cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.5.17.49 - Nicolas Coolman (17/05/2015)
~ Lancé par SMAIL (20/05/2015 11:56:03)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17728 (Defaut)
GCIE: Google Chrome v39.0.2171.71

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : T6JYG
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)

---\\ Logiciels de protection du système
Windows Defender W8 (Activate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader X

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3973 MB (53% free)
System Restore: Activé (Enable)
System drive C: has 109 GB (49%) free of 218 GB

---\\ Mode de connexion au système
~ Computer Name: VAIO
~ User Name: SMAIL
~ All Users Names: SMAIL, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\SMAIL\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\SMAIL\AppData\Roaming\
~ %Desktop% : C:\Users\SMAIL\Desktop\
~ %Favorites% : C:\Users\SMAIL\Favorites\
~ %LocalAppData% : C:\Users\SMAIL\AppData\Local\
~ %StartMenu% : C:\Users\SMAIL\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 109 Go of 218 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 206 Go of 217 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28/01/2015 - 00:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29/10/2014 - 02:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.77B35D0FC22A2D2EAC8D07C3F9784DBF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.13/03/2015 - 03:45:57.) -- C:\Windows\System32\wininet.dll [2358784]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.29/10/2014 - 02:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.24/09/2014 - 16:34:58.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.24/09/2014 - 17:48:38.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.24/09/2014 - 17:03:07.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24/09/2014 - 16:44:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.07/10/2014 - 04:29:50.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.24/09/2014 - 16:35:02.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.08/10/2014 - 08:32:10.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.15/10/2014 - 09:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.24/09/2014 - 16:03:44.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.24/09/2014 - 16:44:42.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 01s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/218
~ Mes musiques (My Musics) : 1/92
~ Mes Favoris (My Favorites) : 1/10
~ Mes Documents (My Documents) : 1/486
~ Mon Bureau (My Desktop) : 3/13035
~ Menu demarrer (Programs) : 1/40
~ Hidden Files: Scanned in 00mn 22s



---\\ Processus lancés
[MD5.7016A5D74459577060366F7D1E44F495] - (.FileProperties_CompanyName - FileProperties_FileDescription.) -- C:\Program Files (x86)\fun4us\fun4us_notification_service.exe [1417216] [PID.2244] =>PUP.CrossRider
[MD5.7016A5D74459577060366F7D1E44F495] - (.FileProperties_CompanyName - FileProperties_FileDescription.) -- C:\Program Files (x86)\help4u\help4u_notification_service.exe [1417216] [PID.2320] =>PUP.CrossRider
[MD5.7016A5D74459577060366F7D1E44F495] - (.FileProperties_CompanyName - FileProperties_FileDescription.) -- C:\Program Files (x86)\sun king\sun_king_notification_service.exe [1417216] [PID.2560] =>PUP.SunKing
[MD5.724CB7A116F7E1A67009D751BCF86586] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120] [PID.3752]
[MD5.D3BC8027763DB4B75A7C1C8353BD0446] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672] [PID.4836]
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.3452]
[MD5.672E1B3140D78F01E5563C32A72E3ED3] - (.Pas de propriétaire - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [62464] [PID.4036]
[MD5.5F1B1148C830C0F149A476A58CE0D09D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [815248] [PID.4948]
[MD5.566F5A07C950D52ECB5CEBDAE39DDEC0] - (.Internet Download Manager, Tonec Inc. - Broker for reading of IDM settings.) -- C:\Program Files (x86)\Internet Download Manager\idmBroker.exe [69144] [PID.2348]
[MD5.51CFFD7BBFEA2F7316C560DCC4479759] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8209408] [PID.1812]
~ Processes Running: Scanned in 00mn 06s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\SMAIL\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://yahoo.mystart.com =>Spyware.VMNToolbar
G2 - GCE: Preference [User Data\Default] [dfhphepmmghimompopllneamgdbelkdd] fun4us v.16423.1029.4126 (Activé)
G2 - GCE: Preference [User Data\Default] [dnhpdliibojhegemfjheidglijccjfmc] hotword helper v.0.0.2.0 (Activé)
G2 - GCE: Preference [User Data\Default] [fcnmaiiahjldikaollhjobhchdbhfhgf] Keep Last Two Tabs v.124 (Activé)
G2 - GCE: Preference [User Data\Default] [icmbdchmgaaihfdlphhcdlecjehdngbk] icmbdchmgaaihfdlphhcdlecjehdngbk v.16422.32.4 (Activé)
G2 - GCE: Preference [User Data\Default] [iphahelpmejkbidhiecfeicblienleon] Yahoo! v. ()
G2 - GCE: Preference [User Data\Default] [kacgddpcndpmmpoepbdklplpfhlcgikn] Epic Soccer Barcelona v.171 (Activé)
G2 - GCE: Preference [User Data\Default] [kjpifmjicccpbkfjdkehimhgklfkbanh] videosMediaPlayersv2.2 v.1.26.17, (Activé) =>PUP.CrossRider
G2 - GCE: Preference [User Data\Default] [kmendfapggjehodndflmmgagdbamhnfd] CryptoTokenExtension v.0.8.64 (Activé)
G2 - GCE: Preference [User Data\Default] [lmhacemfmaapnkiehojbhmclmdnhjhfn] sun king v.14039.2025.5697 (Activé) =>PUP.SunKing
G2 - GCE: Preference [User Data\Default] [lojpenhmoajbiciapkjkiekmobleogjc] Default Placeholder Extensions v.35.2.1, (Activé)
G2 - GCE: Preference [User Data\Default] [lpkbealomjndjpckajbnpakcoeelbpcf] lpkbealomjndjpckajbnpakcoeelbpcf v.18998.26.0 (Activé)
G2 - GCE: Preference [User Data\Default] [mflnemhkomgploogccdmcloekbloobgb] mflnemhkomgploogccdmcloekbloobgb v.18797.66.5 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmkbaaijgpppbokgnhhoakihofedkgcc] nmkbaaijgpppbokgnhhoakihofedkgcc v.19739.81.5 (Activé)
G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pfogecppckimhabdpppalilellgoeoef] Custom RSS News v.165 (Activé)
G2 - GCE: Preference [User Data\Default] [pmmemlnpjmfkcddknibchodllhnnidlp] pmmemlnpjmfkcddknibchodllhnnidlp v.12464.20.8 (Activé)
G2 - GCE: Preference [User Data\Default] [pogchimbndbckepmhaagnapfmlfgnala] help4u v.11810.2389.4229 (Activé)

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 45 Legitimates Filtered in 00mn 12s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\SMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\g6qsn0wp.default\prefs.js
C:\Users\SMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\g6qsn0wp.default\user.js
M3 - MFPP: Plugins - [SMAIL] -- C:\Users\SMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\g6qsn0wp.default\searchplugins\buenosearch.xml =>PUP.BuenoSearch
M3 - MFPP: Plugins - [SMAIL] -- C:\Users\SMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\g6qsn0wp.default\searchplugins\default-search.xml =>Hijacker.Browsers
M3 - MFPP: Plugins - [SMAIL] -- C:\Users\SMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\g6qsn0wp.default\searchplugins\dsrlte.xml
M3 - MFPP: Plugins - [SMAIL] -- C:\Users\SMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\g6qsn0wp.default\searchplugins\VenteeRo.xml =>Trojan.Vonteera
M3 - MFPP: Plugins - [SMAIL] -- C:\Users\SMAIL\AppData\Roaming\Mozilla\Firefox\Profiles\g6qsn0wp.default\searchplugins\WebSearch.xml
M0 - MFSP: prefs.js [SMAIL - g6qsn0wp.default] http://search.gboxapp.com =>Hijacker.GadgetBox
M0 - MFSP: user.js [SMAIL - g6qsn0wp.default] http://www.arabyonline.com
M2 - MFEP: Extension [SMAIL - g6qsn0wp.default] 143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
M2 - MFEP: Extension [SMAIL - g6qsn0wp.default] 9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com
M2 - MFEP: Extension [SMAIL - g6qsn0wp.default] 975af956-6d8c-4897-837a-25c267d2cec1@gmail.com
M2 - MFEP: Extension [SMAIL - g6qsn0wp.default] staged
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml =>Hijacker.Browsers
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml =>PUP.SweetPage
~ Firefox Browser: 23 Legitimates Filtered in 00mn 02s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com =>PUP.SweetPage
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: takEsavee [64Bits] - {A3A30C8A-C412-4B4B-9413-6D7221713637} . (...) -- C:\Program Files (x86)\takEsavee\Z5c0Zy9JEQPQMw.dll
~ BHO: 2 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [BtPreLoad] . (...) -- C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe
O4 - HKLM\..\Run: [Classic Start Menu] . (.IvoSoft - Classic Start Menu.) -- C:\Program Files\Classic Shell\ClassicStartMenu.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKCU\..\Run: [LiveSupport] C:\Program Files (x86)\LiveSupport\LiveSupport.exe (.not file.) =>PUP.LiveSupport
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Power2GoExpress8] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [ISBMgr.exe] . (.Sony Corporation - ISB Utility.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [YTDownloader] C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) =>PUP.YTDownloader
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-21-2334179412-2787095783-1616716129-1001\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKUS\S-1-5-21-2334179412-2787095783-1616716129-1001\..\Run: [ApplePhotoStreams] . (.Apple Inc. - iCloud Photos.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-2334179412-2787095783-1616716129-1001\..\Run: [AppleIEDAV] . (.Apple Inc. - Apple IE DAV.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
O4 - HKUS\S-1-5-21-2334179412-2787095783-1616716129-1001\..\Run: [LiveSupport] C:\Program Files (x86)\LiveSupport\LiveSupport.exe (.not file.) =>PUP.LiveSupport
O4 - HKUS\S-1-5-21-2334179412-2787095783-1616716129-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-2334179412-2787095783-1616716129-1001\..\Run: [Power2GoExpress8] Clé orpheline
~ Application: Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- Clé orpheline
O9 - Extra button: Classic IE Settings [64Bits] - {56753E59-AF1D-4FBA-9E15-31557124ADA2} -- Clé orpheline
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8327CB2E-06AD-41B7-B33D-0AC6DAC47D72}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8327CB2E-06AD-41B7-B33D-0AC6DAC47D72}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: DeltaFix (fc67e7a0) . (...) - c:\Program Files (x86)\DeltaFix\DeltaFix.dll
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
~ Services: 20 Legitimates Filtered in 00mn 41s



---\\ Tâches planifiées en automatique (O39)
[MD5.B93EDD780DEE801F32832D6D38165667] [APT] [14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-1] (.Buca Apps.) -- C:\Program Files (x86)\Super Radio\Super Radio-codedownloader.exe [1089000]
[MD5.9622C0DABCA49A605F1902ADA944578A] [APT] [14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5] (.Buca Apps.) -- C:\Program Files (x86)\Super Radio\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5.exe [1020904]
[MD5.9622C0DABCA49A605F1902ADA944578A] [APT] [14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5_user] (.Buca Apps.) -- C:\Program Files (x86)\Super Radio\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5.exe [1020904]
