cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.5.9.58 - Nicolas Coolman (09/05/2014)
~ Lancé par Maïlys (10/05/2014 15:24:40)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17105 (Defaut)
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v34.0.1847.131

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8.1, 64-bit (Build 9600)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : RF9VT
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Bitdefender Internet Security 2013 v16.30.0.1843
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v4.01

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3979 MB (43% free)
System Restore: Activé (Enable)
System drive C: has 136 GB (73%) free of 186 GB

---\\ Mode de connexion au système
~ Computer Name: GROSDEMANGE
~ User Name: Maïlys
~ All Users Names: Maïlys, Ecole, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Maïlys\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Maïlys\AppData\Roaming\
~ %Desktop% : D:\Document Maïlys\Desktop\
~ %Favorites% : D:\Document Maïlys\Favorites\
~ %LocalAppData% : C:\Users\Maïlys\AppData\Local\
~ %StartMenu% : C:\Users\Maïlys\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 136 Go of 186 Go)
D: Hard drive, Flash drive, Thumb drive (Free 32 Go of 258 Go)
F: CD-ROM drive (Free 0 Go of 3 Go)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - Explorateur Windows.) (.04/03/2014 - 13:25:49.) -- C:\Windows\Explorer.exe [2373784]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2014 - 10:11:56.) -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.22/02/2014 - 10:45:48.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/12/2013 - 09:54:07.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.06/03/2014 - 10:22:50.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.27/11/2013 - 13:02:29.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.C997E6A37BA8915224B3FB5024A34F69] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.06/03/2014 - 10:20:23.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402944]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/03/2014 - 04:41:24.) -- C:\Windows\system32\Drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.30/09/2013 - 04:59:53.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.3595FBDF25F8BA6256072D103937D7D6] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.22/02/2014 - 16:44:13.) -- C:\Windows\system32\Drivers\volsnap.sys [311640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4053
~ Mes musiques (My Musics) : 1/2145
~ Mes Videos (My Videos) : 1/254
~ Mes Favoris (My Favorites) : 1/56
~ Mes Documents (My Documents) : 1/1168
~ Mon Bureau (My Desktop) : 2/12434
~ Menu demarrer (Programs) : 1/84
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.7C58A2513C3DA421A461D75C66C56D21] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1123536] [PID.9000]
[MD5.A2791CF11D1ED52DBCD75D2FFD4D50E7] - (.ASUSTek Computer Inc. - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [178848] [PID.332]
[MD5.2C35624F79B9ADBFE47090879F0D8673] - (.ASUSTek Computer Inc. - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208] [PID.2000]
[MD5.498622161649098034DA1893F00E9762] - (.ASUSTeK Computer Inc. - ASUS Quick Gesture Exe.) -- C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20792] [PID.5048]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.8536]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.8984]
[MD5.4F9236BE13917B89F7A03DEA85F220FA] - (.Pas de propriétaire - WebPlayer.) -- C:\Users\Maïlys\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752] [PID.8996] =>PUP.CrossRider
[MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3612]
[MD5.EFD1839F21CEBB26D4A815ACDA85E3A1] - (.KalityWeb - WebAdSystem.) -- C:\Program Files (x86)\WebAdSystem\WebAdSystem.exe [822640] [PID.2680] =>Adware.WebAdSystem
[MD5.25A51D18D48F1E144ABEC667E98C6261] - (.ASUSTeK Computer Inc. - ASUS Live Update.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1558176] [PID.8844]
[MD5.1FDBBD2F2CF2D11E6247734797DEC3C9] - (.Microsoft Corporation - Microsoft Office Client Virtualization Hand.) -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe [3207912] [PID.5624]
[MD5.61023CCE1DD979BD802B332D77FBB2C7] - (...) -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe [78624] [PID.5040]
[MD5.05BE9A378036323EC42CCD3F9BB03266] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7872000] [PID.7064]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Maïlys\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://dts.search.ask.com
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.search.ask.com
G2 - GCE: Preference [User Data\Default] [aaaaabcbmongicmdegkmmfgdickgnnob] Movies Toolbar v.35.3, (Désactivé) =>PUP.MoviesToolbar
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.6.1 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [opldoklbgkdpfmogjpheabmldkcdkokn] WebAdSystem v.1.4.15.0 (Désactivé) =>Adware.WebAdSystem
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
G2 - EXT: C:\Users\Maïlys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob [Movies Toolbar] =>PUP.MoviesToolbar
~ Google Lines Browser: 30 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\prefs.js
C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\user.js
M3 - MFPP: Plugins - [Maïlys] -- C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\searchplugins\Ask.xml
M3 - MFPP: Plugins - [Maïlys] -- C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\searchplugins\bingp.xml
M3 - MFPP: Plugins - [Maïlys] -- C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\searchplugins\buenosearch.xml =>PUP.BuenoSearch
M0 - MFSP: prefs.js [Maïlys - ek9utwb1.default] http://www.search.ask.com
M2 - MFEP: prefs.js [Maïlys - ek9utwb1.default\ffxtlbr@buenosearch.com] [] BuenoSearch v1.6.0 (..) =>PUP.BuenoSearch
