - CFD: 30/08/2012 - 13:55:36 - [] -SH-D C:\Users\Claudie\AppData\Local\Datos de programa
O43 - CFD: 23/04/2015 - 09:27:31 - [] ----D C:\Users\Claudie\AppData\Local\Diagnostics
O43 - CFD: 14/02/2015 - 00:19:05 - [] ----D C:\Users\Claudie\AppData\Local\Downloaded Installations
O43 - CFD: 30/08/2012 - 14:05:41 - [] ----D C:\Users\Claudie\AppData\Local\EgisTec IPS
O43 - CFD: 27/08/2014 - 22:36:27 - [0] ----D C:\Users\Claudie\AppData\Local\ElevatedDiagnostics
O43 - CFD: 12/04/2015 - 18:10:55 - [] -SH-D C:\Users\Claudie\AppData\Local\EmieBrowserModeList
O43 - CFD: 22/04/2014 - 18:18:37 - [] -SH-D C:\Users\Claudie\AppData\Local\EmieSiteList
O43 - CFD: 22/04/2014 - 18:18:37 - [] -SH-D C:\Users\Claudie\AppData\Local\EmieUserList
O43 - CFD: 23/05/2015 - 13:42:57 - [] ----D C:\Users\Claudie\AppData\Local\Google
O43 - CFD: 30/08/2012 - 13:55:36 - [] -SH-D C:\Users\Claudie\AppData\Local\Historial
O43 - CFD: 12/09/2012 - 18:58:36 - [] ----D C:\Users\Claudie\AppData\Local\Macromedia
O43 - CFD: 21/02/2015 - 21:02:38 - [] ----D C:\Users\Claudie\AppData\Local\Microsoft
O43 - CFD: 19/11/2014 - 16:12:58 - [] ----D C:\Users\Claudie\AppData\Local\Microsoft Games
O43 - CFD: 03/10/2013 - 09:46:15 - [] ----D C:\Users\Claudie\AppData\Local\Mozilla
O43 - CFD: 15/07/2014 - 13:24:35 - [] ----D C:\Users\Claudie\AppData\Local\Packages
O43 - CFD: 20/04/2015 - 00:20:02 - [] ----D C:\Users\Claudie\AppData\Local\PowerCinema
O43 - CFD: 21/10/2013 - 13:26:07 - [] ----D C:\Users\Claudie\AppData\Local\Programs
O43 - CFD: 27/02/2014 - 21:35:55 - [] ----D C:\Users\Claudie\AppData\Local\Skype
O43 - CFD: 12/11/2012 - 22:16:01 - [] ----D C:\Users\Claudie\AppData\Local\SoftGrid Client
O43 - CFD: 02/06/2015 - 20:19:14 - [] ----D C:\Users\Claudie\AppData\Local\Temp
O43 - CFD: 16/06/2014 - 12:52:36 - [] ----D C:\Users\Claudie\AppData\Local\TomTom
O43 - CFD: 23/10/2013 - 16:55:15 - [0] ----D C:\Users\Claudie\AppData\Local\Updater19962 =>PUP.CrossRider
O43 - CFD: 03/12/2012 - 20:49:25 - [] ----D C:\Users\Claudie\AppData\Local\VirtualStore
O43 - CFD: 15/09/2012 - 15:38:26 - [] ----D C:\Users\Claudie\AppData\Local\Windows Live Writer
O43 - CFD: 11/03/2015 - 17:38:29 - [] R---D C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 01/06/2015 - 23:00:15 - [] R---D C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
~ Program Folder: 219 Scanned in 00mn 00s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.FE49F7FE7CCBA7AF367C0F45FABE1E36] - 02/06/2015 - 10:42:41 ---A- . (...) -- C:\Windows\setupact.log [1414]
O44 - LFC:[MD5.5AB459404727B3272B3D22757D57B7EF] - 02/06/2015 - 18:33:49 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.6838C4020BF19701F659128AD1AAC36F] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1679770]
O44 - LFC:[MD5.9B60B58194DF90E76A48F74C741BBD57] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\perfc009.dat [122530]
O44 - LFC:[MD5.7A63DAE8945257BA1D437765AB2D623E] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\perfc00A.dat [158860]
O44 - LFC:[MD5.17A91564EACE2D92444237BFB0C414C2] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\perfh009.dat [654916]
O44 - LFC:[MD5.E319F43A9035118F8E7536B50753B479] - 02/06/2015 - 18:37:04 ---A- . (...) -- C:\Windows\System32\perfh00A.dat [738036]
O44 - LFC:[MD5.93CFFDA739D84E024125214B88BBF1D2] - 02/06/2015 - 18:44:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1374044]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 20/05/2015 - 15:02:34 ---A- . (...) -- C:\Windows\setuperr.log [0]
O44 - LFC:[MD5.9485B9749BB2721F7174E6852ED6E32E] - 20/05/2015 - 16:17:56 ---A- . (.Baidu, Inc. - Baidu Antivirus BdSandboxDll.dll.) -- C:\Windows\System32\BdSandboxDll64.dll [421784]
O44 - LFC:[MD5.673A0D0C8195863B366FAA283A4776B9] - 27/05/2015 - 18:41:45 ---A- . (...) -- C:\Windows\System32\HWLook.log [648]
O44 - LFC:[MD5.5E2A728AF94605491FB3A655D043BBAD] - 28/05/2015 - 19:16:35 ---A- . (...) -- C:\Windows\wininit.ini [1576]
O44 - LFC:[MD5.89D5E5A2B12B2BAF37A5C515B953403A] - 29/05/2015 - 16:41:04 ---A- . (...) -- C:\Windows\PFRO.log [55666]
~ Files: 13 Scanned in 00mn 08s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.FD8FF58AB88D9CA356C94FA7BF7AE074] - 20/05/2015 - 14:14:45 ---A- - C:\Windows\Prefetch\NETENGINE.EXE-64E8D09E.pf =>PUP.NetEngine
O45 - LFCP:[MD5.C29763B701E7269068829900F6B16AAC] - 20/05/2015 - 14:12:11 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-0E984AFA.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.479BE87F4BDDCB95735DF8500074723C] - 20/05/2015 - 14:09:45 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-7BBFF103.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.C877DE115A8D6BA59D2C1C9B4A36ABF5] - 20/05/2015 - 14:09:47 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.TMP-B901E625.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.EB92DEF169568EFE847C807798A4886E] - 20/05/2015 - 14:12:04 ---A- - C:\Windows\Prefetch\OPTPROSTART.EXE-A2325A58.pf =>PUP.OptimizerPro
~ Prefetcher: 5 Scanned in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Paquete de autenticación de Microsoft v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Motor del cliente del Editor de configuración de seguridad de Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Paquete de seguridad de Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Paquete de autenticación de Microsoft v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authori
cabrier
Messages postés
5591
Date d'inscription
dimanche 7 août 2011
Statut
Contributeur sécurité
Dernière intervention
27 octobre 2020
702
2 juin 2015 à 22:27
2 juin 2015 à 22:27
cabrier
Messages postés
5591
Date d'inscription
dimanche 7 août 2011
Statut
Contributeur sécurité
Dernière intervention
27 octobre 2020
702
2 juin 2015 à 22:28
2 juin 2015 à 22:28
Et désinstalle OPTIMIZERPRO
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
>
cabrier
Messages postés
5591
Date d'inscription
dimanche 7 août 2011
Statut
Contributeur sécurité
Dernière intervention
27 octobre 2020
2 juin 2015 à 22:33
2 juin 2015 à 22:33
Merci :)
Claudie
Héberge le rapport sur cjoint
Claudie
Héberge le rapport sur cjoint
claudie7
>
cabrier
Messages postés
5591
Date d'inscription
dimanche 7 août 2011
Statut
Contributeur sécurité
Dernière intervention
27 octobre 2020
3 juin 2015 à 16:18
3 juin 2015 à 16:18
Je ne trouve pas OPTIMIZERPRO ni dans le panneau de configuration ajout/suppression ni dans les extensions de mozilla
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
4 juin 2015 à 18:33
4 juin 2015 à 18:33
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
8 juin 2015 à 20:24
8 juin 2015 à 20:24
- Copies uniquement les lignes indiquées en gras ci-dessous dans le presse papier soit le bloc note(tu surlignes avec la souris puis clic droit copier de Script ZHPFix jusqu'à la fin soit sysrestore)
Script ZHPFix
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}] =>Toolbar.Bing^
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:stv_fr_18 =>PUP.Eorezo^
C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser^
C:\Program Files (x86)\HighlightSearches =>PUP.HighlightSearches^
C:\ProgramData\NetEngine =>PUP.NetEngine^
C:\Users\Claudie\AppData\Roaming\WTools =>PUP.Nosibay^
C:\Users\Claudie\AppData\Local\Crossbrowse =>PUP.CrossBrowser^
C:\Users\Claudie\AppData\Local\Updater19962 =>PUP.CrossRider^
[HKCU\Software\AppDataLow\Software\Feven Pro 1.1] =>PUP.CrossRider^
[HKCU\Software\AppDataLow\Software\HappyLyrics] =>Adware.AddLyrics^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
[HKCU\Software\WTools] =>PUP.Nosibay^
[HKCU\Software\sidecom] =>PUP.Sidecom^
[HKLM\Software\Wow6432Node\Feven Pro 1.1] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\winzipersvc] =>Adware.D365^
C:\Windows\Installer\1403e.msi =>Toolbar.Bing^
O87 - FAEL: "{9E53871D-4D67-47F4-AC16-5C6727604BF3}" | In - None - P17 - TRUE | .(.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O90 - PUC: "0C69D82C09A6E9540A776A07F6E40CCF" . (.Bing Bar.) -- C:\Windows\Installer\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}\icon_installer_ico =>Toolbar.Bing
[MD5.C3DC5C5ADD196CD88A3F2E525B7331F7] [WIS][07/06/2011] (.Microsoft Corporation - Bing Bar.) -- C:\Windows\Installer\1403e.msi [4740608] =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\netengine_RASAPI32 =>PUP.NetEngine
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\netengine_RASMANCS =>PUP.NetEngine
O61 - LFC: 28/05/2015 - 21:22:41 ---A- . (.Taiwan Shui Mu Chih Ching Technology Limite.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\eInstall\eInstall.exe [1242768]
O61 - LFC: 28/05/2015 - 21:22:42 ---A- . (.337 Technology Limited..) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\eshellctx.dll [73872] =>Hijacker.22Find
O61 - LFC: 28/05/2015 - 21:22:42 ---A- . (.337 Technology Limited..) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\eshellctx64.dll [151184] =>Hijacker.22Find
O61 - LFC: 28/05/2015 - 21:22:42 ---A- . (.Igor Pavlov.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\7z.dll [857744]
O61 - LFC: 28/05/2015 - 21:22:42 ---A- . (.Taiwan Shui Mu Chih Ching Technology Limite.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\dup.exe [262288]
O61 - LFC: 28/05/2015 - 21:22:42 ---A- . (.Taiwan Shui Mu Chih Ching Technology Limite.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\ebase.dll [727184]
O61 - LFC: 28/05/2015 - 21:22:43 ---A- . (...) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\libpng.dll [181904]
O61 - LFC: 28/05/2015 - 21:22:43 ---A- . (.Taiwan Shui Mu Chih Ching Technology Limite.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\eUninstall.exe [1166848]
O61 - LFC: 28/05/2015 - 21:22:44 ---A- . (...) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\sqlite3.dll [612496]
O61 - LFC: 28/05/2015 - 21:22:44 ---A- . (.Taiwan Shui Mu Chih Ching Technology Limite.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\TrayDownloader.exe [171664]
O61 - LFC: 28/05/2015 - 21:22:44 ---A- . (.Taiwan Shui Mu Chih Ching Technology Limite.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\ouilibnl.dll [1658000]
O61 - LFC: 28/05/2015 - 21:22:45 ---A- . (.Taiwan Shui Mu Chih Ching Technology Limite.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\WinZipper.exe [507024]
O61 - LFC: 28/05/2015 - 21:22:45 ---A- . (.Taiwan Shui Mu Chih Ching Technology Limite.) -- C:\Users\Claudie\AppData\Local\Temp\st56A3.tmp\omigazip\winzipersvc.exe [426128] =>Adware.D365
O43 - CFD: 16/05/2015 - 16:18:42 - [] ----D C:\Users\Claudie\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O41 - Driver: (tbfd_1_10_0_16) . (. - .) - C:\Windows\System32\drivers\tbfd_1_10_0_16.sys (.not file.) =>PUP.TermBlazer
O41 - Driver: (innfd_1_10_0_14) . (. - .) - C:\Windows\System32\drivers\innfd_1_10_0_14.sys (.not file.)