[MD5.A083B7946FD44D5C16C9052F8AF9F1DC] [APT] [14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-6] (.Buca Apps.) -- C:\Program Files (x86)\Super Radio\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-6.exe [1397736]
[MD5.B93EDD780DEE801F32832D6D38165667] [APT] [14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-7] (.Buca Apps.) -- C:\Program Files (x86)\Super Radio\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-7.exe [1089000]
[MD5.BDB77C2B123E89C8FAF9FDC09A68EDA9] [APT] [2f9eadb6-f029-48e3-a157-a14c78eb9810-1] (.enter.) -- C:\Program Files (x86)\videosMediaPlayersv2.2\videosMediaPlayersv2.2-codedownloader.exe [1131424] =>PUP.CrossRider
[MD5.87EEFC7AE60B3000C1EA024D58EF3906] [APT] [2f9eadb6-f029-48e3-a157-a14c78eb9810-11] (.enter.) -- C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-11.exe [2052512] =>PUP.CrossRider
[MD5.87EEFC7AE60B3000C1EA024D58EF3906] [APT] [2f9eadb6-f029-48e3-a157-a14c78eb9810-3] (.enter.) -- C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-3.exe [2052512] =>PUP.CrossRider
[MD5.E0B6DEA5AFCE54007016F946D0767262] [APT] [2f9eadb6-f029-48e3-a157-a14c78eb9810-4] (.enter.) -- C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-4.exe [1552288] =>PUP.CrossRider
[MD5.A61B34DBCB3A8D1866B098E89690870C] [APT] [2f9eadb6-f029-48e3-a157-a14c78eb9810-5] (.enter.) -- C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-5.exe [1177504] =>PUP.CrossRider
[MD5.A61B34DBCB3A8D1866B098E89690870C] [APT] [2f9eadb6-f029-48e3-a157-a14c78eb9810-5_user] (.enter.) -- C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-5.exe [1177504] =>PUP.CrossRider
[MD5.303CB57E6231FD2E129D5B398FA59217] [APT] [2f9eadb6-f029-48e3-a157-a14c78eb9810-6] (.enter.) -- C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-6.exe [1330080] =>PUP.CrossRider
[MD5.BDB77C2B123E89C8FAF9FDC09A68EDA9] [APT] [2f9eadb6-f029-48e3-a157-a14c78eb9810-7] (.enter.) -- C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-7.exe [1131424] =>PUP.CrossRider
[MD5.AC9F066F021E9C7B88133BC384AB514A] [APT] [4CEFD9B73D6C-1CRMOI2] (...) -- C:\Users\SMAIL\AppData\Roaming\ARHome\Updater.exe [98240] =>Trojan.Vonteera
[MD5.E147EC0609A63D7D79D96422378D566E] [APT] [66f8173a-0e00-462e-91c9-747f0d978aad-1] (.Object Browser.) -- C:\Program Files (x86)\Sense\Sense-codedownloader.exe [520192] =>PUP.ObjectBrowser
[MD5.7FC77031351249FBEE86CB81390C8502] [APT] [66f8173a-0e00-462e-91c9-747f0d978aad-11] (.Object Browser.) -- C:\Program Files (x86)\Sense\66f8173a-0e00-462e-91c9-747f0d978aad-11.exe [1913344] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [66f8173a-0e00-462e-91c9-747f0d978aad-2] (...) -- C:\Program Files (x86)\Sense\66f8173a-0e00-462e-91c9-747f0d978aad-2.exe (.not file.) [0]
[MD5.8FC17B6E39F88D3AEED83740AF6C4212] [APT] [66f8173a-0e00-462e-91c9-747f0d978aad-4] (.Object Browser.) -- C:\Program Files (x86)\Sense\66f8173a-0e00-462e-91c9-747f0d978aad-4.exe [849408] =>PUP.ObjectBrowser
[MD5.1ED0FE5F166C23EEE4D59CC0EE30F829] [APT] [66f8173a-0e00-462e-91c9-747f0d978aad-5] (.Object Browser.) -- C:\Program Files (x86)\Sense\66f8173a-0e00-462e-91c9-747f0d978aad-5.exe [462336] =>PUP.ObjectBrowser
[MD5.1ED0FE5F166C23EEE4D59CC0EE30F829] [APT] [66f8173a-0e00-462e-91c9-747f0d978aad-5_user] (.Object Browser.) -- C:\Program Files (x86)\Sense\66f8173a-0e00-462e-91c9-747f0d978aad-5.exe [462336] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [66f8173a-0e00-462e-91c9-747f0d978aad-6] (...) -- C:\Program Files (x86)\Sense\Sense-nova.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [66f8173a-0e00-462e-91c9-747f0d978aad-7] (...) -- C:\Program Files (x86)\Sense\Sense-nova.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [82bfa932-bd5d-4166-81ed-cb723c12a962-1] (...) -- C:\Program Files (x86)\Ge-Force\Ge-Force-codedownloader.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [82bfa932-bd5d-4166-81ed-cb723c12a962-11] (...) -- C:\Program Files (x86)\Ge-Force\82bfa932-bd5d-4166-81ed-cb723c12a962-11.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [82bfa932-bd5d-4166-81ed-cb723c12a962-2] (...) -- C:\Program Files (x86)\Ge-Force\82bfa932-bd5d-4166-81ed-cb723c12a962-2.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [82bfa932-bd5d-4166-81ed-cb723c12a962-4] (...) -- C:\Program Files (x86)\Ge-Force\82bfa932-bd5d-4166-81ed-cb723c12a962-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [82bfa932-bd5d-4166-81ed-cb723c12a962-5] (...) -- C:\Program Files (x86)\Ge-Force\82bfa932-bd5d-4166-81ed-cb723c12a962-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [82bfa932-bd5d-4166-81ed-cb723c12a962-5_user] (...) -- C:\Program Files (x86)\Ge-Force\82bfa932-bd5d-4166-81ed-cb723c12a962-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [82bfa932-bd5d-4166-81ed-cb723c12a962-6] (...) -- C:\Program Files (x86)\Ge-Force\Ge-Force-novainstaller.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [82bfa932-bd5d-4166-81ed-cb723c12a962-7] (...) -- C:\Program Files (x86)\Ge-Force\Ge-Force-nova.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-1] (...) -- C:\Program Files (x86)\SavePass\SavePass-codedownloader.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-10] (...) -- C:\Program Files (x86)\SavePass\b0625964-2eb3-4760-87c9-78a749ff7827-10.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-11] (...) -- C:\Program Files (x86)\SavePass\b0625964-2eb3-4760-87c9-78a749ff7827-11.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-2] (...) -- C:\Program Files (x86)\SavePass\b0625964-2eb3-4760-87c9-78a749ff7827-2.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-4] (...) -- C:\Program Files (x86)\SavePass\b0625964-2eb3-4760-87c9-78a749ff7827-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-5] (...) -- C:\Program Files (x86)\SavePass\b0625964-2eb3-4760-87c9-78a749ff7827-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-5_user] (...) -- C:\Program Files (x86)\SavePass\b0625964-2eb3-4760-87c9-78a749ff7827-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-6] (...) -- C:\Program Files (x86)\SavePass\SavePass-nova.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [b0625964-2eb3-4760-87c9-78a749ff7827-7] (...) -- C:\Program Files (x86)\SavePass\SavePass-nova.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [ComputerSpeedOptimizer_Popup] (...) -- C:\Program Files (x86)\Computer Speed Optimizer\Splash.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [ComputerSpeedOptimizer_Start] (...) -- C:\Program Files (x86)\Computer Speed Optimizer\ComputerSpeedOptimizer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-1] (...) -- C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2] (...) -- C:\Program Files (x86)\Object Browser\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.22BDCC6B95A8EA7CF4220BAA1123A993] [APT] [e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4] (.Object Browser.) -- C:\Program Files (x86)\Object Browser\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4.exe [839024] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5] (...) -- C:\Program Files (x86)\Object Browser\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-6] (...) -- C:\Program Files (x86)\Object Browser\Object Browser-novainstaller.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-7] (...) -- C:\Program Files (x86)\Object Browser\Object Browser-nova.exe (.not file.) [0] =>PUP.ObjectBrowser
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-1] (...) -- C:\Program Files (x86)\Senses\Senses-codedownloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-11] (...) -- C:\Program Files (x86)\Senses\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-11.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-2] (...) -- C:\Program Files (x86)\Senses\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-3] (...) -- C:\Program Files (x86)\Senses\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-3.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-4] (...) -- C:\Program Files (x86)\Senses\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-4.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5] (...) -- C:\Program Files (x86)\Senses\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5_user] (...) -- C:\Program Files (x86)\Senses\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-6] (...) -- C:\Program Files (x86)\Senses\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-6.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-7] (...) -- C:\Program Files (x86)\Senses\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-7.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [fbb60eb5-4134-40b1-963f-26c1109d889d-1] (...) -- C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [fbb60eb5-4134-40b1-963f-26c1109d889d-11] (...) -- C:\Program Files (x86)\iWebar\fbb60eb5-4134-40b1-963f-26c1109d889d-11.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [fbb60eb5-4134-40b1-963f-26c1109d889d-2] (...) -- C:\Program Files (x86)\iWebar\fbb60eb5-4134-40b1-963f-26c1109d889d-2.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [fbb60eb5-4134-40b1-963f-26c1109d889d-4] (...) -- C:\Program Files (x86)\iWebar\fbb60eb5-4134-40b1-963f-26c1109d889d-4.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [fbb60eb5-4134-40b1-963f-26c1109d889d-5] (...) -- C:\Program Files (x86)\iWebar\fbb60eb5-4134-40b1-963f-26c1109d889d-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [fbb60eb5-4134-40b1-963f-26c1109d889d-5_user] (...) -- C:\Program Files (x86)\iWebar\fbb60eb5-4134-40b1-963f-26c1109d889d-5.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [fbb60eb5-4134-40b1-963f-26c1109d889d-6] (...) -- C:\Program Files (x86)\iWebar\fbb60eb5-4134-40b1-963f-26c1109d889d-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [fbb60eb5-4134-40b1-963f-26c1109d889d-7] (...) -- C:\Program Files (x86)\iWebar\fbb60eb5-4134-40b1-963f-26c1109d889d-7.exe (.not file.) [0] =>PUP.CrossRider
[MD5.7016A5D74459577060366F7D1E44F495] [APT] [fun4us_notification_service] (.FileProperties_CompanyName.) -- C:\Program Files (x86)\fun4us\fun4us_notification_service.exe [1417216] =>PUP.CrossRider
[MD5.5F126BD699C6B4D75E22DACDB74AD314] [APT] [fun4us_updating_service] (...) -- C:\Program Files (x86)\fun4us\fun4us_updating_service.exe [96256] =>PUP.CrossRider
[MD5.7016A5D74459577060366F7D1E44F495] [APT] [help4u_notification_service] (.FileProperties_CompanyName.) -- C:\Program Files (x86)\help4u\help4u_notification_service.exe [1417216] =>PUP.CrossRider
[MD5.1E155B87AEA6D06F64AF3A7B55730DED] [APT] [help4u_updating_service] (...) -- C:\Program Files (x86)\help4u\help4u_updating_service.exe [96256] =>PUP.CrossRider
[MD5.2A5C656B0A364580E578B26EAE2EE889] [APT] [klcp_update] (...) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1173504]
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.EA40AFAD3C07F6148466977D70059402] [APT] [Math Problem Solver CPU] (...) -- C:\Users\SMAIL\AppData\Local\Math Problem Solver\cpu\Solve.exe [337965]
[MD5.72AE4B443A4D7138EA1F710946AC735E] [APT] [Math Problem Solver Optimize] (...) -- C:\Users\SMAIL\AppData\Local\Math Problem Solver\Optimize.exe [67740]
[MD5.00000000000000000000000000000000] [APT] [PennyBee] (...) -- C:\Users\SMAIL\AppData\Roaming\PennyBee\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.PaybyAds
[MD5.00000000000000000000000000000000] [APT] [SomotoUpdateCheckerAutoStart] (...) -- C:\Users\SMAIL\AppData\Local\FilesFrog Update Checker\update_checker.exe (.not file.) [0] =>PUP.Mysoftpack
