cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.4.17.39 - Nicolas Coolman (17/04/2015)
~ Lancé par AA (18/04/2015 18:56:23)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
GCIE: Google Chrome v42.0.2311.90

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Automatic Updates : OK
Windows Genuine Advantage : KO
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Logiciels de protection du système
McAfee Security Scan Plus v3.8.150.1
Spybot - Search & Destroy v2.3.39

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 ActiveX
Java 7 Update 76

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2814 MB (47% free)
System Restore: Activé (Enable)
System drive C: has 65 GB (66%) free of 98 GB

---\\ Mode de connexion au système
~ Computer Name: AA-E05D83C2CDFC
~ User Name: AA
~ All Users Names: SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur, AA,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\AA\Application Data\ZHP\
~ %AppData% : C:\Documents and Settings\AA\Application Data\
~ %Desktop% : C:\Documents and Settings\AA\Bureau\
~ %Favorites% : C:\Documents and Settings\AA\Favoris\
~ %LocalAppData% : C:\Documents and Settings\AA\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\AA\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 65 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 18 Go of 51 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: Modified
~ Security Center: 38 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.E1948B1F45A176FB4A0251446A5AE86D] - (.Microsoft Corporation - Internet Extensions for Win32.) (.06/03/2014 - 18:58:52.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 10:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/52
~ Mes musiques (My Musics) : 30/36
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 2/476
~ Mon Bureau (My Desktop) : 1/125
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.769E47E5BC42CC49BD8B250005E1022C] - (.ObjectB - Object Browser exe.) -- C:\Program Files\Object Browser\a16d69c7-cd55-446e-92af-29fd6ca83d6a-6.exe [1384960] [PID.120] =>PUP.ObjectBrowser
[MD5.86AA5D9A80A1754567AB732FFC09AFD7] - (.ObjectB - Object Browser exe.) -- C:\Program Files\Object Browser\a16d69c7-cd55-446e-92af-29fd6ca83d6a-1-6.exe [1408512] [PID.208] =>PUP.ObjectBrowser
[MD5.E1C60CA488EF15EED5414230E48088E1] - (.Pas de propriétaire - Torpedo.) -- C:\Program Files\Information\9883e85a-f89d-4799-976d-2a69fbe9a3e7.exe [32152] [PID.216]
[MD5.3C471783EBDB2AF1F8C8FA866EE4D606] - (.HQPure - HQPureV1.8 exe.) -- C:\Program Files\HQPureV1.8\56b30422-7af9-48fb-8edc-0a0167188317-6.exe [666008] [PID.308] =>PUP.CrossRider
[MD5.A4EE683D5B09CB5CC7EFF5D5D4457958] - (.HQPure - HQPureV1.8 exe.) -- C:\Program Files\Information\1fc95b54-525d-48f1-8dec-1c9dac662c7b.exe [363928] [PID.516] =>PUP.CrossRider
[MD5.E2D3363D2298F8B4DEF484AB40E66C49] - (.APN LLC. - APN Updater.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166296] [PID.920] =>Toolbar.AskBar
[MD5.B4567E3F36B2D37AD52A5BD6642913B7] - (.Microsoft Corporation - Microsoft .NET Assembly Registration Utilit.) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe [53248] [PID.1012]
[MD5.09F1A97848BFAB3F36EB216681465B85] - (.S3 Graphics, Inc. - Pas de description.) -- C:\WINDOWS\system32\VTTimer.exe [53248] [PID.1028]
[MD5.F0E15F5EB34F92BBA06F851C473475C4] - (.Pas de propriétaire - Device Monitor.) -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe [286720] [PID.1076]
[MD5.E9E3F46F206051ABA1B62D2411B11074] - (.Lexmark International Inc. - Lexmark Fast Pics Application.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe [98304] [PID.1084]
[MD5.F336AD03BE347DD5B585AD36AC78751B] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101584] [PID.1148]
[MD5.013A269E7AF8B01FF20B384FEEBFFDA5] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16862720] [PID.1172]
[MD5.6221D8CD04360CC96334798295130BA5] - (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424] [PID.1404] =>Toolbar.AskBar
[MD5.B3EF77531230013A91F644685D864FEF] - (...) -- C:\Program Files\PDF Pro 10\vspdfprsrv.exe [7215616] [PID.1584]
[MD5.B6D50861F3FDF2E28DF8312E32E876DD] - (...) -- C:\Program Files\Smmy4ntk1ytiwzdl\mmi4nzk4ytywyjl.exe [2387456] [PID.1660]
[MD5.663695AD6AF503B5DD09C3DDAAAAFE4A] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3366200] [PID.2096]
[MD5.23944C63CD817ABE715E6B29EC7C3850] - (...) -- C:\Documents and Settings\AA\Application Data\Win_security32.exe [517632] [PID.2104]
[MD5.E199FF1023223C48F18B883D2E3C0855] - (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files\-BlockAndSurfS\BlockAndSurf.exe [131584] [PID.2116] =>PUP.BlockAndSurf
[MD5.4ED4AC0A1088E46ECB2F2F6D38B6E361] - (.Pay By Ads LTD - Pas de description.) -- C:\Documents and Settings\AA\Application Data\Pay-By-Ads\MySearchs\1.3.11.0\mysearchs.exe [547208] [PID.2124] =>PUP.PaybyAds
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- D:\program\soffice.exe [10376704] [PID.2296]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- D:\program\soffice.bin [10368512] [PID.2316]
[MD5.949A54971EF61E9D84B7C559B405A585] - (...) -- C:\Program Files\003\buuoujqmrk32.exe [541696] [PID.2372] =>Adware.AdPeak
[MD5.156B35BCF03F18E140BBBD53E538F5A3] - (.Microsoft - Client.) -- C:\Documents and Settings\AA\Local Settings\Temp\msdn\msdn.exe [279584] [PID.2672]
[MD5.10B8F89D146D0E20B1284D47BB4EC6C9] - (.Devguru Co., Ltd. - Device Error Recovery SDK(x86).) -- C:\WINDOWS\system32\dgdersvc.exe [95568] [PID.2868]
[MD5.949A54971EF61E9D84B7C559B405A585] - (...) -- C:\Program Files\002\fpvoixdaog32.exe [541696] [PID.2908] =>Adware.AdPeak
[MD5.F96C429788350DB4BA6771C3034DFD88] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.exe [217088] [PID.2964]
[MD5.754EFD0B227B21160E3A27229F52FDDA] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.3208]
[MD5.11D94599270AA1603F75CB5ACBBD266F] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200] [PID.3588]
[MD5.CE9806603D3C635EA6E0BB79FE916D2E] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [812872] [PID.3908]
[MD5.D91D8344E73283999777083BF17D54E2] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752] [PID.188]
[MD5.5711668B54004F431360286660A5CD4B] - (.Pas de propriétaire - Printer Communication System.) -- C:\WINDOWS\system32\lxcrcoms.exe [495616] [PID.476]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.1848]
[MD5.62A3B7A12578B3B595253342B982BDA7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8198144] [PID.4060]
~ Processes Running: Scanned in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\AA\Application Data\Mozilla\Firefox\Profiles\extensions\prefs.js
C:\Documents and Settings\AA\Application Data\Mozilla\Firefox\Profiles\extensions\user.js
C:\Documents and Settings\AA\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\prefs.js
C:\Documents and Settings\AA\Application Data\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]phd10\user.js
M2 - MFEP: RegExtension {ECC2817C-A04E-6278-10A4-D5F7645AD794} . (...) -- C:\Program Files\-BlockAndSurfS\174.xpi =>PUP.BlockAndSurf
~ Firefox Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
~ IE Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15519)
