cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman (31/05/2015)
~ Lancé par Loaec (09/06/2015 11:56:19)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801
MFIE: Mozilla Firefox 38.0.1
OPIE: Opera Stable v30.0.1835.52
OBIE: Safari v5.34.57.2

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 276F9
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)

---\\ Logiciels de protection du système
Avira Antivirus v15.0.10.434
Malwarebytes Anti-Malware version 2.0.3.1025
Microsoft Security Client v4.8.0204.0
Windows Defender W7 (Deactivate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
Adobe Reader XI

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (29% free)
System Restore: Activé (Enable)
System drive C: has 25 GB (28%) free of 89 GB

---\\ Mode de connexion au système
~ Computer Name: LOAEC-PC
~ User Name: Loaec
~ All Users Names: Loaec, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Loaec\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Loaec\AppData\Roaming\
~ %Desktop% : C:\Users\Loaec\Desktop\
~ %Favorites% : C:\Users\Loaec\Favorites\
~ %LocalAppData% : C:\Users\Loaec\AppData\Local\
~ %StartMenu% : C:\Users\Loaec\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 25 Go of 89 Go)
D: Hard drive, Flash drive, Thumb drive (Free 60 Go of 209 Go)
E: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2015 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.17/07/2014 - 03:07:24.) -- C:\Windows\System32\Winlogon.exe [455168]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.FA886682CFC5D36718D3E436AACF10B9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:45:52.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/04/2014 - 05:02:24.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.70988118145F5F10EF24720B97F35F65] - (.Microsoft Corporation - TDI Translation Driver.) (.11/11/2014 - 02:46:26.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/13
~ Mes musiques (My Musics) : 1/13
~ Mes Favoris (My Favorites) : 1/26
~ Mes Documents (My Documents) : 1/7957
~ Mon Bureau (My Desktop) : 3/170
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 04s



---\\ Processus lancés
[MD5.CD23E258D4FBD764C2E94540C8DD6599] - (.RaMMicHaeL - Unchecky Background Process.) -- C:\Program Files (x86)\Unchecky\bin\Unchecky_bg.exe [402168] [PID.3220]
[MD5.97F60D16F052DA9CB619AB9A96CB2D4E] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440] [PID.3424]
[MD5.C56AEF21A76A6E2BB36A384B2C96389F] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104] [PID.3452]
[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392] [PID.3724]
[MD5.887CAA31048EB8ED09A0CBD0E6F46F09] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776] [PID.4020]
[MD5.56774620E6A8AA93719B1763CF5E5766] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6937216] [PID.4032]
[MD5.5666955DC9FD455A003D86A21E0483A9] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.4040]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.4064]
[MD5.A2E61B9CE8D5BE9ED4484A4FAB171157] - (.Oracle Corporation - Java Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [1241472] [PID.3760]
[MD5.03D6BDA1B36B164DC260A9CB1B8065F6] - (.Apache Software Foundation - OpenOffice Calc.) -- C:\Program Files (x86)\OpenOffice 4\program\scalc.exe [103936] [PID.352]
[MD5.3C69A38ACA535D234F6F51F11D8A8208] - (.Apache Software Foundation - OpenOffice 4.1.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe [9837056] [PID.3048]
[MD5.B4E2178BB29843701E466DE6F5704A70] - (.Apache Software Foundation - OpenOffice 4.1.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.bin [9828864] [PID.2076]
[MD5.507118B564C5D77EC7ABEF5D4FD16423] - (...) -- C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\vnsfD4A3.tmp [588057] [PID.6408]
[MD5.2D9C8B8894DC2EA3DBB2D461104A9240] - (...) -- C:\Users\Loaec\AppData\Local\C1F80A80-1433846973-81DE-32B2-90E6BA9A9B39\bnsk944D.exe [359936] [PID.5828]
[MD5.F6E61FA2092D1F0ADABE05B09F4E7641] - (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\Loaec\AppData\Local\SmartWeb\SmartWebHelper.exe [270368] [PID.5124] =>PUP.SmartWeb
[MD5.3B4A86DA60D06BA900C11BC01D39698F] - (...) -- C:\Program Files\shopperz\Huyde.exe [434024] [PID.6812] =>PUP.Shopperz
[MD5.528B56413546CF33C2A0322AF3904183] - (...) -- C:\Program Files (x86)\MaxComputerCleaner_v17.684\MaxComputerCleaner_Maintenance.exe [31432] [PID.7664] =>PUP.MaxComputerCleaner
[MD5.C37B854F9ED1F287E4521AB90E7D0568] - (.SearchProtect - CmdShell.exe.) -- C:\Program Files (x86)\MiuiTab\cmdshell.exe [29312] [PID.8048] =>PUP.SearchProtect
[MD5.1EF1ADB28F8C5DED15F597016EB1E8ED] - (.XTab system - SupHPNot.exe.) -- C:\Program Files (x86)\MiuiTab\HPNotify.exe [673920] [PID.7924]
[MD5.A14D72B43D5138E18629253F77ABF5CB] - (.Boxore OU - Boxore.) -- C:\Program Files (x86)\Boxore\Boxore Client\boxore.exe [1527808] [PID.7104] =>Adware.Boxore