M2 - MFEP: prefs.js [Maïlys - ek9utwb1.default\{97A78363-B868-4B48-AC91-A783A31215AF}] [] Apps Hat v2.0.1 (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [Maïlys - ek9utwb1.default\{F008E9D6-2FF2-E796-08BA-80504C331C97}] [] Ask New Tabs v5.0.0.11465 (..) =>Adware.Bandoo
~ Firefox Browser: 22 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.buenosearch.com =>PUP.BuenoSearch
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;*.offerbox.com =>PUP.OfferBox
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: WebAdSystemBho [64Bits] - {EC8FCB46-9F27-476E-B26A-93989316D2FB} . (.KalityWeb - WebAdSystemBho.) -- C:\Program Files (x86)\WebAdSystem\BrowserExtensions\internetexplorer\WebAdSystemBho.dll =>Adware.WebAdSystem
O2 - BHO: buenosearch Helper Object [64Bits] - {F1C81E40-2485-4DB6-8C9D-04BD596B281E} . (.Montiera Technologies LTD - Pas de description.) -- C:\Program Files (x86)\buenosearch LTD\buenosearch\1.8.28.7\bh\buenosearch.dll =>PUP.BuenoSearch
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Public]: WebAdSystem.lnk . (.KalityWeb - WebAdSystem.) -- C:\Program Files (x86)\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem
~ Global Startup: 1 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [ACMON] . (.ASUS - ACMON.) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Maïlys\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [AppsHat] . (.Pas de propriétaire - WebPlayer.) -- C:\Users\Maïlys\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe =>PUP.CrossRider
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [ASUSWebStorage] . (.ASUS Cloud Corporation - ASUS WebStorage Panel.) -- C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl] . (.Cyberlink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Boxore Client] . (.Boxore OU - Boxore Client.) -- C:\Program Files (x86)\Boxore\BoxoreClient\boxore.exe =>Adware.Boxore
O4 - HKLM\..\Wow6432Node\Run: [WebAdSystem] . (.KalityWeb - WebAdSystem.) -- C:\Program Files (x86)\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem
O4 - HKUS\S-1-5-21-1247822894-272385724-4107156335-1001\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-1247822894-272385724-4107156335-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Maïlys\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1247822894-272385724-4107156335-1001\..\Run: [AppsHat] . (.Pas de propriétaire - WebPlayer.) -- C:\Users\Maïlys\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe =>PUP.CrossRider
O4 - HKUS\S-1-5-21-1247822894-272385724-4107156335-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3568815-8832-4D3F-8DF6-F4CDCF525E1D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA84DA12-EEBA-4FA8-99B2-300229E48084}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C3568815-8832-4D3F-8DF6-F4CDCF525E1D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{EA84DA12-EEBA-4FA8-99B2-300229E48084}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) . (.Bandoo Media Inc - Datamngr Coordinator.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe =>PUP.Datamngr
O23 - Service: F06DEFF2-5B9C-490D-910F-35D3A9119622 (F06DEFF2-5B9C-490D-910F-35D3A9119622) . (.Bandoo Media Inc - Datamngr Configuration.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg =>PUP.Datamngr
O23 - Service: Service Software Update (Software_update) (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
~ Services: 17 Legitimates Filtered in 00mn 12s



---\\ Clés Session Manager (AppCertDlls,KnownDLLs) (O36)
O36 - AppCertDlls: (x86) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll =>PUP.Datamngr
O36 - AppCertDlls: (x64) . (...) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll =>PUP.Datamngr
~ Keys: Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.C34968C46A99BBD6248D30F9F1B778C2] [APT] [BoxSoftwareUpdate] (...) -- C:\ProgramData\BoxUpdChk\updchk.exe [177152] =>Adware.Boxore
[MD5.BA53E73D56387CA1905561BA02A0B22D] [APT] [EPUpdater] (...) -- C:\Users\Maïlys\AppData\Roaming\BabSolution\Shared\BabMaint.exe [10224] =>Hijacker.BabSolution
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.FC387225841FF92463C5F65054998E0B] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
O39 - APT: - (..) -- C:\Windows\Tasks\a2zLyrics-16-chromeinstaller.job [2114] =>Adware.AddLyrics
O39 - APT: - (..) -- C:\Windows\Tasks\a2zLyrics-16-firefoxinstaller.job [2040] =>Adware.AddLyrics
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1247822894-272385724-4107156335-1001Core [934]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1247822894-272385724-4107156335-1001UA [956]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1088]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1092]
O39 - APT: - (..) -- C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job [1224] =>Adware.PlusHD
O39 - APT: - (..) -- C:\Windows\Tasks\Plus-HD-2.6-enabler.job [1124] =>Adware.PlusHD
O39 - APT: - (..) -- C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job [1856] =>Adware.PlusHD
O39 - APT: - (..) -- C:\Windows\Tasks\Plus-HD-2.6-updater.job [1322] =>Adware.PlusHD
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [938] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [938] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [942] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [942] =>Adware.Boxore
~ Scheduled Task: 80 Legitimates Filtered in 00mn 08s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (F06DEFF2-5B9C-490D-910F-35D3A9119622) . (.Bandoo Media Inc - Datamngr Configuration.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg =>PUP.Datamngr
~ Drivers: 40 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AppsHat Mobile Apps - (.Somoto Ltd..) [HKCU][64Bits] -- AppsHat Mobile Apps =>PUP.CrossRider
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {0E365FDA-909F-4939-838A-261DD468D862} =>Adware.Boxore
O42 - Logiciel: Plus-HD-2.6 - (.Plus HD.) [HKLM][64Bits] -- Plus-HD-2.6 =>Adware.PlusHD
O42 - Logiciel: PricePeep - (.betwikx LLC.) [HKLM][64Bits] -- PricePeep =>Adware.PricePeep