~ Hosts File: Scanned in 00mn 06s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0061762 - {11111111-1111-1111-1111-110611171162} Clé orpheline =>PUP.CrossRider
O2 - BHO: Shopping App by Ask BHO - {4F524A2D-5354-2D53-5045-7A786E7484D7} . (...) -- "C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport.dll" (.not file.) =>Toolbar.AskBar
O2 - BHO: BlockAndSurf - {6FE4EECC-66BE-A414-BB4B-AB1302C02959} Clé orpheline =>PUP.BlockAndSurf
~ BHO: 22 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Shopping App by Ask - [HKLM]{4F524A2D-5354-2D53-5045-7A786E7484D7} . (.APN LLC. - Passport.) -- C:\Program Files\AskPartnerNetwork\Toolbar\ORJ-ST-SPE\Passport.dll =>Toolbar.AskBar
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{4F524A2D-5354-2D53-5045-7A786E7484D7} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - Pas de description.) -- C:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- C:\WINDOWS\system32\VTtrayp.exe
O4 - HKLM\..\Run: [EoEngine] Clé orpheline
O4 - HKLM\..\Run: [combroadcaster] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\IMBooster.exe (.not file.) =>Adware.IMBooster
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [lxcrmon.exe] . (.Pas de propriétaire - Device Monitor.) -- C:\Program Files\Lexmark 2400 Series\lxcrmon.exe
O4 - HKLM\..\Run: [EzPrint] . (.Lexmark International Inc. - Lexmark Fast Pics Application.) -- C:\Program Files\Lexmark 2400 Series\ezprint.exe
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKLM\..\Run: [GoforFilesInstaller Starter] C:\DOCUME~1\AA\LOCALS~1\Temp\install51393237.exe (.not file.) =>P2P.GoforFiles
O4 - HKLM\..\Run: [fst_fr_226] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Run: [upfst_fr_226.exe] C:\Documents and Settings\AA\Local Settings\Application Data\fst_fr_226\upfst_fr_226.exe (.not file.) =>Adware.FreeSoftToday
O4 - HKLM\..\Run: [fst_fr_231] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Run: [upfst_fr_231.exe] C:\Documents and Settings\AA\Local Settings\Application Data\fst_fr_226\upfst_fr_231.exe (.not file.) =>Adware.FreeSoftToday
O4 - HKLM\..\Run: [fst_fr_236] Clé orpheline =>Adware.FreeSoftToday
O4 - HKLM\..\Run: [upfst_fr_236.exe] C:\Documents and Settings\AA\Local Settings\Application Data\fst_fr_236\upfst_fr_236.exe (.not file.) =>Adware.FreeSoftToday
O4 - HKLM\..\Run: [AnyProtect Scanner] C:\Program Files\AnyProtectEx\AnyProtect.exe (.not file.) =>PUP.AnyProtect
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [ApnTBMon] . (.APN - Ask Toolbar Notifier.) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.AskBar
O4 - HKLM\..\Run: [vspdfprsrv.exe] . (...) -- C:\Program Files\PDF Pro 10\vspdfprsrv.exe
O4 - HKLM\..\Run: [YTDownloader] C:\Program Files\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
O4 - HKLM\..\Run: [mmy4ntk1ytiwzdl] . (...) -- C:\Program Files\Smmy4ntk1ytiwzdl\mmi4nzk4ytywyjl.exe
O4 - HKLM\..\Run: [MSConfig] . (.Microsoft Corporation - Utilitaire de configuration système.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (.not file.)
O4 - HKCU\..\Run: [Bubble Dock] C:\Documents and Settings\AA\Application Data\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKCU\..\Run: [Windows Security] . (...) -- C:\Documents and Settings\AA\Application Data\Win_security32.exe
O4 - HKCU\..\Run: [BlockAndSurf] . (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files\-BlockAndSurfS\BlockAndSurf.exe =>PUP.BlockAndSurf
O4 - HKCU\..\Run: [Akamai NetSession Interface] C:\Documents and Settings\AA\Local Settings\Application Data\Akamai\netsession_win.exe (.not file.)
O4 - HKCU\..\Run: [WindApp] C:\Documents and Settings\AA\Application Data\Store\WindApp\WindApp Update.exe (.not file.) =>PUP.Nosibay
O4 - HKCU\..\Run: [mysearchs] . (.Pay By Ads LTD - Pas de description.) -- C:\Documents and Settings\AA\Application Data\Pay-By-Ads\MySearchs\1.3.11.0\mysearchs.exe =>PUP.PaybyAds
O4 - HKCU\..\Run: [MSDN] . (.Microsoft - Client.) -- C:\Documents and Settings\AA\Local Settings\Application Data\MicroSoft\MSDN.exe
O4 - HKCU\..\Run: [Microsoft] . (...) -- C:\Documents and Settings\AA\Application Data\Windows\svchostt.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe (.not file.)
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [Bubble Dock] C:\Documents and Settings\AA\Application Data\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.) =>PUP.BubbleDock
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [Windows Security] . (...) -- C:\Documents and Settings\AA\Application Data\Win_security32.exe
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [BlockAndSurf] . (.Revizer - BlockNSurf Tray Link.) -- C:\Program Files\-BlockAndSurfS\BlockAndSurf.exe =>PUP.BlockAndSurf
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [Akamai NetSession Interface] C:\Documents and Settings\AA\Local Settings\Application Data\Akamai\netsession_win.exe (.not file.)
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [WindApp] C:\Documents and Settings\AA\Application Data\Store\WindApp\WindApp Update.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [mysearchs] . (.Pay By Ads LTD - Pas de description.) -- C:\Documents and Settings\AA\Application Data\Pay-By-Ads\MySearchs\1.3.11.0\mysearchs.exe =>PUP.PaybyAds
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [MSDN] . (.Microsoft - Client.) -- C:\Documents and Settings\AA\Local Settings\Application Data\MicroSoft\MSDN.exe
O4 - HKUS\S-1-5-21-1417001333-796845957-2147055499-1003\..\Run: [Microsoft] . (...) -- C:\Documents and Settings\AA\Application Data\Windows\svchostt.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: FlowSurf - {6CA2A4DE-483E-456B-8634-6445460D7097} -- c:\I+D\Development\Ideas\Contextual Browsing\Workspaces\IEExtensionv4\Icon\browseye.ico (.not file.) =>PUP.FlowSurf
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -- C:\Program Files\Messenger\msmsgs.exe (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} ((no name)) - http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{58BDD1DE-8A42-4F8D-8DB5-F6C24017F46A}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{9C83B54E-88E2-4416-B49C-388E2E5CF3BD}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{58BDD1DE-8A42-4F8D-8DB5-F6C24017F46A}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{9C83B54E-88E2-4416-B49C-388E2E5CF3BD}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{58BDD1DE-8A42-4F8D-8DB5-F6C24017F46A}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{9C83B54E-88E2-4416-B49C-388E2E5CF3BD}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\searchprotect\searchprotect\bin\spvc32loader.dll (.not file.) =>PUP.SearchProtect
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. - APN Updater.) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.AskBar
O23 - Service: buuoujqmrk32 (buuoujqmrk32) . (...) - C:\Program Files\003\buuoujqmrk32.exe =>Adware.AdPeak
O23 - Service: fpvoixdaog32 (fpvoixdaog32) . (...) - C:\Program Files\002\fpvoixdaog32.exe =>Adware.AdPeak
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: VO Service component (servervo) . (...) - C:\Documents and Settings\AA\Application Data\VOPackage\VOsrv.exe (.not file.) =>Adware.Downware