[MD5.43B5696A844FB705D1E9595E8C3351B6] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864] [PID.4848]
[MD5.66177D4C99FD8B578C7C56DE445E4D5D] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [728312] [PID.2956]
[MD5.E8252DA109B538D920289BF9F5C0757E] - (.Avira Operations GmbH & Co. KG - Control Center.) -- C:\Program Files (x86)\Avira\Antivirus\avcenter.exe [715056] [PID.468]
[MD5.E995F032F2F7CE9CD790F2B7AE0A6F37] - (.Pas de propriétaire - Generic Setup Component.) -- C:\Users\Loaec\AppData\Local\Temp\nsrFAAE.tmp [267922] [PID.7992]
[MD5.6BCFCFA512A003A8043CF2F370B0B479] - (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe [637440] [PID.8852] =>PUP.CrossBrowser
[MD5.BED1902AF249BF3BC269420021A03D0B] - (.CMI Limited - Setup.) -- C:\Users\Loaec\AppData\Local\Temp\nsiFC46.tmp [613255] [PID.8296] =>PUP.CMILimited
[MD5.1A113EB5F555F55A031BFACF6A57DC6E] - (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe [2388336] [PID.8840]
[MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.5804]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.10008]
[MD5.D2230317777033CD0456990BFC4994E5] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936] [PID.732]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1248]
[MD5.D6310F79E51D1F997E964E81DD368AEA] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608] [PID.1668]
[MD5.9DB596995A20B8C636ED8763AD942361] - (.RaMMicHaeL - Unchecky Service.) -- C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [164600] [PID.1816]
[MD5.A46EF269564B9CA0A90C70E86AAE0110] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [174720] [PID.3880]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.3956]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.4012]
[MD5.FC5B75CA6A1DA31EDD4F8D53F5540B98] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088] [PID.4592]
[MD5.0AD528BE936E12B99BC723FAA8118A07] - (...) -- C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\nsaEE07.tmpfs [655360] [PID.7008]
[MD5.818A1109EFF660A903A80415EE3B30F0] - (...) -- C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\jnsa1C0F.tmp [219136] [PID.3804]
[MD5.FF45E14C8EB4EA2B1E6494088E2FDAC6] - (...) -- C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\hnsk328D.tmp [166912] [PID.1000]
[MD5.718A9BC1F016C59B3D3DCD15B71F77D5] - (...) -- C:\Users\Loaec\AppData\Local\C1F80A80-1433847111-81DE-32B2-90E6BA9A9B39\snswADB6.tmp [147456] [PID.4984]
[MD5.800E0730A580C2587EF21188BFE69C55] - (.Infonaut - Infonaut Client Service.) -- C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe [278600] [PID.6108] =>PUP.Infonaut
[MD5.D82156424521775CD2A38D78ECA185F9] - (...) -- C:\Program Files\shopperz\Jmahzov.exe [285544] [PID.588] =>PUP.Shopperz
[MD5.8A8C3244BA14CA6B71AE905F728736BB] - (...) -- C:\Program Files\shopperz\csrcc.exe [1448808] [PID.1408] =>PUP.Shopperz
[MD5.90E39F6A64E08A3481145C3EB48103F1] - (...) -- C:\Program Files\shopperz\Jvpmajlij.exe [174440] [PID.2880] =>PUP.Shopperz
[MD5.17A17135D22048BB4E3FCDD2227E0F67] - (.DTools LIMITED - Windows DTools.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [695976] [PID.7304] =>PUP.Fuyu
[MD5.98F50B214CF4931ABF8B3D677BF04E09] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files (x86)\MiuiTab\ProtectService.exe [125056] [PID.1768]
[MD5.8884C9DDA76D76BADFD390B33D1DE70D] - (.Avira Operations GmbH & Co. KG - Avira.ServiceHost.) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632] [PID.7460]
[MD5.EC705D6ED3A7F3D9AE42F6239707D9FE] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe [434424] [PID.5900]
[MD5.EC705D6ED3A7F3D9AE42F6239707D9FE] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe [434424] [PID.4020]
[MD5.57CC3951A6F39B9189EA26BA8636DDD8] - (.Avira Operations GmbH & Co. KG - Avira OnDemand File Scanner.) -- c:\program files (x86)\avira\antivirus\avscan.exe [1028856] [PID.7484]
[MD5.52B9561E13FB5BEED6FD3BEEB24E0B7B] - (.Avira Operations GmbH & Co. KG - Reboot assistant.) -- C:\Program Files (x86)\Avira\Antivirus\avrestart.exe [563656] [PID.8176]
~ Processes Running: Scanned in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\h6xPJAfj.default\prefs.js (.not file.)
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\h6xPJAfj.default\user.js
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\opk13riq.default-1416579521546\prefs.js
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\opk13riq.default-1416579521546\user.js
M3 - MFPP: Plugins - [Loaec] -- C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\opk13riq.default-1416579521546\searchplugins\istartsurf.xml =>PUP.Istart
M0 - MFSP: prefs.js [Loaec - opk13riq.default-1416579521546] http://www.istartsurf.com =>PUP.Istart
M0 - MFSP: user.js [Loaec - opk13riq.default-1416579521546] http://www.istartsurf.com =>PUP.Istart
M2 - MFEP: prefs.js [Loaec - h6xPJAfj.default\abs@avira.com] [] Segurança do navegador Avira v1.4.9 (..)