O42 - Logiciel: Search Protect - (.Conduit.) [HKLM][64Bits] -- SearchProtect =>Toolbar.Conduit
O42 - Logiciel: Soft-Now bundle - (.Soft-Now.) [HKLM][64Bits] -- Soft-Now bundle =>PUP.SoftNow
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM][64Bits] -- {4b693ee6-6ab3-41b6-956e-6290548ad66d} =>Adware.WebAdSystem
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM][64Bits] -- {AF59773E-3245-46A3-B418-DD84AB6C3C50} =>Adware.WebAdSystem
O42 - Logiciel: a2zLyrics-16 - (.dealscompare.) [HKCU][64Bits] -- a2zLyrics-16 =>PUP.DealsCompare
O42 - Logiciel: buenosearch toolbar - (.Montiera technologies LTD.) [HKLM][64Bits] -- buenosearch =>PUP.BuenoSearch
O42 - Logiciel: suprasavings - (.suprasavings.) [HKLM][64Bits] -- suprasavings =>PUP.SupraSavings
~ Logic: 33 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN DTX] =>Toolbar.Ask
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\IM]
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\InstalledThirdPartyPrograms]
[HKCU\Software\KalityWeb] =>Adware.WebAdSystem
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Somoto] =>Adware.MegaSearch
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\buenosearch LTD] =>PUP.BuenoSearch
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\KalityWeb] =>Adware.WebAdSystem
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\buenosearch LTD] =>PUP.BuenoSearch
~ Key Software: 289 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/04/2014 - 11:59:18 - [] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 05/05/2014 - 01:26:34 - [] ----D C:\Program Files (x86)\buenosearch LTD =>PUP.BuenoSearch
O43 - CFD: 05/05/2014 - 06:11:57 - [0] ----D C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster
O43 - CFD: 22/09/2013 - 21:00:49 - [] ----D C:\Program Files (x86)\Movies Toolbar =>PUP.MoviesToolbar
O43 - CFD: 30/04/2014 - 15:01:02 - [] ----D C:\Program Files (x86)\Plus-HD-2.6 =>Adware.PlusHD
O43 - CFD: 26/10/2013 - 21:17:19 - [] ----D C:\Program Files (x86)\PricePeep =>Adware.PricePeep
O43 - CFD: 05/05/2014 - 05:56:35 - [] ----D C:\Program Files (x86)\sweetpacks bundle uninstaller =>PUP.SweetIM
O43 - CFD: 08/05/2014 - 12:53:58 - [] ----D C:\Program Files (x86)\WebAdSystem =>Adware.WebAdSystem
O43 - CFD: 25/09/2013 - 15:49:00 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 22/09/2013 - 23:03:58 - [0] ----D C:\ProgramData\BitGuard =>PUP.BitGuard
O43 - CFD: 28/09/2013 - 16:00:00 - [] ----D C:\ProgramData\BoxUpdChk =>Adware.Boxore
O43 - CFD: 22/09/2013 - 23:03:58 - [0] ----D C:\ProgramData\Browser Manager
O43 - CFD: 22/09/2013 - 23:03:59 - [0] ----D C:\ProgramData\BrowserProtect =>Hijacker.Eazel
O43 - CFD: 05/05/2014 - 14:41:43 - [] ----D C:\ProgramData\Datamngr =>PUP.Datamngr
O43 - CFD: 25/09/2013 - 15:50:53 - [] ----D C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch
O43 - CFD: 25/09/2013 - 15:51:09 - [] ----D C:\Users\Maïlys\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 25/09/2013 - 15:49:00 - [] ----D C:\Users\Maïlys\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 05/05/2014 - 01:26:33 - [] ----D C:\Users\Maïlys\AppData\Roaming\buenosearch LTD =>PUP.BuenoSearch
O43 - CFD: 05/05/2014 - 00:38:27 - [] ----D C:\Users\Maïlys\AppData\Roaming\IminentToolbar =>Adware.IMBooster
O43 - CFD: 06/05/2014 - 21:18:19 - [] ----D C:\Users\Maïlys\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 12/01/2014 - 14:48:28 - [] ----D C:\Users\Maïlys\AppData\Local\a2zLyrics-16-BrowserExtensionUninstall =>Adware.AddLyrics
O43 - CFD: 03/11/2013 - 13:24:40 - [] ----D C:\Users\Maïlys\AppData\Local\AppsHat Mobile Apps =>PUP.CrossRider
O43 - CFD: 25/09/2013 - 15:49:07 - [] ----D C:\Users\Maïlys\AppData\Local\Babylon =>PUP.Babylon
O43 - CFD: 08/05/2014 - 12:53:58 - [] ----D C:\Users\Maïlys\AppData\Local\KalityWeb =>Adware.WebAdSystem
O43 - CFD: 08/08/2013 - 15:43:06 - [0] ----D C:\Users\Maïlys\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 03/11/2013 - 13:24:35 - [] ----D C:\Users\Maïlys\AppData\Local\Minibar =>PUP.Minibar
O43 - CFD: 03/11/2013 - 13:24:40 - [] ----D C:\Users\Maïlys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat =>PUP.CrossRider
O43 - CFD: 09/01/2014 - 23:32:50 - [] ----D C:\Users\Maïlys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
~ Program Folder: 196 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 01/05/2014 - 21:02:00 ---A- . (...) -- C:\end [0]
O44 - LFC:[MD5.B3E06E33C750926F9736E821D9D1B47A] - 08/05/2014 - 12:35:30 ---A- . (...) -- C:\bdlog.txt [31298]
~ Files: 14 Legitimates Filtered in 00mn 03s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.DDB9F5D53A50FAAAF275C5E81DFE537F] - 03/11/2013 - 12:24:27 ---A- - C:\Windows\Prefetch\APPSHAT-DISTRIBUTION.EXE-FDA061DA.pf =>PUP.CrossRider
O45 - LFCP:[MD5.259640579729E75EDEB3A9549877661C] - 10/05/2014 - 13:57:22 ---A- - C:\Windows\Prefetch\BOXORE.EXE-666CD123.pf =>Adware.Boxore
O45 - LFCP:[MD5.086BF3A25ACDF1360FE024C1E205C289] - 06/05/2014 - 20:39:04 ---A- - C:\Windows\Prefetch\BUBBLE DOCK ADDONSUI.EXE-898BCBB5.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.0209FCB0CF50A4FB490B7B981E5A08B5] - 08/05/2014 - 11:44:38 ---A- - C:\Windows\Prefetch\BUBBLE DOCK.EXE-33AC514F.pf =>PUP.BubbleDock
O45 - LFCP:[MD5.499389C2A39D68E59F6926B76D72617B] - 04/05/2014 - 23:38:27 ---A- - C:\Windows\Prefetch\IMINENTMINIBARIE.EXE-341F10A0.pf =>PUP.Minibar
O45 - LFCP:[MD5.7FA2779E8BF0460428A9EA35A6F1B448] - 04/05/2014 - 23:38:22 ---A- - C:\Windows\Prefetch\MINIBARFIREFOX.EXE-A719E87D.pf =>PUP.Minibar
O45 - LFCP:[MD5.5FCF06C3E5C281C63209B9CFDB4FCD69] - 09/05/2014 - 23:59:51 ---A- - C:\Windows\Prefetch\OFFERBOX.EXE-577ECF09.pf =>PUP.OfferBox
O45 - LFCP:[MD5.CA128189E85129E073EEDB11B3E9A2E2] - 09/05/2014 - 23:59:52 ---A- - C:\Windows\Prefetch\OFFERBOXHTTPPROXY.EXE-33320E0B.pf =>PUP.OfferBox
O45 - LFCP:[MD5.025A3377F23BE8D7F812FCA1C3D2DC0B] - 08/05/2014 - 10:16:11 ---A- - C:\Windows\Prefetch\SIGNUP WIZARD.EXE-9554BD21.pf =>PUP.JDIBackup