[MD5.00000000000000000000000000000000] [APT] [SPBIW_UpdateTask_Time_333830323337303333362d344a414155342a2a236c6c5a] (...) -- C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.7016A5D74459577060366F7D1E44F495] [APT] [sun_king_notification_service] (.FileProperties_CompanyName.) -- C:\Program Files (x86)\sun king\sun_king_notification_service.exe [1417216] =>PUP.SunKing
[MD5.1E155B87AEA6D06F64AF3A7B55730DED] [APT] [sun_king_updating_service] (...) -- C:\Program Files (x86)\sun king\sun_king_updating_service.exe [96256] =>PUP.SunKing
[MD5.00000000000000000000000000000000] [APT] [temp_74275bdc-96a9-440e-8569-aaf52624e348-7] (...) -- C:\Program Files (x86)\iWebar\iWebar-nova.exe (.not file.) [0] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [UNELEVATE_5143] (...) -- C:\Program Files (x86)\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe (.not file.) [0] =>PUP.ShopperPro
[MD5.20EF7EED836BB8F1C11C4E371A60BD52] [APT] [YourFile DownloaderUpdate] (.http://yourfiledownloader.com.) -- C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe [399472] =>PUP.YourFileDownloader
[MD5.00000000000000000000000000000000] [APT] [YTDownloader] (...) -- C:\Program Files (x86)\YTDownloader\YTDownloader.exe (.not file.) [0] =>PUP.YTDownloader
[MD5.1BCC1F03714C5734DB3E02EACA0E07E6] [APT] [zxu3opjv8D5] (...) -- C:\Users\SMAIL\AppData\Roaming\zxu3opjv8D5.exe [1577472]
[MD5.00000000000000000000000000000000] [APT] [{6E927777-8EB8-49C0-A6E3-611D72D159B8}] (...) -- C:\Program Files (x86)\YTDownloader\YTDUninstall.exe (.not file.) [0] =>PUP.YTDownloader
[MD5.EEEA590FDC1C1025B0FE97A8AA134FC0] [APT] [{A48EC2DB-1BB4-4327-8BF3-627AE1527F16}] (...) -- C:\Users\SMAIL\AppData\Roaming\ARHome\uninstall.exe [1220032] =>Trojan.Vonteera
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-1 - (.Buca Apps.) -- C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-1.job [3100] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-1 - (.Buca Apps.) -- C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-1 [3100] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5 - (.Buca Apps.) -- C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5.job [2436] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5 - (.Buca Apps.) -- C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5 [2436] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5_user - (.Buca Apps.) -- C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5_user.job [2436] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5_user - (.Buca Apps.) -- C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5_user [2436] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-6 - (.Buca Apps.) -- C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-6.job [5508] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-6 - (.Buca Apps.) -- C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-6 [5508] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-7 - (.Buca Apps.) -- C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-7.job [5172] =>PUP.CrossRider
O39 - APT: 14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-7 - (.Buca Apps.) -- C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-7 [5172] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-1 - (.enter.) -- C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-1.job [3480] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-1 - (.enter.) -- C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-1 [3480] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-11 - (.enter.) -- C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-11.job [5196] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-11 - (.enter.) -- C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-11 [5196] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-3 - (.enter.) -- C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-3.job [4506] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-3 - (.enter.) -- C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-3 [4506] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-4 - (.enter.) -- C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-4.job [4506] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-4 - (.enter.) -- C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-4 [4506] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-5 - (.enter.) -- C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-5.job [2458] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-5 - (.enter.) -- C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-5 [2458] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-5_user - (.enter.) -- C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-5_user.job [2458] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-5_user - (.enter.) -- C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-5_user [2458] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-6 - (.enter.) -- C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-6.job [4170] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-6 - (.enter.) -- C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-6 [4170] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-7 - (.enter.) -- C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-7.job [3826] =>PUP.CrossRider
O39 - APT: 2f9eadb6-f029-48e3-a157-a14c78eb9810-7 - (.enter.) -- C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-7 [3826] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-1 - (.Object Browser.) -- C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-1.job [1790] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-1 - (.Object Browser.) -- C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-1 [1790] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-11 - (.Object Browser.) -- C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-11.job [4140] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-11 - (.Object Browser.) -- C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-11 [4140] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-2 - (...) -- C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-2.job [1606] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-2 - (...) -- C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-2 [1606] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-4 - (.Object Browser.) -- C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-4.job [2382] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-4 - (.Object Browser.) -- C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-4 [2382] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-5 - (.Object Browser.) -- C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-5.job [2424] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-5 - (.Object Browser.) -- C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-5 [2424] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-5_user - (.Object Browser.) -- C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-5_user.job [2424] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-5_user - (.Object Browser.) -- C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-5_user [2424] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-6 - (...) -- C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-6.job [2722] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-6 - (...) -- C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-6 [2722] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-7 - (...) -- C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-7.job [1724] =>PUP.CrossRider
O39 - APT: 66f8173a-0e00-462e-91c9-747f0d978aad-7 - (...) -- C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-7 [1724] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-1 - (...) -- C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-1.job [1830] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-1 - (...) -- C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-1 [1830] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-11 - (...) -- C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-11.job [4140] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-11 - (...) -- C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-11 [4140] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-2 - (...) -- C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-2.job [1614] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-2 - (...) -- C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-2 [1614] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-4 - (...) -- C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-4.job [2410] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-4 - (...) -- C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-4 [2410] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-5 - (...) -- C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-5.job [1714] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-5 - (...) -- C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-5 [1714] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-5_user - (...) -- C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-5_user.job [1734] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-5_user - (...) -- C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-5_user [1734] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-6 - (...) -- C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-6.job [1828] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-6 - (...) -- C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-6 [1828] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-7 - (...) -- C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-7.job [1756] =>PUP.CrossRider
O39 - APT: 82bfa932-bd5d-4166-81ed-cb723c12a962-7 - (...) -- C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-7 [1756] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-1 - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-1.job [1512] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-1 - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-1 [1512] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-10 - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-10.job [1252]
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-10 - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-10 [1252]
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-11 - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-11.job [580] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-11 - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-11 [580] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-2 - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-2.job [1316] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-2 - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-2 [1316] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-4 - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-4.job [2112] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-4 - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-4 [2112] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-5 - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-5.job [2094] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-5 - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-5 [2094] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-5_user - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-5_user.job [2094] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-5_user - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-5_user [2094] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-6 - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-6.job [2802] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-6 - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-6 [2802] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-7 - (...) -- C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-7.job [1446] =>PUP.CrossRider