M2 - MFEP: Extension [Loaec - h6xPJAfj.default] abs@avira.com
M2 - MFEP: Extension [Loaec - h6xPJAfj.default] {2876f045-5de3-4e77-bdb3-05cf9328a0d2}.xpi
M2 - MFEP: Extension [Loaec - h6xPJAfj.default] d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com
M2 - MFEP: Extension [Loaec - h6xPJAfj.default] jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
M2 - MFEP: Extension [Loaec - h6xPJAfj.default] searchffv2@gmail.com
M2 - MFEP: Extension [Loaec - h6xPJAfj.default] sweetsearch@gmail.com =>PUP.SweetSearch
M2 - MFEP: Extension [Loaec - h6xPJAfj.default] thefoxonlybetter@quicksaver.xpi
M2 - MFEP: Extension [Loaec - h6xPJAfj.default] {E77F341C-F32E-40AA-8829-AA785C7D9316}.xpi =>Adware.Boxore
M2 - MFEP: prefs.js [Loaec - opk13riq.default-1416579521546\sweetsearch@gmail.com] [] Search Enginer v1.0.0.1031 (..) =>PUP.SearchEngine
M2 - MFEP: Extension [Loaec - opk13riq.default-1416579521546] abs@avira.com
M2 - MFEP: Extension [Loaec - opk13riq.default-1416579521546] {2876f045-5de3-4e77-bdb3-05cf9328a0d2}.xpi
M2 - MFEP: Extension [Loaec - opk13riq.default-1416579521546] d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com
M2 - MFEP: Extension [Loaec - opk13riq.default-1416579521546] jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi
M2 - MFEP: Extension [Loaec - opk13riq.default-1416579521546] searchffv2@gmail.com
M2 - MFEP: Extension [Loaec - opk13riq.default-1416579521546] sweetsearch@gmail.com =>PUP.SweetSearch
M2 - MFEP: Extension [Loaec - opk13riq.default-1416579521546] thefoxonlybetter@quicksaver.xpi
M2 - MFEP: Extension [Loaec - opk13riq.default-1416579521546] {E77F341C-F32E-40AA-8829-AA785C7D9316}.xpi =>Adware.Boxore
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
~ Firefox Browser: 45 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.Istart
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.Istart
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com =>PUP.Istart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.Istart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.Istart
~ IE Browser: 19 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (59)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: LuckyTab Class [64Bits] - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files (x86)\MiuiTab\SupTab.dll =>PUP.LuckyTab
O2 - BHO: shopperz Helper [64Bits] - {d0174004-bb12-464b-b666-9ba9bdbd750a} . (...) -- C:\Program Files\shopperz\Gaalmi.dll =>PUP.Shopperz
~ BHO: 6 Legitimates Filtered in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\Desktop [Public]: Max Computer Cleaner.lnk . (.Max Computer Cleaner - Max Computer Cleaner.) -- C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe =>PUP.MaxComputerCleaner
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\QuickLaunch [Loaec]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Loaec\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - GS\QuickLaunch [Loaec]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\QuickLaunch [Loaec]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\TaskBar [Loaec]: Crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - GS\TaskBar [Loaec]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\TaskBar [Loaec]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\Program [Loaec]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\SystemTools [Loaec]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
~ Global Startup: 13 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [Loaec]: crossbrowse.lnk . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.dll
O4 - HKLM\..\Run: [shopperz] . (...) -- C:\Program Files\shopperz\Huyde.exe =>PUP.Shopperz
O4 - HKLM\..\Run: [shopperz64] . (...) -- C:\Program Files\shopperz\Huyde64.exe =>PUP.Shopperz
O4 - HKCU\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [BitTorrent] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Loaec\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_E0FEC9D2D619E89E5AD4978C39F98B7D] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [WinCheck] . (...) -- C:\Users\Loaec\AppData\Local\C1F80A80-1433846973-81DE-32B2-90E6BA9A9B39\bnsk944D.exe =>PUP.Wincheck
O4 - HKLM\..\Wow6432Node\Run: [SmartWeb] . (.SoftBrain Technologies Ltd. - SmartWeb helper.) -- C:\Users\Loaec\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb
O4 - HKLM\..\Wow6432Node\Run: [Boxore Client] . (.Boxore OU - Boxore.) -- C:\Program Files (x86)\Boxore\Boxore Client\boxore.exe =>Adware.Boxore
O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [Update] C:\Users\Loaec\AppData\Roaming\VOPackage\VOPackage.exe (.not file.) =>Adware.Downware
O4 - HKLM\..\Wow6432Node\RunOnce: [MaxComputerCleaner_v17.684] . (...) -- C:\Program Files (x86)\MaxComputerCleaner_v17.684\MaxComputerCleaner_Maintenance.exe =>PUP.MaxComputerCleaner
O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_629.exe] -runonce =>PUP.CrossRider
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2791469376-522147695-2255626493-1000\..\Run: [SuperCopier2.exe] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-21-2791469376-522147695-2255626493-1000\..\Run: [BitTorrent] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\Loaec\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2791469376-522147695-2255626493-1000\..\Run: [GoogleChromeAutoLaunch_E0FEC9D2D619E89E5AD4978C39F98B7D] . (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O4 - HKUS\S-1-5-21-2791469376-522147695-2255626493-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_Plugin.exe
