Script ZHPFix EmptyPrefetch FirewallRaz PROXYFix EmptyTemp EmptyFlash EmptyClsid SysRestore [MD5.8DFE6597068CC79570F2786B18D1B2A6] - (.Systweak - Advanced-System Protector.) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [6711152] [PID.3172] =>PUP.AdvancedSystemProtector [MD5.397B966BBCA15D72AE702FDF31D02F99] - (.Fuyu LIMITED - WindowsProtectManger Service.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896] [PID.1912] =>PUP.Fuyu [MD5.3F6966D04701C8DC020DFA2ED35B75F6] - (...) -- C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe [220672] [PID.2620] =>Adware.EZSoftwareUpdater [MD5.E0E5D499EF59D3A1C3792810936E44DD] - (...) -- C:\Program Files (x86)\CommonShare\updateCommonShare.exe [522528] [PID.3564] =>PUP.CommonShare [MD5.CA0A85D6890EDBDD33E7A7F501257527] - (.Small Island Development - TVWizard Service.) -- C:\ProgramData\ilcPVt\qPyZwJwN.exe [2318192] [PID.3192] =>PUP.SmallIsland R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.IsStart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.IsStart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.IsStart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.IsStart O2 - BHO: 8d6c6b503bec4fef8265c6850bf8e3d80065055 [64Bits] - {11111111-1111-1111-1111-110611501155} Clé orpheline O2 - BHO: (no name) [64Bits] - {31ad400d-1b06-4e33-a59a-90c2c140cba0} Clé orpheline O2 - BHO: CommonShare [64Bits] - {b0022d3c-ca81-4a57-ba00-31650a761234} Clé orpheline =>PUP.CommonShare O3 - Toolbar: QuickShare Widget - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>PUP.QuickShare O4 - GS\QuickLaunch [daniel]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.IsStart O4 - GS\QuickLaunch [daniel]: SpeedUpMyPC.lnk . (...) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe (.not file.) =>PUP.SpeedUpMyPC O4 - HKCU\..\Run: [LPT System Updater] . (.Pas de propriétaire - srptm.) -- C:\Users\daniel\AppData\Local\LPT\srptm.exe =>Adware.Incredibar O20 - AppInit_DLLs: . (.Client Connect LTD - Search Protect.) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll =>PUP.SearchProtect O23 - Service: EZ Software Updater (EZ Software Updater) . (...) - C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe =>Adware.EZSoftwareUpdater O23 - Service: qPyZwJwN (qPyZwJwN) . (.Small Island Development - TVWizard Service.) - C:\ProgramData\ilcPVt\qPyZwJwN.exe =>PUP.SmallIsland O23 - Service: Update CommonShare (Update CommonShare) . (...) - C:\Program Files (x86)\CommonShare\updateCommonShare.exe =>PUP.CommonShare O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu [MD5.8DFE6597068CC79570F2786B18D1B2A6] [APT] [Advanced-System Protector_startup] (.Systweak.) -- C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [6711152] =>PUP.AdvancedSystemProtector [MD5.00000000000000000000000000000000] [APT] [ASP] (...) -- C:\Program Files (x86)\RCP\systweakasp.exe (.not file.) [0] [MD5.F1DE86F6CE0501BC6C188A8C124AEC80] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-1] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe [1082768] =>PUP.CrossRider [MD5.F8B42F7FEB58FD8F145807CB30F7F4AA] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-11] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-11.exe [1966992] =>PUP.CrossRider [MD5.11B75DF511A245E8CA2978B05162CA95] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-2] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-2.exe [905616] =>PUP.CrossRider [MD5.F8B42F7FEB58FD8F145807CB30F7F4AA] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-3] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-3.exe [1966992] =>PUP.CrossRider [MD5.3669A20FF14F0296513283FBF3903A47] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-4] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-4.exe [1487760] =>PUP.CrossRider [MD5.11A1E5DD3197320137F56917F0FFFB2C] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-5] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5.exe [839568] =>PUP.CrossRider [MD5.11A1E5DD3197320137F56917F0FFFB2C] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-5_user] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5.exe [839568] =>PUP.CrossRider [MD5.D2ABC8C5E1FCBD30DF0F37ECFA121CEC] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-6] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-6.exe [1238416] =>PUP.CrossRider [MD5.F1DE86F6CE0501BC6C188A8C124AEC80] [APT] [c2d1b618-974b-4899-8b5e-7e965b8f5d64-7] (.app.) -- C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-7.exe [1082768] =>PUP.CrossRider [MD5.4BF55ACD6E13477F8CC24B64367CF9A9] [APT] [Groovorio] (...) -- C:\Users\daniel\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.exe [454656] =>PUP.Groovorio [MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.JDIBackup [MD5.00000000000000000000000000000000] [APT] [SpeedUpMyPC Maintenance] (...) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe (.not file.) [0] =>PUP.SpeedUpMyPC [MD5.00000000000000000000000000000000] [APT] [SpeedUpMyPC Startup] (...) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe (.not file.) [0] =>PUP.SpeedUpMyPC [MD5.E4367780DD300FE184BDD49395615D64] [APT] [TotalSystemCare.Scanning] (...) -- C:\Program Files\TotalSystemCare\TotalSystemCare.exe [2233144] =>PUP.TotalSystemCare [MD5.87948212C71A773AEF4C68029BFAE924] [APT] [wp_update] (...) -- C:\Users\daniel\AppData\Roaming\~dbbjqcf.exe [493272] =>PUP.WpManager [MD5.1608D54DC69EA7E763CDAB78F71CAFD6] [APT] [{12DCFF65-72CF-442D-927B-2E353E715BB7}] (.Skytech Co., Ltd..) -- C:\Users\daniel\AppData\Roaming\istartsurf\UninstallManager.exe [1856512] =>PUP.IsStart O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-1 - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-1.job [3452] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-1 - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-1 [3452] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-11 - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-11.job [5178] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-11 - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-11 [5178] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-2 - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-2.job [2104] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-2 - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-2 [2104] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-3 - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-3.job [4488] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-3 - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-3 [4488] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-4 - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-4.job [4152] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-4 - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-4 [4152] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-5 - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5.job [2440] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-5 - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5 [2440] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-5_user - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5_user.job [2440] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-5_user - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5_user [2440] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-6 - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-6.job [4152] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-6 - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-6 [4152] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-7 - (.app.) -- C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-7.job [3808] =>PUP.CrossRider O39 - APT: c2d1b618-974b-4899-8b5e-7e965b8f5d64-7 - (.app.) -- C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-7 [3808] =>PUP.CrossRider O39 - APT: Groovorio - (...) -- C:\Windows\Tasks\Groovorio.job [296] =>PUP.Groovorio O39 - APT: Groovorio - (...) -- C:\Windows\System32\Tasks\Groovorio [296] =>PUP.Groovorio O39 - APT: SpeedUpMyPC Maintenance - (...) -- C:\Windows\Tasks\SpeedUpMyPC Maintenance.job [280] =>PUP.SpeedUpMyPC O39 - APT: SpeedUpMyPC Maintenance - (...) -- C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance [280] =>PUP.SpeedUpMyPC O39 - APT: SpeedUpMyPC Startup - (...) -- C:\Windows\Tasks\SpeedUpMyPC Startup.job [274] =>PUP.SpeedUpMyPC O39 - APT: SpeedUpMyPC Startup - (...) -- C:\Windows\System32\Tasks\SpeedUpMyPC Startup [274] =>PUP.SpeedUpMyPC O41 - Driver: ({67c662df-ee30-43f3-a32d-6c1a5a35a202}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{67c662df-ee30-43f3-a32d-6c1a5a35a202}Gw64.sys =>PUP.LinkiDoo O42 - Logiciel: WindowsMangerProtect20.0.0.722 - (.WindowsProtect LIMITED.) [HKLM][64Bits] -- WindowsMangerProtect =>PUP.Fuyu [HKCU\Software\592d6dde16eb815] =>Hijacker.Eazel [HKCU\Software\AppDataLow\Software\Browsers+Apps+1.1] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] [HKCU\Software\BI] [HKCU\Software\BabylonToolbar] =>PUP.Babylon [HKCU\Software\CommonShare] =>PUP.CommonShare [HKCU\Software\DataMngr] =>PUP.Datamngr [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver [HKCU\Software\OfferBox] =>PUP.OfferBox [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro [HKCU\Software\Probit Software] =>PUP.ProbitSoftware [HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar [HKCU\Software\SmartbarLog] =>Hijacker.SmartBar [HKCU\Software\Smartbar] =>Hijacker.SmartBar [HKCU\Software\StormWatchApp] =>PUP.StormWatch [HKCU\Software\SupHpUISoft] =>PUP.CrossRider [HKCU\Software\SweetIM] =>PUP.SweetIM [HKCU\Software\TutoTag] =>PUP.AgenceExclusive [HKCU\Software\Tutorials] =>PUP.AgenceExclusive [HKCU\Software\WideStream] =>Adware.SPointer [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate [HKCU\Software\groovorio] =>PUP.Groovorio [HKCU\Software\mybestofferstoday] =>PUP.MyBestOffersToday [HKLM\Software\DomaIQ] =>Adware.DomaIQ [HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver [HKLM\Software\TotalSystemCare] =>PUP.TotalSystemCare [HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon [HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore [HKLM\Software\Wow6432Node\Browsers+Apps+1.1-nv] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Browsers+Apps+1.1] =>PUP.CrossRider [HKLM\Software\Wow6432Node\CommonShare] =>PUP.CommonShare [HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\EZ Software Updater] =>Adware.EZSoftwareUpdater [HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore [HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>Adware.VidSaver [HKLM\Software\Wow6432Node\MYBESTOFFERSTODAY] =>PUP.MyBestOffersToday [HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox [HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp [HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect [HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab [HKLM\Software\Wow6432Node\Supreme Savings] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive [HKLM\Software\Wow6432Node\ee8b5b7d-ffa2-4e9e-bed2-776020ba14c7] =>PUP.CrossRider [HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager [HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu O43 - CFD: 29/10/2014 - 17:39:37 - [] ----D C:\Program Files (x86)\Browsers+Apps+1.1 =>PUP.CrossRider O43 - CFD: 16/10/2014 - 17:12:58 - [] ----D C:\Program Files (x86)\CommonShare =>PUP.CommonShare O43 - CFD: 22/10/2014 - 02:31:16 - [] ----D C:\Program Files (x86)\EZ Software Updater =>Adware.EZSoftwareUpdater O43 - CFD: 22/10/2014 - 16:52:34 - [] ----D C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate O43 - CFD: 16/10/2014 - 17:08:06 - [] ----D C:\Program Files (x86)\Groovorio =>PUP.Groovorio O43 - CFD: 13/10/2014 - 18:46:51 - [] ----D C:\Program Files (x86)\mbot_fr_163 O43 - CFD: 16/10/2014 - 17:17:28 - [] ----D C:\Program Files (x86)\Probit Software =>PUP.ProbitSoftware O43 - CFD: 08/11/2014 - 11:26:01 - [] ----D C:\Program Files (x86)\SearchProtect =>PUP.SearchProtect O43 - CFD: 26/05/2013 - 21:18:12 - [] ----D C:\Program Files (x86)\Software O43 - CFD: 29/10/2014 - 17:39:37 - [] ----D C:\Program Files (x86)\SupTab =>PUP.SupTab O43 - CFD: 24/01/2013 - 07:49:35 - [] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM O43 - CFD: 06/04/2012 - 21:11:00 - [] ----D C:\Program Files (x86)\Widestream6 =>Adware.SPointer O43 - CFD: 26/02/2013 - 20:06:24 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon O43 - CFD: 29/10/2014 - 17:39:37 - [] ----D C:\ProgramData\IePluginServices =>PUP.IePluginService O43 - CFD: 13/10/2014 - 18:47:51 - [] ----D C:\ProgramData\TVWizard =>PUP.TVWizard O43 - CFD: 14/09/2014 - 12:03:03 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu O43 - CFD: 26/02/2013 - 20:06:23 - [] ----D C:\Users\daniel\AppData\Roaming\Babylon =>PUP.Babylon O43 - CFD: 16/10/2014 - 17:08:17 - [] ----D C:\Users\daniel\AppData\Roaming\Groovorio =>PUP.Groovorio O43 - CFD: 14/09/2014 - 16:53:10 - [] ----D C:\Users\daniel\AppData\Roaming\istartsurf =>PUP.IsStart O43 - CFD: 02/11/2012 - 17:21:11 - [] ----D C:\Users\daniel\AppData\Roaming\iWin O43 - CFD: 10/03/2012 - 21:14:09 - [] ----D C:\Users\daniel\AppData\Roaming\OfferBox =>PUP.OfferBox O43 - CFD: 16/10/2014 - 17:23:57 - [0] ----D C:\Users\daniel\AppData\Roaming\Probit