O39 - APT: b0625964-2eb3-4760-87c9-78a749ff7827-7 - (...) -- C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-7 [1446] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-1 - (...) -- C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-1.job [1414] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-1 - (...) -- C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-1 [1414] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2 - (...) -- C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2.job [1380] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2 - (...) -- C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2 [1380] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4 - (.Object Browser.) -- C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4.job [2218] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4 - (.Object Browser.) -- C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4 [2218] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5 - (...) -- C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5.job [1506] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5 - (...) -- C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5 [1506] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-6 - (...) -- C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-6.job [1422] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-6 - (...) -- C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-6 [1422] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-7 - (...) -- C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-7.job [1354] =>PUP.CrossRider
O39 - APT: e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-7 - (...) -- C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-7 [1354] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-1 - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-1.job [3416] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-1 - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-1 [3416] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-11 - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-11.job [5500] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-11 - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-11 [5500] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-2 - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-2.job [2426] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-2 - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-2 [2426] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-3 - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-3.job [3794] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-3 - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-3 [3794] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-4 - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-4.job [4474] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-4 - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-4 [4474] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5 - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5.job [2770] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5 - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5 [2770] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5_user - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5_user.job [2770] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5_user - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5_user [2770] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-6 - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-6.job [4474] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-6 - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-6 [4474] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-7 - (...) -- C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-7.job [4138] =>PUP.CrossRider
O39 - APT: f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-7 - (...) -- C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-7 [4138] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-1 - (...) -- C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-1.job [3760] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-1 - (...) -- C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-1 [3760] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-11 - (...) -- C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-11.job [5500] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-11 - (...) -- C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-11 [5500] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-2 - (...) -- C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-2.job [2426] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-2 - (...) -- C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-2 [2426] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-4 - (...) -- C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-4.job [4474] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-4 - (...) -- C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-4 [4474] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-5 - (...) -- C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-5.job [2770] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-5 - (...) -- C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-5 [2770] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-5_user - (...) -- C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-5_user.job [2770] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-5_user - (...) -- C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-5_user [2770] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-6 - (...) -- C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-6.job [4474] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-6 - (...) -- C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-6 [4474] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-7 - (...) -- C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-7.job [4138] =>PUP.CrossRider
O39 - APT: fbb60eb5-4134-40b1-963f-26c1109d889d-7 - (...) -- C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-7 [4138] =>PUP.CrossRider
O39 - APT: fun4us_notification_service - (.FileProperties_CompanyName.) -- C:\Windows\Tasks\fun4us_notification_service.job [1300] =>PUP.CrossRider
O39 - APT: fun4us_notification_service - (.FileProperties_CompanyName.) -- C:\Windows\System32\Tasks\fun4us_notification_service [1300] =>PUP.CrossRider
O39 - APT: fun4us_updating_service - (...) -- C:\Windows\Tasks\fun4us_updating_service.job [662] =>PUP.CrossRider
O39 - APT: fun4us_updating_service - (...) -- C:\Windows\System32\Tasks\fun4us_updating_service [662] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [932] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [932] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [936] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [936] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1072]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1076]
O39 - APT: help4u_notification_service - (.FileProperties_CompanyName.) -- C:\Windows\Tasks\help4u_notification_service.job [1300] =>PUP.CrossRider
O39 - APT: help4u_notification_service - (.FileProperties_CompanyName.) -- C:\Windows\System32\Tasks\help4u_notification_service [1300] =>PUP.CrossRider
O39 - APT: help4u_updating_service - (...) -- C:\Windows\Tasks\help4u_updating_service.job [662] =>PUP.CrossRider
O39 - APT: help4u_updating_service - (...) -- C:\Windows\System32\Tasks\help4u_updating_service [662] =>PUP.CrossRider
O39 - APT: PennyBee - (...) -- C:\Windows\Tasks\PennyBee.job [302] =>PUP.PaybyAds
O39 - APT: PennyBee - (...) -- C:\Windows\System32\Tasks\PennyBee [302] =>PUP.PaybyAds
O39 - APT: SPBIW_UpdateTask_Time_333830323337303333362d344a414155342a2a236c6c5a - (...) -- C:\Windows\Tasks\SPBIW_UpdateTask_Time_333830323337303333362d344a414155342a2a236c6c5a.job [472]
O39 - APT: SPBIW_UpdateTask_Time_333830323337303333362d344a414155342a2a236c6c5a - (...) -- C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_333830323337303333362d344a414155342a2a236c6c5a [472]
O39 - APT: sun_king_notification_service - (.FileProperties_CompanyName.) -- C:\Windows\Tasks\sun_king_notification_service.job [1312] =>PUP.CrossRider
O39 - APT: sun_king_notification_service - (.FileProperties_CompanyName.) -- C:\Windows\System32\Tasks\sun_king_notification_service [1312] =>PUP.CrossRider
O39 - APT: sun_king_updating_service - (...) -- C:\Windows\Tasks\sun_king_updating_service.job [674] =>PUP.CrossRider
O39 - APT: sun_king_updating_service - (...) -- C:\Windows\System32\Tasks\sun_king_updating_service [674] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements [264]
O39 - APT: zxu3opjv8D5 - (...) -- C:\Windows\Tasks\zxu3opjv8D5.job [1004]
O39 - APT: zxu3opjv8D5 - (...) -- C:\Windows\System32\Tasks\zxu3opjv8D5 [1004]
~ Scheduled Task: 250 Legitimates Filtered in 00mn 40s



---\\ Logiciels installés (O42)
O42 - Logiciel: AdPunisher - (.AdPunisher.) [HKLM][64Bits] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1
O42 - Logiciel: BetterGaia - (."".) [HKLM][64Bits] -- {B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
O42 - Logiciel: BuyNsaaVe - (.BuyNsave.) [HKLM][64Bits] -- {842C4394-47F7-60DE-480B-C09116B63559} =>PUP.BuyNSave
O42 - Logiciel: CHeuapMe - (."".) [HKLM][64Bits] -- {F6C44C71-2CFE-8176-3A4D-CBD0DCE5AEFA} =>PUP.CheapMe
O42 - Logiciel: CostMin - (.CostMin.) [HKLM][64Bits] -- {CE681A67-9477-CBE6-EB9D-FE534875F98D} =>PUP.CostMin
O42 - Logiciel: FindBestDEeaul - (."".) [HKLM][64Bits] -- {B5DB572D-EA87-D3B0-08F6-4D153EA6A783} =>PUP.FindBestDeal
O42 - Logiciel: FuN2Save - (."".) [HKLM][64Bits] -- {9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5} =>PUP.Fun2Save
O42 - Logiciel: FunDeeAls - (.FunDeals.) [HKLM][64Bits] -- {478472F9-9E09-492A-BDAB-42EE595EF1AD} =>PUP.FunDeals
O42 - Logiciel: Ge-Force - (.iWebar.) [HKLM][64Bits] -- Ge-Force =>PUP.CrossRider
O42 - Logiciel: GiantBoost - (.SoftwareSustainer.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0} =>Adware.Graftor
O42 - Logiciel: GoSave - (."".) [HKLM][64Bits] -- {64A4ABCA-CF3D-C548-2DC4-72A55DC5882A} =>PUP.GoSave
O42 - Logiciel: GreoaTuSave4U - (."".) [HKLM][64Bits] -- {45606A90-3363-3A3B-1C15-C40E77F4DAA0} =>PUP.GoSave
O42 - Logiciel: JeoniCOupon - (."".) [HKLM][64Bits] -- {51417852-174C-88D4-34A0-D0FE7858BE47} =>PUP.JoniCoupon
O42 - Logiciel: Math Problem Solver - (...) [HKCU][64Bits] -- Math Problem Solver
O42 - Logiciel: My Program version 1.5 - (...) [HKLM][64Bits] -- My Program_is1