~ Services: 12 Legitimates Filtered in 00mn 02s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - C:\Program Files\Microsoft Office\Office14\WINWORD.exe (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Colline verdoyante.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\WINDOWS\Tasks\1fc95b54-525d-48f1-8dec-1c9dac662c7b.job [1398]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-1.job [1800] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-11.job [4456] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-3.job [3774] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-4.job [2606] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-5.job [2406] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-6.job [2362] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-7.job [2238] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\7436e229-343a-4c22-a50e-ffa4ecfebfe7.job [4118]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\9883e85a-f89d-4799-976d-2a69fbe9a3e7.job [588]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\a16d69c7-cd55-446e-92af-29fd6ca83d6a-1-6.job [3106]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\a16d69c7-cd55-446e-92af-29fd6ca83d6a-1-7.job [3442]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\a16d69c7-cd55-446e-92af-29fd6ca83d6a-5.job [2414] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\a16d69c7-cd55-446e-92af-29fd6ca83d6a-6.job [5486] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\a16d69c7-cd55-446e-92af-29fd6ca83d6a-7.job [5150] =>PUP.CrossRider
O39 - APT: - (..) -- C:\WINDOWS\Tasks\AmiUpdXp.job [406] =>PUP.Software.Updater
O39 - APT: - (..) -- C:\WINDOWS\Tasks\DLON.job [1358]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\EnergoTech Update.job [264]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\GlobalUpdate-mmy4yzlxywswbtl.job [436] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job [880] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job [884] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP - à la connexion.job [216]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\Notification de fin de service de Microsoft Windows XP -mensuellement.job [210]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\SMupdate1.job [346]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\SMupdate2.job [346]
O39 - APT: - (..) -- C:\WINDOWS\Tasks\SMupdate3.job [346]
~ Scheduled Task: 33 Legitimates Filtered in 00mn 08s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (mmi4nzk4ytywyjl) . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) - C:\WINDOWS\system32\drivers\mmi4nzk4ytywyjl.sys
O41 - Driver: (netfilter) . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) - C:\WINDOWS\system32\drivers\netfilter.sys
O41 - Driver: ({587cb346-a3d8-4884-b39b-f0ed918b6f96}Gt) . (.StdLib - StdLib.) - C:\WINDOWS\system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gt.sys =>PUP.LinkiDoo
~ Drivers: 66 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: BlockAndSurf - (.BlockAndSurf-software.) [HKLM] -- 4FA2B2AB-CC09-6DE1-FC62-FD7C9D136FBC =>PUP.BlockAndSurf
O42 - Logiciel: Compatibility Verifier version 1.0 - (.Computer Techtronics, LTD..) [HKLM] -- {7AF56C9C-F827-41A9-9998-047116F688A4}_is1 =>PUP.CompatibilityVerifier
O42 - Logiciel: HQPureV1.8 - (.HQPure.) [HKLM] -- HQPureV1.8 =>PUP.CrossRider
O42 - Logiciel: MySearchs - (.Pay-By-Ads.) [HKCU] -- mysearchs =>PUP.PaybyAds
O42 - Logiciel: Network System Driver - (...) [HKLM] -- inethnfd =>PUP.NetworkSystemDriver
O42 - Logiciel: Object Browser - (.ObjectB.) [HKLM] -- Object Browser =>PUP.ObjectBrowser
O42 - Logiciel: SDU version 3.8 - (...) [HKLM] -- {A23B547D-36B0-4B85-B68A-AADF6C9A723B}_is1
O42 - Logiciel: Salus - (.Salus.) [HKLM] -- Salus =>PUP.Salus
O42 - Logiciel: Search App by Ask - (.APN, LLC.) [HKLM] -- {4F524A2D-5350-4500-76A7-A758B70C0F05} =>Toolbar.Ask
O42 - Logiciel: Shopping App by Ask - (.APN, LLC.) [HKLM] -- {4F524A2D-5354-2D53-5045-A758B70C1200} =>Toolbar.Ask
O42 - Logiciel: lection - (.subpar.) [HKLM] -- {55d4b236-fe79-4782-cc2d-55acaf147087}
O42 - Logiciel: v9 uninstall - (.v9.) [HKLM] -- v9 uninstall
~ Logic: 37 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\3c3a534f04969d4e50a06123335f5c5c] =>PUP.CrossRider
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKCU\Software\Auralis]
[HKCU\Software\Blingee]
[HKCU\Software\BlockAndSurf] =>PUP.BlockAndSurf
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\DLON]
[HKCU\Software\DynConIE] =>PUP.DynConIE
[HKCU\Software\Flowsurf] =>PUP.FlowSurf
[HKCU\Software\ForumerIT] =>Toolbar.Forumer
[HKCU\Software\HQPureV1.8] =>PUP.CrossRider
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Krillbite Studio]
[HKCU\Software\Lasaoren] =>PUP.Lasaoren
[HKCU\Software\Mojang]
[HKCU\Software\OB]
[HKCU\Software\Object Browser-nv-ie] =>PUP.ObjectBrowser
[HKCU\Software\Object Browser-nv] =>PUP.ObjectBrowser
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\OperaOB]
[HKCU\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Reg]
[HKCU\Software\SKS]
[HKCU\Software\Screen Saver Builder]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Store] =>PUP.Nosibay
[HKCU\Software\StudioQTRobloxReg]
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Vittalia] =>PUP.Vittalia
[HKCU\Software\_CrossriderRegNamePlaceHolder_] =>PUP.CrossRider
[HKCU\Software\eduweb]
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\iWebar-nv-ie] =>PUP.CrossRider
[HKCU\Software\subpar]
[HKCU\Software\toolbar]
[HKCU\Software\tuto4pc] =>PUP.AgenceExclusive
[HKLM\Software\0892CCEA-3029-46F2-BD98-F3177431F5F8] =>PUP.CrossRider
[HKLM\Software\647470bb-35f5-4bce-9163-771d0d68e0c0] =>PUP.CrossRider
[HKLM\Software\6BF4692A-DBA3-4A6F-B5CF-C980FAECEE18] =>PUP.CrossRider
[HKLM\Software\7f2b12de-4f56-401f-9a2d-364a682b36b4] =>PUP.CrossRider
[HKLM\Software\AdvertisingSupport] =>PUP.AdvertisingSupport
[HKLM\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKLM\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Browser Warden] =>Adware.BrowserWarden
[HKLM\Software\Client]
[HKLM\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\EE1CC829-C74F-48D0-8CEA-FAB0FDF08C09] =>PUP.CrossRider
[HKLM\Software\ErrorLists-crcodedownloader] =>PUP.CrossRider
[HKLM\Software\F978377C-B7D4-4536-8E10-14CA97B13394] =>PUP.CrossRider
[HKLM\Software\FREE_SOFT_TODAY] =>Adware.FreeSoftToday
[HKLM\Software\HQPureV1.8-nv] =>PUP.CrossRider
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\MaxPower]
[HKLM\Software\Mojang]
[HKLM\Software\Object Browser-nv-ie] =>PUP.ObjectBrowser
[HKLM\Software\Object Browser-nv] =>PUP.ObjectBrowser
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\Reg]
[HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp
[HKLM\Software\SupDp] =>PUP.SupTab
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Universal]
[HKLM\Software\WebBar]
[HKLM\Software\Wpm] =>PUP.WpManager
[HKLM\Software\rrsavings] =>PUP.SupraSavings
[HKLM\Software\supTab] =>PUP.SupTab
[HKLM\Software\supWPM] =>PUP.WpManager
~ Key Software: 362 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/01/2015 - 20:50:15 - [] ----D C:\Program Files\-BlockAndSurfS =>PUP.BlockAndSurf
O43 - CFD: 18/04/2015 - 12:52:38 - [] ----D C:\Program Files\002 =>Adware.AdPeak