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{629A178B-56B7-4C25-B80B-9AA6610DF9E9}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B86453CC-017E-41FD-827D-E74EB89667E7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{629A178B-56B7-4C25-B80B-9AA6610DF9E9}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B86453CC-017E-41FD-827D-E74EB89667E7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{629A178B-56B7-4C25-B80B-9AA6610DF9E9}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B86453CC-017E-41FD-827D-E74EB89667E7}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: csrcc (csrcc) . (...) - C:\Program Files\shopperz\csrcc.exe =>PUP.Shopperz
O23 - Service: d54b8bbd-6b74-4d90-b801-8120aa8b2438 (d54b8bbd-6b74-4d90-b801-8120aa8b2438) . (...) - C:\Program Files\shopperz\Jmahzov.exe =>PUP.Shopperz
O23 - Service: Template Flatbed Scanner (kysykiti) . (...) - C:\Users\Loaec\AppData\Local\C1F80A80-1433847111-81DE-32B2-90E6BA9A9B39\snswADB6.tmp
O23 - Service: shopperz Updater (shopperz Updater) . (...) - C:\Program Files\shopperz\Jvpmajlij.exe =>PUP.Shopperz
O23 - Service: Service Software Update (Software_update) (Software_update) . (.The Software Group - Software Update.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
O23 - Service: Highlighted Switch (vyxyjoco) . (...) - C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\nsaEE07.tmpfs
O23 - Service: Device Cut (xoperoze) . (...) - C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\jnsa1C0F.tmp
O23 - Service: Subscription Clear (zedepory) . (...) - C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\hnsk328D.tmp
~ Services: 23 Legitimates Filtered in 00mn 06s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [cef42d44-570d-4544-82a0-f4483a3ede21-1-6] (...) -- C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-1-6.exe (.not file.) [0] =>PUP.CrossRider
[MD5.BB87AB764452DCFE04A66B37F7F83C41] [APT] [cef42d44-570d-4544-82a0-f4483a3ede21-1-7] (.Cinema PlusV08.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-1-7.exe [1088080] =>PUP.CrossRider
[MD5.00000000000000000000000000000000] [APT] [cef42d44-570d-4544-82a0-f4483a3ede21-10_user] (...) -- C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-10.exe (.not file.) [0] =>PUP.CrossRider
[MD5.4DB8BFCF680453ACB461C2005876BDA6] [APT] [cef42d44-570d-4544-82a0-f4483a3ede21-11] (.Cinema PlusV08.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-11.exe [1281616] =>PUP.CrossRider
[MD5.0D34CD14E9A3D6908936E9CD56D17FA9] [APT] [cef42d44-570d-4544-82a0-f4483a3ede21-4] (.Cinema PlusV08.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-4.exe [1429072] =>PUP.CrossRider
[MD5.9FE4C19DB76757E9638EE16E3C76F099] [APT] [cef42d44-570d-4544-82a0-f4483a3ede21-5] (.Cinema PlusV08.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-5.exe [1145936] =>PUP.CrossRider
[MD5.9FE4C19DB76757E9638EE16E3C76F099] [APT] [cef42d44-570d-4544-82a0-f4483a3ede21-5_user] (.Cinema PlusV08.06.) -- C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-5.exe [1145936] =>PUP.CrossRider
[MD5.20393A94CDF086E897BB26CF3018E768] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe [1918040] =>PUP.CrossBrowser
[MD5.159C2EAF290071B0BE1563246DE42027] [APT] [MaxComputerCleaner_Start] (.Max Computer Cleaner.) -- C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe [4726464] =>PUP.MaxComputerCleaner
[MD5.FC4B835CC6917EE53A465ECB234230BC] [APT] [Opera scheduled Autoupdate 1416568015] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [908408]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [APT] [Papuir] (...) -- C:\Program Files\shopperz\Asyofakaz.bat" [75] =>PUP.Shopperz
[MD5.F6E61FA2092D1F0ADABE05B09F4E7641] [APT] [SmartWeb Upgrade Trigger Task] (.SoftBrain Technologies Ltd..) -- C:\Users\Loaec\AppData\Local\SmartWeb\SmartWebHelper.exe [270368] =>PUP.SmartWeb
[MD5.A9144D4FD34992ABF5F36A6E6F415AFB] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.A9144D4FD34992ABF5F36A6E6F415AFB] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore
[MD5.AB6818A7FF17230A6E5119F6CDD1F85B] [APT] [xpI0Zp5JwlOx9K22Cf] (...) -- C:\Users\Loaec\AppData\Roaming\xpI0Zp5JwlOx9K22Cf.exe [1246720]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [376] =>PUP.AnyProtect
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-1-6 - (...) -- C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-1-6.job [3138]
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-1-6 - (...) -- C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-1-6 [3138]
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-1-7 - (.Cinema PlusV08.06.) -- C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-1-7.job [3474] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-1-7 - (.Cinema PlusV08.06.) -- C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-1-7 [3474] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-10_user - (...) -- C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-10_user.job [2112]
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-10_user - (...) -- C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-10_user [2112]