O42 - Logiciel: MyStart Toolbar - (.Visicom Media Inc..) [HKLM][64Bits] -- mystarttb =>Spyware.VMNToolbar
O42 - Logiciel: Object Browser - (.Object Browser.) [HKLM][64Bits] -- Object Browser =>PUP.ObjectBrowser
O42 - Logiciel: OfferBLVDUpdate - (.OfferBLVDUpdate.) [HKCU][64Bits] -- PennyBee =>PUP.PaybyAds
O42 - Logiciel: OfferBoulevard - (.OfferBoulevard.) [HKLM][64Bits] -- OfferBoulevard
O42 - Logiciel: SaVeNuewaaAppz - (."".) [HKLM][64Bits] -- {7304C9D1-98AD-55F0-636E-22D8DD57F176} =>PUP.SaveNewAppz
O42 - Logiciel: SavePass - (.OutBrowse.) [HKLM][64Bits] -- SavePass =>PUP.CrossRider
O42 - Logiciel: Sense - (.Object Browser.) [HKLM][64Bits] -- Sense =>PUP.ObjectBrowser
O42 - Logiciel: Senses - (.Object Browser.) [HKLM][64Bits] -- Senses =>PUP.ObjectBrowser
O42 - Logiciel: Stealthy - (...) [HKLM][64Bits] -- {AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
O42 - Logiciel: Super Radio - (.Buca Apps.) [HKLM][64Bits] -- Super Radio
O42 - Logiciel: Supporter 1.80 - (.Costmin.) [HKLM][64Bits] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b} =>PUP.SaveClicker
O42 - Logiciel: focusbase - (.focusbase.) [HKLM][64Bits] -- focusbase =>PUP.Focusbase
O42 - Logiciel: iWebar - (.iWebar.) [HKLM][64Bits] -- iWebar =>PUP.CrossRider
O42 - Logiciel: takEsavee - (."".) [HKLM][64Bits] -- {D238A788-39B6-B97D-A5BA-13FE8E34E03C}
O42 - Logiciel: takeOroleave - (."".) [HKLM][64Bits] -- {89AE616B-E500-0C2D-D0D2-F444CEEB4619}
O42 - Logiciel: videosMediaPlayersv2.2 - (.enter.) [HKLM][64Bits] -- videosMediaPlayersv2.2 =>PUP.CrossRider
~ Logic: 53 Legitimates Filtered in 00mn 05s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\1Mediaplayer]
[HKCU\Software\ARHome] =>Trojan.Vonteera
[HKCU\Software\ComputerSpeedOptimizerLanguage]
[HKCU\Software\DefaultCompany]
[HKCU\Software\ExpressFiles] =>Adware.ExpressFiles
[HKCU\Software\Goobzo] =>PUP.Goobzo
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\NoVooITSet] =>Trojan.Vonteera
[HKCU\Software\NoVooIT]
[HKCU\Software\OB]
[HKCU\Software\OfferBLVD]
[HKCU\Software\Reg]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Somoto] =>Adware.MegaSearch
[HKCU\Software\Super Radio-nv]
[HKCU\Software\SystemK] =>PUP.SystemK
[HKCU\Software\Vonteera Safe ads] =>Trojan.Vonteera
[HKCU\Software\YourFileDownloader] =>PUP.YourFileDownloader
[HKCU\Software\fet]
[HKCU\Software\focusbase] =>PUP.Focusbase
[HKCU\Software\fun4us]
[HKCU\Software\help4u]
[HKCU\Software\sun king] =>PUP.SunKing
[HKCU\Software\sunking]
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Internet Content Filter]
[HKLM\Software\Senses-nv]
[HKLM\Software\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\Wow6432Node\1330afbb-8c11-4d38-90d6-a699e10457fe] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\31b72a8f-e8f1-4cde-8ce2-cbc67d44e6b3] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\621d15fd-abe6-467e-ac15-10a51350a941] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\84524fba-93ca-4f22-ac39-99f27c42b055] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\9ffe5aa6-8a6c-4ece-acfd-0fae9e6198dc] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\B6EC443C-2F24-4B08-8DBB-3CE0912F4BB7] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\DownloaderAssistant] =>PUP.Salus
[HKLM\Software\Wow6432Node\Email Notifier]
[HKLM\Software\Wow6432Node\Goobzo] =>PUP.Goobzo
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Internet Content Filter]
[HKLM\Software\Wow6432Node\Reg]
[HKLM\Software\Wow6432Node\Senses-nv]
[HKLM\Software\Wow6432Node\SiteFinder] =>Adware.ShoppingReport
[HKLM\Software\Wow6432Node\Super Radio-nv]
[HKLM\Software\Wow6432Node\SystemK] =>PUP.SystemK
[HKLM\Software\Wow6432Node\YourFileDownloader] =>PUP.YourFileDownloader
[HKLM\Software\Wow6432Node\b1d97939-90b5-4eeb-ac6a-440aa9fcf597] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\efd2edfe-0c08-4c53-b7e3-c9179ca03a3a] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\focusbase] =>PUP.Focusbase
[HKLM\Software\Wow6432Node\iWebar-nv] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\videosMediaPlayersv2.2-nv] =>PUP.CrossRider
[HKLM\Software\YTDownloader] =>PUP.YTDownloader
~ Key Software: 458 Legitimates Filtered in 00mn 05s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04/01/2015 - 16:05:17 - [] ----D C:\Program Files (x86)\0a1c1a41-5084-4b11-9f5e-84411f0df977
O43 - CFD: 18/05/2015 - 15:39:31 - [] ----D C:\Program Files (x86)\5i0oCouepons
O43 - CFD: 30/04/2015 - 16:35:49 - [] ----D C:\Program Files (x86)\BetterGaia
O43 - CFD: 09/03/2015 - 22:23:25 - [] ----D C:\Program Files (x86)\BuyNsaaVe =>PUP.BuyNSave
O43 - CFD: 23/12/2014 - 11:27:05 - [] ----D C:\Program Files (x86)\DeltaFix
O43 - CFD: 07/03/2015 - 19:51:58 - [] ----D C:\Program Files (x86)\DigiCouPon =>PUP.DiGiCoupon
O43 - CFD: 20/03/2015 - 17:04:51 - [] ----D C:\Program Files (x86)\Epic Soccer Barcelona
O43 - CFD: 23/02/2015 - 00:22:43 - [] ----D C:\Program Files (x86)\ExstraSAVings =>PUP.ExtraSavings
O43 - CFD: 30/04/2015 - 16:34:43 - [] ----D C:\Program Files (x86)\FindBestDEeaul =>PUP.FindBestDeal
O43 - CFD: 07/11/2014 - 23:36:44 - [] ----D C:\Program Files (x86)\focusbase =>PUP.Focusbase
O43 - CFD: 18/05/2015 - 15:39:31 - [] ----D C:\Program Files (x86)\FuN2Save =>PUP.Fun2Save
O43 - CFD: 11/04/2015 - 17:35:04 - [] ----D C:\Program Files (x86)\fun4us
O43 - CFD: 07/11/2014 - 23:37:32 - [] ----D C:\Program Files (x86)\Ge-Force =>PUP.CrossRider
O43 - CFD: 23/02/2015 - 00:23:42 - [] ----D C:\Program Files (x86)\Goodness
O43 - CFD: 11/04/2015 - 18:13:29 - [] ----D C:\Program Files (x86)\GreoaTuSave4U =>PUP.GoSave
O43 - CFD: 19/04/2015 - 15:10:28 - [] ----D C:\Program Files (x86)\help4u
O43 - CFD: 07/11/2014 - 23:38:22 - [] ----D C:\Program Files (x86)\iWebar =>PUP.CrossRider
O43 - CFD: 18/05/2015 - 15:39:31 - [] ----D C:\Program Files (x86)\JeoniCOupon =>PUP.JoniCoupon
O43 - CFD: 04/03/2015 - 10:32:42 - [] ----D C:\Program Files (x86)\JOniCoupoun =>PUP.JoniCoupon
O43 - CFD: 03/03/2015 - 00:19:44 - [] ----D C:\Program Files (x86)\Keep Last Two Tabs
O43 - CFD: 04/01/2015 - 15:15:29 - [] ----D C:\Program Files (x86)\mystarttb =>Spyware.VMNToolbar
O43 - CFD: 20/03/2015 - 17:04:50 - [] ----D C:\Program Files (x86)\NeewSaver =>PUP.NewSaver
O43 - CFD: 07/03/2015 - 19:51:58 - [] ----D C:\Program Files (x86)\NetoCoupOn =>PUP.NetCoupon
O43 - CFD: 18/05/2015 - 15:39:31 - [] ----D C:\Program Files (x86)\NewSaaver =>PUP.NewSaver
O43 - CFD: 07/11/2014 - 23:39:26 - [] ----D C:\Program Files (x86)\Object Browser =>PUP.ObjectBrowser
O43 - CFD: 08/11/2014 - 18:37:06 - [] ----D C:\Program Files (x86)\OfferBoulevard
O43 - CFD: 18/05/2015 - 15:39:31 - [] ----D C:\Program Files (x86)\SaauvaeLOts =>PUP.SaveLots
O43 - CFD: 07/11/2014 - 23:52:04 - [] ----D C:\Program Files (x86)\SavePass =>PUP.CrossRider
O43 - CFD: 08/11/2014 - 18:41:42 - [] ----D C:\Program Files (x86)\Sense
O43 - CFD: 07/11/2014 - 23:41:05 - [] ----D C:\Program Files (x86)\Senses
O43 - CFD: 10/06/2014 - 23:46:25 - [] ----D C:\Program Files (x86)\Settings Manager =>PUP.SystemK
O43 - CFD: 10/06/2014 - 23:46:07 - [0] ----D C:\Program Files (x86)\SiteLookup =>PUP.SiteLookup
O43 - CFD: 18/04/2015 - 15:10:21 - [] ----D C:\Program Files (x86)\sun king =>PUP.SunKing
O43 - CFD: 07/01/2015 - 23:28:19 - [] ----D C:\Program Files (x86)\Super Radio
O43 - CFD: 07/11/2014 - 23:41:33 - [0] ----D C:\Program Files (x86)\Supporter =>PUP.SaveClicker
O43 - CFD: 18/05/2015 - 15:39:54 - [] ----D C:\Program Files (x86)\takeOroleave
O43 - CFD: 18/05/2015 - 15:39:32 - [] ----D C:\Program Files (x86)\takEsavee
O43 - CFD: 07/01/2015 - 23:28:19 - [] ----D C:\Program Files (x86)\videosMediaPlayersv2.2 =>PUP.CrossRider
O43 - CFD: 07/11/2014 - 23:41:52 - [] ----D C:\Program Files (x86)\YourFileDownloader Updater =>PUP.YourFileDownloader
O43 - CFD: 18/05/2015 - 15:40:15 - [] ----D C:\ProgramData\16981201882782824961
O43 - CFD: 16/09/2014 - 22:26:29 - [] ----D C:\ProgramData\AdBlocker Manger =>PUP.Adblocker
O43 - CFD: 23/02/2015 - 00:00:54 - [] ----D C:\ProgramData\AdPunisher
O43 - CFD: 28/01/2015 - 20:09:31 - [] ----D C:\ProgramData\Ads Remover
O43 - CFD: 07/11/2014 - 23:42:10 - [] ----D C:\ProgramData\CHeuapMe =>PUP.CheapMe
O43 - CFD: 10/06/2014 - 01:13:50 - [] ----D C:\ProgramData\ClassicShell
O43 - CFD: 07/11/2014 - 23:42:12 - [] ----D C:\ProgramData\CostMin =>PUP.CostMin
O43 - CFD: 07/11/2014 - 23:42:35 - [] ----D C:\ProgramData\CuhheapMMe =>PUP.CheapMe
O43 - CFD: 29/10/2014 - 11:17:28 - [] ----D C:\ProgramData\dgkihcjnamocbnenelogoaeajllidlji
O43 - CFD: 20/03/2015 - 17:31:16 - [] ----D C:\ProgramData\DowniSave =>PUP.DownSave
O43 - CFD: 10/07/2014 - 15:21:17 - [] ----D C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch
O43 - CFD: 06/11/2014 - 22:31:01 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 11/01/2015 - 01:06:26 - [] ----D C:\ProgramData\eba959246276fa01
O43 - CFD: 07/11/2014 - 23:09:44 - [] ----D C:\ProgramData\f1c11deb-468d-4e28-a37d-be8513e1bc56
O43 - CFD: 07/11/2014 - 23:42:47 - [] ----D C:\ProgramData\FunDeeAls =>PUP.FunDeals
O43 - CFD: 07/11/2014 - 23:42:56 - [] ----D C:\ProgramData\GoSave =>PUP.GoSave
O43 - CFD: 29/09/2012 - 22:46:58 - [] ----D C:\ProgramData\Internet Content Filter
O43 - CFD: 23/12/2014 - 11:25:26 - [] ----D C:\ProgramData\lhhljjaooofkiokcomlakbikfoppjmbi
O43 - CFD: 20/03/2015 - 17:31:38 - [] ----D C:\ProgramData\MiniMuumPerICee =>PUP.MinimumPrice
O43 - CFD: 11/01/2015 - 00:06:17 - [] ----D C:\ProgramData\pcojnolpfnfkigmejkakjlbifhlnacoi
O43 - CFD: 07/11/2014 - 23:43:18 - [] ----D C:\ProgramData\SaVeNuewaaAppz =>PUP.SaveNewAppz
O43 - CFD: 12/07/2014 - 02:00:11 - [0] ----D C:\ProgramData\systemk =>PUP.SystemK
O43 - CFD: 27/10/2014 - 17:47:10 - [] ----D C:\ProgramData\Yellow AdBlocker =>PUP.Adblocker
O43 - CFD: 06/11/2014 - 10:32:10 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 26/11/2014 - 20:00:56 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1MediaPlayer
O43 - CFD: 24/09/2014 - 20:10:43 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
O43 - CFD: 16/12/2014 - 13:40:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
O43 - CFD: 24/09/2014 - 17:03:53 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 14/07/2014 - 03:49:59 - [] ----D C:\Users\SMAIL\AppData\Roaming\ARHome =>Trojan.Vonteera
O43 - CFD: 20/05/2015 - 11:30:16 - [] ----D C:\Users\SMAIL\AppData\Roaming\ClassicShell
O43 - CFD: 10/06/2014 - 00:26:37 - [] ----D C:\Users\SMAIL\AppData\Roaming\ExpressFiles =>Adware.ExpressFiles
O43 - CFD: 03/11/2014 - 22:57:45 - [] ----D C:\Users\SMAIL\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 06/11/2014 - 10:20:57 - [] ----D C:\Users\SMAIL\AppData\Roaming\PennyBee =>PUP.PaybyAds
O43 - CFD: 04/01/2015 - 16:00:29 - [] ----D C:\Users\SMAIL\AppData\Roaming\RHEng =>PUP.Conduit
O43 - CFD: 06/11/2014 - 10:31:42 - [] ----D C:\Users\SMAIL\AppData\Roaming\rmi
O43 - CFD: 12/07/2014 - 02:00:27 - [] ----D C:\Users\SMAIL\AppData\Roaming\Settings Manager =>PUP.SystemK
O43 - CFD: 10/06/2014 - 23:45:34 - [0] ----D C:\Users\SMAIL\AppData\Roaming\SimilarSites
O43 - CFD: 14/07/2014 - 03:50:00 - [] ----D C:\Users\SMAIL\AppData\Roaming\VolIE =>Trojan.Vonteera
O43 - CFD: 11/06/2014 - 19:25:40 - [] ----D C:\Users\SMAIL\AppData\Roaming\YourFileDownloader =>PUP.YourFileDownloader
O43 - CFD: 06/11/2014 - 10:24:11 - [] ----D C:\Users\SMAIL\AppData\Local\com
O43 - CFD: 23/07/2014 - 02:21:44 - [] ----D C:\Users\SMAIL\AppData\Local\Cranium
O43 - CFD: 30/04/2015 - 17:26:21 - [] -SH-D C:\Users\SMAIL\AppData\Local\EmieBrowserModeList
O43 - CFD: 28/10/2014 - 18:12:53 - [] ----D C:\Users\SMAIL\AppData\Local\Installer
O43 - CFD: 23/07/2014 - 02:18:07 - [] ----D C:\Users\SMAIL\AppData\Local\Math Problem Solver
O43 - CFD: 05/07/2014 - 23:04:56 - [0] ----D C:\Users\SMAIL\AppData\Local\pangu
O43 - CFD: 20/10/2014 - 13:08:10 - [] ----D C:\Users\SMAIL\AppData\Local\Pay-By-Ads =>PUP.PaybyAds
~ Program Folder: 298 Legitimates Filtered in 00mn 05s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - bitguard.exe - tasklist.exe =>PUP.BitGuard
O50 - IFEO:Image File Execution Options - bprotect.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - bpsvc.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - browserdefender.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browserprotect.exe - tasklist.exe =>Hijacker.Eazel
O50 - IFEO:Image File Execution Options - browsersafeguard.exe - tasklist.exe =>PUP.SafeGuard
O50 - IFEO:Image File Execution Options - dprotectsvc.exe - tasklist.exe =>Trojan.Staser
O50 - IFEO:Image File Execution Options - jumpflip - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - protectedsearch.exe - tasklist.exe =>Spyware.ProtectedSearch
O50 - IFEO:Image File Execution Options - searchinstaller.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - searchprotection.exe - tasklist.exe =>Toolbar.Conduit
O50 - IFEO:Image File Execution Options - searchprotector.exe - tasklist.exe =>PUP.SearchProtect
O50 - IFEO:Image File Execution Options - searchsettings.exe - tasklist.exe =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - searchsettings64.exe - tasklist.exe =>Adware.SearchSettings
O50 - IFEO:Image File Execution Options - snapdo.exe - tasklist.exe =>Hijacker.SmartBar
O50 - IFEO:Image File Execution Options - stinst32.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - stinst64.exe - tasklist.exe
O50 - IFEO:Image File Execution Options - umbrella.exe - tasklist.exe =>Adware.IMBooster
O50 - IFEO:Image File Execution Options - utiljumpflip.exe - tasklist.exe =>PUP.JumpFlip
O50 - IFEO:Image File Execution Options - volaro - tasklist.exe =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - vonteera - tasklist.exe =>Trojan.Vonteera
O50 - IFEO:Image File Execution Options - websteroids.exe - tasklist.exe =>PUP.TubeDimmer
O50 - IFEO:Image File Execution Options - websteroidsservice.exe - tasklist.exe =>PUP.TubeDimmer
~ IFEO: Scanned in 00mn 00s



---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"VIDC.X264"="x264vfw64.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw64.dll
~ TDSD: 10 Legitimates Filtered in 00mn 01s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13/08/2013 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:29/11/2014 - 01:37:06 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [180648]
O58 - SDL:19/04/2015 - 11:57:47 ---A- . (...) -- C:\Windows\System32\Drivers\semav6thermal64ro.sys [13792]
O58 - SDL:22/08/2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:15/08/2014 - 23:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
~ Drivers: 49 Legitimates Filtered in 00mn 06s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [SMAIL - g6qsn0wp.default] user_pref("extensions.crossrider.bic", "1468c1f1670af7cb8e3abd0f08ac88f2"); =>PUP.CrossRider
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Trovi search) - http://www.trovi.com =>Hijacker.TroviCom
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bueno Search) - http://www.buenosearch.com =>PUP.BuenoSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (sweet-page) - http://www.sweet-page.com =>PUP.SweetPage
O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (Search The Web) - http://www.mystart.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {4D183801-D585-40F2-9DAB-34047B8BC873} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} - (VenteeRo) - http://www.arabyonline.com =>Trojan.Vonteera
O69 - SBI: SearchScopes [HKCU] {80c554b9-c7f8-4a21-9471-06d606da78a2} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://mysearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} - (default-search.net) - http://www.default-search.net =>Hijacker.Browsers
O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.searchoholic.info
O69 - SBI: SearchScopes [HKCU] {C6153B96-5D94-4F70-B5EE-F6D02426B6DF} - (Search The Web (buenosearch)) - http://www.buenosearch.com =>PUP.BuenoSearch
O69 - SBI: SearchScopes [HKCU] {CABC7B1D-269B-48CA-BCE2-7940E8EFC722} - (eBay) - http://rover.ebay.com
~ Keys: Scanned in 00mn 01s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.995C976660D40C86D8C05F18A8D362D3] [SPRF][18/05/2015] (...) -- C:\Users\SMAIL\AppData\Roaming\appdataFr25.bin [24]
[MD5.F89B3E18C8B5F982266DF772B155574A] [SPRF][17/05/2015] (...) -- C:\Users\SMAIL\AppData\Roaming\appdataFr3.bin [20]
[MD5.E0B6DEA5AFCE54007016F946D0767262] [SPRF][06/11/2014] (.enter - videosMediaPlayersv2.2 exe.) -- C:\Users\SMAIL\AppData\Roaming\LALBI.exe [1552288] =>PUP.CrossRider
[MD5.87EEFC7AE60B3000C1EA024D58EF3906] [SPRF][06/11/2014] (.enter - videosMediaPlayersv2.2 exe.) -- C:\Users\SMAIL\AppData\Roaming\TJUDBJ.exe [2052512] =>PUP.CrossRider
[MD5.1BCC1F03714C5734DB3E02EACA0E07E6] [SPRF][03/04/2015] (...) -- C:\Users\SMAIL\AppData\Roaming\zxu3opjv8D5.exe [1577472]
[MD5.03267E5EF158211EE933A409B1CD25D2] [SPRF][04/03/2015] (.深圳创想天空科技有限公司 - 简单易用的苹果设备管理软件.) -- C:\Users\SMAIL\Desktop\iTools.exe [7564792]
~ Files: 6 Legitimates Filtered in 00mn 02s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{148D64C0-CB59-4CC0-A93A-3DEEAAA42E72}" | In - Private - P6 - TRUE | .(.Visicom Media Inc. - Toolbar Cleaner.) -- C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe =>PUP.ToolbarCleaner
O87 - FAEL: "{A2E13041-4364-47AF-A3E9-59F8DCC57C67}" | In - Private - P17 - TRUE | .(.Visicom Media Inc. - Toolbar Cleaner.) -- C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe =>PUP.ToolbarCleaner
~ Firewall: 2 Legitimates Filtered in 00mn 04s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{11111111-1111-1111-1111-110311281150}] (Object Browser) =>PUP.ObjectBrowser
[HKCR\CLSID\{11111111-1111-1111-1111-110611491169}] (videosMediaPlayersv2.2) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220322282250}] (CrossriderApp0032850.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220422822292}] (CrossriderApp0048292.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220522702250}] (CrossriderApp0057050.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{22222222-2222-2222-2222-220622022276}] (CrossriderApp0060276.Sandbox) =>PUP.CrossRider
[HKCR\CLSID\{66a8d9e2-4c9d-4c36-b9e0-0242dd9e18b1}] (DigiCouPon) =>PUP.DiGiCoupon
[HKCR\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}] (MyStart Toolbar) =>Spyware.VMNToolbar
~ BCK: 5735 Legitimates Filtered in 00mn 32s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 29/01/2014 279000 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 03/12/2014 108032 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 04/01/2015 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Demand 04/01/2015 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Auto 01/12/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/12/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/10/2014 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 16/01/2014 289256 | (McComponentHostServiceSony) . (.McAfee, Inc..) - C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe
SS - | Demand 28/09/2013 625240 | (NetworkSupport) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
SS - | Demand 08/08/2012 123616 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 08/08/2012 460512 | (SOHDms) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
SS - | Demand 08/08/2012 78048 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 01/12/2011 289952 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SS - | Demand 19/11/2013 377768 | (USER_ESRV_SVC) . (.Intel Corporation.) - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
SS - | Demand 19/07/2012 476328 | (VAIO Power Management) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
SS - | Demand 08/08/2012 972000 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 07/10/2014 60744 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 13/08/2012 211584 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 19/11/2013 377768 | (ESRV_SVC) . (.Intel Corporation.) - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
SR - | Auto 23/12/2014 4159488 | (fc67e7a0) . (...) - c:\Program Files (x86)\DeltaFix\DeltaFix.dll
SR - | Auto 26/07/2012 2445968 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 06/08/2012 128896 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 10/10/2012 28160 | (iTeleportService) . (.iTeleport, Inc..) - C:\Program Files (x86)\iTeleport\iTeleport Connect\iTeleportService.exe
SR - | Auto 06/08/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 06/08/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 27/07/2012 474208 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
SR - | Auto 19/11/2013 266168 | (SampleCollector) . (.Intel Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SR - | Auto 06/08/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 18/08/2012 68776 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
SR - | Demand 03/12/2014 61552 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Demand 28/02/2014 1642544 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\VUAgent.exe
SR - | Demand 22/07/1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Auto 22/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Demand 29/10/2014 38792 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/08/2012 323584 | (ZAtheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
~ Services: Scanned in 00mn 34s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (17/05/2015)
Clés trouvées (Keys found) : 112
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 50
Fichiers trouvés (Files found) : 196

[HKLM\Software\Google\Chrome\Extensions\kjpifmjicccpbkfjdkehimhgklfkbanh] =>PUP.CrossRider^
[HKLM\Software\Google\Chrome\Extensions\lmhacemfmaapnkiehojbhmclmdnhjhfn] =>PUP.SunKing^
[HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4CEFD9B73D6C-1CRMOI2] =>Trojan.Vonteera^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PennyBee] =>PUP.PaybyAds^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YourFile DownloaderUpdate] =>PUP.YourFileDownloader^