O45 - LFCP:[MD5.40C91050C382B57140C50786D060771A] - 02/11/2013 - 19:57:47 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_VANBA-DF0A3030.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.132F78B0097E46C4BB8F22A5C3E64D14] - 05/05/2014 - 00:25:04 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_WHOCR-378D6620.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.D57094BF284193DD76707E941B26A759] - 04/05/2014 - 23:36:48 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_WHOCR-6BF9ABFE.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.1333ABA529F7C49A6FFDA1EF57C81E80] - 10/05/2014 - 13:57:32 ---A- - C:\Windows\Prefetch\WEBADSYSTEM.EXE-0B26AA03.pf =>Adware.WebAdSystem
O45 - LFCP:[MD5.5831390B1FD67E06BACC4A152F7CFAC6] - 09/05/2014 - 06:46:48 ---A- - C:\Windows\Prefetch\WEBPLAYER.EXE-5BB30855.pf =>Adware.SocialSkinz
~ Prefetcher: 14 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - DatamngrCoordinator.exe - tasklist.exe =>PUP.Datamngr
~ IFEO: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{9cb44119-3dbb-11e3-8250-806e6f6e6963}\AutoRun\command. (.Eidos Inc. - Tomb Raider: Anniversary autorun.) -- F:\autorun.exe
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:02/08/2012 - 04:22:48 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [14992]
O58 - SDL:20/08/2013 - 07:02:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103576]
O58 - SDL:28/10/2013 - 01:12:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
~ Drivers: 56 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 05/05/2014 - 15:25:28 ---A- . (.buenosearch LTD.) -- C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\extensions\ffxtlbr@buenosearch.com\uninstall.exe [91593] =>PUP.BuenoSearch
~ 244 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 28 Legitimates Filtered in 00mn 01s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Maïlys - ek9utwb1.default] user_pref("extensions.crossrider.bic", "142673a9b0e1787313b2f809d8016960"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] 62DE822FD3E84CF59699A9637F3A1A82 - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bueno Search) - http://www.buenosearch.com =>PUP.BuenoSearch
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Ask.com) - http://dts.search.ask.com
O69 - SBI: SearchScopes [HKCU] {D9549CAC-2BF9-43AA-A70E-BAF01D41E20E} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.C666102FD6617D0E7BC58167E123883C] [SPRF][08/08/2013] (...) -- C:\ProgramData\1375955712.bdinstall.bin [530767]
[MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (...) -- C:\ProgramData\SetStretch.exe [24576]
[MD5.919DA71D64E09C6E0BAF902598C95689] [SPRF][08/08/2013] (...) -- C:\Users\Maïlys\AppData\Roaming\sp_data.sys [380]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{DCE9DACE-0008-4869-ABFB-7A7FDC720185}" | In - Private - P17 - TRUE | .(.APN LLC - DtUser.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe =>Toolbar.Ask
O87 - FAEL: "{F0A1BC1D-E29E-4CC1-97A8-1131B2D58F8F}" | In - Private - P6 - TRUE | .(.APN LLC - DtUser.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe =>Toolbar.Ask
O87 - FAEL: "{3B784ECC-95C1-46DA-AF7F-21A2604322EC}" | In - Public - P6 - TRUE | .(.APN LLC - DtUser.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\dtUser.exe =>Toolbar.Ask
O87 - FAEL: "{05E12800-FB23-46B2-815B-73B99D90DC10}" | In - Public - P17 - TRUE | .(.APN LLC - DtUser.) -- C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\dtUser.exe =>Toolbar.Ask
~ Firewall: 4 Legitimates Filtered in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "ADF563E0F909939438A862D14D868D26" . (.Boxore Client.) -- C:\WINDOWS\Installer\{0E365FDA-909F-4939-838A-261DD468D862}\boxore.ico =>Adware.Boxore
~ Update Products: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.79BBAAC753ABDA50DF19030265F7D1A6] [WIS][12/04/2014] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\374eee8b.msi [2473984] =>Adware.Boxore
[MD5.8C5AB712B6B35BEE0EB2F1111BBBB9EA] [WIS][08/04/2014] (.KalityWeb - WebAdSystem.) -- C:\Windows\Installer\4920cea.msi [1064960] =>Adware.WebAdSystem
~ WIS: 2 Legitimates Filtered in 00mn 01s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{22222222-2222-2222-2222-220322342240}] (CrossriderApp0033440.Sandbox) =>PUP.CrossRider
~ BCK: 5072 Legitimates Filtered in 00mn 09s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 28/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 05/12/2013 69392 | (BdDesktopParental) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 13/04/2014 3545088 | (DatamngrCoordinator) . (.Bandoo Media Inc.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe =>PUP.Datamngr
SS - | Auto 22/09/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/09/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 20/01/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 27/06/2007 279848 | (NMIndexingService) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
SS - | Disabled 14/05/2007 272024 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 25/09/2013 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 25/09/2013 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 22/08/2013 37768 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 03/01/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 23/07/2012 105120 | (ASLDRService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | System 13/04/2014 36216 | (F06DEFF2-5B9C-490D-910F-35D3A9119622) . (.Bandoo Media Inc.) - C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg =>PUP.Datamngr
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 16/08/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 17/09/2013 67320 | (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe
SR - | Auto 14/08/2012 27792 | (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\System32\viakaraokesrv.exe
SR - | Auto 05/12/2013 1645256 | (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe
SR - | Demand 10/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
~ Services: Scanned in 00mn 10s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Maïlys at 10/05/2014 15:26:09
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Maïlys at 10/05/2014 15:26:11
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13045 - (09/05/2014)
Clés trouvées (Keys found) : 268
Valeurs trouvées (Values found) : 4
Dossiers trouvés (Folders found) : 39
Fichiers trouvés (Files found) : 25

[HKLM\Software\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob] =>PUP.MoviesToolbar^
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\opldoklbgkdpfmogjpheabmldkcdkokn] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC8FCB46-9F27-476E-B26A-93989316D2FB}] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1C81E40-2485-4DB6-8C9D-04BD596B281E}] =>PUP.BuenoSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator] =>PUP.Datamngr^
[HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622] =>PUP.Datamngr^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update) (Software_update] =>Adware.Boxore^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E365FDA-909F-4939-838A-261DD468D862}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.6] =>Adware.PlusHD^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep] =>Adware.PricePeep^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Soft-Now bundle] =>PUP.SoftNow^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4b693ee6-6ab3-41b6-956e-6290548ad66d}] =>Adware.WebAdSystem^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AF59773E-3245-46A3-B418-DD84AB6C3C50}] =>Adware.WebAdSystem^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\a2zLyrics-16] =>PUP.DealsCompare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\buenosearch] =>PUP.BuenoSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings] =>PUP.SupraSavings^
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep
[HKLM\Software\Wow6432Node\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Adware.PricePeep
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Wow6432Node\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}] =>PUP.GetNow
[HKLM\Software\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}] =>PUP.GetNow
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Adware.PricePeep
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Classes\AppID\PricePeep.DLL] =>Adware.PricePeep
[HKLM\Software\Classes\b] =>PUP.Babylon
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKCU\Software\APN DTX] =>Toolbar.Ask
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\KalityWeb] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\KalityWeb] =>Toolbar.Agent
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Somoto] =>Adware.MegaSearch
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep] =>Adware.PricePeep
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>Toolbar.Conduit
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EC8FCB46-9F27-476E-B26A-93989316D2FB}] =>Adware.WebAdSystem
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EC8FCB46-9F27-476E-B26A-93989316D2FB}] =>Adware.WebAdSystem
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC8FCB46-9F27-476E-B26A-93989316D2FB}] =>Adware.WebAdSystem
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>PUP.Babylon
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\BabylonHelper.EXE] =>PUP.Babylon
[HKCU\Software\BI] =>Adware.MegaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-2.6] =>Adware.PlusHD
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0033440.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0033440.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322342240}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0124B064795BB484FA494FC7CF204C0C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\01F8E7504D2D2644AB1185234D2AD5AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\04CDEDFDD6EF25443B78A49D1FE5B4F2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\058911EBC07BAAE42B102E3F4B0D070D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\05CE306CC244D284D8D8090E404CD7D3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\089527E77AD22E345B0066D226E44F46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0BD0B15D6F0C2BF428B339B2D2D732C9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C1AAA506D92B2D44BD6FEF6CDFB71E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CAEC9AFF1716FF4DBACEED82F88C702] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0DD4444CBC682774C8E573CC73C5BC46] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0F68250201451D64EA71E91BA19832DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\126FFC99A0F214F41AE2D6C7A0FC09BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12F72EF2521177A4BB467FF35A881382] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14873772FE3926F4195C9280D52D3486] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14CF11D787D40BF458A3B5CB123733CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\163A5460E4FB18343B4C0B781B27E813] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1705977FCB2F22F4D8A9AB847C3FB9CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\19F133B6A0BA9B14493CE47703DF4CF3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C735C7A54F53574CA5AEA93D0D1F01E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1CE2260B068265A488410CA171D93778] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DF1DD2609A2135479C19D72E41B64AA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F72D9058D0863E4F8EB9FE6E980C385] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2217D47FAFB0AC547820199B3A026CFB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22C5FD2815F5C7C4DB5F34F504BF9D96] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26CF57FC035624845B9005289DFA1448] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