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-11 - (.Cinema PlusV08.06.) -- C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-11.job [5184] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-11 - (.Cinema PlusV08.06.) -- C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-11 [5184] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-4 - (.Cinema PlusV08.06.) -- C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-4.job [4494] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-4 - (.Cinema PlusV08.06.) -- C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-4 [4494] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-5 - (.Cinema PlusV08.06.) -- C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-5.job [2446] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-5 - (.Cinema PlusV08.06.) -- C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-5 [2446] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-5_user - (.Cinema PlusV08.06.) -- C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-5_user.job [2446] =>PUP.CrossRider
O39 - APT: cef42d44-570d-4544-82a0-f4483a3ede21-5_user - (.Cinema PlusV08.06.) -- C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-5_user [2446] =>PUP.CrossRider
O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1056] =>PUP.CrossBrowser
O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [1056] =>PUP.CrossBrowser
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [912] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [912] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [916] =>Adware.Boxore
O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [916] =>Adware.Boxore
O39 - APT: xpI0Zp5JwlOx9K22Cf - (...) -- C:\Windows\Tasks\xpI0Zp5JwlOx9K22Cf.job [1008]
O39 - APT: xpI0Zp5JwlOx9K22Cf - (...) -- C:\Windows\System32\Tasks\xpI0Zp5JwlOx9K22Cf [1008]
~ Scheduled Task: 48 Legitimates Filtered in 00mn 08s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (cherimoya) . (.Cherimoya Ltd - Cherimoya Ltd.) - C:\Windows\System32\drivers\cherimoya.sys
O41 - Driver: ({2876f045-5de3-4e77-bdb3-05cf9328a0d2}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{2876f045-5de3-4e77-bdb3-05cf9328a0d2}Gw64.sys =>PUP.LinkiDoo
~ Drivers: 71 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Access Password Get 5.0 - (.APG Software Ltd.) [HKLM][64Bits] -- Access Password Get_is1
O42 - Logiciel: AnyProtect - (.CMI Limited.) [HKLM][64Bits] -- AnyProtect =>PUP.CMILimited
O42 - Logiciel: Book Alter - (.Book Alter.) [HKLM][64Bits] -- SoftwareUpdater =>PUP.Eorezo
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {DE778E8E-5286-41FF-A85E-D41A6384DD83} =>Adware.Boxore
O42 - Logiciel: CinemaPlus-3.2cV08.06 - (.Cinema PlusV08.06.) [HKLM][64Bits] -- CinemaPlus-3.2cV08.06 =>PUP.CrossRider
O42 - Logiciel: Crossbrowse - (.The Crossbrowse Authors.) [HKLM][64Bits] -- Crossbrowse =>PUP.CrossBrowser
O42 - Logiciel: Motip Dupli Color Matic - (...) [HKLM][64Bits] -- {C3BB3193-11B0-4C57-8F41-C61B02A4393E}
O42 - Logiciel: Word Processor Text Wrap - (.Word Processor Text Wrap.) [HKLM][64Bits] -- wincheck =>PUP.Wincheck
O42 - Logiciel: shopperz 2.0.0.461 - (.shopperz.) [HKLM][64Bits] -- {d0174004-bb12-464b-b666-9ba9bdbd750a}_is1 =>PUP.Shopperz
~ Logic: 33 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.AskBar
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\CinemaPlus-3.2cV08.06-nv-ie] =>PUP.CrossRider
[HKCU\Software\CinemaPlus-3.2cV08.06] =>PUP.CrossRider
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\ICT Services]
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Kromtech]
[HKCU\Software\MSAccessGet]
[HKCU\Software\MaxComputerCleanerLanguage] =>PUP.MaxComputerCleaner
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Tutorials] =>PUP.AgenceExclusive
[HKCU\Software\WajIEnhance] =>PUP.Wajam
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\ArenaHD] =>PUP.CrossRider
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.AskBar
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV08.06-nv-ie] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\ICT Services]
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\MaxComputerCleaner] =>PUP.MaxComputerCleaner
[HKLM\Software\Wow6432Node\SpeedBit]
[HKLM\Software\Wow6432Node\WajIntEnhance] =>PUP.Wajam
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\searchult]
[HKLM\Software\Wow6432Node\shopperz] =>PUP.Shopperz
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\shopperz] =>PUP.Shopperz
~ Key Software: 255 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 09/06/2015 - 10:55:06 - [] ----D C:\Program Files (x86)\Access Password Get
O43 - CFD: 09/06/2015 - 11:39:31 - [0] ----D C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 09/06/2015 - 11:04:19 - [] ----D C:\Program Files (x86)\Boxore =>Adware.Boxore
O43 - CFD: 09/06/2015 - 11:36:59 - [] ----D C:\Program Files (x86)\CinemaPlus-3.2cV08.06 =>PUP.CrossRider
O43 - CFD: 09/06/2015 - 11:24:04 - [] ----D C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 09/06/2015 - 11:37:47 - [] ----D C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut
O43 - CFD: 09/06/2015 - 11:02:10 - [] ----D C:\Program Files (x86)\MaxComputerCleaner =>PUP.MaxComputerCleaner
O43 - CFD: 09/06/2015 - 11:02:07 - [] ----D C:\Program Files (x86)\MaxComputerCleaner_v17.684 =>PUP.MaxComputerCleaner
O43 - CFD: 09/06/2015 - 11:03:49 - [] ----D C:\Program Files (x86)\MiuiTab
O43 - CFD: 09/06/2015 - 11:18:45 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 09/06/2015 - 10:55:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access Password Get