O43 - CFD: 22/06/2014 - 12:14:34 - [] ----D C:\Program Files\003 =>Adware.AdPeak
O43 - CFD: 18/04/2015 - 12:45:57 - [0] ----D C:\Program Files\app_setup
O43 - CFD: 19/10/2014 - 17:47:07 - [] ----D C:\Program Files\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 18/04/2015 - 12:48:37 - [] ----D C:\Program Files\b1e7e6cb-f823-44a0-9570-587e7abecc40
O43 - CFD: 08/07/2014 - 23:22:03 - [] ----D C:\Program Files\Brutal Legend
O43 - CFD: 12/08/2014 - 12:08:43 - [] ----D C:\Program Files\fabreasy
O43 - CFD: 14/11/2014 - 12:13:42 - [] ----D C:\Program Files\Flowsurf =>PUP.FlowSurf
O43 - CFD: 02/11/2014 - 19:19:08 - [] ----D C:\Program Files\GetPrivate
O43 - CFD: 14/12/2013 - 14:37:29 - [] ----D C:\Program Files\GUM14.tmp
O43 - CFD: 14/12/2013 - 14:37:51 - [] ----D C:\Program Files\GUM16.tmp
O43 - CFD: 14/11/2014 - 12:12:47 - [] ----D C:\Program Files\HQPureV1.8 =>PUP.CrossRider
O43 - CFD: 02/11/2014 - 19:19:10 - [] ----D C:\Program Files\LPT =>Adware.Incredibar
O43 - CFD: 18/04/2015 - 12:49:17 - [] ----D C:\Program Files\Object Browser =>PUP.ObjectBrowser
O43 - CFD: 18/04/2015 - 12:49:57 - [] ----D C:\Program Files\Salus =>PUP.Salus
O43 - CFD: 18/04/2015 - 12:45:43 - [] ----D C:\Program Files\SDU
O43 - CFD: 18/04/2015 - 12:50:13 - [] ----D C:\Program Files\Smmy4ntk1ytiwzdl
O43 - CFD: 09/07/2014 - 12:30:37 - [] ----D C:\Program Files\SupraSavings =>PUP.SupraSavings
O43 - CFD: 16/06/2014 - 21:08:51 - [0] ----D C:\Program Files\SupTab =>PUP.SupTab
O43 - CFD: 11/01/2012 - 14:28:09 - [] ----D C:\Program Files\WolfQuest
O43 - CFD: 04/06/2014 - 20:35:38 - [0] ----D C:\Program Files\word
O43 - CFD: 26/11/2011 - 18:26:17 - [] ----D C:\Program Files\Yontoo Layers =>Adware.Yontoo
O43 - CFD: 22/06/2014 - 13:01:28 - [] ----D C:\Program Files\Fichiers communs\Config
O43 - CFD: 15/01/2015 - 12:42:24 - [0] ----D C:\Documents and Settings\All Users\Application Data\2308189059
O43 - CFD: 25/05/2014 - 10:57:46 - [] ----D C:\Documents and Settings\All Users\Application Data\APN
O43 - CFD: 24/03/2013 - 13:49:42 - [] ----D C:\Documents and Settings\All Users\Application Data\Ask
O43 - CFD: 19/10/2014 - 17:47:07 - [] ----D C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 02/11/2014 - 19:19:07 - [] ----D C:\Documents and Settings\All Users\Application Data\IePluginServices =>PUP.IePluginService
O43 - CFD: 21/05/2014 - 12:37:59 - [0] ----D C:\Documents and Settings\All Users\Application Data\Tarma Installer =>PUP.Tarma
O43 - CFD: 12/06/2011 - 10:14:52 - [] ----D C:\Documents and Settings\All Users\Application Data\Trymedia =>Adware.Trymedia
O43 - CFD: 16/11/2012 - 18:33:08 - [] ----D C:\Documents and Settings\All Users\Application Data\Vivitar
O43 - CFD: 12/06/2014 - 11:59:29 - [] ----D C:\Documents and Settings\All Users\Application Data\WindowsProtectManger =>PUP.Fuyu
O43 - CFD: 17/05/2011 - 20:04:02 - [] R---D C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Jeux
O43 - CFD: 22/06/2014 - 13:01:24 - [] ----D C:\Documents and Settings\AA\Application Data\29821
O43 - CFD: 18/04/2015 - 12:45:01 - [] ----D C:\Documents and Settings\AA\Application Data\30680
O43 - CFD: 16/06/2014 - 21:06:11 - [0] ----D C:\Documents and Settings\AA\Application Data\337Games =>Hijacker.22Find
O43 - CFD: 19/06/2014 - 17:46:42 - [0] ----D C:\Documents and Settings\AA\Application Data\Activeris =>PUP.Activeris
O43 - CFD: 02/11/2014 - 19:19:07 - [] ----D C:\Documents and Settings\AA\Application Data\GetPrivate
O43 - CFD: 18/04/2015 - 12:40:02 - [] ----D C:\Documents and Settings\AA\Application Data\Imminent
O43 - CFD: 18/04/2015 - 12:45:33 - [] ----D C:\Documents and Settings\AA\Application Data\lection
O43 - CFD: 18/04/2015 - 12:50:05 - [] ----D C:\Documents and Settings\AA\Application Data\mmy4yzlxywswbtl
O43 - CFD: 30/04/2013 - 20:58:37 - [] ----D C:\Documents and Settings\AA\Application Data\OfferBox =>PUP.OfferBox
O43 - CFD: 27/08/2014 - 19:20:37 - [] ----D C:\Documents and Settings\AA\Application Data\Pay-By-Ads =>PUP.PaybyAds
O43 - CFD: 23/06/2012 - 15:15:55 - [] ----D C:\Documents and Settings\AA\Application Data\PriceGong =>Adware.PriceGong
O43 - CFD: 07/10/2014 - 20:56:11 - [] ----D C:\Documents and Settings\AA\Application Data\Protect
O43 - CFD: 16/06/2014 - 21:12:24 - [] ----D C:\Documents and Settings\AA\Application Data\qone8 =>Hijacker.Qone8
O43 - CFD: 12/08/2014 - 12:21:28 - [0] ----D C:\Documents and Settings\AA\Application Data\Store
O43 - CFD: 16/06/2014 - 21:08:54 - [] ----D C:\Documents and Settings\AA\Application Data\sweet-page =>PUP.SweetPage
O43 - CFD: 26/11/2011 - 19:49:17 - [0] ----D C:\Documents and Settings\AA\Application Data\Toolbar4
O43 - CFD: 31/10/2014 - 15:45:20 - [] ----D C:\Documents and Settings\AA\Application Data\v9
O43 - CFD: 28/05/2014 - 21:34:37 - [] ----D C:\Documents and Settings\AA\Application Data\VirusMaker =>PUP.VirusMaker
O43 - CFD: 22/08/2014 - 11:08:10 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\AskPartnerNetwork =>Toolbar.AskBar
O43 - CFD: 22/06/2014 - 12:15:01 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\com
O43 - CFD: 13/10/2013 - 17:50:36 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\combroadcaster =>PUP.Eorezo
O43 - CFD: 23/05/2014 - 21:24:33 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\den
O43 - CFD: 18/04/2015 - 12:11:33 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\GVSE
O43 - CFD: 18/04/2015 - 12:47:25 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\Installer
O43 - CFD: 15/06/2014 - 15:08:06 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\Krillbite Studio
O43 - CFD: 28/09/2014 - 15:58:28 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\Lasaoren =>PUP.Lasaoren
O43 - CFD: 22/06/2014 - 15:03:20 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\Roblox
O43 - CFD: 04/08/2014 - 18:03:07 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\RobloxDownloads
O43 - CFD: 12/08/2014 - 12:16:00 - [0] ----D C:\Documents and Settings\AA\Local Settings\Application Data\RobloxVersions
O43 - CFD: 26/11/2011 - 19:45:00 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\safeupdater
O43 - CFD: 25/06/2014 - 15:18:31 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\SKS
O43 - CFD: 08/07/2014 - 20:35:09 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\Virus_Maker
O43 - CFD: 09/12/2012 - 16:07:46 - [] ----D C:\Documents and Settings\AA\Local Settings\Application Data\Vivitar Experience Image Manager
~ Program Folder: 307 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.F07BBD55254F3A3E1849C9FDDB7E31E3] - 14/04/2015 - 08:16:54 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1917]
O44 - LFC:[MD5.E559C459B938E8CA4E4A0384A06E6EB6] - 18/04/2015 - 07:21:10 ---A- . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) -- C:\WINDOWS\system32\Drivers\mmi4nzk4ytywyjl.sys [56200]
O44 - LFC:[MD5.D7CCE5E4FB643F485EA5496CA28A2A3A] - 18/04/2015 - 17:40:24 ---A- . (...) -- C:\WINDOWS\system.ini [274]
O44 - LFC:[MD5.109DADE7FDB50C0131CFC00397D159CC] - 18/04/2015 - 17:40:24 ---A- . (...) -- C:\WINDOWS\win.ini [620]
O44 - LFC:[MD5.6F38BA1D2FC66721CC631125C5D60D57] - 18/04/2015 - 17:42:57 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.84AB78397C83039427C755DD96A42C36] - 18/04/2015 - 17:42:57 ---A- . (...) -- C:\WINDOWS\wiaservc.log [313]