sysrestore
- Lance ZHPFix (icône seringue)en tant qu'administrateur(si tu es sous Vista/7/8)sinon double clique sur l'icône en forme de seringue puis clique sur OK pour continuer.
- Cliques sur importer(Dans certains cas le script se colle automatiquement dans la zone de script et ne nécessite pas de cliquer sur le bouton "IMPORTER".)
- Si tu ne vois pas les lignes clic droit dans l'encadré puis coller
- Clique sur le bouton GO pour lancer le nettoyage, et laisse l'outil travailler.
- Zhpfix te proposera de vider la corbeille si tu le souhaites cliques sur oui si tu ne le souhaites pas cliques sur non
- Redémarre le PC et poste le rapport C:\ZHP\ZHPFixReport.txt en l'hébergeant sur cjoint
- Pour t'aider https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
9 juin 2015 à 17:59
9 juin 2015 à 17:59
Toujours des pubs?
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
9 juin 2015 à 18:58
9 juin 2015 à 18:58
As tu redémarré ton ordinateur?
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
9 juin 2015 à 19:02
9 juin 2015 à 19:02
▶ Télécharge ici : FRST (de Farbar)
!!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.
▶ Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.
▶ Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.
▶ A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.
Les rapport se trouvent ici : C:\FRST\Logs
▶ Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.
!!! En fonction de ta version de Windows, prends la "32-Bit Version" ou la "64-Bit Version" !!!
Aide : va dans Démarrer > Panneau de configuration > Système pour savoir si tu es sous 32 bits ou 64 bits.
▶ Double-clique sur l'icône FRST.exe pour lancer le programme. (Sous Windows Vista, 7 et 8, il faut faire un clic droit dessus, puis exécuter en tant qu'administrateur.) Clique ensuite sur Oui lorsqu'un message d'avertissement (Disclaimer) s'affiche.
▶ Sur le menu principal, clique sur le bouton Scan et patiente le temps de l'analyse.
▶ A la fin du scan, deux rapports s'affichent, FRST.txt et Addition.txt Poste les rapports dans ta prochaine réponse.
Les rapport se trouvent ici : C:\FRST\Logs
▶ Envoie-les sur https://www.cjoint.com/ et poste les liens obtenus en échange.
le rapport addition,
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Claudie at 2015-06-09 19:24:49
Running from C:\Users\Claudie\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2303779101-1737599147-2988863568-500 - Administrator - Disabled)
Claudie (S-1-5-21-2303779101-1737599147-2988863568-1001 - Administrator - Enabled) => C:\Users\Claudie
HomeGroupUser$ (S-1-5-21-2303779101-1737599147-2988863568-1002 - Limited - Enabled)
Invitado (S-1-5-21-2303779101-1737599147-2988863568-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Out of date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Out of date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{3605D89A-BD66-F5C5-779B-BE9110B41077}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.55 - Conexant)
Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.)
Hacer clic y ejecutar de Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Hacer clic y ejecutar de Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 fr) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 fr)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
17-05-2015 20:45:07 Copias de seguridad de Windows
19-05-2015 16:20:20 Removed Microsoft Silverlight
19-05-2015 16:21:39 Removed Microsoft Silverlight
19-05-2015 19:17:06 Windows Update
20-05-2015 14:57:04 Removed Microsoft Silverlight
23-05-2015 13:39:18 Removed Skype(TM) 7.4
23-05-2015 13:40:17 Windows Update
24-05-2015 13:38:54 Removed Skype(TM) 7.4
24-05-2015 13:43:22 Removed Skype(TM) 7.4
24-05-2015 19:00:08 Copias de seguridad de Windows
27-05-2015 20:07:08 Windows Update
01-06-2015 21:55:14 Copias de seguridad de Windows
09-06-2015 17:02:52 ZHPFix Restore System Point
09-06-2015 17:28:53 Removed iTunes
09-06-2015 17:47:14 Removed Apple Mobile Device Support
09-06-2015 17:49:32 Removed Apple Application Support (64 bits)
09-06-2015 17:51:40 Removed Apple Application Support (32 bits)
09-06-2015 18:46:48 Installed iTunes
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E2CEF76-2BA4-44F6-8932-61A44AE6AA11} - System32\Tasks\{9CEFB4CE-B572-452E-9DE7-71308DC27112} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638
Task: {1CDCCE94-A417-4CA4-8AC9-3A49FDF0BDF9} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe <==== ATTENTION
Task: {1DB4F697-BE3B-4ED4-8765-925593C3F5B0} - System32\Tasks\{7AF5205F-885D-4DB4-9A6B-3740018959E6} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe"
Task: {25BF0ABC-28A2-4446-8E23-9769ADB2DDD8} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-01] (Microsoft Corporation)
Task: {33AAE257-D251-43B8-8075-B43BE9C4E6B1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {375B86BB-A701-4FCB-8C04-A7F545C5E914} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {5FE6B0DF-570D-4E69-A6A3-B6169D70D1F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6F3B34D4-2A61-4BDB-9BF3-7D56D387FB86} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {74F6D490-84FF-4F00-A5E4-3A72143F884D} - System32\Tasks\{7ED2E1E6-7B57-452F-A704-4AF4A8E2FBEE} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638
Task: {77C009C1-0DF2-4C28-9E17-5C482345B02B} - System32\Tasks\{67F89C25-3BD2-4697-B863-4E20488DA248} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {7C9E8989-D78C-48A6-8D2B-B17EAC403207} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7DF791D7-2241-43E6-9134-06F5C2CA5993} - System32\Tasks\{CABA56E1-8033-4FF9-8370-88FC85E80ADF} => pcalua.exe -a C:\ProgramData\HealthAlert\uninstall.exe -c /kb=y /ic=1
Task: {7ED5CA91-62EF-49A3-9666-634CDBD71882} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {82C7CFEE-081F-4B9D-A66B-BC5C2D7545B3} - System32\Tasks\{B9F0776D-570D-4676-93B4-D2AC474B5811} => Firefox.exe http://ui.skype.com/ui/0/6.18.60.105/fr/go/help.faq.installer?LastError=1638
Task: {87A482F9-36B1-43A2-A3DA-484B9ABAFEE2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {8AE4211D-1CB0-405F-8BFB-F9FCF34B8E53} - System32\Tasks\{84FB1081-7B8A-4975-BD46-8152117F3C2B} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638
Task: {A23DF59C-6179-4357-B20F-3907897342CB} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {AE23F2BB-DFB2-4968-AFBB-2A83DB9B2256} - System32\Tasks\{200014AB-B87E-4AC2-A6D6-58DFB6319313} => pcalua.exe -a C:\Users\Claudie\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=face
Task: {B07B1E7F-5719-4E78-8BF9-269B95A9AD4B} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {BF41DDC0-23C4-46C5-ADF8-E44371AF4235} - System32\Tasks\Acer Registration - Reminder Recall task => C:\Program Files (x86)\Acer\Registration\GREG.exe [2011-05-11] (Acer Incorporated)
Task: {C51642D6-AAC0-4451-ADA1-861DD8595529} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {C8145212-4DBA-4F52-B3AE-429A12BA0D13} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2303779101-1737599147-2988863568-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D29BCA2D-9174-4648-9E29-393F75026B7B} - System32\Tasks\{7AEBB1C0-77DE-445D-A2C5-A69DCA891F77} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/fr/go/help.faq.installer?LastError=1638
Task: {DEE14A26-4FE3-48DE-B80A-5CC54D6105FF} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {F15A8CCA-EC70-4257-9EE9-82C27257E6D5} - System32\Tasks\Updater19962.exe => C:\Users\Claudie\AppData\Local\Updater19962\Updater19962.exe <==== ATTENTION
Task: {FB803069-2716-41A0-B091-0D3D18B058E7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2303779101-1737599147-2988863568-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job =>
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-04-17 20:25 - 2015-04-17 20:25 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Claudie\Downloads\bonne annee.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2303779101-1737599147-2988863568-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9508FAAB-272F-495D-981E-1ADC8DA5CD1E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{9CB8F6F2-471D-4849-A8D8-17C460E238D3}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{3B2CFC13-5CE0-47B5-8DC2-137F41115633}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{71775B8F-FEFA-4C7B-B763-45174C6FA1F4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{5C9D3716-6541-4967-BD02-5038B97CE6FD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{51175D30-705D-41A8-B5D6-00ACA285A516}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{49F47B0F-D371-4CF5-942C-2F3C920E066F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{A8D5084E-8629-4925-A08E-884E8A40174E}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{ADB16999-B044-4FDA-82E5-D76377D885D9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{95945920-FBD1-4FF4-8330-310F44A59282}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [{11BFA663-A832-4B7B-A46C-76611A437A50}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{8256FFAF-F85A-460E-9997-96915EB7FE8B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{FD05CD22-7E94-4684-963D-C78C56D402B0}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{3F1D4E13-47A1-4501-8EA3-44413615EBAA}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{93662CD9-7763-4749-995D-DCA154A9E243}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B04E6CA0-7663-4C83-82FA-4A95426F3E24}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0D967F4E-4D4E-4FAD-99EC-8A752BFF31C0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4AB32518-9CA6-42C1-B1B5-32BB87841178}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0F185C50-B1B6-481C-B00B-55D7B6083185}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [{5AFC7D47-94C8-4912-BE0D-EF969F8EF87E}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [TCP Query User{C84DE200-73A0-4090-A261-3B42E6CBCD02}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{05A13D5E-D154-428A-9945-8FABBC2092B2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{0FFAB81E-EB90-4276-9B3D-34C2E4F10E7A}C:\users\claudie\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\claudie\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{0BC4A8ED-79D3-4556-9180-12F2FE15BBCE}C:\users\claudie\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\claudie\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F31A5120-D523-4AC4-8114-2FBAE2D07E25}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5376AFB6-3045-483E-AF0F-13F945C4F055}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{4748022D-DB66-4242-B95F-9B79894F5173}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{64D3E2DB-8351-436B-A602-CAB917DE9FBA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{1BBF87E8-0086-449C-8A7B-9DA5D8460501}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A2CC369A-7779-4202-99BD-9DF62FBC2E22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C9E7E08-F88B-43E2-B57C-10A78E4CFAD9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/09/2015 06:26:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (06/09/2015 06:17:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/09/2015 06:16:52 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:41 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
System errors:
=============