2719056FB4CDD294887140382819FFF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2956CB28F45AAF746998774B3C9FF012] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2AD5E582EBA9ED54989A134D9250922B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2BB672F8D2CA64146B6688371E75C986] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2EA450B923F9C4D4BBEB203648FBFFDC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ECA942EFDBD22B4EBB7FE3AB9EDDBDD] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F055C41FDCA50A43BE42A96D243AD47] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2F4EE319A22490145BC4AEBC53B616CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\31E430E345D85D54CA33BC88AEFDB9D8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\358096DA35E67B5479C2E880DF0C10C1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37345F678B330594E9E4AC16908F78CF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38641BF101151094F86DD62B534BDEC4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38762340C83E6764B87807B67154F5A4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3984BAF27BDA0DC4D8AED19FCB64BD7D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3D82200490995CE42AB754DCD90AC44D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E9F0E4315A35D741873885200C6A454] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3F261C3E5AD56E54598E24B106813C7E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40D753328E77EE842A82631EED62CEC5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\40FDEFB25883CF140B9B5F89CB7E2871] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\412179CD2126BB34CAE51691856A3D68] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43218F63264345445A73071C174FEEE8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\439E8A02B7736CA488EECE28D7EE961A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\456D8CED0106E1649AE5CBD8082AC705] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\459277E8A0EE8894F9D7F807DF90506A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\463372A470C576443AE8802B1AC61D89] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48F13E425ECD5F243A8A82AA2B65336D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B6F3AD0EE690D2478C7D0528AADF8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4BB9D431259E08A499469636383B9935] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D3B0714BC82B2340AB18C031262573D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4D5809867D6C1D14180511D3AAD03F79] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DB13DED48DC4494C90DE800D31B086C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\52C608FC2A61CCE479768A9719CABF7B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\56861F0CE995D0E45835F5D31E105D54] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\58E44D082625757499995F9516313A9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5A52F724764B00747A637F14FBBBB830] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B19839CB98BB914BA43E863BBE11B4E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\613DCE6E373581A40B6C88D4F7C09096] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6292C097F9759424BAFA3E32CD3DD562] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62C171206461ED34885A4AE095F4A7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\63E9F48D88AA940498502E29E3747471] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\64747EAAAE2BA5141AEBCF4F6651A144] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6494B0B34076D6248B6E5F42E3252AD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6495111F730311440BBC3AAAF3B8C7AC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65273BD75ADFA9146A0950469941299A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6543EA2E8E729CF4789BCD7361D58C03] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\658DABBCADB609E429A6769C46FAADD0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67A614CC45D7C5845BE2184211CC8F9C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B6581D2CF6BB444D8ACBF79E3AF425B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C0DB201BFD71284CB8CA279446863E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6EA4E994723ECC940AE01A2507673199] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F2331E07AF9B414DB15E2E7BAB7F880] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F3E6739E6CECC64D9B7E5D24CF60746] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73268B3F6C2206C4BAF14E3C5B4BC494] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73D229597C7281E409FDEB3079E30E5A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75A49DF39158638428A0F7797D4CD1E6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D223AE12684124794DD7D3FB067886] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76937F723CDCAB547A9791D60867A5B5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\78AD011E92C0B7D4A86E41451EC7A0F0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\79080E81959ECB54E9E7B3C67AE5781A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A8B37070412F4D47895AA40EFC2E39A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F84DAA817EC0AB409DFE802184D5B09] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\82F14F44AA63A5945A2E960EF018794E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\831071FAC16E2DA4682F55E0B0DE6979] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\83D0F8F1641145A42B26F71D534E9A34] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\84072C174C7F25148BFB33ADE8C704E1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\872C7B3D2887D4E4EBF645D7AB9374D1] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C00987A23C36B145AB60EE274936EB3] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D736B12592E2E94094267BC5B7AA7EB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F3E0221A8351144BB04AEF5266143CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90E77522D1656DA4DABC673942