Software =>PUP.ProbitSoftware O43 - CFD: 22/10/2014 - 16:51:11 - [] ----D C:\Users\daniel\AppData\Roaming\VOPackage =>Adware.Downware O43 - CFD: 06/04/2012 - 21:04:38 - [] ----D C:\Users\daniel\AppData\Roaming\widestream =>Adware.SPointer O43 - CFD: 12/11/2014 - 16:52:24 - [] ----D C:\Users\daniel\AppData\Roaming\wp_update =>PUP.WpManager O43 - CFD: 13/09/2014 - 10:04:26 - [0] ----D C:\Users\daniel\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch O43 - CFD: 13/10/2014 - 18:49:55 - [] ----D C:\Users\daniel\AppData\Local\globalUpdate =>PUP.GlobalUpdate O43 - CFD: 13/09/2014 - 10:06:38 - [] ----D C:\Users\daniel\AppData\Local\LPT =>Adware.Incredibar O43 - CFD: 12/11/2014 - 16:53:52 - [] ----D C:\Users\daniel\AppData\Local\mbot_fr_163 O43 - CFD: 25/10/2014 - 19:23:13 - [] ----D C:\Users\daniel\AppData\Local\MyBestOffersToday =>PUP.MyBestOffersToday O43 - CFD: 13/10/2014 - 18:45:22 - [] ----D C:\Users\daniel\AppData\Local\MySearchs =>Adware.MyWebSearch O43 - CFD: 21/10/2014 - 18:09:01 - [] ----D C:\Users\daniel\AppData\Local\SearchProtect =>PUP.SearchProtect O43 - CFD: 25/06/2014 - 16:51:15 - [] ----D C:\Users\daniel\AppData\Local\Smartbar O43 - CFD: 28/04/2013 - 18:26:27 - [0] ----D C:\Users\daniel\AppData\Local\Supreme Savings =>PUP.RewardsArcade O43 - CFD: 12/11/2014 - 13:21:11 - [] ----D C:\Users\daniel\AppData\Local\TVWizard =>PUP.TVWizard O43 - CFD: 16/10/2014 - 17:21:54 - [] ----D C:\Users\daniel\AppData\Local\WebPlayer O43 - CFD: 06/04/2012 - 21:10:23 - [] ----D C:\Users\daniel\AppData\Local\widestream6 Air =>Adware.SPointer O43 - CFD: 22/10/2014 - 16:51:45 - [] ----D C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalSystemCare =>PUP.TotalSystemCare O43 - CFD: 22/10/2014 - 16:51:12 - [] ----D C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware O58 - SDL:12/09/2014 - 17:32:40 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{67c662df-ee30-43f3-a32d-6c1a5a35a202}Gw64.sys [44728] =>PUP.LinkiDoo O61 - LFC: 07/11/2014 - 17:16:51 ---A- . (.Software.) -- C:\Users\daniel\AppData\Local\Temp\is-G740S.tmp\package_wajam_installer_multilang.exe [436736] =>PUP.Wajam O64 - Services: CurCS - 12/09/2014 - C:\Windows\System32\drivers\{67c662df-ee30-43f3-a32d-6c1a5a35a202}Gw64.sys ({67c662df-ee30-43f3-a32d-6c1a5a35a202}Gw64) .(.StdLib - StdLib.) - LEGACY_{67C662DF-EE30-43F3-A32D-6C1A5A35A202}GW64 =>PUP.LinkiDoo O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.helperbar.com =>PUP.HelperBar [MD5.C490F389CD9BA5B07A70C3B4BBCD8A55] [SPRF][16/10/2014] (.app - Browsers+Apps+1.1 exe.) -- C:\Users\daniel\AppData\Roaming\DQTBCPR.exe [1486224] =>PUP.CrossRider [MD5.3669A20FF14F0296513283FBF3903A47] [SPRF][22/10/2014] (.app - Browsers+Apps+1.1 exe.) -- C:\Users\daniel\AppData\Roaming\IYRPTK.exe [1487760] =>PUP.CrossRider [MD5.48AD57769550D9558D935AF845861740] [SPRF][13/10/2014] (.browser - BrowsersApp_Pro_v1.1 exe.) -- C:\Users\daniel\AppData\Roaming\LIERUYK.exe [1545616] =>PUP.CrossRider [MD5.F8B42F7FEB58FD8F145807CB30F7F4AA] [SPRF][22/10/2014] (.app - Browsers+Apps+1.1 exe.) -- C:\Users\daniel\AppData\Roaming\QNYO.exe [1966992] =>PUP.CrossRider [MD5.B3BF835E1071B60190CC28F8F6846068] [SPRF][13/10/2014] (.browser - BrowsersApp_Pro_v1.1 exe.) -- C:\Users\daniel\AppData\Roaming\UZIRCNP.exe [2038672] =>PUP.CrossRider [MD5.667C4063FDBA32CE49D242C87E2EDAAE] [SPRF][16/10/2014] (.app - Browsers+Apps+1.1 exe.) -- C:\Users\daniel\AppData\Roaming\YGQO.exe [1968528] =>PUP.CrossRider [MD5.87948212C71A773AEF4C68029BFAE924] [SPRF][01/05/2014] (.Pas de propriétaire - wp_update scheduler.) -- C:\Users\daniel\AppData\Roaming\~dbbjqcf.exe [493272] =>PUP.WpManager [HKCU\Software\592d6dde16eb815\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel [HKCU\Software\592d6dde16eb815\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" =>Hijacker.Eazel [HKCU\Software\592d6dde16eb815] =>PUP.Babylon^ HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASAPI32 =>Adware.DomaIQ HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASMANCS =>Adware.DomaIQ HKLM\SOFTWARE\Microsoft\Tracing\StormWatch_RASAPI32 =>PUP.StormWatch HKLM\SOFTWARE\Microsoft\Tracing\StormWatch_RASMANCS =>PUP.StormWatch HKLM\SOFTWARE\Microsoft\Tracing\TotalSystemCare_RASAPI32 =>PUP.TotalSystemCare HKLM\SOFTWARE\Microsoft\Tracing\TotalSystemCare_RASMANCS =>PUP.TotalSystemCare HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASAPI32 =>Adware.MegaSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BetterInstaller_RASMANCS =>Adware.MegaSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biclient_RASAPI32 =>Adware.MegaSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\biclient_RASMANCS =>Adware.MegaSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32 =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32 =>PUP.OfferBox HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS =>PUP.OfferBox HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBox_RASAPI32 =>PUP.OfferBox HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\OfferBox_RASMANCS =>PUP.OfferBox HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QuickShare_RASAPI32 =>PUP.QuickShare HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\QuickShare_RASMANCS =>PUP.QuickShare HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SmartbarExeInstaller_RASAPI32 =>Hijacker.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SmartbarExeInstaller_RASMANCS =>Hijacker.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\supreme savings-bg_RASAPI32 =>PUP.RewardsArcade HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\supreme savings-bg_RASMANCS =>PUP.RewardsArcade HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Supreme Savings_RASAPI32 =>PUP.RewardsArcade HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Supreme Savings_RASMANCS =>PUP.RewardsArcade HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASAPI32 =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetIM_RASMANCS =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32 =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS =>PUP.SweetIM HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateCommonShare_RASAPI32 =>PUP.CommonShare HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateCommonShare_RASMANCS =>PUP.CommonShare HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VAFPlayer_RASAPI32 =>PUP.VAFPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VAFPlayer_RASMANCS =>PUP.VAFPlayer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32 =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS =>PUP.Wajam HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Widestream6-setup_RASAPI32 =>Adware.SPointer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Widestream6-setup_RASMANCS =>Adware.SPointer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\widestream6_air_RASAPI32 =>Adware.SPointer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\widestream6_air_RASMANCS =>Adware.SPointer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WideStream_RASAPI32 =>Adware.SPointer HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\WideStream_RASMANCS =>Adware.SPointer [HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (QuickShare WidgetEngine) =>PUP.QuickShare [HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (QuickShare Widget) =>PUP.QuickShare SR - | Auto 07/09/2014 220672 | (EZ Software Updater) . (...) - C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe =>Adware.EZSoftwareUpdater SR - | Auto 13/10/2014 2318192 | (qPyZwJwN) . (.Small Island Development.) - C:\ProgramData\ilcPVt\qPyZwJwN.exe =>PUP.SmallIsland SR - | Auto 16/10/2014 522528 | (Update CommonShare) . (...) - C:\Program Files (x86)\CommonShare\updateCommonShare.exe =>PUP.CommonShare SR - | Auto 14/09/2014 528896 | (WindowsMangerProtect) . (.Fuyu LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0022D3C-CA81-4A57-BA00-31650A761234}] =>PUP.CommonShare^ [HKLM\SYSTEM\CurrentControlSet\Services\EZ Software Updater] =>Adware.EZSoftwareUpdater^ [HKLM\SYSTEM\CurrentControlSet\Services\qPyZwJwN] =>PUP.SmallIsland^ [HKLM\SYSTEM\CurrentControlSet\Services\Update CommonShare] =>PUP.CommonShare^ [HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect] =>PUP.Fuyu^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect] =>PUP.Fuyu^ [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep [HKLM\Software\Wow6432Node\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Adware.PricePeep [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep [HKLM\Software\Wow6432Node\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep [HKLM\Software\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}] =>Adware.PricePeep [HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep [HKLM\Software\Wow6432Node\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Adware.PricePeep [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent [HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent [HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow [HKLM\Software\Wow6432Node\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow [HKLM\Software\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}] =>PUP.GetNow [HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC [HKCU\Software\BabylonToolbar] =>PUP.Babylon [HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKCU\Software\OfferBox] =>PUP.OfferBox [HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox [HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar [HKCU\Software\SmartbarLog] =>Hijacker.SmartBar [HKCU\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKCU\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive [HKCU\Software\WideStream] =>Adware.SPointer [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon [HKLM\Software\Classes\Prod.cap] =>PUP.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore [HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASAPI32] =>PUP.QuickShare [HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASMANCS] =>PUP.QuickShare [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider [HKCU\Software\BI] =>Adware.MegaSearch [HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider [HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider [HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622502255}] =>PUP.CrossRider [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622502255}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111991162}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110111991162}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31111111-1111-1111-1111-110111991162}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611501155}] =>PUP.CrossRider [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{ae07101b-46d4-4a98-af68-0333ea26e113} =>PUP.QuickShare^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:LPT System Updater =>Adware.Incredibar^ C:\Program Files (x86)\Browsers+Apps+1.1 =>PUP.CrossRider^ C:\Program Files (x86)\CommonShare =>PUP.CommonShare^ C:\Program Files (x86)\EZ Software Updater =>Adware.EZSoftwareUpdater^ C:\Program Files (x86)\globalUpdate =>PUP.GlobalUpdate^ C:\Program Files (x86)\Groovorio =>PUP.Groovorio^ C:\Program Files (x86)\Probit Software =>PUP.ProbitSoftware^ C:\Program Files (x86)\SearchProtect =>PUP.SearchProtect^ C:\Program Files (x86)\SupTab =>PUP.SupTab^ C:\Program Files (x86)\SweetIM =>PUP.SweetIM^ C:\Program Files (x86)\Widestream6 =>Adware.SPointer^ C:\ProgramData\Babylon =>PUP.Babylon^ C:\ProgramData\IePluginServices =>PUP.IePluginService^ C:\ProgramData\TVWizard =>PUP.TVWizard^ C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^ C:\Users\daniel\AppData\Roaming\Babylon =>PUP.Babylon^ C:\Users\daniel\AppData\Roaming\Groovorio =>PUP.Groovorio^ C:\Users\daniel\AppData\Roaming\istartsurf =>PUP.IsStart^ C:\Users\daniel\AppData\Roaming\OfferBox =>PUP.OfferBox^ C:\Users\daniel\AppData\Roaming\Probit Software =>PUP.ProbitSoftware^ C:\Users\daniel\AppData\Roaming\VOPackage =>Adware.Downware^ C:\Users\daniel\AppData\Roaming\widestream =>Adware.SPointer^ C:\Users\daniel\AppData\Roaming\wp_update =>PUP.WpManager^ C:\Users\daniel\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch^ C:\Users\daniel\AppData\Local\globalUpdate =>PUP.GlobalUpdate^ C:\Users\daniel\AppData\Local\LPT =>Adware.Incredibar^ C:\Users\daniel\AppData\Local\MyBestOffersToday =>PUP.MyBestOffersToday^ C:\Users\daniel\AppData\Local\MySearchs =>Adware.MyWebSearch^ C:\Users\daniel\AppData\Local\SearchProtect =>PUP.SearchProtect^ C:\Users\daniel\AppData\Local\Supreme Savings =>PUP.RewardsArcade^ C:\Users\daniel\AppData\Local\TVWizard =>PUP.TVWizard^ C:\Users\daniel\AppData\Local\widestream6 Air =>Adware.SPointer^ C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalSystemCare =>PUP.TotalSystemCare^ C:\Users\daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^ C:\Program Files (x86)\Software =>Adware.Boxore C:\Users\daniel\AppData\Roaming\iWin =>Adware.iWinArcade C:\Users\daniel\AppData\Local\Smartbar =>Hijacker.SmartBar C:\Users\daniel\AppData\LocalLow\Smartbar =>Hijacker.SmartBar C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector^ C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu^ C:\Program Files (x86)\EZ Software Updater\EZ Software Updater.exe =>Adware.EZSoftwareUpdater^ C:\Program Files (x86)\CommonShare\updateCommonShare.exe =>PUP.CommonShare^ C:\ProgramData\ilcPVt\qPyZwJwN.exe =>PUP.SmallIsland^ C:\Program Files (x86)\Browsers+Apps+1.1\Browsers+Apps+1.1-codedownloader.exe =>PUP.CrossRider^ C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-11.exe =>PUP.CrossRider^ C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-2.exe =>PUP.CrossRider^ C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-3.exe =>PUP.CrossRider^ C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-4.exe =>PUP.CrossRider^ C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5.exe =>PUP.CrossRider^ C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-6.exe =>PUP.CrossRider^ C:\Program Files (x86)\Browsers+Apps+1.1\c2d1b618-974b-4899-8b5e-7e965b8f5d64-7.exe =>PUP.CrossRider^ C:\Users\daniel\AppData\Roaming\GROOVO~1\UPDATE~1\UPDATE~1.exe =>PUP.Groovorio^ C:\Program Files\TotalSystemCare\TotalSystemCare.exe =>PUP.TotalSystemCare^ C:\Users\daniel\AppData\Roaming\~dbbjqcf.exe =>PUP.WpManager^ C:\Users\daniel\AppData\Roaming\istartsurf\UninstallManager.exe =>PUP.IsStart^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-1.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-1 =>PUP.CrossRider^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-11.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-11 =>PUP.CrossRider^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-2.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-2 =>PUP.CrossRider^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-3 =>PUP.CrossRider^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-4.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-4 =>PUP.CrossRider^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5 =>PUP.CrossRider^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5_user.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-5_user =>PUP.CrossRider^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-6 =>PUP.CrossRider^ C:\Windows\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\c2d1b618-974b-4899-8b5e-7e965b8f5d64-7 =>PUP.CrossRider^ C:\Windows\Tasks\Groovorio.job =>PUP.Groovorio^ C:\Windows\System32\Tasks\Groovorio =>PUP.Groovorio^ C:\Windows\Tasks\SpeedUpMyPC Maintenance.job =>PUP.SpeedUpMyPC^ C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance =>PUP.SpeedUpMyPC^ C:\Windows\Tasks\SpeedUpMyPC Startup.job =>PUP.SpeedUpMyPC^ C:\Windows\System32\Tasks\SpeedUpMyPC Startup =>PUP.SpeedUpMyPC^ [HKCU\Software\AppDataLow\Software\Browsers+Apps+1.1] =>PUP.CrossRider^ [HKCU\Software\AppDataLow\Software\DynConIE] =>PUP.DynConIE^ [HKCU\Software\CommonShare] =>PUP.CommonShare^ [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^ [HKCU\Software\Probit Software] =>PUP.ProbitSoftware^ [HKCU\Software\Smartbar] =>Hijacker.SmartBar^ [HKCU\Software\StormWatchApp] =>PUP.StormWatch^ [HKCU\Software\SupHpUISoft] =>PUP.CrossRider^ [HKCU\Software\TutoTag] =>PUP.AgenceExclusive^ [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^ [HKCU\Software\groovorio] =>PUP.Groovorio^ [HKCU\Software\mybestofferstoday] =>PUP.MyBestOffersToday^ [HKLM\Software\DomaIQ] =>Adware.DomaIQ^ [HKLM\Software\TotalSystemCare] =>PUP.TotalSystemCare^ [HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^ [HKLM\Software\Wow6432Node\Browsers+Apps+1.1-nv] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\Browsers+Apps+1.1] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\CommonShare] =>PUP.CommonShare^ [HKLM\Software\Wow6432Node\EZ Software Updater] =>Adware.EZSoftwareUpdater^ [HKLM\Software\Wow6432Node\GlobalUpdate] =>PUP.GlobalUpdate^ [HKLM\Software\Wow6432Node\MYBESTOFFERSTODAY] =>PUP.MyBestOffersToday^ [HKLM\Software\Wow6432Node\SPPDCOM] =>Rogue.PCSpeedUp^ [HKLM\Software\Wow6432Node\SearchProtect] =>PUP.SearchProtect^ [HKLM\Software\Wow6432Node\SpeedBrowser] =>PUP.SpeedBrowser^ [HKLM\Software\Wow6432Node\SupDp] =>PUP.SupTab^ [HKLM\Software\Wow6432Node\Supreme Savings] =>PUP.RewardsArcade^ [HKLM\Software\Wow6432Node\ee8b5b7d-ffa2-4e9e-bed2-776020ba14c7] =>PUP.CrossRider^ [HKLM\Software\Wow6432Node\istartsurfSoftware] =>PUP.IsStart^ [HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^ [HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^ [HKLM\Software\Wow6432Node\supWindowsMangerProtect] =>PUP.Fuyu^ C:\Users\daniel\AppData\Roaming\DQTBCPR.exe =>PUP.CrossRider^ C:\Users\daniel\AppData\Roaming\IYRPTK.exe =>PUP.CrossRider^ C:\Users\daniel\AppData\Roaming\LIERUYK.exe =>PUP.CrossRider^ C:\Users\daniel\AppData\Roaming\QNYO.exe =>PUP.CrossRider^ C:\Users\daniel\AppData\Roaming\UZIRCNP.exe =>PUP.CrossRider^ C:\Users\daniel\AppData\Roaming\YGQO.exe =>PUP.CrossRider^ [HKCU\Software\592d6dde16eb815\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^ [HKCU\Software\592d6dde16eb815] =>PUP.Babylon^^ [HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (QuickShare WidgetEngine) =>PUP.QuickShare^ [HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (QuickShare Widget) =>PUP.QuickShare^ C:\Users\daniel\Downloads\windows live messenger.exe =>PUP.Offerware R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr O2 - BHO: (no name) [64Bits] - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} Clé orpheline [MD5.00000000000000000000000000000000] [APT] [{337BFF00-5CD8-456E-9358-A4B33C2A81DB}] (...) -- C:\Program Files (x86)\SFR\Pack S‚curit‚\trigger.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{5252AF0E-A4E2-48EA-9267-16A911FBA797}] (...) -- C:\Program Files (x86)\SFR\Pack S‚curit‚\trigger.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{722718F2-DCC6-4ACC-8869-D973FB861C0D}] (...) -- C:\Program Files (x86)\SFR\Pack S‚curit‚\trigger.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7CABE0BB-7A4B-4982-8614-AD0F3710F1C0}] (...) -- C:\Program Files (x86)\BoontyGames\The Secrets of Arcelia Island\unins000.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{A5B85DF0-9E5A-4E0F-BE4D-3B1B7DB1B4A1}] (...) -- C:\Program Files (x86)\SFR\Pack S‚curit‚\trigger.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DB304E84-2AA8-48A8-8539-7FE0E88369E5}] (...) -- C:\Program Files (x86)\SFR\Pack S‚curit‚\trigger.exe (.not file.) [0] [HKCU\Software\Nosibay] [HKCU\Software\Systweak] [HKLM\Software\Wow6432Node\Systweak] O43 - CFD: 11/01/2014 - 10:00:05 - [] ----D C:\Program Files (x86)\BoontyGames O43 - CFD: 16/10/2014 - 17:12:58 - [] ----D C:\Program Files (x86)\Boost O43 - CFD: 16/10/2014 - 17:09:40 - [] ----D C:\ProgramData\Systweak O43 - CFD: 10/11/2014 - 19:52:56 - [] ----D C:\Users\daniel\AppData\Roaming\Systweak O44 - LFC:[MD5.E28932FDA007101D400E408A98F3B608] - 12/11/2014 - 16:55:12 ---A- . (...) -- C:\Windows\AsCDProc.log [79048] O44 - LFC:[MD5.1B45FBF4B498C0CA3B4D2F8DD65BC593] - 12/11/2014 - 16:55:12 ---A- . (...) -- C:\Windows\AsDebug.log [4542] O51 - MPSK:{651babb4-2fe2-11e1-9417-5404a61aaf98}\AutoRun\command. (...) -- F:\Startme.exe (.not file.) O51 - MPSK:{fa926e64-66f3-11e1-9e1b-5404a61aaf98}\AutoRun\command. (...) -- F:\Startme.exe (.not file.) O61 - LFC: 05/11/2014 - 17:16:51 ---A- . (.Microsoft Corporation.) -- C:\Users\daniel\AppData\Local\Temp\is-L46FT.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 06/11/2014 - 17:16:51 ---A- . (.Microsoft Corporation.) -- C:\Users\daniel\AppData\Local\Temp\is-26674.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 07/11/2014 - 17:16:51 ---A- . (...) -- C:\Users\daniel\AppData\Local\Temp\is-66A5B.tmp\gentlemjmp_ieu.exe [3528672] O61 - LFC: 07/11/2014 - 17:16:51 ---A- . (.Software.) -- C:\Users\daniel\AppData\Local\Temp\is-G740S.tmp\package_regclean_installer_multilang.exe [436648] O61 - LFC: 07/11/2014 - 17:16:51 ---A- . (.Software.) -- C:\Users\daniel\AppData\Local\Temp\is-G740S.tmp\package_secprotkeys_installer_multilang.exe [436672] O61 - LFC: 08/11/2014 - 17:16:51 ---A- . (.Microsoft Corporation.) -- C:\Users\daniel\AppData\Local\Temp\is-66A5B.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 08/11/2014 - 17:16:51 ---A- . (.Microsoft Corporation.) -- C:\Users\daniel\AppData\Local\Temp\is-G3VJB.tmp\_isetup\_shfoldr.dll [23312] O61 - LFC: 10/11/2014 - 17:16:52 ---A- . (.Microsoft Corporation.) -- C:\Users\daniel\AppData\Local\Temp\is-M6JER.tmp\_isetup\_shfoldr.dll [23312] O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] [HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] [HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O61 - LFC: 11/11/2014 - 17:16:53 ---A- . (...) -- C:\Users\daniel\Downloads\FlvPlayerSetup.exe [836736] O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) [MD5.90E1D86D979B92738A47D7072CB22DA8] [SPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472] [HKCU\Software\Reg] [HKLM\Software\Wow6432Node\Reg] O43 - CFD: 21/10/2014 - 18:23:28 - [] ----D C:\Users\daniel\AppData\Local\speed browser