Error: (06/09/2015 06:47:53 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 114.20.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:47:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:47:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:47:42 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:47:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Windows Update se cerró con el siguiente error:
%%-2147014790
Error: (06/09/2015 06:46:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Windows Update se cerró con el siguiente error:
%%-2147014790
Error: (06/09/2015 06:28:06 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 114.20.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:28:00 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:28:00 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:27:55 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Microsoft Office:
=========================
Error: (06/09/2015 06:26:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (06/09/2015 06:17:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/09/2015 06:16:52 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:41 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
CodeIntegrity Errors:
===================================
Date: 2014-09-20 09:54:01.407
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-09-20 09:54:00.627
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-08-24 17:42:17.187
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-08-24 17:42:16.848
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-08-24 17:42:16.490
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-08-24 17:42:16.131
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
Processor: AMD E-300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 58%
Total physical RAM: 3818.9 MB
Available physical RAM: 1597.24 MB
Total Pagefile: 7636.01 MB
Available Pagefile: 5312.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:282.99 GB) (Free:83.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2728A577)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Claudie at 2015-06-09 19:24:49
Running from C:\Users\Claudie\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrador (S-1-5-21-2303779101-1737599147-2988863568-500 - Administrator - Disabled)
Claudie (S-1-5-21-2303779101-1737599147-2988863568-1001 - Administrator - Enabled) => C:\Users\Claudie
HomeGroupUser$ (S-1-5-21-2303779101-1737599147-2988863568-1002 - Limited - Enabled)
Invitado (S-1-5-21-2303779101-1737599147-2988863568-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Out of date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Out of date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Apple Application Support (32 bits) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{3605D89A-BD66-F5C5-779B-BE9110B41077}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.55 - Conexant)
Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.)
Hacer clic y ejecutar de Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Hacer clic y ejecutar de Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 fr) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 fr)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Nom de votre société)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
ZHPDiag 2015 (HKLM-x32\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
17-05-2015 20:45:07 Copias de seguridad de Windows
19-05-2015 16:20:20 Removed Microsoft Silverlight
19-05-2015 16:21:39 Removed Microsoft Silverlight
19-05-2015 19:17:06 Windows Update
20-05-2015 14:57:04 Removed Microsoft Silverlight
23-05-2015 13:39:18 Removed Skype(TM) 7.4
23-05-2015 13:40:17 Windows Update
24-05-2015 13:38:54 Removed Skype(TM) 7.4
24-05-2015 13:43:22 Removed Skype(TM) 7.4
24-05-2015 19:00:08 Copias de seguridad de Windows
27-05-2015 20:07:08 Windows Update
01-06-2015 21:55:14 Copias de seguridad de Windows
09-06-2015 17:02:52 ZHPFix Restore System Point
09-06-2015 17:28:53 Removed iTunes
09-06-2015 17:47:14 Removed Apple Mobile Device Support
09-06-2015 17:49:32 Removed Apple Application Support (64 bits)
09-06-2015 17:51:40 Removed Apple Application Support (32 bits)
09-06-2015 18:46:48 Installed iTunes
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E2CEF76-2BA4-44F6-8932-61A44AE6AA11} - System32\Tasks\{9CEFB4CE-B572-452E-9DE7-71308DC27112} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638
Task: {1CDCCE94-A417-4CA4-8AC9-3A49FDF0BDF9} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe <==== ATTENTION
Task: {1DB4F697-BE3B-4ED4-8765-925593C3F5B0} - System32\Tasks\{7AF5205F-885D-4DB4-9A6B-3740018959E6} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe"
Task: {25BF0ABC-28A2-4446-8E23-9769ADB2DDD8} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-09-01] (Microsoft Corporation)
Task: {33AAE257-D251-43B8-8075-B43BE9C4E6B1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {375B86BB-A701-4FCB-8C04-A7F545C5E914} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {5FE6B0DF-570D-4E69-A6A3-B6169D70D1F3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6F3B34D4-2A61-4BDB-9BF3-7D56D387FB86} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {74F6D490-84FF-4F00-A5E4-3A72143F884D} - System32\Tasks\{7ED2E1E6-7B57-452F-A704-4AF4A8E2FBEE} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638
Task: {77C009C1-0DF2-4C28-9E17-5C482345B02B} - System32\Tasks\{67F89C25-3BD2-4697-B863-4E20488DA248} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {7C9E8989-D78C-48A6-8D2B-B17EAC403207} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7DF791D7-2241-43E6-9134-06F5C2CA5993} - System32\Tasks\{CABA56E1-8033-4FF9-8370-88FC85E80ADF} => pcalua.exe -a C:\ProgramData\HealthAlert\uninstall.exe -c /kb=y /ic=1
Task: {7ED5CA91-62EF-49A3-9666-634CDBD71882} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-17] (Adobe Systems Incorporated)
Task: {82C7CFEE-081F-4B9D-A66B-BC5C2D7545B3} - System32\Tasks\{B9F0776D-570D-4676-93B4-D2AC474B5811} => Firefox.exe http://ui.skype.com/ui/0/6.18.60.105/fr/go/help.faq.installer?LastError=1638
Task: {87A482F9-36B1-43A2-A3DA-484B9ABAFEE2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {8AE4211D-1CB0-405F-8BFB-F9FCF34B8E53} - System32\Tasks\{84FB1081-7B8A-4975-BD46-8152117F3C2B} => Firefox.exe http://ui.skype.com/ui/0/6.16.0.105/fr/go/help.faq.installer?LastError=1638
Task: {A23DF59C-6179-4357-B20F-3907897342CB} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {AE23F2BB-DFB2-4968-AFBB-2A83DB9B2256} - System32\Tasks\{200014AB-B87E-4AC2-A6D6-58DFB6319313} => pcalua.exe -a C:\Users\Claudie\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=face
Task: {B07B1E7F-5719-4E78-8BF9-269B95A9AD4B} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {BF41DDC0-23C4-46C5-ADF8-E44371AF4235} - System32\Tasks\Acer Registration - Reminder Recall task => C:\Program Files (x86)\Acer\Registration\GREG.exe [2011-05-11] (Acer Incorporated)
Task: {C51642D6-AAC0-4451-ADA1-861DD8595529} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {C8145212-4DBA-4F52-B3AE-429A12BA0D13} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2303779101-1737599147-2988863568-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {D29BCA2D-9174-4648-9E29-393F75026B7B} - System32\Tasks\{7AEBB1C0-77DE-445D-A2C5-A69DCA891F77} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/fr/go/help.faq.installer?LastError=1638
Task: {DEE14A26-4FE3-48DE-B80A-5CC54D6105FF} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {F15A8CCA-EC70-4257-9EE9-82C27257E6D5} - System32\Tasks\Updater19962.exe => C:\Users\Claudie\AppData\Local\Updater19962\Updater19962.exe <==== ATTENTION
Task: {FB803069-2716-41A0-B091-0D3D18B058E7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2303779101-1737599147-2988863568-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job =>
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 03:29 - 2011-04-24 03:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-04-17 20:25 - 2015-04-17 20:25 - 16863920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Claudie\Downloads\bonne annee.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2303779101-1737599147-2988863568-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.254
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9508FAAB-272F-495D-981E-1ADC8DA5CD1E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{9CB8F6F2-471D-4849-A8D8-17C460E238D3}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{3B2CFC13-5CE0-47B5-8DC2-137F41115633}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{71775B8F-FEFA-4C7B-B763-45174C6FA1F4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{5C9D3716-6541-4967-BD02-5038B97CE6FD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{51175D30-705D-41A8-B5D6-00ACA285A516}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{49F47B0F-D371-4CF5-942C-2F3C920E066F}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{A8D5084E-8629-4925-A08E-884E8A40174E}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{ADB16999-B044-4FDA-82E5-D76377D885D9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{95945920-FBD1-4FF4-8330-310F44A59282}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [{11BFA663-A832-4B7B-A46C-76611A437A50}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{8256FFAF-F85A-460E-9997-96915EB7FE8B}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{FD05CD22-7E94-4684-963D-C78C56D402B0}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{3F1D4E13-47A1-4501-8EA3-44413615EBAA}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{93662CD9-7763-4749-995D-DCA154A9E243}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B04E6CA0-7663-4C83-82FA-4A95426F3E24}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0D967F4E-4D4E-4FAD-99EC-8A752BFF31C0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4AB32518-9CA6-42C1-B1B5-32BB87841178}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0F185C50-B1B6-481C-B00B-55D7B6083185}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [{5AFC7D47-94C8-4912-BE0D-EF969F8EF87E}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [TCP Query User{C84DE200-73A0-4090-A261-3B42E6CBCD02}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{05A13D5E-D154-428A-9945-8FABBC2092B2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{0FFAB81E-EB90-4276-9B3D-34C2E4F10E7A}C:\users\claudie\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\claudie\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{0BC4A8ED-79D3-4556-9180-12F2FE15BBCE}C:\users\claudie\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\claudie\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F31A5120-D523-4AC4-8114-2FBAE2D07E25}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5376AFB6-3045-483E-AF0F-13F945C4F055}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{4748022D-DB66-4242-B95F-9B79894F5173}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{64D3E2DB-8351-436B-A602-CAB917DE9FBA}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{1BBF87E8-0086-449C-8A7B-9DA5D8460501}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A2CC369A-7779-4202-99BD-9DF62FBC2E22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C9E7E08-F88B-43E2-B57C-10A78E4CFAD9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/09/2015 06:26:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (06/09/2015 06:17:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/09/2015 06:16:52 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Solo información.
Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:41 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
System errors:
=============
Error: (06/09/2015 06:47:53 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 114.20.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:47:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:47:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:47:42 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:47:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Windows Update se cerró con el siguiente error:
%%-2147014790
Error: (06/09/2015 06:46:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: El servicio Windows Update se cerró con el siguiente error:
%%-2147014790
Error: (06/09/2015 06:28:06 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 114.20.0.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:28:00 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:28:00 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY51
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\Servicio de red
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (06/09/2015 06:27:55 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.199.1214.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Microsoft Office:
=========================
Error: (06/09/2015 06:26:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (06/09/2015 06:17:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/09/2015 06:16:52 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: No se puede completar la acción. Vuelva a intentarlo. Si el problema persiste, póngase en contacto con el servicio de soporte técnico de Microsoft.
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Product registration is corrupted for {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Uninstall key is not found for product {90140011-0066-0C0A-0000-0000000FF1CE}
Error: (06/09/2015 06:16:41 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out
CodeIntegrity Errors:
===================================
Date: 2014-09-20 09:54:01.407
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-09-20 09:54:00.627
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-08-24 17:42:17.187
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-08-24 17:42:16.848
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-08-24 17:42:16.490
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2013-08-24 17:42:16.131
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
Processor: AMD E-300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 58%
Total physical RAM: 3818.9 MB
Available physical RAM: 1597.24 MB
Total Pagefile: 7636.01 MB
Available Pagefile: 5312.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:282.99 GB) (Free:83.74 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2728A577)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283 GB) - (Type=07 NTFS)
==================== End of log ============================
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
9 juin 2015 à 19:35
9 juin 2015 à 19:35
Héberge sur cjoint
lilidurhone
Messages postés
43347
Date d'inscription
lundi 25 avril 2011
Statut
Contributeur sécurité
Dernière intervention
31 octobre 2024
3 807
9 juin 2015 à 21:24
9 juin 2015 à 21:24
▶ /!\ Crée un point de restauration manuel avant d'appliquer le correctif - Tutoriel en images/!\
▶ Ouvre le Bloc-notes (Démarrer => Tous les programmes => Accessoires => Bloc-notes)
▶ Copie/colle la totalité du contenu de la zone Code ci-dessous dans le Bloc-notes
▶ Enregistre le fichier sur ton Bureau (au même endroit que FRST) sous le nom fixlist.txt
▶ Ferme toutes les applications, y compris ton navigateur
▶ Double-clique sur FRST.exe
/!\ Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
▶ Sur le menu principal, clique une seule fois sur Fix et patiente le temps de la correction
▶ L'outil va créer un rapport de correction Fixlog.txt. Poste ce rapport dans ta réponse.
▶ /!\ Ce script a été établi pour cet utilisateur, il ne doit, en aucun cas, être appliqué sur un autre système, au risque de provoquer de graves dysfonctionnement et endommager Windows /!\
▶ Ouvre le Bloc-notes (Démarrer => Tous les programmes => Accessoires => Bloc-notes)
▶ Copie/colle la totalité du contenu de la zone Code ci-dessous dans le Bloc-notes
start
Task: {1CDCCE94-A417-4CA4-8AC9-3A49FDF0BDF9} - System32\Tasks\NetEngine => C:\ProgramData\NetEngine\bin\D10\netengine.exe <==== ATTENTION
Task: {A23DF59C-6179-4357-B20F-3907897342CB} - System32\Tasks\YourFile Update => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {AE23F2BB-DFB2-4968-AFBB-2A83DB9B2256} - System32\Tasks\{200014AB-B87E-4AC2-A6D6-58DFB6319313} => pcalua.exe -a C:\Users\Claudie\AppData\Roaming\istartsurf\UninstallManager.exe -c -ptid=face
Task: {F15A8CCA-EC70-4257-9EE9-82C27257E6D5} - System32\Tasks\Updater19962.exe => C:\Users\Claudie\AppData\Local\Updater19962\Updater19962.exe <==== ATTENTION
HKLM-x32\...\Run: [stv_fr_18] => [X]
2015-05-28 19:04 - 2015-05-28 19:08 - 00000000 ____D C:\Program Files (x86)\WinZipper
end
▶ Enregistre le fichier sur ton Bureau (au même endroit que FRST) sous le nom fixlist.txt
▶ Ferme toutes les applications, y compris ton navigateur
▶ Double-clique sur FRST.exe
/!\ Sous Vista, Windows 7 et 8, il faut lancer le fichier par clic-droit -> Exécuter en tant qu'administrateur
▶ Sur le menu principal, clique une seule fois sur Fix et patiente le temps de la correction
▶ L'outil va créer un rapport de correction Fixlog.txt. Poste ce rapport dans ta réponse.
▶ /!\ Ce script a été établi pour cet utilisateur, il ne doit, en aucun cas, être appliqué sur un autre système, au risque de provoquer de graves dysfonctionnement et endommager Windows /!\
28 mai 2015 à 21:38
merci pour votre aide, voici le rapport
~ ZHPCleaner v2015.5.27.258 by Nicolas Coolman (2015\05\27)
~ Run by Claudie (Administrator) (28/05/2015 20:22:09)
~ Forum : http://forum.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Claudie\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Claudie\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
~ Windows 7, 64-bit Service Pack 1 (Build 7601)
---\\ Servicios (10)
[S] ENCONTRADOS : abengine (Adware.Abengine)
[R] ENCONTRADOS : IHProtect Service (Adware.AgentODR)
[R] ENCONTRADOS : WindowsMangerProtect (PUP.Fuyu)
[S] ENCONTRADOS : {11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64 (PUP.LinkiDoo)
[S] ENCONTRADOS : {e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64 (PUP.LinkiDoo)
[S] ENCONTRADOS : hixyluco (Heuristic.Salus)
[S] ENCONTRADOS : Update Edu App (PUP.Optional)
[S] ENCONTRADOS : Update Zebar (Adware.Sambreel)
[S] ENCONTRADOS : Util Edu App (PUP.Optional)
[S] ENCONTRADOS : Util Zebar (Adware.Sambreel)
---\\ Navegadores de Internet (16)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.defaultenginename", "delta-homes"); (Hijacker.DeltaHomes)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.searchengine.alias", "delta-homes"); (PUP.SearchEngine)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); (PUP.SearchEngine)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.searchengine.iconURL", "http://search.delta-homes.com/favicon.ico"); (PUP.SearchEngine)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.searchengine.name", "delta-homes"); (PUP.SearchEngine)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.searchengine.ptid", "wpm05283"); (PUP.SearchEngine)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.searchengine.uid", "WDCXWD3200BPVT-22JJ5T0_WD-WX11CB1E3832E3832"); (PUP.SearchEngine)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.searchengine.url", "http://search.delta-homes.com/web/?type=ds&ts=14328325[...] (PUP.SearchEngine)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("browser.search.selectedEngine", "delta-homes"); (Hijacker.DeltaHomes)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("extensions.quick_start.enable_search1", false); (PUP.QuickStart)
ENCONTRADOS: [1xq6g3o0.default-1432043555660] - user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); (PUP.QuickStart)
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\Mozilla\Firefox\Profiles\1xq6g3o0.default-1432043555660\searchplugins\delta-homes.xml (Hijacker.DeltaHomes) [984D7D934D36E5243DBFF48968584D89]
ENCONTRADOS IE Params: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page [hxxp://www.oursurfing.com/?type=hppp&ts=1431781469&z=945ff22cc6c1115f77d5a08g6zf[...]] (Hijacker.OurSurfing)
ENCONTRADOS IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Start Page [hxxp://www.oursurfing.com/?type=hppp&ts=1431781469&z=945ff22cc6c1115f77d5a08g6zf[...]] (Hijacker.OurSurfing)
ENCONTRADOS IE Params: HKLM64\SOFTWARE\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.oursurfing.com/web/?type=ds&ts=1431800946&z=ac207206e62ae7e286452b1ga[...]] (Hijacker.OurSurfing)
ENCONTRADOS IE Params: HKLM64\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\\Search Page [hxxp://www.oursurfing.com/web/?type=ds&ts=1431800946&z=ac207206e62ae7e286452b1ga[...]] (Hijacker.OurSurfing)
---\\ Archivo hosts (1)
~ El archivo hosts es legítimo (21)
---\\ Tareas automáticas programadas. (2)
ENCONTRADOS tareas: [APSnotifierPP1] [C:\Windows\Tasks\APSnotifierPP1.job] (PUP.AnyProtect)
ENCONTRADOS tareas: [APSnotifierPP2] [C:\Windows\Tasks\APSnotifierPP2.job] (PUP.AnyProtect)
---\\ Explorador ( Archivos, Carpetas ) (312)
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk [Bad : C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe] (PUP.CrossBrowse)
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [Bad : C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe] (PUP.CrossBrowse)
ENCONTRADOS carpeta: C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [Crossbrowse - Crossbrowse](PUP.CrossBrowse) [55D9D5D626A1E30D286FDA5A58F9AF98]
ENCONTRADOS carpeta: C:\Program Files (x86)\XTab\ProtectService.exe [XTab system - ProtectSvc.exe](Adware.AgentODR) [43F70D97B5C448996E4B88F362DBB321]
ENCONTRADOS carpeta: C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [SysTool PasSame LIMITED - Windows SysTool Svr](PUP.Fuyu) [48A35CA991C83AEE22CB6A88FA6142A8]
ENCONTRADOS carpeta: C:\Windows\System32\drivers\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64.sys [StdLib - StdLib](PUP.LinkiDoo) []
ENCONTRADOS carpeta: C:\Windows\System32\drivers\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64.sys [StdLib - StdLib](PUP.LinkiDoo) []
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\670A1AB5-1431781798-E111-9DD7-DC0EA197F0EA (Heuristic.Salus)
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk (PUP.CrossBrowse) [84EF9E7ACB47A1346E13469C76509599]
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk (PUP.CrossBrowse) [46848FA25CD52F870A181AA5921181B8]
ENCONTRADOS carpeta: C:\Windows\Tasks\APSnotifierPP1.job (PUP.AnyProtect) [47AD112FD2CC9CBE52F026F3196F34E9]
ENCONTRADOS carpeta: C:\Windows\Tasks\APSnotifierPP2.job (PUP.AnyProtect) [819A85179450CB92860486A9A4FDFFCA]
ENCONTRADOS carpeta: C:\Windows\Prefetch\ANYPROTECT.EXE-3685BDD1.pf (PUP.AnyProtect) [5D5EF3ED45B5674A279C0F5F058C90C4]
ENCONTRADOS carpeta: C:\Windows\Prefetch\CROSSBROWSE.EXE-9D619136.pf (PUP.CrossBrowse) [AF563663E417F024186290D0E1A7056B]
ENCONTRADOS carpeta: C:\Windows\Prefetch\HEALTHALERTINSTALL.EXE-56082F48.pf (PUP.HealthAlert) [C7A5FF4244426385D9F63A736B6F216F]
ENCONTRADOS carpeta: C:\Windows\System32\abengineOff.ini (Adware.Abengine) [7E480CE5D7DF671A4C9650B76AFF3796]