O43 - CFD: 09/06/2015 - 11:24:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 18/12/2014 - 15:28:35 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MDCM
O43 - CFD: 21/11/2010 - 08:29:40 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 09/06/2015 - 11:05:32 - [] ----D C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39
O43 - CFD: 09/06/2015 - 11:04:47 - [] ----D C:\Users\Loaec\AppData\Local\Boxore =>Adware.Boxore
O43 - CFD: 09/06/2015 - 10:49:35 - [] ----D C:\Users\Loaec\AppData\Local\C1F80A80-1433846973-81DE-32B2-90E6BA9A9B39
O43 - CFD: 09/06/2015 - 10:57:10 - [] ----D C:\Users\Loaec\AppData\Local\C1F80A80-1433847111-81DE-32B2-90E6BA9A9B39
O43 - CFD: 09/06/2015 - 11:25:18 - [] ----D C:\Users\Loaec\AppData\Local\Crossbrowse =>PUP.CrossBrowser
O43 - CFD: 09/06/2015 - 11:03:28 - [] ----D C:\Users\Loaec\AppData\Local\Max_Computer_Cleaner
O43 - CFD: 09/06/2015 - 11:37:28 - [] ----D C:\Users\Loaec\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 09/06/2015 - 11:37:05 - [] ----D C:\Users\Loaec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect
~ Program Folder: 158 Legitimates Filtered in 00mn 00s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.76103A5CF8F7A0DBA8D31A7E9A649CCE] - 08/06/2015 - 18:44:28 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{2876f045-5de3-4e77-bdb3-05cf9328a0d2}Gw64.sys [48776] =>PUP.LinkiDoo
O44 - LFC:[MD5.FC8174BA3160C35438EFFCB8D911EDC9] - 09/06/2015 - 10:02:10 ---A- . (...) -- C:\END [8]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/06/2015 - 10:02:19 ---A- . (...) -- C:\Windows\hgfs.sys [0]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/06/2015 - 10:02:19 ---A- . (...) -- C:\Windows\prleth.sys [0]
O44 - LFC:[MD5.9F14BFCA94DA86453671216C1EFA5DB9] - 09/06/2015 - 10:10:27 ---A- . (...) -- C:\Windows\win.ini [505]
O44 - LFC:[MD5.52D1CF7257AADB857C667EF1EB83CC09] - 31/05/2015 - 09:37:56 ---A- . (.Cherimoya Ltd - Cherimoya Ltd.) -- C:\Windows\System32\Drivers\cherimoya.sys [61336]
~ Files: 12 Legitimates Filtered in 00mn 06s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:31/05/2015 - 09:37:56 ---A- . (.Cherimoya Ltd - Cherimoya Ltd.) -- C:\Windows\System32\Drivers\cherimoya.sys [61336]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:29/10/2014 - 18:55:21 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [117760]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:08/06/2015 - 18:44:28 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{2876f045-5de3-4e77-bdb3-05cf9328a0d2}Gw64.sys [48776] =>PUP.LinkiDoo
~ Drivers: 60 Legitimates Filtered in 00mn 35s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 31/05/2015 - C:\Windows\System32\drivers\cherimoya.sys (cherimoya) .(.Cherimoya Ltd - Cherimoya Ltd.) - LEGACY_CHERIMOYA
O64 - Services: CurCS - 08/06/2015 - C:\Windows\System32\drivers\{2876f045-5de3-4e77-bdb3-05cf9328a0d2}Gw64.sys ({2876f045-5de3-4e77-bdb3-05cf9328a0d2}Gw64) .(.StdLib - StdLib.) - LEGACY_{2876F045-5DE3-4E77-BDB3-05CF9328A0D2}GW64 =>PUP.LinkiDoo
~ Legacy: 79 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.istartsurf.com =>PUP.Istart
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe" http://www.istartsurf.com =>PUP.Istart
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Safari\Safari.exe" http://www.istartsurf.com =>PUP.Istart
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (istartsurf) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {66799DD2-0BBA-46B2-8AE9-7FEFDE709A8D} - (Bing.com) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.istartsurf.com =>PUP.Istart
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.AB6818A7FF17230A6E5119F6CDD1F85B] [SPRF][20/04/2015] (...) -- C:\Users\Loaec\AppData\Roaming\xpI0Zp5JwlOx9K22Cf.exe [1246720]
[MD5.A09C71014778F3644306EEB37A321765] [SPRF][09/06/2015] (...) -- C:\Users\Loaec\Desktop\Access%20Password%20Cracker.exe [641240]
[MD5.7D3FC00842F859417946946B1EFA5329] [SPRF][09/06/2015] (...) -- C:\Users\Loaec\Desktop\access-password-recovery(1).exe [1174649]
[MD5.9B738433142CB1EE44DBD27470217482] [SPRF][09/06/2015] (...) -- C:\Users\Loaec\Desktop\access-password-recovery.exe [1171735]
~ Files: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{1062421D-19DC-4C00-94FB-3AAE3172BC85}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Loaec\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{5838FDAB-C890-4624-AB68-AC25F654D397}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\Loaec\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{95FA0DF7-009E-47FD-8E49-FA8C61606B76}" | In - None - P17 - TRUE | .(.Crossbrowse - Crossbrowse.) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe =>PUP.CrossBrowser
~ Firewall: 3 Legitimates Filtered in 00mn 02s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "B33A99B85C9CB57449C6F2468CD17BD8" . (.Max Computer Cleaner.) -- C:\Windows\Installer\{8B99A33B-C9C5-475B-946C-2F64C81DB78D}\icon.exe =>PUP.MaxComputerCleaner
O90 - PUC: "E8E877ED6825FF148AE54DA13648DD38" . (.Boxore Client.) -- C:\Windows\Installer\{DE778E8E-5286-41FF-A85E-D41A6384DD83}\Boxore.ico =>Adware.Boxore
~ Update Products: 2 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B103B07795891749E3E9DAB64FF7C334] [WIS][09/06/2015] (.The Software Group - Software Update Helper.) -- C:\Windows\Installer\8781dc67.msi [45056] =>Adware.Boxore
[MD5.CCB74623713614712D538A72377E8D23] [WIS][27/03/2015] (.Max Computer Cleaner - Max Computer Cleaner.) -- C:\Windows\Installer\8781dc6d.msi [1280512] =>PUP.MaxComputerCleaner