243B44] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\920219BD6C542544893D7ECFCB5E2B6B] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\939840D09446FFF459FA6CB4F03C38BE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9459BDD3A7C686345A9B7A1AD1CC6BE4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95AC1A94BAFFE3D41B23B2097BA8B190] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\983EBB458AA802846BBC74D26C3209C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98A0180804723E24AAA941C0B046363D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\990A25796B2949842BACA56514B7316A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\999D63C685BF046489CA3126029FE837] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9AC4C1465926D52478BEC6D3DB946DD7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9CF7625ADC5FCFE43AD003DCC16B49CB] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A2D54AC8D24E8F94ABBB993A69EF13EC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A357C02D064283D41978AFEEE1A48E0F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4022CA9531268145AD6F8FD7F4F01DC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5CDCC279604D6746A7DA9ED701BF41F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6F4FE9AC6F165A4EAA8F90CE891C0DA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A960AC53CA238044A820A3B63D4536CA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA3077BB9E4617440AF467D91146A8C4] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD7957C966A13904EA466152B29EA9AF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B13C910C1D6376A4BB2BDB9585253923] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1B5689BAD89AFD448923B5051E5BB50] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2CE0F97DFABDE446811F33E7273BFE2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B445461D74829AF4C8EF6C00B2861EF0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4D011D14FD2DB74A9090EA633C0B98E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B551BEBCA0334AA40978C2137FD21AB2] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B877893A942DC524580C7B45547FCBC8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC651C0803618C44DA6F1DDD51AF35BF] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BDE5B9F2A520B674BBB1BEAE5F5D51B8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE85C3D8F4816D4A9E5F4EAA4D80A2A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD48F71CCCEC97489147D4E852D3F6F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C05694CDCD2DD724F90F13A20E67EC7C] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C42065D3060DD4648A38882BEA92941E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C5F606FB1152E344981B09071C472211] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C77B53875F388AA4AA076F6F9D099011] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C85EA06E73FF0A240B4C287EE0D9521D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA30DE5A0DE293D4AA3BF5E13322823A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA9ADF25A98C8074FA4CBBA3ED29FEFA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCE886225BDEB6C43868B0AEDB036B02] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CDD11BF4B1CAA584695EFBC611438213] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE1CCF5CABA1395409D54586592B319E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE7392F9B9A81FA4EA952625BD5534FE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D12B7976E5CA7C34D932C1A8A1BF61C8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D91D500D43BD91A44B02BDBE41E0523F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DA2710A9158C6584C9677EB954F3AC97] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DCF07B57C9DC38E419CF122EA180585E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD2E1A561C7F1294BB3996EE77F6BBEE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF14E9E130504B745A2AC47EF6145D24] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF7A4CDE9ED9CD7479FF74F35FA4149E] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE39849AF921D045B613CD5852C76A6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E03EC5B80A22A7D4C92AB528A3D323E8] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1B9E95AA2730744AB926911484F8AD5] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3436415FB2833843B9EE970079A87C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E3BBB86ACE9686A4281227D5F7EE95AE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E6B40E8EBBC3CD445BD2FC7D8FDCCFEC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E77C3F952C1F0354FAFADB6B080ACCF7] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E84382A588F214C4C89C3DB758EA6AD6] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E89B10C102BBEF941A920EE2269747C0] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E9D73D5153C19FD48B6E10CB7E8572CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EBAFF392ACA75ED4CA30BF821C1AE267] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ECFC746582988774684DB5D8D95F674D] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EECC799BFA63E6146A81EAAA53540EDE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1547261AA1C98C48B0ECDBC767C76CE] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F1BDB464DE2D33547BB31C1B35D9C337] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F29CFDBF9B20AB8448A1BD73A3FE863F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F5F8D8368E8CAE84188DE44DAF8C10F9] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FAB510A06C6F4B24AAD055CE6EEA27CD] =>Adware.Boxore^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:AppsHat =>PUP.CrossRider^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Boxore Client =>Adware.Boxore^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{84FF7BD6-B47F-46F8-9130-01B2696B36CB} =>Adware.IMBooster
C:\Users\Maïlys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob =>PUP.MoviesToolbar^