O44 - LFC:[MD5.0E6E05B007F175AA467360DB3532FB33] - 18/04/2015 - 17:43:20 ---A- . (...) -- C:\lxcr.log [36246]
O44 - LFC:[MD5.537BC90E05656D5ACF8AB955BC87E799] - 18/04/2015 - 17:52:44 ---A- . (...) -- C:\WINDOWS\msmqinst.log [561076]
O44 - LFC:[MD5.57D91EA6C436FBA08DBF94CFD733BA2E] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1767844]
O44 - LFC:[MD5.4F6F9CD7D25B7049B718620E57ADA45B] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [125416]
O44 - LFC:[MD5.C76764CEEE1D0888A172F5773B5CC059] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\comsetup.log [602514]
O44 - LFC:[MD5.F0134EA3BE1FD3C4B99A9E4CACB511EA] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\iis6.log [2000964]
O44 - LFC:[MD5.5BB808B7B02DBDB28542119C716862DC] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\imsins.log [1917]
O44 - LFC:[MD5.5859CA8B837EDA3380657D5A60FC79CB] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\msgsocm.log [90416]
O44 - LFC:[MD5.D27CFA2CCBFA42402E8B2C544F5654E1] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\netfxocm.log [313276]
O44 - LFC:[MD5.4E8B9D69B4D8CD726A24BF93F58368B3] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [367749]
O44 - LFC:[MD5.A11719239A53B3F1E8A6FBDB45BA6FFC] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\ocgen.log [897428]
O44 - LFC:[MD5.75BE41451F787E4B45B98EF63715901F] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\ocmsn.log [99090]
O44 - LFC:[MD5.D2F37988AAA7ECB494CA169774AF6FEE] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\tabletoc.log [88643]
O44 - LFC:[MD5.8FDDB18F8179EFB3135F82AC05EC4C38] - 18/04/2015 - 17:52:50 ---A- . (...) -- C:\WINDOWS\tsoc.log [832320]
~ Files: 34 Legitimates Filtered in 00mn 01s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe" [Enabled] .(...) -- C:\Program Files\TrackMania Nations ESWC\TmNationsESWC.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Metin2_France\metin2.bin" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Metin2_France\metin2.bin
O47 - AAKE:Key Export SP - "C:\Program Files\Metin2_France\metin2client.bin" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files\Metin2_France\metin2client.bin
O47 - AAKE:Key Export SP - "C:\Program Files\Xfire\Xfire.exe" [Enabled] .(...) -- C:\Program Files\Xfire\Xfire.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\valve\hl.exe" [Enabled] .(...) -- C:\Program Files\valve\hl.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\TornTV.com\Torntv Downloader.exe" [Disabled] .(...) -- C:\Program Files\TornTV.com\Torntv Downloader.exe (.not file.) =>Hijacker.TornTV
O47 - AAKE:Key Export SP - "C:\Program Files\Counter-Strike 1.6\hl.exe" [Disabled] .(...) -- C:\Program Files\Counter-Strike 1.6\hl.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\AA\Local Settings\Apps\2.0\DBBJ2Y0L.Y0Q\7NWEGQV3.85P\laun...app_59711684aa47878d_0001.0023_dcb11edce2780610\Launcher.exe" [Enabled] .(...) -- C:\Documents and Settings\AA\Local Settings\Apps\2.0\DBBJ2Y0L.Y0Q\7NWEGQV3.85P\laun...app_59711684aa47878d_0001.0023_dcb11edce2780610\Launcher.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\AA\Mes documents\Downloads\rush_team_aimbot_download_downloader.exe" [Enabled] .(...) -- C:\Documents and Settings\AA\Mes documents\Downloads\rush_team_aimbot_download_downloader.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\goforfilesdl.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.) =>P2P.GoforFiles
O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\GoforFiles.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.) =>P2P.GoforFiles
O47 - AAKE:Key Export SP - "C:\Program Files\Battle.net\Battle.net.exe" [Enabled] .(...) -- C:\Program Files\Battle.net\Battle.net.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\AA\Mes documents\Downloads\rush_team_aimbot_download_downloader (3).exe" [Enabled] .(...) -- C:\Documents and Settings\AA\Mes documents\Downloads\rush_team_aimbot_download_downloader (3).exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\YourFileDownloader\Downloader.exe" [Enabled] .(...) -- C:\Program Files\YourFileDownloader\Downloader.exe (.not file.) =>PUP.YourFileDownloader
O47 - AAKE:Key Export SP - "C:\Program Files\YourFileDownloader\YourFile.exe" [Enabled] .(...) -- C:\Program Files\YourFileDownloader\YourFile.exe (.not file.) =>PUP.YourFileDownloader
O47 - AAKE:Key Export SP - "C:\Program Files\Hearthstone\Hearthstone.exe" [Enabled] .(...) -- C:\Program Files\Hearthstone\Hearthstone.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\JFileManager\JFileManager.exe" [Disabled] .(...) -- C:\Program Files\JFileManager\JFileManager.exe (.not file.) =>PUP.JFileManager
O47 - AAKE:Key Export SP - "C:\Documents and Settings\AA\Local Settings\Temp\Rar$EX07.359\Berserker Quest 1.1\darkplaces.exe" [Enabled] .(...) -- C:\Documents and Settings\AA\Local Settings\Temp\Rar$EX07.359\Berserker Quest 1.1\darkplaces.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\AA\Local Settings\Application Data\Akamai\netsession_win.exe" [Enabled] .(...) -- C:\Documents and Settings\AA\Local Settings\Application Data\Akamai\netsession_win.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.2880\Agent.exe" [Enabled] .(...) -- C:\Documents and Settings\All Users\Application Data\Battle.net\Agent\Agent.2880\Agent.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\mystarttb\ToolbarCleaner.exe" [Enabled] .(...) -- C:\Program Files\mystarttb\ToolbarCleaner.exe (.not file.) =>Spyware.VMNToolbar
O47 - AAKE:Key Export SP - "C:\Program Files\Bench\Proxy\proc.exe" [Enabled] .(...) -- C:\Program Files\Bench\Proxy\proc.exe (.not file.) =>PUP.GiganticSavings
O47 - AAKE:Key Export SP - "C:\Program Files\Bench\Proxy\pwdg.exe" [Enabled] .(...) -- C:\Program Files\Bench\Proxy\pwdg.exe (.not file.) =>PUP.GiganticSavings
O47 - AAKE:Key Export SP - "c:\windows\temp\db22.exe" [Enabled] .(...) -- c:\windows\temp\db22.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db24.exe" [Enabled] .(...) -- c:\windows\temp\db24.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db25.exe" [Enabled] .(...) -- c:\windows\temp\db25.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db27.exe" [Enabled] .(...) -- c:\windows\temp\db27.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db28.exe" [Enabled] .(...) -- c:\windows\temp\db28.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db29.exe" [Enabled] .(...) -- c:\windows\temp\db29.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db1.exe" [Enabled] .(...) -- c:\windows\temp\db1.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\DOCUME~1\AA\LOCALS~1\Temp\I6b05a81.exe" [Enabled] .(...) -- C:\DOCUME~1\AA\LOCALS~1\Temp\I6b05a81.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db101.exe" [Enabled] .(...) -- c:\windows\temp\db101.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db444.exe" [Enabled] .(...) -- c:\windows\temp\db444.exe (.not file.)
O47 - AAKE:Key Export SP - "c:\windows\temp\db445.exe" [Enabled] .(...) -- c:\windows\temp\db445.exe (.not file.)
~ Keys Export: 59 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{164f50fd-ef23-11e3-9e46-00262d17e008}\AutoRun\command. (...) -- H:\SETUP.exe (.not file.)