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader] =>PUP.YTDownloader^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{842C4394-47F7-60DE-480B-C09116B63559}] =>PUP.BuyNSave^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F6C44C71-2CFE-8176-3A4D-CBD0DCE5AEFA}] =>PUP.CheapMe^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE681A67-9477-CBE6-EB9D-FE534875F98D}] =>PUP.CostMin^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B5DB572D-EA87-D3B0-08F6-4D153EA6A783}] =>PUP.FindBestDeal^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9D9BEFAE-9499-F52B-6CC4-94818CCC2AB5}] =>PUP.Fun2Save^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{478472F9-9E09-492A-BDAB-42EE595EF1AD}] =>PUP.FunDeals^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{64A4ABCA-CF3D-C548-2DC4-72A55DC5882A}] =>PUP.GoSave^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45606A90-3363-3A3B-1C15-C40E77F4DAA0}] =>PUP.GoSave^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{51417852-174C-88D4-34A0-D0FE7858BE47}] =>PUP.JoniCoupon^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mystarttb] =>Spyware.VMNToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Object Browser] =>PUP.ObjectBrowser^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PennyBee] =>PUP.PaybyAds^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7304C9D1-98AD-55F0-636E-22D8DD57F176}] =>PUP.SaveNewAppz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SavePass] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sense] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Senses] =>PUP.ObjectBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{be0fb33b}] =>PUP.SaveClicker^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\focusbase] =>PUP.Focusbase^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iWebar] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\videosMediaPlayersv2.2] =>PUP.CrossRider^
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>PUP.ToolbarCleaner
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC
[HKCU\Software\Softonic] =>PUP.Conduit
[HKCU\Software\Somoto] =>Adware.MegaSearch
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}] =>Spyware.WinToFlash
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD}] =>Spyware.WinToFlash
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\WinToFlash Suggestor] =>Spyware.WinToFlash
[HKLM\Software\Classes\CrossriderApp0032850.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0032850.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0032850.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0032850.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0048292.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0057050.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0057050.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0057050.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0057050.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0060276.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0060276.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0060276.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0060276.Sandbox.1] =>PUP.CrossRider
[HKCU\Software\Classes\keepmysearch] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110311281150}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110411821192}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611491169}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110611791177}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322282250}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422822292}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522702250}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622022276}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622192215}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622492269}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622512223}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220622792277}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0032850.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0032850.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0032850.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0032850.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0048292.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0057050.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0057050.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0057050.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0057050.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0060276.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0060276.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0060276.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0060276.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311281150}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110411821192}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110511701150}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611021176}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611191115}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611491169}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611511123}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110611791177}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322282250}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422822292}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220522702250}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622022276}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622192215}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622492269}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622512223}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220622792277}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}] =>Adware.Bandoo^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:LiveSupport =>PUP.LiveSupport^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:YTDownloader =>PUP.YTDownloader^
C:\Users\SMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjpifmjicccpbkfjdkehimhgklfkbanh =>PUP.CrossRider^
C:\Users\SMAIL\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmhacemfmaapnkiehojbhmclmdnhjhfn =>PUP.SunKing^
C:\Program Files (x86)\BuyNsaaVe =>PUP.BuyNSave^
C:\Program Files (x86)\DigiCouPon =>PUP.DiGiCoupon^
C:\Program Files (x86)\ExstraSAVings =>PUP.ExtraSavings^
C:\Program Files (x86)\FindBestDEeaul =>PUP.FindBestDeal^
C:\Program Files (x86)\focusbase =>PUP.Focusbase^
C:\Program Files (x86)\FuN2Save =>PUP.Fun2Save^
C:\Program Files (x86)\Ge-Force =>PUP.CrossRider^
C:\Program Files (x86)\GreoaTuSave4U =>PUP.GoSave^
C:\Program Files (x86)\iWebar =>PUP.CrossRider^
C:\Program Files (x86)\JeoniCOupon =>PUP.JoniCoupon^
C:\Program Files (x86)\JOniCoupoun =>PUP.JoniCoupon^
C:\Program Files (x86)\mystarttb =>Spyware.VMNToolbar^
C:\Program Files (x86)\NeewSaver =>PUP.NewSaver^
C:\Program Files (x86)\NetoCoupOn =>PUP.NetCoupon^
C:\Program Files (x86)\NewSaaver =>PUP.NewSaver^
C:\Program Files (x86)\Object Browser =>PUP.ObjectBrowser^
C:\Program Files (x86)\SaauvaeLOts =>PUP.SaveLots^
C:\Program Files (x86)\SavePass =>PUP.CrossRider^
C:\Program Files (x86)\Settings Manager =>PUP.SystemK^
C:\Program Files (x86)\SiteLookup =>PUP.SiteLookup^
C:\Program Files (x86)\sun king =>PUP.SunKing^
C:\Program Files (x86)\Supporter =>PUP.SaveClicker^
C:\Program Files (x86)\videosMediaPlayersv2.2 =>PUP.CrossRider^
C:\Program Files (x86)\YourFileDownloader Updater =>PUP.YourFileDownloader^
C:\ProgramData\AdBlocker Manger =>PUP.Adblocker^
C:\ProgramData\CHeuapMe =>PUP.CheapMe^
C:\ProgramData\CostMin =>PUP.CostMin^
C:\ProgramData\CuhheapMMe =>PUP.CheapMe^
C:\ProgramData\DowniSave =>PUP.DownSave^
C:\ProgramData\DSearchLink =>Toolbar.DeltaSearch^
C:\ProgramData\FunDeeAls =>PUP.FunDeals^
C:\ProgramData\GoSave =>PUP.GoSave^
C:\ProgramData\MiniMuumPerICee =>PUP.MinimumPrice^
C:\ProgramData\SaVeNuewaaAppz =>PUP.SaveNewAppz^
C:\ProgramData\systemk =>PUP.SystemK^
C:\ProgramData\Yellow AdBlocker =>PUP.Adblocker^
C:\Users\SMAIL\AppData\Roaming\ARHome =>Trojan.Vonteera^
C:\Users\SMAIL\AppData\Roaming\ExpressFiles =>Adware.ExpressFiles^
C:\Users\SMAIL\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\SMAIL\AppData\Roaming\PennyBee =>PUP.PaybyAds^
C:\Users\SMAIL\AppData\Roaming\RHEng =>PUP.Conduit^
C:\Users\SMAIL\AppData\Roaming\Settings Manager =>PUP.SystemK^
C:\Users\SMAIL\AppData\Roaming\VolIE =>Trojan.Vonteera^
C:\Users\SMAIL\AppData\Roaming\YourFileDownloader =>PUP.YourFileDownloader^
C:\Users\SMAIL\AppData\Local\Pay-By-Ads =>PUP.PaybyAds^
C:\ProgramData\AVG Security Toolbar =>Toolbar.AVGSearch
C:\Users\SMAIL\AppData\Roaming\SimilarSites =>Adware.SimilarSites
C:\Users\SMAIL\AppData\Local\Installer =>Adware.InstallPedia
C:\Program Files (x86)\fun4us\fun4us_notification_service.exe =>PUP.CrossRider^
C:\Program Files (x86)\help4u\help4u_notification_service.exe =>PUP.CrossRider^
C:\Program Files (x86)\sun king\sun_king_notification_service.exe =>PUP.SunKing^
C:\Program Files (x86)\videosMediaPlayersv2.2\videosMediaPlayersv2.2-codedownloader.exe =>PUP.CrossRider^
C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-11.exe =>PUP.CrossRider^
C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-3.exe =>PUP.CrossRider^
C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-4.exe =>PUP.CrossRider^
C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-6.exe =>PUP.CrossRider^
C:\Program Files (x86)\videosMediaPlayersv2.2\2f9eadb6-f029-48e3-a157-a14c78eb9810-7.exe =>PUP.CrossRider^
C:\Users\SMAIL\AppData\Roaming\ARHome\Updater.exe =>Trojan.Vonteera^
C:\Program Files (x86)\Sense\Sense-codedownloader.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\66f8173a-0e00-462e-91c9-747f0d978aad-11.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\66f8173a-0e00-462e-91c9-747f0d978aad-4.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Sense\66f8173a-0e00-462e-91c9-747f0d978aad-5.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\Object Browser\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4.exe =>PUP.ObjectBrowser^
C:\Program Files (x86)\fun4us\fun4us_updating_service.exe =>PUP.CrossRider^
C:\Program Files (x86)\help4u\help4u_updating_service.exe =>PUP.CrossRider^
C:\Program Files (x86)\sun king\sun_king_updating_service.exe =>PUP.SunKing^
C:\Program Files (x86)\YourFileDownloader Updater\YourFileUpdater.exe =>PUP.YourFileDownloader^
C:\Users\SMAIL\AppData\Roaming\ARHome\uninstall.exe =>Trojan.Vonteera^
C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-1 =>PUP.CrossRider^
C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5 =>PUP.CrossRider^
C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-5_user =>PUP.CrossRider^
C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-6 =>PUP.CrossRider^
C:\Windows\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\14a789b2-ffd5-4c51-a818-e0a87b5a5bdf-7 =>PUP.CrossRider^
C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-1 =>PUP.CrossRider^
C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-11 =>PUP.CrossRider^
C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-3 =>PUP.CrossRider^
C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-4 =>PUP.CrossRider^
C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-5 =>PUP.CrossRider^
C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-5_user =>PUP.CrossRider^
C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-6 =>PUP.CrossRider^
C:\Windows\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\2f9eadb6-f029-48e3-a157-a14c78eb9810-7 =>PUP.CrossRider^
C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-1 =>PUP.CrossRider^
C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-11 =>PUP.CrossRider^
C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-2 =>PUP.CrossRider^
C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-4 =>PUP.CrossRider^