C:\Users\Maïlys\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\Maïlys\AppData\Local\Google\Chrome\User Data\Default\Extensions\opldoklbgkdpfmogjpheabmldkcdkokn =>Adware.WebAdSystem^
C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\extensions\ffxtlbr@buenosearch.com =>PUP.BuenoSearch^
C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF} =>PUP.CrossRider^
C:\Users\Maïlys\AppData\Roaming\Mozilla\Firefox\Profiles\ek9utwb1.default\extensions\{F008E9D6-2FF2-E796-08BA-80504C331C97} =>Adware.Bandoo^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\buenosearch LTD =>PUP.BuenoSearch^
C:\Program Files (x86)\IminentToolbar =>Adware.IMBooster^
C:\Program Files (x86)\Movies Toolbar =>PUP.MoviesToolbar^
C:\Program Files (x86)\Plus-HD-2.6 =>Adware.PlusHD^
C:\Program Files (x86)\PricePeep =>Adware.PricePeep^
C:\Program Files (x86)\sweetpacks bundle uninstaller =>PUP.SweetIM^
C:\Program Files (x86)\WebAdSystem =>Adware.WebAdSystem^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\BitGuard =>PUP.BitGuard^
C:\ProgramData\BoxUpdChk =>Adware.Boxore^
C:\ProgramData\BrowserProtect =>Hijacker.Eazel^
C:\ProgramData\Datamngr =>PUP.Datamngr^
C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch^
C:\Users\Maïlys\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\Maïlys\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\Maïlys\AppData\Roaming\buenosearch LTD =>PUP.BuenoSearch^
C:\Users\Maïlys\AppData\Roaming\IminentToolbar =>Adware.IMBooster^
C:\Users\Maïlys\AppData\Roaming\OfferBox =>PUP.OfferBox^
C:\Users\Maïlys\AppData\Local\a2zLyrics-16-BrowserExtensionUninstall =>Adware.AddLyrics^
C:\Users\Maïlys\AppData\Local\AppsHat Mobile Apps =>PUP.CrossRider^
C:\Users\Maïlys\AppData\Local\Babylon =>PUP.Babylon^
C:\Users\Maïlys\AppData\Local\KalityWeb =>Adware.WebAdSystem^
C:\Users\Maïlys\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Users\Maïlys\AppData\Local\Minibar =>PUP.Minibar^
C:\Users\Maïlys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat =>PUP.CrossRider^
C:\Program Files (x86)\SearchProtect =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\ProgramData\Browser Manager =>PUP.Babylon
C:\Users\Maïlys\AppData\Local\SearchProtect =>Toolbar.Conduit
C:\Users\Maïlys\AppData\Local\Software =>Adware.Boxore
C:\Users\Maïlys\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\Maïlys\AppData\LocalLow\searchresultstb =>Toolbar.Agent
C:\Users\Maïlys\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe =>PUP.CrossRider^
C:\Program Files (x86)\WebAdSystem\WebAdSystem.exe =>Adware.WebAdSystem^
C:\ProgramData\BoxUpdChk\updchk.exe =>Adware.Boxore^
C:\Users\Maïlys\AppData\Roaming\BabSolution\Shared\BabMaint.exe =>Hijacker.BabSolution^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
C:\Windows\Tasks\a2zLyrics-16-chromeinstaller.job =>Adware.AddLyrics^
C:\Windows\Tasks\a2zLyrics-16-firefoxinstaller.job =>Adware.AddLyrics^
C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-enabler.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-updater.job =>Adware.PlusHD^
C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\Datamngr] =>PUP.Datamngr^
[HKCU\Software\buenosearch LTD] =>PUP.BuenoSearch^
[HKCU\Software\iLivid] =>Adware.Bandoo^
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr^
[HKLM\Software\Wow6432Node\buenosearch LTD] =>PUP.BuenoSearch^
C:\Windows\Installer\374eee8b.msi =>Adware.Boxore^
C:\Windows\Installer\4920cea.msi =>Adware.WebAdSystem^
[HKCR\CLSID\{22222222-2222-2222-2222-220322342240}] (CrossriderApp0033440.Sandbox) =>PUP.CrossRider^
~ Additionnel Scan: 267400 Items scanned in 00mn 37s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.byethost7.com/wordpress/pup-crossrider/ =>PUP.CrossRider
http://nicolascoolman.webs.com/apps/blog/show/27531758-adware-webadsystem =>Adware.WebAdSystem
http://nicolascoolman.webs.com/apps/blog/show/33744863-pup-moviestoolbar =>PUP.MoviesToolbar
http://nicolascoolman.byethost7.com/wordpress/toolbar-deltasearch/ =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/34153565-pup-buenosearch =>PUP.BuenoSearch
http://nicolascoolman.byethost7.com/wordpress/adware-bandoo/ =>Adware.Bandoo
http://nicolascoolman.byethost7.com/wordpress/pup-offerbox/ =>PUP.OfferBox
http://nicolascoolman.byethost7.com/wordpress/adware-boxore/ =>Adware.Boxore
http://nicolascoolman.byethost7.com/wordpress/pup-datamngr =>PUP.Datamngr
http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
http://nicolascoolman.byethost7.com/wordpress/toolbar-conduit/ =>Toolbar.Conduit
http://nicolascoolman.webs.com/apps/blog/show/42067481-pup-suprasavings =>PUP.SupraSavings
http://nicolascoolman.byethost7.com/wordpress/toolbar-ask/ =>Toolbar.Ask
http://nicolascoolman.byethost7.com/wordpress/adware-vidsaver/ =>Adware.VidSaver
http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
http://nicolascoolman.byethost7.com/wordpress/pup-sweetim/ =>PUP.SweetIM
http://nicolascoolman.byethost7.com/wordpress/adware-lollipop/ =>Adware.Lollipop
http://nicolascoolman.byethost7.com/wordpress/adware-imbooster/ =>Adware.IMBooster
http://nicolascoolman.byethost7.com/wordpress/pup-babylon/ =>PUP.Babylon
http://nicolascoolman.byethost7.com/wordpress/pup-bitguard/ =>PUP.BitGuard
http://nicolascoolman.byethost7.com/wordpress/hijacker-eazel/ =>Hijacker.Eazel
http://nicolascoolman.byethost7.com/wordpress/pup-minibar/ =>PUP.Minibar
http://nicolascoolman.byethost7.com/wordpress/pup-bubbledock/ =>PUP.BubbleDock
http://nicolascoolman.byethost7.com/wordpress/adware-socialskinz/ =>Adware.SocialSkinz
http://nicolascoolman.byethost7.com/wordpress/pup-getnow/ =>PUP.GetNow
http://nicolascoolman.byethost7.com/wordpress/adware-predictad/ =>Adware.PredictAd
http://nicolascoolman.byethost7.com/wordpress/pup-funmoods/ =>PUP.Funmoods
~ MSI: 29 link(s) detected in 00mn 00s



~ 822 Legitimates filtered by white list
End of the scan (962 lines in 02mn 09s)(0)

Publicité


Signaler le contenu de ce document

Publicité