O51 - MPSK:{6a71b448-e831-11e3-9e35-00262d17e008}\AutoRun\command. (...) -- J:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\SoftwareHelper [Key] . (...) -- C:\Documents and Settings\AA\Application Data\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (.not file.) =>PUP.Eorezo
O53 - SMSR:HKLM\...\startupreg\YTDownloader [Key] . (...) -- C:\Program Files\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
~ SMSR Keys: 2 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:15/12/2005 - 13:57:46 ---A- . (.C-Media Inc - C-Media Audio WDM Driver.) -- C:\WINDOWS\system32\Drivers\cmuda.sys [1368000]
O58 - SDL:04/11/2010 - 12:09:06 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\WINDOWS\system32\Drivers\dgderdrv.sys [18120]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:20/06/2012 - 10:51:34 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\WINDOWS\system32\Drivers\massfilter_hs.sys [17672]
O58 - SDL:18/04/2015 - 07:21:10 ---A- . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) -- C:\WINDOWS\system32\Drivers\mmi4nzk4ytywyjl.sys [56200]
O58 - SDL:12/06/2014 - 20:05:34 ---A- . (.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) -- C:\WINDOWS\system32\Drivers\netfilter.sys [47488]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:10/08/2005 - 13:44:04 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\WINDOWS\system32\Drivers\sfdrv01.sys [50688]
O58 - SDL:16/05/2005 - 14:20:39 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\system32\Drivers\sfhlp02.sys [6656]
O58 - SDL:03/11/2005 - 15:40:07 ---A- . (.Protection Technology - StarForce Protection VFS Driver.) -- C:\WINDOWS\system32\Drivers\sfvfs02.sys [63488]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:16/06/2014 - 16:48:00 ---A- . (.StdLib - StdLib.) -- C:\WINDOWS\system32\Drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gt.sys [55232] =>PUP.LinkiDoo
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:04/11/2010 - 12:07:00 ---A- . (...) -- C:\WINDOWS\system32\FsUsbExDisk.Sys [36640]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 58 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 10/10/2014 - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe (APNMCP) .(.APN LLC. - APN Updater.) - LEGACY_APNMCP =>Toolbar.AskBar
O64 - Services: CurCS - 22/06/2014 - C:\Program Files\003\buuoujqmrk32.exe (buuoujqmrk32) .(...) - LEGACY_BUUOUJQMRK32 =>Adware.AdPeak
O64 - Services: CurCS - 04/11/2010 - C:\WINDOWS\system32\dgdersvc.exe (dgdersvc) .(.Devguru Co., Ltd. - Device Error Recovery SDK(x86).) - LEGACY_DGDERSVC
O64 - Services: CurCS - 22/06/2014 - C:\Program Files\002\fpvoixdaog32.exe (fpvoixdaog32) .(...) - LEGACY_FPVOIXDAOG32 =>Adware.AdPeak
O64 - Services: CurCS - 03/02/2006 - C:\WINDOWS\system32\lxcrcoms.exe (lxcr_device) .(.Pas de propriétaire - Printer Communication System.) - LEGACY_LXCR_DEVICE
O64 - Services: CurCS - 18/04/2015 - C:\WINDOWS\system32\drivers\mmi4nzk4ytywyjl.sys (mmi4nzk4ytywyjl) .(.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) - LEGACY_MMI4NZK4YTYWYJL
O64 - Services: CurCS - 12/06/2014 - C:\WINDOWS\system32\drivers\netfilter.sys (netfilter) .(.NetFilterSDK.com - NetFilter SDK TDI Hook Driver (WPP).) - LEGACY_NETFILTER
O64 - Services: CurCS - 25/04/2014 - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (SDScannerService) .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - LEGACY_SDSCANNERSERVICE
O64 - Services: CurCS - 25/04/2014 - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe (SDUpdateService) .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - LEGACY_SDUPDATESERVICE
O64 - Services: CurCS - 03/11/2005 - C:\WINDOWS\system32\drivers\sfvfs02.sys (sfvfs02) .(.Protection Technology - StarForce Protection VFS Driver.) - LEGACY_SFVFS02
O64 - Services: CurCS - 16/06/2014 - C:\WINDOWS\system32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gt.sys ({587cb346-a3d8-4884-b39b-f0ed918b6f96}Gt) .(.StdLib - StdLib.) - LEGACY_{587CB346-A3D8-4884-B39B-F0ED918B6F96}GT =>PUP.LinkiDoo
~ Legacy: 157 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Documents and Settings\AA\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (SafeFinder Search) - http://feed.safefinder.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {1F096B29-E9DA-4D64-8D63-936BE7762CC5} - (Search the web (Babylon)) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} - (SafeFinder Search) - http://feed.safefinder.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {9CB96984-43C3-4D44-90EF-01466EFCF7BB} - (Yahoo! (Avast)) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {9D8F01F4-58BF-4D6A-8EEB-6B0CE2B2A4B2} - (Search The Web (Only-Search)) - http://www.only-search.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {A25AC313-DD19-4238-ACA2-401D6BEE4321} - (Search The Web) - http://www.mystart.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {BCB239CB-84E3-42F9-A4B7-6AF3D7ADAE1E} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {BF60336C-AE41-474A-B8D0-F9B4A10AE749} - (Search The Web (mysearchs)) - http://start.mysearchs.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {C7576B9D-B442-46bc-AF74-080A9E723E01} - (Search-Results Search) - http://websearch.search-results.com
O69 - SBI: SearchScopes [HKCU] {D40C284C-9191-41AD-B3B9-893535B1426E} - (Search The Web (buenosearch)) - http://www.buenosearch.com =>PUP.BuenoSearch
O69 - SBI: SearchScopes [HKUS\S-1-5-19] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-20] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.82966A6E2543481FB8BE79913614E8A3] [SPRF][13/04/2015] (...) -- C:\Documents and Settings\All Users\Application Data\20V2A8Ue.dat [112]
[MD5.8AED411F6C4F050EB14433D97220CC16] [SPRF][21/03/2015] (...) -- C:\Documents and Settings\All Users\Application Data\NdtI5Ah4.dat [112]
[MD5.03382F9DCBCFB9306B244505D2CD5716] [SPRF][18/04/2015] (.ObjectB - Object Browser exe.) -- C:\Documents and Settings\AA\Application Data\DLON.exe [1716736] =>PUP.ObjectBrowser
[MD5.CEE35C66AA65C0B714F31A16738DEFC0] [SPRF][03/06/2014] (...) -- C:\Documents and Settings\AA\Application Data\DOK52P4Q3J.dat [36]
[MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [SPRF][04/07/2011] (...) -- C:\Documents and Settings\AA\Application Data\PnkBstrK.sys [138056]
[MD5.23944C63CD817ABE715E6B29EC7C3850] [SPRF][29/10/2013] (...) -- C:\Documents and Settings\AA\Application Data\Win_security32.exe [517632]
[MD5.4705BB93B19E5542BA719D0BB9678ABD] [SPRF][02/11/2014] (...) -- C:\Documents and Settings\AA\Bureau\MyPCBackup.exe [73880] =>PUP.MyPCBackup
[MD5.8E624BCFFCFE47F70F93FC461A85F439] [SPRF][02/11/2014] (.SHelp2 - SHelp2.) -- C:\Documents and Settings\AA\Bureau\ShoppingHelper.exe [10552176]
~ Files: 11 Legitimates Filtered in 00mn 02s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\3c3a534f04969d4e50a06123335f5c5c]:[kl]="
15/04/18 chrome minecraft code generator 2014 no survey - YouTube - Google Chrome
no [ENTER]
55fbb4[ENTER]
jpeg[ENTE
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.0AEBE0523F0ECBAC31104E157452A1D9] [WIS][19/10/2014] (.APN, LLC - Shopping App by Ask.) -- C:\Windows\Installer\1b494b8.msi [493568] =>Toolbar.Ask
[MD5.14F0E03EAB66363DA9906B00B0A61730] [WIS][22/08/2014] (.APN, LLC - Search App by Ask.) -- C:\Windows\Installer\860b6.msi [481280] =>Toolbar.Ask
[MD5.16EFF122E0AA475FDEA44517C490DFC6] [WIS][12/08/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\8f9e08.msi [462848] =>Adware.IncrediBar
~ WIS: 3 Legitimates Filtered in 00mn 02s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{22222222-2222-2222-2222-220622172262}] (CrossriderApp0061762.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate
[HKCR\CLSID\{86ac6ea1-11f8-42b3-80b6-461fe9beacd0}] (AWinUpd Class) =>PUP.WinRST
[HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate
[HKCR\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}] (FlowSurf) =>PUP.FlowSurf
~ BCK: 4870 Legitimates Filtered in 00mn 10s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 15/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 18/04/2015 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Demand 18/04/2015 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Auto 13/09/2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/09/2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/11/2014 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 01/08/2008 159812 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SS - | Demand 26/06/2014 1771560 | (PDF Architect 2) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect 2\ws.exe