ENCONTRADOS carpeta: C:\Windows\System32\abengine64.dll [Abengine - ](Adware.Abengine) []
ENCONTRADOS carpeta: C:\ProgramData\RecallDown.exe (Suspect.Optional) [3BE06A9614028D51D952A876CFE3605F]
ENCONTRADOS carpeta: C:\Users\Claudie\Desktop\Continue GamesDesktop Uninstaller.lnk (Adware.GamesDesktop) [2D11DB8C3F11B450228AE0677BD26F07]
ENCONTRADOS carpeta: C:\Users\Claudie\Downloads\iLividSetup.exe [Bandoo Media Inc - iLivid Install](Adware.Bandoo) [6B8C39C5B218B28D9C3F4B35B626529E]
ENCONTRADOS carpeta: C:\Users\Claudie\Downloads\SoftonicDownloader_pour_unlocker.exe [Softonic - Softonic Downloader](PUP.Softonic) [66AD81937D648632FA672A384B0C576E]
ENCONTRADOS carpeta: C:\Users\Claudie\Downloads\SpyHunter-Installer (1).exe [Enigma Software Group USA, LLC. - Enigma Installer](PUP.EnigmaSoftware) [B9FF555660A02DC4D3EAFF58357BE02A]
ENCONTRADOS carpeta: C:\Users\Claudie\Downloads\SpyHunter-Installer.exe [Enigma Software Group USA, LLC. - SpyHunter Downloader](PUP.EnigmaSoftware) [E503B9DCECA102941A5061F538B26CA6]
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\Bubble Dock.boostrap.log (PUP.BubbleDock) [C4D74FC8FF50A5B2FC16B11BDF23C59D]
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\Bubble Dock.installation.log (PUP.BubbleDock) [3107A64C13D18261D2668108C195500B]
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\Selection Tools.installation.log (PUP.Nosibay) [B70FEEB99575DDA1730FB688C0B3770B]
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\WindApp.boostrap.log (PUP.Nosibay) [24F662C26E226827DAAD14E918747B8A]
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Roaming\WindApp.installation.log (PUP.Nosibay) [B70FEEB99575DDA1730FB688C0B3770B]
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Local\Temp\esg_cleanup.exe [Enigma Software Group USA, LLC. - Enigma Installer TidyUp](PUP.EnigmaSoftware) [57DE339F37E8465D05FE11A0ED6017A3]
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Local\Temp\esg_uninstall.exe~ [Enigma Software Group USA, LLC. - Enigma Installer](PUP.EnigmaSoftware) [B9FF555660A02DC4D3EAFF58357BE02A]
ENCONTRADOS carpeta: C:\END (PUP.Conduit) [23B58DEF11B45727D3351702515F86AF]
ENCONTRADOS carpeta: C:\Program Files (x86)\OLBPre\LinqBridge.dll [Copyright (c) 2007-9, Atif Aziz, Joseph Albahari. All rights reserved. - LINQBridge](PUP.MyPCBackup) [E5CC3997457CD365E43C19F0F9110148]
ENCONTRADOS carpeta: C:\Program Files (x86)\XTab\conf (Adware.AgentODR) [139697A6B706B0FF02E1547B72E7BD97]
ENCONTRADOS carpeta: C:\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1031.xpi (Adware.AgentODR) [1B24F54DDE63987C58ECBBEE5730F0B5]
ENCONTRADOS carpeta: C:\Program Files (x86)\XTab\IeWatchDog.dll [Search Protecter - SearchProtect for ie](Adware.AgentODR) [F2EC62ED6C7FA6FE91EAF23017FB09DA]
ENCONTRADOS carpeta: C:\Program Files (x86)\XTab\install.data (Adware.AgentODR) [0D9096B2D2D7A2192FB097291691F52F]
ENCONTRADOS carpeta: C:\Program Files (x86)\XTab\searchProvider.xml (Adware.AgentODR) [ACFE062691DD0DD0663F98AE7AEB1E88]
ENCONTRADOS carpeta: C:\Program Files (x86)\XTab\uninstall.exe [XTab - XTab](Adware.AgentODR) [164E6612F9B044AE3E53E864E300E571]
ENCONTRADOS archivo: C:\Program Files (x86)\Crossbrowse\Crossbrowse (PUP.CrossBrowse)
ENCONTRADOS archivo: C:\Program Files (x86)\globalUpdate\CrashReports (PUP.GlobalUpdate)
ENCONTRADOS archivo: C:\Program Files (x86)\XTab\skin (Adware.AgentODR)
ENCONTRADOS archivo: C:\Program Files (x86)\XTab\web (Adware.AgentODR)
ENCONTRADOS archivo: C:\Program Files (x86)\Boxore (Adware.Boxore)
ENCONTRADOS archivo: C:\Program Files (x86)\Crossbrowse (PUP.CrossBrowse)
ENCONTRADOS archivo: C:\Program Files (x86)\Fragile Fixer (PUP.FragileFixer)
ENCONTRADOS archivo: C:\Program Files (x86)\globalUpdate (PUP.GlobalUpdate)
ENCONTRADOS archivo: C:\Program Files (x86)\OLBPre (PUP.MyPCBackup)
ENCONTRADOS archivo: C:\Program Files (x86)\predm (Adware.Downware)
ENCONTRADOS archivo: C:\Program Files (x86)\Priceless (Adware.Multiplug)
ENCONTRADOS archivo: C:\Program Files (x86)\PriuceuLEuss (Adware.Multiplug)
ENCONTRADOS archivo: C:\Program Files (x86)\XTab (Adware.AgentODR)
ENCONTRADOS carpeta: C:\ProgramData\13450785432569968815\cd5b15e575e1c3d0098c413df095b57d.ini (Adware.CrossRider) [370034AF8C325280E83A7B1CB4C5456A]
ENCONTRADOS carpeta: C:\ProgramData\79ba90aa00001da8\79ba90aa00001da8.dll (Adware.CrossRider) [8338E445FE1F7BCE3685CB797ED8E9B0]
ENCONTRADOS carpeta: C:\ProgramData\7f4f08c000007225\BIT3F7B.tmp (Adware.CrossRider) []
ENCONTRADOS archivo: C:\ProgramData\IHProtectUpDate\update (Adware.AgentODR)
ENCONTRADOS archivo: C:\ProgramData\WindowsMangerProtect\update (PUP.Fuyu)
ENCONTRADOS archivo: C:\ProgramData\13450785432569968815 (Adware.CrossRider)
ENCONTRADOS archivo: C:\ProgramData\79ba90aa00001da8 (Adware.CrossRider)
ENCONTRADOS archivo: C:\ProgramData\7f4f08c000007225 (Adware.CrossRider)
ENCONTRADOS archivo: C:\ProgramData\cosstminn (Adware.Multiplug)
ENCONTRADOS archivo: C:\ProgramData\IHProtectUpDate (Adware.AgentODR)
ENCONTRADOS archivo: C:\ProgramData\WindowsMangerProtect (PUP.Fuyu)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\AnyProtectEx\installer (PUP.AnyProtect)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\AnyProtectEx\language (PUP.AnyProtect)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\AnyProtectEx\logs (PUP.AnyProtect)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\AnyProtectEx\scan_results (PUP.AnyProtect)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\AnyProtectEx\swf (PUP.AnyProtect)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\AnyProtectEx (PUP.AnyProtect)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\Enigma Software Group (PUP.EnigmaSoftware)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\Nosibay (Adware.SPointer)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Roaming\Store (PUP.Nosibay)
ENCONTRADOS carpeta: C:\Users\Claudie\Documents\Optimizer Pro\CookiesException.txt (PUP.OptimizerPro) [C02B380476234DE0C11D7C0CE6AE5F29]
ENCONTRADOS archivo: C:\Users\Claudie\Documents\Optimizer Pro (PUP.OptimizerPro)
ENCONTRADOS carpeta: C:\Users\Claudie\AppData\Local\Boxore\state (Adware.Boxore) [079AA21F3A959FF85EC0FDA1B3763F05]
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\Crossbrowse\Crossbrowse (PUP.CrossBrowse)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\globalUpdate\CrashReports (PUP.GlobalUpdate)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\Boxore (Adware.Boxore)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\Crossbrowse (PUP.CrossBrowse)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\globalUpdate (PUP.GlobalUpdate)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\SmartWeb (PUP.SmartWebSearch)
ENCONTRADOS archivo: C:\Users\Administrador\AppData\Local\Crossbrowse\Crossbrowse (PUP.CrossBrowse)
ENCONTRADOS archivo: C:\Users\Administrador\AppData\Local\Crossbrowse (PUP.CrossBrowse)
ENCONTRADOS archivo: C:\Users\Invitado\AppData\Local\Crossbrowse\Crossbrowse (PUP.CrossBrowse)
ENCONTRADOS archivo: C:\Users\Invitado\AppData\Local\Crossbrowse (PUP.CrossBrowse)
ENCONTRADOS archivo: C:\Program Files (x86)\XTab (PUP.XTab)
ENCONTRADOS archivo: C:\Program Files (x86)\Software (Adware.Boxore)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{001200AB-2A2B-47B5-B252-48C9301515F7} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{0238E325-14EE-4191-AE7E-E975E64E066D} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{028EF6D8-AFD3-4557-AD97-933837D07D14} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{02ECC841-93F2-4A6E-B620-F2568CAE600C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{0371A7F0-DDEC-4169-9C71-4E0C9355D68D} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{04F07A01-612A-4CB6-B2AF-DCD6874E1056} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{0525FB4C-B05E-48AD-8B79-08E2E0C7F413} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{0AB4155E-25A6-4431-A3C4-2A5594B5A88A} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{0D598A4B-1F0E-4184-8118-D8FB75291E0A} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{0DD42F53-7A61-4C35-B3E5-CD45C3E715DC} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{0E236D21-D665-4ABF-9F69-F9E8BE21B762} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{0F316060-7CA9-4F38-99F0-AFC6C5FA257C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{101F9791-3A37-4C4F-A394-8A4CEE24CAE8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{126427A8-9F41-4289-B676-4E34D1D30F06} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{13453D26-E21F-4E81-A1D3-F80293029F3D} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{146D62C6-66C1-4FB8-9DC3-86D40BB9E2FC} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{15E6D64A-8DFE-4134-9A86-EC4114457A82} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{1622569D-B69D-435A-9254-491ADC373B3F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{16B09C3A-D866-4086-B6A8-F70BA384A8E6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{178269EF-165D-4F87-8388-5F3F12A4B1EE} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{1C96661F-AE85-4DD4-91D1-5F028C6E4C90} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{1DD8D067-865F-43DD-B0E8-3B560F974438} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{1E304483-CE4B-456C-94CA-852E23F2F708} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{1E95A9A3-19B9-49A7-9548-7D28F7334204} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{2066732D-4235-4EDF-BC72-12ABCEC671A9} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{23551BBF-402A-4C4D-A14B-01953B0FD39E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{243D822A-2201-4799-B4E1-E73ED6D72C91} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{24563BE1-BB7C-4A74-B513-4D96A0EE7AE9} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{25530768-409B-43DE-8585-0DB34B2DB450} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{260534FF-F3C5-4F9A-A2AD-F96D7CB28117} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{269E5C45-E1CD-40C2-BA84-8C59EC1DB98F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{284BB5D8-8A3F-4646-AA1C-D3CA9F50B1D3} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{29BCE498-51B7-4893-8943-D75524351E7C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{29D2EF40-3786-45D4-B0E2-E804B4D8565C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{2A11B259-C931-45A4-90C9-93267842EAD0} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{2BA094EC-BF8E-477B-A3C3-7DBAACC20A1F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{2D023B15-5B76-4BC5-9910-303CAE4A68E8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{2DCA9E9D-BC20-47F1-B636-6D08AC880B39} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{2DE38B97-20FC-4A7A-931C-C7413A0ACC18} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{3127B241-9FC8-4F94-B511-4869090DD12F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{31437055-F226-4938-9027-1067DF423D44} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{34288D12-9EF0-45C4-BDBA-904781E30A45} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{34DFD35C-72D5-4273-9981-E014E970F2EB} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{372AA477-4EC3-4160-9CBE-6298D84C6D56} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{38569B93-AF7B-4DC0-9086-8E529C3D1159} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{3890E92E-152C-4027-91E0-F7C47F646437} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{392F4B4F-378D-4C11-886E-EFEE01D27B40} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{3A98AC76-9249-45AB-86D7-50A44BA69062} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{3AA5B87F-FAFB-4A08-B93A-E6A6F7F8EDF9} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{3CBC2017-BCCC-49D9-8B51-7A692BF5176A} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{3D36140D-BDA4-4B62-8644-F89A067B77ED} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{3EE10311-BE06-46F7-B2B3-E2953FE2D517} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{407B4C91-2E9D-4BF5-B598-C92D36E25A87} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{414CFEA4-3FF4-4ABE-AE5C-BD7C382D42E6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{415F4F2A-2833-4293-A5E5-7CC5C33FF806} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{416D4C6C-41AE-4961-8D51-D814970C0FEA} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{44285D72-BF8A-4E46-87FD-94A1D69BCB89} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{4439DC6C-E440-4481-9BF2-C4D041EFD531} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{467ABCD8-E521-4282-8120-6C6AE13155D6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{4685C135-A802-43AE-9233-4F9E1BD3CECD} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{479659BC-B69F-4A7C-B317-D4C182E212F8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{4814E5A6-185F-475F-A71D-F41C7A8C9FFC} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{49F8D85D-F5FD-4BE1-861A-C6C17B3429EF} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{4C39803A-EF05-4D50-830E-5A7B3FB5DCF8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{4C8FE8CB-FBF3-4802-8280-78D01F7674AC} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{4E54AC75-85D3-4685-848E-7D882B2EE9C6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{4F320234-28B3-458A-BCB4-A3466DD7FC65} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{5120AA58-35AB-4BA9-806A-622D1B637FB7} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{517CB5B7-13CD-4CAF-899B-685264B5538A} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{5208C98D-5FA7-4CB0-9C24-30FCA8C37D8F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{52CB5A33-8D96-4817-8E8C-C8039D29A203} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{53155CAA-9754-4F1F-8425-94725A961560} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{531738A4-5392-4E92-A475-0C5FC6AEA323} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{5336ABF8-508D-4A51-8280-4C3EEBD37BCC} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{5499459B-9584-43F5-98EE-E686B82E81E9} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{54ED8919-D63E-4705-8329-FAABE1F54C27} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{554A4080-81B6-4EF0-B723-D1815F22A591} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{559B1E75-6B29-4173-A72F-5230C788327C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{55CD103A-5135-4BC8-82D9-5B2F24B28173} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{55F00F6F-CD99-4A89-B4A5-E0E5A911FD90} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{574CED83-B74E-4A16-A82B-4CCB77FB8482} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{58B95D79-4A41-4F0B-9CAD-A251B6364BE7} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{598BB6DA-B425-46CE-B041-E53B4D7640AD} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{5A29CC4A-9C10-40EC-A8C4-E5F85888CF30} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{5A98A3FE-78BF-4B71-BD82-70D6E41E96FA} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{5E4A530B-A435-49FA-AC28-F13D1EE6EFFD} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{5E6AC676-7B48-432F-9DCD-C582CE80FCD6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{60429EF5-3730-4B02-A35C-0A844338DBA9} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{60D02B86-2AF6-4FE0-A85D-C01492BA2FC8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{617413F4-78A8-4E7D-A7CB-4A9CE2619DEE} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{62E20B70-DE8D-46F1-ACAB-17315C61A8AC} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{636296A0-F3FA-4F81-B9E9-F92D26EEB062} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{63AAD342-A9DD-46F0-BC5F-075AC85D343E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{6563BAD1-47C7-4CC1-B574-77C4F9F41D3B} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{65EFD74D-BDA5-468C-BED5-F16C378986F4} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{671D9218-6FFA-42AD-808B-77DA14C34E89} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{6A2C082B-46E9-46AA-84D5-307EEBEE713F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{6BC61F1D-6F05-48EB-93A2-130E845CD538} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{6C8FBAFD-0AE6-47C0-ADEA-1BB2C62C481D} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{6C98240E-9E2E-48B5-B94A-F9642C5E8C3D} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{6EC63C99-89DD-450B-91FD-2EA1B05F41DE} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{702C1AFA-B05B-4E79-ADBB-483C3B875D3E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7160CC72-A3B3-4850-9DAE-1DA6A109BFE8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{72E211B3-9818-4133-91EC-3886F704830C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{73BE6B9B-DF62-433C-B645-2D8F5782AF9E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7477346D-4DF2-4DD7-B594-BB4C05A606C4} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7671050B-06DB-407B-8D62-C6884F2AFD40} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{76FBA7A5-9109-4A5D-B336-2CCEA0C679D9} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{79A0EAC7-45D2-455F-A69C-C65CE33FC0F1} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7B5F3D0E-4E56-4146-A2C4-04A73353CF28} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7C94E478-9EDC-410C-8A4E-E1189F593CD6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7E7466DF-99B3-4C7D-A75F-1B6E2F6E716B} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7E7AF000-82F2-49E1-BEF6-0C8E60A60BDC} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7EF832E2-2116-444E-BFDF-7063083CBC9D} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{7F2C9041-2357-49FF-9760-9B2BDDBC776B} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{80D1AA57-3959-42F8-ADA2-47527A3F5038} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{82099E2C-2D35-4092-91C9-433FF708FD40} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{878695D2-ED30-45EA-B321-A839FE56717C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{8838C20E-ED8F-4988-B377-1737308525E9} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{88529BD1-67A8-4D2C-B909-620ACAD79DE4} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{8A360A69-BE44-405C-8BC6-2178CE821250} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{8A95C77F-E21F-4EDA-BEB0-5119170853FA} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{8ACC4DA8-5B43-4FB6-A5DC-62F0B49FA19F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{8ADA1B2C-D8E7-4B24-BD66-D647F264F255} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{8AFE4B0C-3DCF-4154-BBCE-540A55F737D0} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{8E678AF8-67DB-4935-B1B8-A9522372DFCD} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{8F4D8C97-B260-468D-AFDF-EF2C26605E6C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{91289BBF-EDAB-4D91-8DC7-0AAD64731D4B} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{92131AF9-C8BB-49FB-AE98-EE14928EC65F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{921FC1C2-3ED9-4607-A356-EEB8161DE5FE} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{93196FD7-1D21-4372-A099-45CE38FE3FC8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{932A3F27-BE5F-4B23-87BD-7D82A076CE1E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{93A1D014-C841-413A-A92E-5F2D26AFDF18} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{9A6FB895-B564-4A35-B181-812210E700F8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{9ACC99D8-872D-411B-AE2D-06B9237ACE66} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{9B93EFBF-FAAF-401D-A898-A185AFF61F3C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{9BDB577B-AEA2-427A-BBA5-49C91AAF043A} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{9C92B375-D7C2-4FE1-86F2-66FD97F80AA7} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{9F8CAE5C-EBBF-40EB-B527-E760F7EE9E5F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{9FDF394D-F648-45AA-AF6A-E041B28C3993} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{A27AF3B1-2A77-4F94-B14B-9DC1883C7260} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{A333CEBD-F54A-49AB-8BFE-FB3199766809} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{A34FD7DF-953E-4EFE-AD0A-F70F40F39CEF} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{A37E649C-D15C-4405-A7DA-341E28FE701C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{A4E5C355-D608-42A1-A404-51EA5645EAEE} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{A5B1951A-5433-4B3A-BCB6-A8C17798C0F6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{A681F95E-53AA-4548-A21F-AD629EDB3F37} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{A69D6E1B-E569-4CC4-B045-C116D07897D7} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{AB519415-E096-48E9-A7DD-F172BB468A27} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{AC267033-141C-44CC-81ED-6157F8B16A13} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{AD0691CE-78B5-46ED-BB13-464D8645953E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{AD4C5DE2-114B-477E-B99C-803D06F8B990} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{AD73CD64-7DFA-4E58-B99D-53C09B38729F} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{AF58CFDE-A563-463A-9AB0-3BD037A6FCF2} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{AF59A6CF-9BF2-48EF-B6ED-A8A7DAEACF4A} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{AF77BADA-E7D2-4F68-B993-9FCB5B012AC0} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{B34F3F31-3B4D-46E9-9FD9-E695CC327046} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{B37DA6F2-41E9-4A71-B3C8-C7D1C1C184D2} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{B58B8A0D-4C23-47FA-A804-6DA1BCE270D5} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{B5FAC16E-A157-4B4E-9449-6BE26FC22D87} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{B7768E6D-8ABD-499F-85CC-93549B6E067A} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{B85193DF-6DE5-41D6-B810-54870583E6E6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{BB3D3C1B-AEB6-4AAA-B2F1-E33604BE16A9} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{BBFDF3C0-3A9D-4EB4-A615-325C9797FBC8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{BC8DB6C5-F397-4A03-95F6-2AA3FCD280FE} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{BE3E8FC3-4697-4343-95D6-957CFB12A8A8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C297CC3B-EC5D-4E83-B463-6AD3E4635353} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C2A401B4-2BA4-42D4-A28A-D6005C33EF56} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C3AA3FD3-5AE5-4161-B9D2-6DD905AA084C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C3DD551C-634B-451F-BDDB-D57E257C2C54} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C49FA83B-A549-418D-9965-85C343758425} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C4E17474