[MD5.1869BA0951D281A460CB4BB286583B68] [WIS][07/05/2015] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\8781dc73.msi [5685248] =>Adware.Boxore
~ WIS: 3 Legitimates Filtered in 00mn 01s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{d0174004-bb12-464b-b666-9ba9bdbd750a}] (shopperz) =>PUP.Shopperz
~ BCK: 4303 Legitimates Filtered in 00mn 11s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 16/04/2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 22/04/2015 827640 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
SS - | Auto 22/04/2015 1185584 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
SS - | Auto 08/08/2007 94208 | (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SS - | Demand 22/07/1658 0 | (globalUpdatem) . (...) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.GlobalUpdate
SS - | Demand 22/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 11/12/2014 315496 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 09/06/2015 119408 | (Software_update) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 09/06/2015 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 22/04/2015 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe
SR - | Auto 22/04/2015 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
SR - | Auto 15/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 21/05/2015 208632 | (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
SR - | Auto 07/06/2015 1448808 | (csrcc) . (...) - C:\Program Files\shopperz\csrcc.exe =>PUP.Shopperz
SR - | Auto 07/06/2015 285544 | (d54b8bbd-6b74-4d90-b801-8120aa8b2438) . (...) - C:\Program Files\shopperz\Jmahzov.exe =>PUP.Shopperz
SR - | Auto 09/06/2015 147456 | (kysykiti) . (...) - C:\Users\Loaec\AppData\Local\C1F80A80-1433847111-81DE-32B2-90E6BA9A9B39\snswADB6.tmp
SR - | Auto 15/10/2014 2820424 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 30/04/2015 23816 | (MsMpSvc) . (.Microsoft Corporation.) - C:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 25/07/2014 1720608 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 25/07/2014 18956064 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 02/07/2014 935368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 07/06/2015 174440 | (shopperz Updater) . (...) - C:\Program Files\shopperz\Jvpmajlij.exe =>PUP.Shopperz
SR - | Auto 02/07/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 07/05/2015 164600 | (Unchecky) . (.RaMMicHaeL.) - C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
SR - | Auto 09/06/2015 655360 | (vyxyjoco) . (...) - C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\nsaEE07.tmpfs
SR - | Auto 22/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/06/2015 219136 | (xoperoze) . (...) - C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\jnsa1C0F.tmp
SR - | Auto 09/06/2015 166912 | (zedepory) . (...) - C:\Users\Loaec\AppData\Roaming\C1F80A80-1433839725-81DE-32B2-90E6BA9A9B39\hnsk328D.tmp
~ Services: Scanned in 00mn 13s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (31/05/2015)
Clés trouvées (Keys found) : 38
Valeurs trouvées (Values found) : 16
Dossiers trouvés (Folders found) : 16
Fichiers trouvés (Files found) : 73

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}] =>PUP.LuckyTab^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0174004-BB12-464B-B666-9BA9BDBD750A}] =>PUP.Shopperz^
[HKLM\SYSTEM\CurrentControlSet\Services\csrcc] =>PUP.Shopperz^
[HKLM\SYSTEM\CurrentControlSet\Services\d54b8bbd-6b74-4d90-b801-8120aa8b2438] =>PUP.Shopperz^
[HKLM\SYSTEM\CurrentControlSet\Services\shopperz Updater] =>PUP.Shopperz^
[HKLM\SYSTEM\CurrentControlSet\Services\Software_update) (Software_update] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect] =>PUP.CMILimited^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater] =>PUP.Eorezo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DE778E8E-5286-41FF-A85E-D41A6384DD83}] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\CinemaPlus-3.2cV08.06] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse] =>PUP.CrossBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\wincheck] =>PUP.Wincheck^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{d0174004-bb12-464b-b666-9ba9bdbd750a}_is1] =>PUP.Shopperz^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater] =>Hijacker.Eazel
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0DA5D75B5B33B4B83724742699814F] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C506B89D971FBA3418F37674F3BC1244] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E95E6C2F69DE1E4449ECD2AA116D329A] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FEA78903E905F6C41BA2E3CC615507CA] =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:shopperz =>PUP.Shopperz^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:BitTorrent =>P2P.BitTorrent^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:Update =>Adware.Downware^
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\opk13riq.default-1416579521546\extensions\sweetsearch@gmail.com =>PUP.SearchEngine^
C:\Program Files (x86)\AnyProtectEx =>PUP.AnyProtect^
C:\Program Files (x86)\Boxore =>Adware.Boxore^
C:\Program Files (x86)\CinemaPlus-3.2cV08.06 =>PUP.CrossRider^
C:\Program Files (x86)\Crossbrowse =>PUP.CrossBrowser^
C:\Program Files (x86)\Infonaut_1.10.0.14 =>PUP.Infonaut^
C:\Program Files (x86)\MaxComputerCleaner =>PUP.MaxComputerCleaner^