SS - | Demand 26/06/2014 861736 | (pdfforge CrashHandler) . (.pdfforge GmbH.) - C:\Program Files\PDF Architect 2\crash-handler-ws.exe
SS - | Auto 25/04/2014 171928 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
SS - | Auto 22/07/1658 0 | (servervo) . (...) - C:\Documents and Settings\AA\Application Data\VOPackage\VOsrv.exe =>Adware.Downware
SS - | Disabled 15/06/2014 159744 | (ServiceUpdater) . (...) - C:\WINDOWS\system32\netupdsrv.exe
SR - | Auto 10/10/2014 166296 | (APNMCP) . (.APN LLC..) - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.AskBar
SR - | Auto 22/06/2014 541696 | (buuoujqmrk32) . (...) - C:\Program Files\003\buuoujqmrk32.exe =>Adware.AdPeak
SR - | Auto 04/11/2010 95568 | (dgdersvc) . (.Devguru Co., Ltd..) - C:\WINDOWS\system32\dgdersvc.exe
SR - | Auto 22/06/2014 541696 | (fpvoixdaog32) . (...) - C:\Program Files\002\fpvoixdaog32.exe =>Adware.AdPeak
SR - | Auto 04/11/2010 217088 | (FsUsbExService) . (.Teruten.) - C:\WINDOWS\system32\FsUsbExService.exe
SR - | Auto 24/01/2015 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Demand 03/02/2006 495616 | (lxcr_device) . (...) - C:\WINDOWS\system32\lxcrcoms.exe
SR - | Auto 25/04/2014 1738200 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 25/04/2014 2081752 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Services: Scanned in 00mn 11s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/04/2015)
Clés trouvées (Keys found) : 113
Valeurs trouvées (Values found) : 4
Dossiers trouvés (Folders found) : 38
Fichiers trouvés (Files found) : 75

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171162}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5354-2D53-5045-7A786E7484D7}] =>Toolbar.AskBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FE4EECC-66BE-A414-BB4B-AB1302C02959}] =>PUP.BlockAndSurf^
[HKLM\SYSTEM\CurrentControlSet\Services\APNMCP] =>Toolbar.AskBar^
[HKLM\SYSTEM\CurrentControlSet\Services\buuoujqmrk32] =>Adware.AdPeak^
[HKLM\SYSTEM\CurrentControlSet\Services\fpvoixdaog32] =>Adware.AdPeak^
[HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^
[HKLM\SYSTEM\CurrentControlSet\Services\servervo] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\4FA2B2AB-CC09-6DE1-FC62-FD7C9D136FBC] =>PUP.BlockAndSurf^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7AF56C9C-F827-41A9-9998-047116F688A4}_is1] =>PUP.CompatibilityVerifier^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\HQPureV1.8] =>PUP.CrossRider^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchs] =>PUP.PaybyAds^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd] =>PUP.NetworkSystemDriver^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Salus] =>PUP.Salus^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5350-4500-76A7-A758B70C0F05}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4F524A2D-5354-2D53-5045-A758B70C1200}] =>Toolbar.Ask^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SoftwareHelper] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\YTDownloader] =>PUP.YTDownloader^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf6-072e-44cf-8957-5838f569a31d}] =>Adware.MyWebSearch
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] =>PUP.Babylon
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{58124A0B-DC32-4180-9BFF-E0E21AE34026}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}] =>PUP.Babylon
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] =>PUP.Eorezo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C10DC1F4-CCDF-4224-A24D-B23AFC3573C8}] =>PUP.Eorezo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.Avira
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\eorezo] =>PUP.Eorezo
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Iminent] =>Adware.IMBooster
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect] =>Toolbar.Conduit
[HKCU\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKCU\Software\Toolbar] =>Toolbar.Conduit
[HKCU\Software\Tuto4pc] =>PUP.Eorezo
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}] =>PUP.Software.Updater
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Microsoft\Multimedia\WMPlayer\Schemes\f3pss] =>Adware.MyWebSearch
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk] =>Spyware.GophotoIt
[HKLM\Software\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh] =>Adware.WebCake
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}] =>Adware.SimilarSites
[HKLM\Software\delta-homesSoftware] =>Toolbar.DeltaSearch
[HKLM\Software\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje] =>Hijacker.TornTV
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKLM\Software\Classes\CrossriderApp0061762.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0061762.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0061762.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0061762.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\Toolbar.CT2542115] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2795622] =>Toolbar.Conduit
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622172262}] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\mysearchs] =>Adware.MyWebSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{4F524A2D-5354-2D53-5045-7A786E7484D7} =>Toolbar.AskBar^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:combroadcaster =>PUP.Eorezo^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Bubble Dock =>PUP.BubbleDock^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Documents and Settings\AA\Application Data\Mozilla\Firefox\Profiles\EP: RegExtension {ECC2817C-A04E-6278-10A4-D5F7645AD794} . (...) -- C:\extensions\Program Files\-BlockAndSurfS\174.xpi =>PUP.BlockAndSurf^
C:\Program Files\-BlockAndSurfS =>PUP.BlockAndSurf^
C:\Program Files\002 =>Adware.AdPeak^
C:\Program Files\003 =>Adware.AdPeak^
C:\Program Files\AskPartnerNetwork =>Toolbar.AskBar^
C:\Program Files\Flowsurf =>PUP.FlowSurf^
C:\Program Files\HQPureV1.8 =>PUP.CrossRider^
C:\Program Files\LPT =>Adware.Incredibar^
C:\Program Files\Object Browser =>PUP.ObjectBrowser^
C:\Program Files\Salus =>PUP.Salus^
C:\Program Files\SupraSavings =>PUP.SupraSavings^
C:\Program Files\SupTab =>PUP.SupTab^
C:\Program Files\Yontoo Layers =>Adware.Yontoo^
C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork =>Toolbar.AskBar^
C:\Documents and Settings\All Users\Application Data\IePluginServices =>PUP.IePluginService^
C:\Documents and Settings\All Users\Application Data\Tarma Installer =>PUP.Tarma^
C:\Documents and Settings\All Users\Application Data\Trymedia =>Adware.Trymedia^
C:\Documents and Settings\All Users\Application Data\WindowsProtectManger =>PUP.Fuyu^
C:\Documents and Settings\AA\Application Data\337Games =>Hijacker.22Find^
C:\Documents and Settings\AA\Application Data\Activeris =>PUP.Activeris^
C:\Documents and Settings\AA\Application Data\OfferBox =>PUP.OfferBox^
C:\Documents and Settings\AA\Application Data\Pay-By-Ads =>PUP.PaybyAds^
C:\Documents and Settings\AA\Application Data\PriceGong =>Adware.PriceGong^
C:\Documents and Settings\AA\Application Data\qone8 =>Hijacker.Qone8^
C:\Documents and Settings\AA\Application Data\sweet-page =>PUP.SweetPage^
C:\Documents and Settings\AA\Application Data\VirusMaker =>PUP.VirusMaker^
C:\Documents and Settings\AA\Local Settings\Application Data\AskPartnerNetwork =>Toolbar.AskBar^
C:\Documents and Settings\AA\Local Settings\Application Data\combroadcaster =>PUP.Eorezo^
C:\Documents and Settings\AA\Local Settings\Application Data\Lasaoren =>PUP.Lasaoren^
C:\Program Files\SearchProtect =>Toolbar.Conduit
C:\Program Files\Software =>Adware.Boxore
C:\Program Files\Gophoto.it =>Spyware.GophotoIt
C:\Documents and Settings\All Users\Application Data\Software =>Adware.Boxore
C:\Documents and Settings\AA\Application Data\Toolbar4 =>Toolbar.Conduit
C:\Documents and Settings\AA\Local Settings\Application Data\Installer =>Adware.InstallPedia
C:\Documents and Settings\AA\Local Settings\Application Data\safeupdater =>PUP.Eorezo
C:\Documents and Settings\AA\Local Settings\Application Data\Software =>Adware.Boxore
C:\Documents and Settings\AA\Local Settings\Application Data\Virus_Maker =>PUP.VirusMaker
C:\Documents and Settings\AA\Application Data\Mozilla\Firefox\Profiles\extensions\gophoto@gophoto.it.xpi =>Spyware.GophotoIt