-DC2F-4B2D-8EE6-AC9EA27150AB} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C5D31264-B899-432C-B055-5B356930CDA6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C6063404-891A-4E2E-9E0D-DBA1E6738FF3} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C83501F0-0AC6-42B1-8B3C-AF089907C7C5} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{C9C6FCD4-5378-49DC-9B6C-D4182FB314F6} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{CBAC9DB4-65E6-4222-A4BC-E366CF29F557} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{CBD5DD50-F3BC-4D82-B9BF-0266CEEE260E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{CCA3B9B8-5532-49E9-8FC4-737F27AEC38E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{CFD58122-2836-4DA6-AC1E-B162DDD4A396} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{CFF63899-D3B9-4FA9-B8A4-ECF3E1EDEC7E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{D25C7549-6086-409A-A8BB-9682ED41F6B3} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{D262B3F5-E9ED-4A91-A611-0E040A25F114} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{D30E868F-FF5A-4367-B50F-7B7B8B9CE647} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{D7F1FBFF-C0AA-440D-A4F8-9969DA9AE448} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{D83026AA-4ECC-46AA-9256-6951B1FAD3A8} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{D9C488E0-F456-45AB-94D6-F9A9B1FE26E2} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{DADF81B1-D13C-4E7B-B722-DFCF40B555FF} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{DD3E7821-9C52-4D82-956B-D854CB43C3B0} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{DEEF3F96-FCAB-4932-ACD3-2BFE7E181845} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{E099FD3E-499E-4311-AA0B-994A50AB51ED} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{E4B747D7-11B8-4E40-B87A-6B790303FBE3} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{E60FE0C6-D723-4BF0-B6C8-FF032DC8AAF3} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EA857EC6-6EB3-4795-B98C-4E2BABEFE160} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EA8D3A88-E62C-47AB-AD89-5218A7C37CED} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EA90503F-65E4-4D56-AA9B-50FEA0D88B00} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EB9E95E0-67AF-4582-A47B-B4251C4CA68A} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EBC4985F-0E6C-4E10-B6AB-F5E87D2F1434} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EC593A2A-C25C-4D61-AC72-AE7D98ECF2BE} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EDC30A60-0110-47BF-89D3-3C7301296C91} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EEAA20F4-30D3-48B1-A39B-5D3B35A5BD50} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{EED44C6C-8692-40DF-9B2A-E79942F59B34} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{F13FAE68-5F8B-4C22-B780-52579978A8FC} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{F476DA76-47E3-4BCE-88FF-A0E0D76BEA12} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{F4C392FC-8E62-4787-8DAE-349655900D6B} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{F507612A-F87C-42D5-A9AB-B927A48F191E} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{F63ACB16-4F44-4320-B1AD-3C8E078016A0} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{F71F568A-F7FF-463B-89A0-17416E575208} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{F8B1B162-E1F4-4BAC-AC7E-274FB168104C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{F9248F30-9AB7-43EF-8EB3-8F8987E2A33C} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{FA958C23-E831-4521-8732-FD5E317490DB} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{FBE2B698-3006-427E-8348-E63E15E26F04} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{FBFBA2FD-40CE-4FBB-BFE0-4267951E97ED} (Empty)
ENCONTRADOS archivo: C:\Users\Claudie\AppData\Local\{FFED45CA-E3EF-4DB4-86BD-C51F17C06E9C} (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI1183.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI1F3A.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI2B0E.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI3F03.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI48DF.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI4A72.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI5939.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI5AD9.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI71F4.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI8B4C.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSI8CE0.tmp- (Empty)
ENCONTRADOS archivo: C:\Windows\Installer\MSIB385.tmp- (Empty)
---\\ Registro ( Claves, Valores, Datos) (174)
ENCONTRADOS valor: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\***@*** [C:\Users\Claudie\AppData\Roaming\Mozilla\Firefox\Profiles\1xq6g3o0.default-1432043555660\extensions\***@***] (PUP.SweetSearch)
ENCONTRADOS valor: [X64] HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions\\***@*** [C:\Users\Claudie\AppData\Roaming\Mozilla\Firefox\Profiles\1xq6g3o0.default-1432043555660\extensions\***@***] (PUP.QuickSearch)
ENCONTRADOS clave: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} [http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&fr[...]] [Bing] (Hijacker.OurSurfing)
ENCONTRADOS clave: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&fr[...]] [e] (Hijacker.OurSurfing)
ENCONTRADOS clave: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} [http://www.oursurfing.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&fr[...]] [Google] (Hijacker.OurSurfing)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse ["C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" (Not File)] (PUP.CrossBrowse)
ENCONTRADOS dados: HKLM\...\IEXPLORE.EXE\Shell\open\Command\\C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.oursurfing.com/?type=sc&ts=1431781386&z=f79200805cf769d865e81fag3z7c2gfm6b5gcc0t6e&from=fsf&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX11CB1E3832E3832 (Hijacker.OurSurfing)
ENCONTRADOS dados: [X64] HKLM\SOFTWARE\Classes\.html\\Default [Bad : CRSBRWSHTML] (PUP.CrossBrowse)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\CRSBRWSHTML\Shell\Open\Command [C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe] (PUP.CrossBrowse)
ENCONTRADOS : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000001 [C:\Windows\system32\abengine64.dll] (Hijacker.Winsock)
ENCONTRADOS : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000002 [C:\Windows\system32\abengine64.dll] (Hijacker.Winsock)
ENCONTRADOS : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000003 [C:\Windows\system32\abengine64.dll] (Hijacker.Winsock)
ENCONTRADOS : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000004 [C:\Windows\system32\abengine64.dll] (Hijacker.Winsock)
ENCONTRADOS : HKLM64\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000015 [C:\Windows\system32\abengine64.dll] (Hijacker.Winsock)
ENCONTRADOS valor: [X64] HKLM\Software\Classes\.htm\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
ENCONTRADOS valor: [X64] HKLM\Software\Classes\.html\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
ENCONTRADOS valor: [X64] HKLM\Software\Classes\.shtml\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
ENCONTRADOS valor: [X64] HKLM\Software\Classes\.webp\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
ENCONTRADOS valor: [X64] HKLM\Software\Classes\.xht\OpenWithProgIDs\\CRSBRWSHTML [] (PUP.CrossBrowse)
ENCONTRADOS clave: HKCU\Software\WajIntEnhance [] (PUP.Wajam)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\abengine [C:\Program Files (x86)\HighlightSearches\abengine.exe (Not File)] (Adware.Abengine)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service [C:\Program Files (x86)\XTab\ProtectService.exe (Not File)] (Adware.AgentODR)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect [C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Not File)] (PUP.Fuyu)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64 [C:\Windows\System32\drivers\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64.sys (Not File)] (PUP.LinkiDoo)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64 [C:\Windows\System32\drivers\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64.sys (Not File)] (PUP.LinkiDoo)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect [C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe] (PUP.Fuyu)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64 [C:\Windows\System32\drivers\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64.sys] (PUP.LinkiDoo)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64 [C:\Windows\System32\drivers\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64.sys] (PUP.LinkiDoo)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (Adware.Sambreel)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Currentversion\Uninstall\SearchProtect [] (Adware.Sambreel)
ENCONTRADOS clave: HKLM\SYSTEM\CurrentControlSet\Services\hixyluco [C:\Users\Claudie\AppData\Roaming\670A1AB5-1431781798-E111-9DD7-DC0EA197F0EA\nsg64B1.tmp (Not File)] (Heuristic.Salus)
ENCONTRADOS clave: HKCU\Software\CinemaPlus-3.2cV16.05-nv-ie [] (Heuristic.CrossRider)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\e2300d37-a71b-a970-e5bd-de5a3c28d7ed [] (Adware.CrossRider)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64 [C:\Windows\System32\drivers\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64.sys] (PUP.LinkiDoo)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64 [C:\Windows\System32\drivers\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64.sys] (PUP.LinkiDoo)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\abengine [C:\Program Files (x86)\HighlightSearches\abengine.exe (Not File)] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service [C:\Program Files (x86)\XTab\ProtectService.exe (Not File)] (Adware.AgentODR)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Update Edu App ["C:\Program Files (x86)\Edu App\updateEduApp.exe" (Not File)] (PUP.Optional)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Update Zebar ["C:\Program Files (x86)\Zebar\updateZebar.exe" (Not File)] (Adware.Sambreel)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Util Edu App ["C:\Program Files (x86)\Edu App\bin\utilEduApp.exe" (Not File)] (PUP.Optional)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Util Zebar ["C:\Program Files (x86)\Zebar\bin\utilZebar.exe" (Not File)] (Adware.Sambreel)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect [C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe (Not File)] (PUP.Fuyu)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64 [C:\Windows\System32\drivers\{11944e07-3e46-4956-b8c7-7e52c7a44c1d}Gw64.sys (Not File)] (PUP.LinkiDoo)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64 [C:\Windows\System32\drivers\{e2590817-40ca-4d03-8e1f-67fd8517bae9}Gw64.sys (Not File)] (PUP.LinkiDoo)
ENCONTRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\WindApp ["C:\Users\Claudie\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup] (PUP.Nosibay)
ENCONTRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Selection Tools ["C:\Users\Claudie\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup] (PUP.Nosibay)
ENCONTRADOS valor: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_19E0E59AF6735FCA5CAEA8C5212B9DB3 ["C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window] (PUP.Vosteran)