C:\Program Files (x86)\MaxComputerCleaner_v17.684 =>PUP.MaxComputerCleaner^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse =>PUP.CrossBrowser^
C:\Users\Loaec\AppData\Local\Boxore =>Adware.Boxore^
C:\Users\Loaec\AppData\Local\Crossbrowse =>PUP.CrossBrowser^
C:\Users\Loaec\AppData\Local\SmartWeb =>PUP.SmartWeb^
C:\Users\Loaec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup =>PUP.AnyProtect^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\Loaec\AppData\Local\Software =>Adware.Boxore
C:\Users\Loaec\AppData\Local\SmartWeb\SmartWebHelper.exe =>PUP.SmartWeb^
C:\Program Files\shopperz\Huyde.exe =>PUP.Shopperz^
C:\Program Files (x86)\MaxComputerCleaner_v17.684\MaxComputerCleaner_Maintenance.exe =>PUP.MaxComputerCleaner^
C:\Program Files (x86)\MiuiTab\cmdshell.exe =>PUP.SearchProtect^
C:\Program Files (x86)\Boxore\Boxore Client\boxore.exe =>Adware.Boxore^
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe =>PUP.CrossBrowser^
C:\Users\Loaec\AppData\Local\Temp\nsiFC46.tmp =>PUP.CMILimited^
C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe =>PUP.Infonaut^
C:\Program Files\shopperz\Jmahzov.exe =>PUP.Shopperz^
C:\Program Files\shopperz\csrcc.exe =>PUP.Shopperz^
C:\Program Files\shopperz\Jvpmajlij.exe =>PUP.Shopperz^
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Fuyu^
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\h6xPJAfj.default\Extensions\sweetsearch@gmail.com =>PUP.SweetSearch^
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\h6xPJAfj.default\Extensions\{E77F341C-F32E-40AA-8829-AA785C7D9316}.xpi =>Adware.Boxore^
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\opk13riq.default-1416579521546\Extensions\sweetsearch@gmail.com =>PUP.SweetSearch^
C:\Users\Loaec\AppData\Roaming\Mozilla\Firefox\Profiles\opk13riq.default-1416579521546\Extensions\{E77F341C-F32E-40AA-8829-AA785C7D9316}.xpi =>Adware.Boxore^
O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_fr_629.exe] -runonce =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-1-7.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-11.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-4.exe =>PUP.CrossRider^
C:\Program Files (x86)\CinemaPlus-3.2cV08.06\cef42d44-570d-4544-82a0-f4483a3ede21-5.exe =>PUP.CrossRider^
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe =>PUP.CrossBrowser^
C:\Program Files (x86)\Max Computer Cleaner\MaxComputerCleaner.exe =>PUP.MaxComputerCleaner^
C:\Program Files\shopperz\Asyofakaz.bat" =>PUP.Shopperz^
C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-1-7.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-1-7 =>PUP.CrossRider^
C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-11 =>PUP.CrossRider^
C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-4 =>PUP.CrossRider^
C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-5 =>PUP.CrossRider^
C:\Windows\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\cef42d44-570d-4544-82a0-f4483a3ede21-5_user =>PUP.CrossRider^
C:\Windows\Tasks\Crossbrowse.job =>PUP.CrossBrowser^
C:\Windows\System32\Tasks\Crossbrowse =>PUP.CrossBrowser^
C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^
C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^
C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV08.06-nv-ie] =>PUP.CrossRider^
[HKCU\Software\CinemaPlus-3.2cV08.06] =>PUP.CrossRider^
[HKCU\Software\CrossBrowser] =>PUP.CrossBrowser^
[HKCU\Software\Crossbrowse] =>PUP.CrossBrowser^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\MaxComputerCleanerLanguage] =>PUP.MaxComputerCleaner^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\WajIEnhance] =>PUP.Wajam^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\ArenaHD] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\CinemaPlus-3.2cV08.06-nv-ie] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\MaxComputerCleaner] =>PUP.MaxComputerCleaner^
[HKLM\Software\Wow6432Node\WajIntEnhance] =>PUP.Wajam^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\shopperz] =>PUP.Shopperz^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\shopperz] =>PUP.Shopperz^
C:\Windows\Installer\8781dc67.msi =>Adware.Boxore^
C:\Windows\Installer\8781dc6d.msi =>PUP.MaxComputerCleaner^
C:\Windows\Installer\8781dc73.msi =>Adware.Boxore^
[HKCR\CLSID\{d0174004-bb12-464b-b666-9ba9bdbd750a}] (shopperz) =>PUP.Shopperz^
~ Additionnel Scan: 199239 Items scanned in 01mn 26s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 3 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://www.nicolascoolman.fr/blog/ =>PUP.Shopperz
http://www.nicolascoolman.fr/blog/ =>PUP.MaxComputerCleaner
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.CMILimited
http://www.nicolascoolman.fr/blog/ =>PUP.Infonaut
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog/ =>PUP.Istart
http://www.nicolascoolman.fr/blog/ =>PUP.SweetSearch
http://www.nicolascoolman.fr/blog/ =>PUP.SearchEngine
http://www.nicolascoolman.fr/blog/ =>PUP.LuckyTab
http://www.nicolascoolman.fr/blog/ =>PUP.Wincheck
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/pup-eorezo =>PUP.Eorezo
http://www.nicolascoolman.fr/blog/ =>Toolbar.AskBar
http://nicolascoolman.fr/pup-certifiedtoolbar =>PUP.CertifiedToolbar
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
~ MSI: 32 link(s) detected in 00mn 00s



~ 827 Legitimates filtered by white list
End of the scan (824 lines in 03mn 14s)(0.10)

Publicité


Signaler le contenu de ce document

Publicité