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Program Files\Object Browser\a16d69c7-cd55-446e-92af-29fd6ca83d6a-6.exe =>PUP.ObjectBrowser^
C:\Program Files\Object Browser\a16d69c7-cd55-446e-92af-29fd6ca83d6a-1-6.exe =>PUP.ObjectBrowser^
C:\Program Files\HQPureV1.8\56b30422-7af9-48fb-8edc-0a0167188317-6.exe =>PUP.CrossRider^
C:\Program Files\Information\1fc95b54-525d-48f1-8dec-1c9dac662c7b.exe =>PUP.CrossRider^
C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe =>Toolbar.AskBar^
C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe =>Toolbar.AskBar^
C:\Program Files\-BlockAndSurfS\BlockAndSurf.exe =>PUP.BlockAndSurf^
C:\Documents and Settings\AA\Application Data\Pay-By-Ads\MySearchs\1.3.11.0\mysearchs.exe =>PUP.PaybyAds^
C:\Program Files\003\buuoujqmrk32.exe =>Adware.AdPeak^
C:\Program Files\002\fpvoixdaog32.exe =>Adware.AdPeak^
C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-1.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-11.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-3.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-4.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-5.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-6.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\56b30422-7af9-48fb-8edc-0a0167188317-7.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\a16d69c7-cd55-446e-92af-29fd6ca83d6a-5.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\a16d69c7-cd55-446e-92af-29fd6ca83d6a-6.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\a16d69c7-cd55-446e-92af-29fd6ca83d6a-7.job =>PUP.CrossRider^
C:\WINDOWS\Tasks\AmiUpdXp.job =>PUP.Software.Updater^
C:\WINDOWS\Tasks\GlobalUpdate-mmy4yzlxywswbtl.job =>PUP.GlobalUpdate^
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^
[HKCU\Software\3c3a534f04969d4e50a06123335f5c5c] =>PUP.CrossRider^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\BlockAndSurf] =>PUP.BlockAndSurf^
[HKCU\Software\DynConIE] =>PUP.DynConIE^
[HKCU\Software\Flowsurf] =>PUP.FlowSurf^
[HKCU\Software\ForumerIT] =>Toolbar.Forumer^
[HKCU\Software\HQPureV1.8] =>PUP.CrossRider^
[HKCU\Software\Lasaoren] =>PUP.Lasaoren^
[HKCU\Software\Object Browser-nv-ie] =>PUP.ObjectBrowser^
[HKCU\Software\Object Browser-nv] =>PUP.ObjectBrowser^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\Store] =>PUP.Nosibay^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\Vittalia] =>PUP.Vittalia^
[HKCU\Software\_CrossriderRegNamePlaceHolder_] =>PUP.CrossRider^
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^
[HKCU\Software\iWebar-nv-ie] =>PUP.CrossRider^
[HKCU\Software\tuto4pc] =>PUP.AgenceExclusive^
[HKLM\Software\0892CCEA-3029-46F2-BD98-F3177431F5F8] =>PUP.CrossRider^
[HKLM\Software\647470bb-35f5-4bce-9163-771d0d68e0c0] =>PUP.CrossRider^
[HKLM\Software\6BF4692A-DBA3-4A6F-B5CF-C980FAECEE18] =>PUP.CrossRider^
[HKLM\Software\7f2b12de-4f56-401f-9a2d-364a682b36b4] =>PUP.CrossRider^
[HKLM\Software\AdvertisingSupport] =>PUP.AdvertisingSupport^
[HKLM\Software\Browser Warden] =>Adware.BrowserWarden^
[HKLM\Software\EE1CC829-C74F-48D0-8CEA-FAB0FDF08C09] =>PUP.CrossRider^
[HKLM\Software\ErrorLists-crcodedownloader] =>PUP.CrossRider^
[HKLM\Software\F978377C-B7D4-4536-8E10-14CA97B13394] =>PUP.CrossRider^
[HKLM\Software\FREE_SOFT_TODAY] =>Adware.FreeSoftToday^
[HKLM\Software\HQPureV1.8-nv] =>PUP.CrossRider^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\Object Browser-nv-ie] =>PUP.ObjectBrowser^
[HKLM\Software\Object Browser-nv] =>PUP.ObjectBrowser^
[HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp^
[HKLM\Software\SupDp] =>PUP.SupTab^
[HKLM\Software\Wpm] =>PUP.WpManager^
[HKLM\Software\rrsavings] =>PUP.SupraSavings^
[HKLM\Software\supTab] =>PUP.SupTab^
[HKLM\Software\supWPM] =>PUP.WpManager^
C:\Documents and Settings\AA\Application Data\DLON.exe =>PUP.ObjectBrowser^
C:\Documents and Settings\AA\Bureau\MyPCBackup.exe =>PUP.MyPCBackup^
C:\Windows\Installer\1b494b8.msi =>Toolbar.Ask^
C:\Windows\Installer\860b6.msi =>Toolbar.Ask^
C:\Windows\Installer\8f9e08.msi =>Adware.IncrediBar^
[HKCR\CLSID\{22222222-2222-2222-2222-220622172262}] (CrossriderApp0061762.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate^
[HKCR\CLSID\{86ac6ea1-11f8-42b3-80b6-461fe9beacd0}] (AWinUpd Class) =>PUP.WinRST^
[HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^
[HKCR\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}] (FlowSurf) =>PUP.FlowSurf^
~ Additionnel Scan: 184569 Items scanned in 00mn 16s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 6 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>Hijacker.Application
http://nicolascoolman.fr/pup-objectbrowser =>PUP.ObjectBrowser
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskBar
http://nicolascoolman.fr/pup-blockandsurf =>PUP.BlockAndSurf
http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds
http://nicolascoolman.fr/26601441-adware-adpeak =>Adware.AdPeak
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.fr/pup-eorezo =>PUP.Eorezo
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/pup-ytdownloader =>PUP.YTDownloader
http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock
http://www.nicolascoolman.fr/blog/ =>PUP.Nosibay
http://www.nicolascoolman.fr/blog/ =>PUP.FlowSurf
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://nicolascoolman.fr/pup-software-updater =>PUP.Software.Updater
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog/ =>PUP.CompatibilityVerifier
http://www.nicolascoolman.fr/blog/ =>PUP.NetworkSystemDriver
http://www.nicolascoolman.fr/blog/ =>PUP.Salus
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://www.nicolascoolman.fr/blog/ =>PUP.DynConIE
http://nicolascoolman.fr/toolbar-forumer =>Toolbar.Forumer
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://www.nicolascoolman.fr/blog/ =>PUP.Lasaoren
http://nicolascoolman.fr/pup-offerbox =>PUP.OfferBox
http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-vittalia =>PUP.Vittalia
http://www.nicolascoolman.fr/blog/ =>PUP.AdvertisingSupport
http://www.nicolascoolman.fr/blog/ =>Adware.BrowserWarden
http://www.nicolascoolman.fr/blog/ =>PUP.LevelQualityWatcher
http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp
http://nicolascoolman.fr/pup-suptab =>PUP.SupTab
http://nicolascoolman.fr/pup-tarma =>PUP.Tarma
http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
http://nicolascoolman.fr/pup-suprasavings =>PUP.SupraSavings
http://nicolascoolman.fr/adware-incredibar =>Adware.Incredibar
http://nicolascoolman.fr/adware-yontoo =>Adware.Yontoo
http://www.nicolascoolman.fr/blog/ =>PUP.IePluginService
http://nicolascoolman.fr/adware-trymedia =>Adware.Trymedia
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://nicolascoolman.fr/hijacker-22find =>Hijacker.22Find
http://nicolascoolman.fr/pup-activeris =>PUP.Activeris
http://nicolascoolman.fr/hijacker-qone8 =>Hijacker.Qone8
http://nicolascoolman.fr/pup-sweetpage =>PUP.SweetPage
http://nicolascoolman.fr/32110510-pup-virusmaker =>PUP.VirusMaker
http://nicolascoolman.fr/hijacker-torntv =>Hijacker.TornTV
http://nicolascoolman.fr/pup-yourfiledownloader =>PUP.YourFileDownloader
http://nicolascoolman.fr/pup-jfilemanager =>PUP.JFileManager
http://nicolascoolman.fr/spyware-vmntoolbar =>Spyware.VMNToolbar
http://nicolascoolman.fr/pup-giganticsavings =>PUP.GiganticSavings
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.fr/pup-buenosearch =>PUP.BuenoSearch
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://www.nicolascoolman.fr/blog/ =>PUP.WinRST
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskTBar
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.fr/pup-whitesmoke =>PUP.Whitesmoke
http://nicolascoolman.fr/pup-bprotector =>PUP.BProtector
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedUpMyPC
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://nicolascoolman.fr/spyware-gophotoit =>Spyware.GophotoIt
http://nicolascoolman.fr/adware-webcake =>Adware.WebCake
http://nicolascoolman.fr/adware-similarsites =>Adware.SimilarSites
http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://nicolascoolman.fr/adware-browsefox =>Adware.BrowseFox
http://nicolascoolman.fr/adware-installpedia =>Adware.InstallPedia
~ MSI: 81 link(s) detected in 00mn 00s



---\\ Alert Messages
WARNING : Hijacker Proxy found, Clean with ZHPCleaner Tool

~ 1201 Legitimates filtered by white list
End of the scan (1148 lines in 01mn 06s)(0.4)

Publicité


Signaler le contenu de ce document

Publicité