ENCONTRADOS valor: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_fr_289 [] (Adware.FreeSoftToday)
ENCONTRADOS valor: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\mbot_fr_624 [] (Adware.CrossRider)
ENCONTRADOS valor: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_539 [] (Adware.CrossRider)
ENCONTRADOS valor: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_543 [] (Adware.CrossRider)
ENCONTRADOS valor: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\gmsd_fr_552 [] (Adware.CrossRider)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\AnyProtect [] (PUP.AnyProtect)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\APN PIP [] (Toolbar.Agent)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\ArenaHD [] (Adware.CrossRider)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\Boxore [] (Adware.Boxore)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\CinemaPlus-3.2cV16.05-nv-ie [] (Adware.CrossRider)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\Crossbrowse [] (PUP.CrossBrowse)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\CrossBrowser [] (PUP.CrossBrowser)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\gamesdesktop [] (Adware.GamesDesktop)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\globalUpdate [] (PUP.GlobalUpdate)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\HighDefAction [] (Adware.CrossRider)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\HomeTab [] (PUP.CertifiedToolbar)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\Linkey [] (PUP.LinkeySearch)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\Nosibay [] (Adware.SPointer)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\SafeGuardApp [] (PUP.SafeGuard)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\SearchProtectWS [] (PUP.SearchProtect)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\SimplyTech [] (PUP.SimplyTech)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\TNT2 [] (Adware.TidyNetwork)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\WajIntEnhance [] (Adware.Multiplug)
ENCONTRADOS clave: HKEY_USERS\S-1-5-21-2303779101-1737599147-2988863568-1001\Software\YorkNewCin [] (Adware.CrossRider)
ENCONTRADOS clave: HKCU\Software\AnyProtect [] (PUP.AnyProtect)
ENCONTRADOS clave: HKCU\Software\APN PIP [] (Toolbar.Agent)
ENCONTRADOS clave: HKCU\Software\ArenaHD [] (Adware.CrossRider)
ENCONTRADOS clave: HKCU\Software\Boxore [] (Adware.Boxore)
ENCONTRADOS clave: HKCU\Software\CinemaPlus-3.2cV16.05-nv-ie [] (Adware.CrossRider)
ENCONTRADOS clave: HKCU\Software\Crossbrowse [] (PUP.CrossBrowse)
ENCONTRADOS clave: HKCU\Software\CrossBrowser [] (PUP.CrossBrowser)
ENCONTRADOS clave: HKCU\Software\gamesdesktop [] (Adware.GamesDesktop)
ENCONTRADOS clave: HKCU\Software\globalUpdate [] (PUP.GlobalUpdate)
ENCONTRADOS clave: HKCU\Software\HighDefAction [] (Adware.CrossRider)
ENCONTRADOS clave: HKCU\Software\HomeTab [] (PUP.CertifiedToolbar)
ENCONTRADOS clave: HKCU\Software\Linkey [] (PUP.LinkeySearch)
ENCONTRADOS clave: HKCU\Software\Nosibay [] (Adware.SPointer)
ENCONTRADOS clave: HKCU\Software\SafeGuardApp [] (PUP.SafeGuard)
ENCONTRADOS clave: HKCU\Software\SearchProtectWS [] (PUP.SearchProtect)
ENCONTRADOS clave: HKCU\Software\SimplyTech [] (PUP.SimplyTech)
ENCONTRADOS clave: HKCU\Software\TNT2 [] (Adware.TidyNetwork)
ENCONTRADOS clave: HKCU\Software\WajIntEnhance [] (Adware.Multiplug)
ENCONTRADOS clave: HKCU\Software\YorkNewCin [] (Adware.CrossRider)
ENCONTRADOS clave: HKCU\Software\AppDataLow\Software\Crossrider [] (Adware.CrossRider)
ENCONTRADOS clave: HKCU\Software\AppDataLow\Software\DynConIE [] (PUP.DynConIE)
ENCONTRADOS clave: HKCU\Software\AppDataLow\Software\SmartBar [] (PUP.QuickShare)
ENCONTRADOS clave: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
ENCONTRADOS clave: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
ENCONTRADOS clave: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
ENCONTRADOS clave: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [] (PUP.SearchProtect)
ENCONTRADOS clave: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
ENCONTRADOS clave: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
ENCONTRADOS clave: HKCU\Software\Store [] (PUP.Optional)
ENCONTRADOS clave: HKCU\Software\Mozilla\Extends [] (PUP.FastStart)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\TypeLib\{1BCB34DC-BA6D-4B44-B786-4E259598A7C8} [abengine 1.0 Type Library] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataContainer [DataContainer Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataContainer.1 [DataContainer Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataController [DataController Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataController.1 [DataController Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataTable [DataTable Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataTable.1 [DataTable Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataTableFields [DataTableFields Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataTableFields.1 [DataTableFields Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder [DataTableHolder Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder.1 [DataTableHolder Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.LSPLogic [LSPLogic Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.LSPLogic.1 [LSPLogic Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager [ReadOnlyManager Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager.1 [ReadOnlyManager Class] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\CRSBRWSHTML [Crossbrowse HTML Document] (PUP.CrossBrowse)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\CLSID\{00322027-7113-9ECA-4152-5EAF538C804F} [cosstminn] (Adware.Multiplug)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Classes\CLSID\{F8D4C68F-96DB-491C-8A03-41DEAA3B86B3} [PriuceuLEuss] (Adware.Multiplug)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update FindRight [] (Adware.Sambreel)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update Zebar [] (Adware.Sambreel)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util Zebar [] (Adware.Sambreel)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect [] (PUP.Fuyu)
ENCONTRADOS clave: [X64] HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine [service] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\ArenaHD [] (Adware.CrossRider)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\HighDefAction [] (Adware.CrossRider)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\YorkNewCin [] (Adware.CrossRider)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASAPI32 [] (PUP.SafeGuard)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Microsoft\Tracing\SafeGuard_RASMANCS [] (PUP.SafeGuard)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe [] (PUP.GlobalUpdate)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SoftwareUpdate.exe [] (Adware.Boxore)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe [C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe] (PUP.CrossBrowse)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\ArenaHD [] (Adware.CrossRider)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\AskPartnerNetwork [] (Toolbar.AskBar)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Boxore [] (Adware.Boxore)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Conduit [] (PUP.Conduit)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Crossbrowse [] (PUP.CrossBrowse)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\FFPluginHp [] (PUP.SweetSearch)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\GlobalUpdate [] (PUP.GlobalUpdate)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\HighDefAction [] (Adware.CrossRider)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\IHProtect [] (Adware.AgentODR)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Iminent [] (Adware.IMBooster)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Infonaut_1.10.0.14 [] (PUP.Infonaut)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware [] (PUP.IsStart)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\oursurfingSoftware [] (Hijacker.OurSurfing)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\SafeGuardApp [] (PUP.SafeGuard)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\SearchProtect [] (PUP.SearchProtect)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\SupDp [] (Adware.SupTab)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\SuperClick_1.10.0.16 [] (PUP.SuperClick)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\supTab [] (Adware.SupTab)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\supWindowsMangerProtect [] (PUP.Fuyu)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\TabNav [] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\TermBlazer_1.10.0.16 [] (PUP.TermBlazer)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Tutorials [] (PUP.AgenceExclusive)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\V9 [] (PUP.V9Software)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\WajIntEnhance [] (Adware.Multiplug)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\YorkNewCin [] (Adware.CrossRider)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\ZoomWebLists [] (PUP.Zoom)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{1BCB34DC-BA6D-4B44-B786-4E259598A7C8} [abengine 1.0 Type Library] (Adware.Abengine)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse [The Crossbrowse Authors] (PUP.CrossBrowse)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP [] (Adware.IMBooster)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar [] (Adware.IMBooster)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Linkey [] (PUP.LinkeySearch)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect [] (PUP.SearchProtect)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage [] (Adware.Downware)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com [] (PUP.Vosteran)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance [] (Adware.Multiplug)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe [C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe] (PUP.CrossBrowse)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse [Crossbrowse] (PUP.CrossBrowse)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1c2b2612-9291-46d6-8e21-3e74c4583329} [C:\Program Files (x86)\Supreme Savings (Not File)] (PUP.RewardsArcade)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40041302-aa25-4b1b-b030-dd894ae239af} [C:\Program Files (x86)\Supreme Savings (Not File)] (PUP.RewardsArcade)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44eac34f-7317-4dd1-9ac8-f4ee73a40544} [C:\Program Files (x86)\Supreme Savings (Not File)] (PUP.RewardsArcade)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6b1cc058-cd6b-479a-b1df-de24465bb229} [C:\Program Files (x86)\Supreme Savings (Not File)] (PUP.RewardsArcade)
ENCONTRADOS clave: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fc9fb302-01c3-46b6-8824-4e6a0d71d820} [C:\Program Files (x86)\Supreme Savings (Not File)] (PUP.RewardsArcade)
---\\ Resultado de la reparación.
~ ninguna reparación hecha
~ falta este navegador! (Google Chrome)
~ falta este navegador! (Opera Software)
---\\ Statistiques
~ Items escaneado : 59901
~ Items encontrado : 595
~ artículos cancelados : 0
~ Items reparado : 0
End of clean at 21:16:06
===================
ZHPCleaner-[S]-28052015-21_16_06.txt