C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-5 =>PUP.CrossRider^
C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-5_user =>PUP.CrossRider^
C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-6 =>PUP.CrossRider^
C:\Windows\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\66f8173a-0e00-462e-91c9-747f0d978aad-7 =>PUP.CrossRider^
C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-1 =>PUP.CrossRider^
C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-11 =>PUP.CrossRider^
C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-2 =>PUP.CrossRider^
C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-4 =>PUP.CrossRider^
C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-5 =>PUP.CrossRider^
C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-5_user =>PUP.CrossRider^
C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-6 =>PUP.CrossRider^
C:\Windows\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\82bfa932-bd5d-4166-81ed-cb723c12a962-7 =>PUP.CrossRider^
C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-1 =>PUP.CrossRider^
C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-11 =>PUP.CrossRider^
C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-2 =>PUP.CrossRider^
C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-4 =>PUP.CrossRider^
C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-5 =>PUP.CrossRider^
C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-5_user =>PUP.CrossRider^
C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-6 =>PUP.CrossRider^
C:\Windows\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\b0625964-2eb3-4760-87c9-78a749ff7827-7 =>PUP.CrossRider^
C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-1 =>PUP.CrossRider^
C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-2 =>PUP.CrossRider^
C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-4 =>PUP.CrossRider^
C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-5 =>PUP.CrossRider^
C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-6 =>PUP.CrossRider^
C:\Windows\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\e659c2f6-b592-4eb3-89e8-8b6d7e4656ed-7 =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-1 =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-11 =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-2 =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-3.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-3 =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-4 =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5 =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-5_user =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-6 =>PUP.CrossRider^
C:\Windows\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\f4e4799b-3854-4ad1-9e7e-98dfdab6e1dc-7 =>PUP.CrossRider^
C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-1.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-1 =>PUP.CrossRider^
C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-11 =>PUP.CrossRider^
C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-2.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-2 =>PUP.CrossRider^
C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-4 =>PUP.CrossRider^
C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-5 =>PUP.CrossRider^
C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-5_user =>PUP.CrossRider^
C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-6.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-6 =>PUP.CrossRider^
C:\Windows\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fbb60eb5-4134-40b1-963f-26c1109d889d-7 =>PUP.CrossRider^
C:\Windows\Tasks\fun4us_notification_service.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fun4us_notification_service =>PUP.CrossRider^
C:\Windows\Tasks\fun4us_updating_service.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\fun4us_updating_service =>PUP.CrossRider^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^
C:\Windows\Tasks\help4u_notification_service.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\help4u_notification_service =>PUP.CrossRider^
C:\Windows\Tasks\help4u_updating_service.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\help4u_updating_service =>PUP.CrossRider^
C:\Windows\Tasks\PennyBee.job =>PUP.PaybyAds^
C:\Windows\System32\Tasks\PennyBee =>PUP.PaybyAds^
C:\Windows\Tasks\sun_king_notification_service.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\sun_king_notification_service =>PUP.CrossRider^
C:\Windows\Tasks\sun_king_updating_service.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\sun_king_updating_service =>PUP.CrossRider^
[HKCU\Software\ARHome] =>Trojan.Vonteera^
[HKCU\Software\ExpressFiles] =>Adware.ExpressFiles^
[HKCU\Software\Goobzo] =>PUP.Goobzo^
[HKCU\Software\NoVooITSet] =>Trojan.Vonteera^
[HKCU\Software\SystemK] =>PUP.SystemK^
[HKCU\Software\Vonteera Safe ads] =>Trojan.Vonteera^
[HKCU\Software\YourFileDownloader] =>PUP.YourFileDownloader^
[HKCU\Software\focusbase] =>PUP.Focusbase^
[HKCU\Software\sun king] =>PUP.SunKing^
[HKLM\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Wow6432Node\1330afbb-8c11-4d38-90d6-a699e10457fe] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\31b72a8f-e8f1-4cde-8ce2-cbc67d44e6b3] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\621d15fd-abe6-467e-ac15-10a51350a941] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\84524fba-93ca-4f22-ac39-99f27c42b055] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\9ffe5aa6-8a6c-4ece-acfd-0fae9e6198dc] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\B6EC443C-2F24-4B08-8DBB-3CE0912F4BB7] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\DownloaderAssistant] =>PUP.Salus^
[HKLM\Software\Wow6432Node\Goobzo] =>PUP.Goobzo^
[HKLM\Software\Wow6432Node\SiteFinder] =>Adware.ShoppingReport^
[HKLM\Software\Wow6432Node\SystemK] =>PUP.SystemK^
[HKLM\Software\Wow6432Node\YourFileDownloader] =>PUP.YourFileDownloader^
[HKLM\Software\Wow6432Node\b1d97939-90b5-4eeb-ac6a-440aa9fcf597] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\efd2edfe-0c08-4c53-b7e3-c9179ca03a3a] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\focusbase] =>PUP.Focusbase^
[HKLM\Software\Wow6432Node\iWebar-nv] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\videosMediaPlayersv2.2-nv] =>PUP.CrossRider^
[HKLM\Software\YTDownloader] =>PUP.YTDownloader^
C:\Users\SMAIL\AppData\Roaming\LALBI.exe =>PUP.CrossRider^
C:\Users\SMAIL\AppData\Roaming\TJUDBJ.exe =>PUP.CrossRider^
[HKCR\CLSID\{11111111-1111-1111-1111-110311281150}] (Object Browser) =>PUP.ObjectBrowser^
[HKCR\CLSID\{11111111-1111-1111-1111-110611491169}] (videosMediaPlayersv2.2) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220322282250}] (CrossriderApp0032850.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220422822292}] (CrossriderApp0048292.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220522702250}] (CrossriderApp0057050.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{22222222-2222-2222-2222-220622022276}] (CrossriderApp0060276.Sandbox) =>PUP.CrossRider^
[HKCR\CLSID\{66a8d9e2-4c9d-4c36-b9e0-0242dd9e18b1}] (DigiCouPon) =>PUP.DiGiCoupon^
[HKCR\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}] (MyStart Toolbar) =>Spyware.VMNToolbar^
~ Additionnel Scan: 321019 Items scanned in 01mn 45s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/g2-google-chrome-extensions/ =>.Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o50-image-file-execution-options-zhpdiag/ =>.Image File Execution Options (IFEO) (O50)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://www.nicolascoolman.fr/blog/ =>PUP.SunKing
http://nicolascoolman.fr/spyware-vmntoolbar =>Spyware.VMNToolbar
http://nicolascoolman.fr/pup-buenosearch =>PUP.BuenoSearch
http://nicolascoolman.fr/hijacker-browsers =>Hijacker.Browsers
http://nicolascoolman.fr/trojan-vonteera =>Trojan.Vonteera
http://nicolascoolman.fr/hijacker-gadgetbox =>Hijacker.GadgetBox
http://nicolascoolman.fr/pup-sweetpage =>PUP.SweetPage
http://www.nicolascoolman.fr/blog/ =>PUP.LiveSupport
http://nicolascoolman.fr/pup-ytdownloader =>PUP.YTDownloader
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://nicolascoolman.fr/pup-objectbrowser =>PUP.ObjectBrowser
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.fr/pup-paybyads =>PUP.PaybyAds
http://www.nicolascoolman.fr/blog/ =>PUP.Mysoftpack
http://nicolascoolman.fr/pup-shopperpro =>PUP.ShopperPro
http://nicolascoolman.fr/pup-yourfiledownloader =>PUP.YourFileDownloader
http://www.nicolascoolman.fr/blog/ =>PUP.BuyNSave
http://www.nicolascoolman.fr/blog/ =>PUP.CheapMe
http://nicolascoolman.fr/pup-costmin =>PUP.CostMin
http://www.nicolascoolman.fr/blog/ =>PUP.FindBestDeal
http://www.nicolascoolman.fr/blog/ =>PUP.Fun2Save
http://www.nicolascoolman.fr/blog/ =>PUP.FunDeals
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://www.nicolascoolman.fr/blog/ =>PUP.GoSave
http://www.nicolascoolman.fr/blog/ =>PUP.JoniCoupon
http://www.nicolascoolman.fr/blog/ =>PUP.SaveNewAppz
http://nicolascoolman.fr/pup-saveclicker =>PUP.SaveClicker
http://nicolascoolman.fr/pup-focusbase =>PUP.Focusbase
http://nicolascoolman.fr/adware-expressfiles =>Adware.ExpressFiles
http://www.nicolascoolman.fr/blog/ =>PUP.Goobzo
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-megasearch =>Adware.MegaSearch
http://nicolascoolman.fr/pup-systemk =>PUP.SystemK
http://www.nicolascoolman.fr/blog/ =>PUP.Salus
http://nicolascoolman.fr/adware-shoppingreport =>Adware.ShoppingReport
http://www.nicolascoolman.fr/blog/ =>PUP.DiGiCoupon
http://www.nicolascoolman.fr/blog/ =>PUP.ExtraSavings
http://nicolascoolman.fr/pup-newsaver =>PUP.NewSaver
http://nicolascoolman.fr/pup-netcoupon =>PUP.NetCoupon
http://www.nicolascoolman.fr/blog/ =>PUP.SaveLots
http://www.nicolascoolman.fr/blog/ =>PUP.SiteLookup
http://www.nicolascoolman.fr/blog/ =>PUP.Adblocker
http://nicolascoolman.fr/pup-downsave =>PUP.DownSave
http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.fr/pup-minimumprice =>PUP.MinimumPrice
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://nicolascoolman.fr/pup-bitguard =>PUP.BitGuard
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://www.nicolascoolman.fr/blog/ =>PUP.SafeGuard
http://nicolascoolman.fr/trojan-staser =>Trojan.Staser
http://nicolascoolman.fr/pup-jumpflip =>PUP.JumpFlip
http://nicolascoolman.fr/spyware-protectedsearch =>Spyware.ProtectedSearch
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/adware-searchsettings =>Adware.SearchSettings
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/pup-tubedimmer =>PUP.TubeDimmer
http://nicolascoolman.fr/hijacker-trovicom =>Hijacker.TroviCom
http://nicolascoolman.fr/pup-toolbarcleaner =>PUP.ToolbarCleaner
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/pup-toparcadehits =>PUP.ToparcadeHits
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedUpMyPC
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://nicolascoolman.fr/spyware-wintoflash =>Spyware.WinToFlash
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.fr/adware-similarsites =>Adware.SimilarSites
http://nicolascoolman.fr/adware-installpedia =>Adware.InstallPedia
~ MSI: 74 link(s) detected in 00mn 00s



~ 1155 Legitimates filtered by white list
End of the scan (1337 lines in 06mn 15s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité